Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/1F8Wti7DkVYayo1xK3QWa1QrW4Y.roa
File: 1F8Wti7DkVYayo1xK3QWa1QrW4Y.roa (raw, json)
Hash identifier: IuojcueLqIiv93Zc6ac3CYWDc9gvlofQjXcNG+UcjfI=
Subject key identifier: D4:5F:16:B6:2E:C3:91:56:1A:CA:8D:71:2B:74:16:6B:54:2B:5B:86
Certificate issuer: /CN=667b2b1befba178f30d2a321c451b6eea5466274
Certificate serial: 018CC5DC22FD960CA5B227A60B353405141D
Authority key identifier: 66:7B:2B:1B:EF:BA:17:8F:30:D2:A3:21:C4:51:B6:EE:A5:46:62:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZnsrG--6F48w0qMhxFG27qVGYnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/1F8Wti7DkVYayo1xK3QWa1QrW4Y.roa
Signing time: Mon 01 Jan 2024 16:29:47 +0000
ROA not before: Mon 01 Jan 2024 16:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34312
IP address blocks: 195.95.206.0/23 maxlen: 24
193.111.6.0/23 maxlen: 23
89.200.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:22:fd:96:0c:a5:b2:27:a6:0b:35:34:05:14:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=667b2b1befba178f30d2a321c451b6eea5466274
Validity
Not Before: Jan 1 16:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d45f16b62ec391561aca8d712b74166b542b5b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:86:fa:79:6e:c1:58:53:42:12:55:92:05:b0:
24:8a:ab:2d:6a:60:79:ed:5d:1f:d0:75:f7:8c:7b:
44:11:9d:d7:bc:4a:5a:89:fa:12:d3:c8:db:f1:80:
29:b1:41:97:23:c0:39:48:b6:4a:da:90:03:8d:a3:
c8:17:f7:00:26:c2:0b:67:f0:90:eb:ec:5c:40:e6:
41:ef:c2:dd:20:9e:61:c8:39:07:41:2f:f6:0e:3b:
dd:02:9a:4e:c5:cd:39:7c:d7:f0:fc:ec:18:53:ae:
5a:19:d2:0b:f4:ba:f9:b3:ff:44:8d:95:bf:c5:ed:
11:ba:d8:a0:6a:bf:f4:29:78:b2:15:12:db:bd:f1:
c5:27:2a:b6:0f:82:fe:e1:6c:ea:18:05:34:b7:e4:
8a:ff:12:5f:f1:c5:d7:3d:09:e4:9f:f8:75:19:d9:
38:6a:0f:b8:bf:18:7b:99:f8:75:c5:cb:07:d7:f4:
16:c2:8c:d6:9e:b6:0d:58:b9:d3:08:18:95:5c:68:
3c:37:10:bb:25:32:e0:00:c7:4d:65:e0:c0:39:89:
c7:0c:bc:2e:52:65:25:37:f0:98:99:b3:b9:a1:e5:
d6:ff:3f:0a:57:1e:ba:4a:68:c2:3e:64:0a:ff:59:
85:b8:6e:b6:94:06:cf:cf:38:8a:ef:ea:29:f7:20:
b5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:5F:16:B6:2E:C3:91:56:1A:CA:8D:71:2B:74:16:6B:54:2B:5B:86
X509v3 Authority Key Identifier:
keyid:66:7B:2B:1B:EF:BA:17:8F:30:D2:A3:21:C4:51:B6:EE:A5:46:62:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZnsrG--6F48w0qMhxFG27qVGYnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/1F8Wti7DkVYayo1xK3QWa1QrW4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/ZnsrG--6F48w0qMhxFG27qVGYnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.200.248.0/21
193.111.6.0/23
195.95.206.0/23
Signature Algorithm: sha256WithRSAEncryption
02:be:54:13:9d:4f:b6:ed:10:8c:96:5c:b2:a7:6b:a1:72:75:
b6:89:df:7e:4f:02:f6:b7:2a:c6:6c:ce:73:54:bf:f9:de:2a:
56:28:b8:69:dc:da:ba:be:71:18:89:d6:76:67:7e:be:f8:ef:
e0:b0:a6:da:e0:16:81:07:1e:05:20:01:19:fb:13:b2:88:cb:
7c:6b:bc:63:0f:79:bb:10:88:13:cc:00:f6:47:6c:ca:54:23:
d2:5f:73:80:af:7e:56:cd:aa:f9:47:36:04:38:63:d0:51:d3:
09:21:dd:3e:5a:cc:6a:58:c5:31:41:c5:3d:8e:5e:4c:a6:47:
ff:8f:d9:7c:95:bb:8f:02:57:57:43:a9:1c:a4:be:f5:d5:02:
a4:f0:09:5d:f4:6b:a9:13:d7:f1:20:81:f0:e9:8c:b2:3d:6f:
dc:d5:7d:9b:04:c2:16:9b:f5:91:c9:c9:8a:6b:a1:84:d2:08:
b3:5c:4c:4e:fa:5f:7a:cd:29:1f:0d:17:c1:65:9e:8e:b4:cf:
7e:ef:e6:b0:03:6a:25:5a:fe:d2:63:c5:55:47:4f:36:27:5a:
54:c2:63:89:b3:c6:01:a8:d0:30:9d:03:cb:eb:1a:95:a7:4d:
e6:db:7b:a6:5f:6a:7e:ee:fd:f1:6c:cb:fc:07:21:c9:fd:06:
95:72:56:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzF3CL9lgylsiemCzU0BRQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2N2IyYjFiZWZiYTE3OGYzMGQyYTMyMWM0NTFiNmVlYTU0
NjYyNzQwHhcNMjQwMTAxMTYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDVmMTZiNjJlYzM5MTU2MWFjYThkNzEyYjc0MTY2YjU0MmI1Yjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYb6eW7BWFNCElWSBbAkiqstamB5
7V0f0HX3jHtEEZ3XvEpaifoS08jb8YApsUGXI8A5SLZK2pADjaPIF/cAJsILZ/CQ
6+xcQOZB78LdIJ5hyDkHQS/2DjvdAppOxc05fNfw/OwYU65aGdIL9Lr5s/9EjZW/
xe0Rutigar/0KXiyFRLbvfHFJyq2D4L+4WzqGAU0t+SK/xJf8cXXPQnkn/h1Gdk4
ag+4vxh7mfh1xcsH1/QWwozWnrYNWLnTCBiVXGg8NxC7JTLgAMdNZeDAOYnHDLwu
UmUlN/CYmbO5oeXW/z8KVx66SmjCPmQK/1mFuG62lAbPzziK7+op9yC1oQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNRfFrYuw5FWGsqNcSt0FmtUK1uGMB8GA1UdIwQY
MBaAFGZ7KxvvuhePMNKjIcRRtu6lRmJ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm5zckctLTZGNDh3MHFNaHhGRzI3cVZHWW5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC83ZDA3ZWMtMmU2Ni00NzdhLTkzYzYt
ZjhiZGQyZDc5MjdkLzEvMUY4V3RpN0RrVllheW8xeEszUVdhMVFyVzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC83ZDA3ZWMtMmU2Ni00NzdhLTkzYzYtZjhiZGQyZDc5Mjdk
LzEvWm5zckctLTZGNDh3MHFNaHhGRzI3cVZHWW5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWcj4AwQB
wW8GAwQBw1/OMA0GCSqGSIb3DQEBCwUAA4IBAQACvlQTnU+27RCMllyyp2uhcnW2
id9+TwL2tyrGbM5zVL/53ipWKLhp3Nq6vnEYidZ2Z36++O/gsKba4BaBBx4FIAEZ
+xOyiMt8a7xjD3m7EIgTzAD2R2zKVCPSX3OAr35Wzar5RzYEOGPQUdMJId0+Wsxq
WMUxQcU9jl5Mpkf/j9l8lbuPAldXQ6kcpL711QKk8Ald9GupE9fxIIHw6YyyPW/c
1X2bBMIWm/WRycmKa6GE0gizXExO+l96zSkfDRfBZZ6OtM9+7+awA2olWv7SY8VV
R082J1pUwmOJs8YBqNAwnQPL6xqVp03m23umX2p+7v3xbMv8ByHJ/QaVclY4
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:32:37 2025 by rpki-client