Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/a0b266-3c9e-4e0c-8a6d-5895b69d189e/1/bi8qV_Ubk1kICdNH1DdwpMbraD8.roa
File: bi8qV_Ubk1kICdNH1DdwpMbraD8.roa (raw, json)
Hash identifier: 3BTsXus0rpJGK3aRT3sHOKRe8CG08C3QjUsIaAEfsXk=
Subject key identifier: 6E:2F:2A:57:F5:1B:93:59:08:09:D3:47:D4:37:70:A4:C6:EB:68:3F
Certificate issuer: /CN=2a369ca9ba84ad847d49d31e27465faf57bf28e4
Certificate serial: 018CCA2B804C12EC130D465442F547C3080A
Authority key identifier: 2A:36:9C:A9:BA:84:AD:84:7D:49:D3:1E:27:46:5F:AF:57:BF:28:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KjacqbqErYR9SdMeJ0Zfr1e_KOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/a0b266-3c9e-4e0c-8a6d-5895b69d189e/1/bi8qV_Ubk1kICdNH1DdwpMbraD8.roa
Signing time: Tue 02 Jan 2024 12:34:57 +0000
ROA not before: Tue 02 Jan 2024 12:34:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50018
IP address blocks: 185.136.64.0/22 maxlen: 22
185.136.64.0/24 maxlen: 24
185.136.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:80:4c:12:ec:13:0d:46:54:42:f5:47:c3:08:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a369ca9ba84ad847d49d31e27465faf57bf28e4
Validity
Not Before: Jan 2 12:34:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e2f2a57f51b93590809d347d43770a4c6eb683f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b8:d9:df:ab:04:75:2e:9d:10:56:17:67:28:
2f:bd:7f:b1:fe:cf:b1:50:90:f8:c6:79:b1:83:1e:
38:55:2d:d3:e6:c2:08:33:db:6f:e8:e8:35:35:89:
b8:db:a1:4b:7e:bd:c3:c0:49:de:b0:f4:52:17:ed:
ef:d0:26:2c:43:1d:71:7f:d8:98:e6:c1:96:2d:7a:
1c:c1:48:78:9c:23:7a:9a:6a:ea:43:92:a3:77:8c:
48:10:94:1b:5a:28:2e:5e:ad:cb:50:58:b3:1a:e9:
cc:c9:d4:17:4d:88:ab:28:f7:2b:5a:78:12:13:63:
5b:df:12:cd:55:b8:64:f8:bb:07:75:93:1f:de:7a:
c7:84:68:62:16:36:00:34:bf:3f:65:4a:50:e5:20:
4b:3e:2d:e5:f5:c2:24:6e:7d:67:b6:97:87:0d:c6:
76:d7:17:db:5d:06:dc:25:fc:0f:b0:f4:e1:2f:b4:
21:67:38:30:fa:47:b5:c0:b3:4a:c5:b4:b4:cd:b0:
79:7d:63:c7:71:93:9c:a3:41:fd:ee:23:ed:b5:a0:
28:8b:92:cd:54:51:e7:67:19:8d:88:69:91:a8:d9:
80:f8:14:9e:d1:15:9c:e8:4d:3f:9b:85:fd:e4:13:
72:5f:d9:34:3a:65:f5:a7:78:af:e3:cf:8f:21:a1:
20:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:2F:2A:57:F5:1B:93:59:08:09:D3:47:D4:37:70:A4:C6:EB:68:3F
X509v3 Authority Key Identifier:
keyid:2A:36:9C:A9:BA:84:AD:84:7D:49:D3:1E:27:46:5F:AF:57:BF:28:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KjacqbqErYR9SdMeJ0Zfr1e_KOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a0b266-3c9e-4e0c-8a6d-5895b69d189e/1/bi8qV_Ubk1kICdNH1DdwpMbraD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a0b266-3c9e-4e0c-8a6d-5895b69d189e/1/KjacqbqErYR9SdMeJ0Zfr1e_KOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.64.0/22
Signature Algorithm: sha256WithRSAEncryption
65:22:d7:64:94:dd:37:b2:08:96:6a:f1:91:76:d4:6e:b9:cd:
c0:b8:56:87:c8:fe:f5:a8:7d:4b:5a:a8:29:ab:42:bb:18:7c:
d2:14:71:d6:05:1c:dd:da:29:82:be:15:df:f4:2c:6c:2e:40:
61:dc:08:8d:17:bb:08:27:ed:61:e3:e4:9f:9e:39:54:e1:5c:
8d:0b:01:d7:a4:65:79:56:c1:ce:21:7c:5e:a1:da:b2:69:43:
e3:b1:85:d4:66:65:99:7c:03:e6:2b:b5:37:45:d0:b0:72:af:
14:7a:f7:54:8a:f1:86:8a:b1:ae:04:9c:c5:b9:f5:ac:22:1d:
62:4a:f4:a2:06:c3:5d:9d:49:89:20:34:51:ab:45:2e:e1:5c:
ff:80:55:6b:55:a4:4d:de:16:ae:d3:b7:6e:b9:2a:60:66:ff:
2d:85:00:f8:ef:f2:dd:2d:13:2c:2b:b8:dc:6e:4a:a5:1e:0b:
d7:33:9c:59:e7:61:ac:19:e8:b8:a4:e5:20:81:2c:d0:31:45:
37:a2:f8:2d:4e:94:48:ec:10:42:31:cc:ad:cd:ce:74:54:15:
0f:ba:ef:01:87:d2:2d:47:e6:65:f6:ef:7a:69:f5:a3:07:e4:
3e:29:70:70:52:f5:01:73:34:bf:af:b2:dc:c3:0c:18:bb:72:
74:bc:90:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK4BMEuwTDUZUQvVHwwgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMzY5Y2E5YmE4NGFkODQ3ZDQ5ZDMxZTI3NDY1ZmFmNTdi
ZjI4ZTQwHhcNMjQwMTAyMTIzNDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTJmMmE1N2Y1MWI5MzU5MDgwOWQzNDdkNDM3NzBhNGM2ZWI2ODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLjZ36sEdS6dEFYXZygvvX+x/s+x
UJD4xnmxgx44VS3T5sIIM9tv6Og1NYm426FLfr3DwEnesPRSF+3v0CYsQx1xf9iY
5sGWLXocwUh4nCN6mmrqQ5Kjd4xIEJQbWiguXq3LUFizGunMydQXTYirKPcrWngS
E2Nb3xLNVbhk+LsHdZMf3nrHhGhiFjYANL8/ZUpQ5SBLPi3l9cIkbn1ntpeHDcZ2
1xfbXQbcJfwPsPThL7QhZzgw+ke1wLNKxbS0zbB5fWPHcZOco0H97iPttaAoi5LN
VFHnZxmNiGmRqNmA+BSe0RWc6E0/m4X95BNyX9k0OmX1p3iv48+PIaEg0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4vKlf1G5NZCAnTR9Q3cKTG62g/MB8GA1UdIwQY
MBaAFCo2nKm6hK2EfUnTHidGX69XvyjkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2phY3FicUVyWVI5U2RNZUowWmZyMWVfS09RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hMGIyNjYtM2M5ZS00ZTBjLThhNmQt
NTg5NWI2OWQxODllLzEvYmk4cVZfVWJrMWtJQ2ROSDFEZHdwTWJyYUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hMGIyNjYtM2M5ZS00ZTBjLThhNmQtNTg5NWI2OWQxODll
LzEvS2phY3FicUVyWVI5U2RNZUowWmZyMWVfS09RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYhAMA0G
CSqGSIb3DQEBCwUAA4IBAQBlItdklN03sgiWavGRdtRuuc3AuFaHyP71qH1LWqgp
q0K7GHzSFHHWBRzd2imCvhXf9CxsLkBh3AiNF7sIJ+1h4+SfnjlU4VyNCwHXpGV5
VsHOIXxeodqyaUPjsYXUZmWZfAPmK7U3RdCwcq8UevdUivGGirGuBJzFufWsIh1i
SvSiBsNdnUmJIDRRq0Uu4Vz/gFVrVaRN3hau07duuSpgZv8thQD47/LdLRMsK7jc
bkqlHgvXM5xZ52GsGei4pOUggSzQMUU3ovgtTpRI7BBCMcytzc50VBUPuu8Bh9It
R+Zl9u96afWjB+Q+KXBwUvUBczS/r7LcwwwYu3J0vJDi
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:10:54 2025 by rpki-client