Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ee4748-4eab-4e55-b64a-2c7a11c1fbaf/1/RfPDqVQQTn9AP-r-gR4nTbhLcyU.roa
File: RfPDqVQQTn9AP-r-gR4nTbhLcyU.roa (raw, json)
Hash identifier: cjf2e72ipmRfxniEZiNvLJqf5Ta8HlIhuQCuB/Kj9XA=
Subject key identifier: 45:F3:C3:A9:54:10:4E:7F:40:3F:EA:FE:81:1E:27:4D:B8:4B:73:25
Certificate issuer: /CN=95d61ae8472c5c8fcd813756c164c2f1864d3c90
Certificate serial: 018CC86F923F70E027E4BD8FBF258AF4A990
Authority key identifier: 95:D6:1A:E8:47:2C:5C:8F:CD:81:37:56:C1:64:C2:F1:86:4D:3C:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ldYa6EcsXI_NgTdWwWTC8YZNPJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ee4748-4eab-4e55-b64a-2c7a11c1fbaf/1/RfPDqVQQTn9AP-r-gR4nTbhLcyU.roa
Signing time: Tue 02 Jan 2024 04:30:04 +0000
ROA not before: Tue 02 Jan 2024 04:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200423
IP address blocks: 185.107.220.0/22 maxlen: 24
2a06:4600::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:92:3f:70:e0:27:e4:bd:8f:bf:25:8a:f4:a9:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95d61ae8472c5c8fcd813756c164c2f1864d3c90
Validity
Not Before: Jan 2 04:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45f3c3a954104e7f403feafe811e274db84b7325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c0:28:67:80:d5:04:3f:ab:b8:f0:2c:a4:6e:
86:fc:e9:69:24:04:38:44:40:73:4d:e6:d3:fb:6d:
27:25:f5:49:fc:35:50:cc:93:1e:3c:8f:b9:43:b2:
59:0c:0e:95:db:f0:89:2f:a4:a2:67:8b:60:ff:98:
55:8c:d8:7c:1d:fb:16:f3:d8:67:fb:60:4c:57:90:
09:7e:d8:12:93:5c:56:64:ec:28:bb:67:4f:9a:08:
5f:dd:81:be:b6:0f:fe:fe:cf:94:e5:eb:d7:f5:cd:
3b:c1:1b:04:87:f3:1e:67:66:6a:58:cc:ff:f9:bc:
c9:56:91:6e:81:b4:ea:e4:51:e3:6d:6b:45:ee:40:
fd:b6:ae:16:cd:ba:be:f7:18:2e:89:ee:df:d8:a9:
4b:e9:37:3e:69:a5:dd:a2:31:e4:83:a3:9a:67:b7:
25:f3:94:d0:47:17:40:02:4b:73:6c:8a:39:77:f5:
75:50:a5:d5:fe:41:bf:2c:75:c6:af:76:d4:11:0e:
16:a8:6a:b6:b7:4a:ab:ea:ef:e9:f1:06:f2:db:5c:
69:bd:8f:8b:e5:50:ed:13:60:8d:05:58:ad:06:ff:
99:45:68:c7:39:d8:01:6f:de:7e:01:95:c2:35:7f:
69:12:a9:e3:25:61:61:88:fa:b9:05:c9:ae:2e:07:
5f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F3:C3:A9:54:10:4E:7F:40:3F:EA:FE:81:1E:27:4D:B8:4B:73:25
X509v3 Authority Key Identifier:
keyid:95:D6:1A:E8:47:2C:5C:8F:CD:81:37:56:C1:64:C2:F1:86:4D:3C:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ldYa6EcsXI_NgTdWwWTC8YZNPJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee4748-4eab-4e55-b64a-2c7a11c1fbaf/1/RfPDqVQQTn9AP-r-gR4nTbhLcyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee4748-4eab-4e55-b64a-2c7a11c1fbaf/1/ldYa6EcsXI_NgTdWwWTC8YZNPJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.220.0/22
IPv6:
2a06:4600::/29
Signature Algorithm: sha256WithRSAEncryption
6c:af:1a:ea:17:e7:ce:cf:7d:9a:59:9d:77:eb:08:7c:1c:d5:
fa:c1:9b:a7:a4:e1:4c:f1:d7:d3:bb:06:de:80:2e:24:8d:8e:
b9:1c:b6:89:4b:4a:b2:7f:13:70:6f:e7:1d:93:61:6a:cc:c6:
1b:1d:cd:7f:04:7e:af:bb:3f:1b:c6:74:1b:20:26:bd:43:9e:
d3:53:c7:0e:a3:03:57:c5:1f:c5:73:5d:40:3b:63:8c:bb:e9:
30:58:35:ca:e1:eb:b6:28:91:6f:04:7e:3a:e5:e6:c4:df:b8:
b5:56:b4:00:c7:98:f8:e7:1b:cc:73:e5:dd:6b:d7:a6:6e:90:
78:a1:22:8b:6b:cd:20:03:c1:23:b1:c9:86:8a:f6:d4:a4:00:
7e:7c:0c:5f:af:e5:67:b3:cb:d5:14:a8:ea:f0:ee:26:b8:dc:
67:49:8b:59:a9:3a:70:b0:d4:06:5d:21:a8:42:4f:e1:02:cc:
de:97:79:73:86:ae:7d:4c:45:ed:4b:a5:ca:61:f8:fc:ee:19:
fb:f3:9e:35:f1:3d:3b:60:ce:d1:46:ff:ef:32:5e:94:75:eb:
ea:29:c2:ac:9a:c8:de:80:52:3e:38:87:c7:fe:6e:9a:58:31:
a9:f6:88:65:48:3b:9e:e6:9e:05:32:fd:31:b2:ec:44:d8:d0:
6c:3c:77:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb5I/cOAn5L2PvyWK9KmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZDYxYWU4NDcyYzVjOGZjZDgxMzc1NmMxNjRjMmYxODY0
ZDNjOTAwHhcNMjQwMTAyMDQzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWYzYzNhOTU0MTA0ZTdmNDAzZmVhZmU4MTFlMjc0ZGI4NGI3MzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcAoZ4DVBD+ruPAspG6G/OlpJAQ4
REBzTebT+20nJfVJ/DVQzJMePI+5Q7JZDA6V2/CJL6SiZ4tg/5hVjNh8HfsW89hn
+2BMV5AJftgSk1xWZOwou2dPmghf3YG+tg/+/s+U5evX9c07wRsEh/MeZ2ZqWMz/
+bzJVpFugbTq5FHjbWtF7kD9tq4Wzbq+9xguie7f2KlL6Tc+aaXdojHkg6OaZ7cl
85TQRxdAAktzbIo5d/V1UKXV/kG/LHXGr3bUEQ4WqGq2t0qr6u/p8Qby21xpvY+L
5VDtE2CNBVitBv+ZRWjHOdgBb95+AZXCNX9pEqnjJWFhiPq5BcmuLgdfMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEXzw6lUEE5/QD/q/oEeJ024S3MlMB8GA1UdIwQY
MBaAFJXWGuhHLFyPzYE3VsFkwvGGTTyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGRZYTZFY3NYSV9OZ1RkV3dXVEM4WVpOUEpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lZTQ3NDgtNGVhYi00ZTU1LWI2NGEt
MmM3YTExYzFmYmFmLzEvUmZQRHFWUVFUbjlBUC1yLWdSNG5UYmhMY3lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lZTQ3NDgtNGVhYi00ZTU1LWI2NGEtMmM3YTExYzFmYmFm
LzEvbGRZYTZFY3NYSV9OZ1RkV3dXVEM4WVpOUEpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWvcMA0E
AgACMAcDBQMqBkYAMA0GCSqGSIb3DQEBCwUAA4IBAQBsrxrqF+fOz32aWZ136wh8
HNX6wZunpOFM8dfTuwbegC4kjY65HLaJS0qyfxNwb+cdk2FqzMYbHc1/BH6vuz8b
xnQbICa9Q57TU8cOowNXxR/Fc11AO2OMu+kwWDXK4eu2KJFvBH465ebE37i1VrQA
x5j45xvMc+Xda9embpB4oSKLa80gA8EjscmGivbUpAB+fAxfr+Vns8vVFKjq8O4m
uNxnSYtZqTpwsNQGXSGoQk/hAszel3lzhq59TEXtS6XKYfj87hn785418T07YM7R
Rv/vMl6UdevqKcKsmsjegFI+OIfH/m6aWDGp9ohlSDue5p4FMv0xsuxE2NBsPHeS
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:49 2025 by rpki-client