Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/350991ZO19OoaGbmPUg6hnLbaCQ.roa
File: 350991ZO19OoaGbmPUg6hnLbaCQ.roa (raw, json)
Hash identifier: e2YI5lLl6zRxt03iORbzo09fpH9YKXhrezwyiC6aaiE=
Subject key identifier: DF:9D:3D:F7:56:4E:D7:D3:A8:68:66:E6:3D:48:3A:86:72:DB:68:24
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018E7ADECB2F778C8A76091938DA517E5E02
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/350991ZO19OoaGbmPUg6hnLbaCQ.roa
Signing time: Tue 26 Mar 2024 13:06:45 +0000
ROA not before: Tue 26 Mar 2024 13:06:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 85.209.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jul 2024 06:25:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:de:cb:2f:77:8c:8a:76:09:19:38:da:51:7e:5e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Mar 26 13:06:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df9d3df7564ed7d3a86866e63d483a8672db6824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a4:2e:16:3f:70:85:88:37:b2:f7:02:c5:ae:
58:c1:ef:9c:5b:a1:15:17:5d:e3:a8:fc:0e:8b:cc:
cb:17:9b:37:61:7d:3c:f7:6f:ad:42:51:fa:33:03:
56:4f:7c:3e:83:36:37:3c:e5:4c:cf:64:0e:93:08:
11:ce:95:24:f1:ff:b1:1d:e4:e7:7c:c8:cc:cc:5a:
be:71:e4:4a:95:3b:d0:af:bb:26:91:66:3e:3b:d6:
10:03:21:65:e2:c4:b7:40:79:97:be:2d:46:a0:dd:
2a:5d:8b:43:f1:cf:b8:2b:ac:72:da:27:ca:eb:d7:
39:26:ae:f9:a1:f7:ff:dc:d9:c0:b9:bf:03:3e:b6:
25:dd:7e:6e:71:e3:32:e0:3c:dd:94:52:15:86:33:
54:9b:5f:1e:bf:3c:eb:6c:c4:c9:fc:05:0b:40:3f:
24:3c:9a:5b:3f:36:4c:f8:98:5e:e9:d8:7c:8e:e9:
f8:39:cf:fa:23:7a:5d:78:17:53:77:f4:cf:ab:0e:
c0:d0:ca:64:79:7a:3f:e6:61:99:33:44:77:5f:47:
b6:53:b6:02:41:5b:4a:95:78:f9:e8:38:06:1d:d2:
4f:eb:e5:a9:ca:7d:65:55:89:fe:13:e0:da:57:da:
57:28:bd:62:fd:dc:b2:f7:f0:87:60:74:cc:ac:f1:
20:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9D:3D:F7:56:4E:D7:D3:A8:68:66:E6:3D:48:3A:86:72:DB:68:24
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/350991ZO19OoaGbmPUg6hnLbaCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.163.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:3d:dc:54:ee:8a:16:3a:ae:9a:07:3c:cd:1f:bf:b6:27:99:
b1:b9:bd:88:52:c7:09:88:7b:4f:aa:1f:37:e2:57:0f:25:e6:
29:17:62:39:6b:d8:b6:3d:c5:ed:7e:5b:f5:5e:c8:b7:cf:ce:
80:d6:df:72:6f:06:35:ae:2e:04:78:b2:be:fd:ad:5f:29:ca:
f5:cd:4d:08:5b:76:44:3e:1b:6f:cc:45:4e:3e:e3:76:49:7a:
1b:31:8e:99:e8:f7:c9:43:77:c6:b9:7b:7a:8d:92:dc:00:d1:
00:f7:b0:a7:41:a7:b1:6d:5d:b9:9a:5c:ad:ae:d0:e1:a8:ec:
a0:92:44:87:75:5e:24:9a:29:a7:10:dd:a8:12:9e:2c:d3:3a:
e5:d7:88:54:7f:0c:83:3f:42:d9:08:69:c0:57:a9:3c:86:71:
66:f5:c8:02:a7:f2:c5:c2:56:d4:cd:26:5d:92:a7:61:0a:d7:
5c:a1:7b:67:a4:8d:ce:0c:98:4c:7f:db:a2:96:e4:9f:56:96:
84:ee:a4:fc:20:54:c8:2d:9e:14:01:8e:35:4d:21:75:51:e6:
f0:f1:81:36:05:25:2c:cd:aa:ae:43:6e:93:ed:f9:41:05:a2:
48:a6:ef:8d:d9:1d:46:8d:80:9b:b4:9b:06:b0:5c:09:3b:0e:
b1:bd:6d:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY563ssvd4yKdgkZONpRfl4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMzI2MTMwNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjlkM2RmNzU2NGVkN2QzYTg2ODY2ZTYzZDQ4M2E4NjcyZGI2ODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaQuFj9whYg3svcCxa5Ywe+cW6EV
F13jqPwOi8zLF5s3YX0892+tQlH6MwNWT3w+gzY3POVMz2QOkwgRzpUk8f+xHeTn
fMjMzFq+ceRKlTvQr7smkWY+O9YQAyFl4sS3QHmXvi1GoN0qXYtD8c+4K6xy2ifK
69c5Jq75off/3NnAub8DPrYl3X5uceMy4DzdlFIVhjNUm18evzzrbMTJ/AULQD8k
PJpbPzZM+Jhe6dh8jun4Oc/6I3pdeBdTd/TPqw7A0MpkeXo/5mGZM0R3X0e2U7YC
QVtKlXj56DgGHdJP6+Wpyn1lVYn+E+DaV9pXKL1i/dyy9/CHYHTMrPEgyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+dPfdWTtfTqGhm5j1IOoZy22gkMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvMzUwOTkxWk8xOU9vYUdibVBVZzZobkxiYUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdGjMA0G
CSqGSIb3DQEBCwUAA4IBAQDNPdxU7ooWOq6aBzzNH7+2J5mxub2IUscJiHtPqh83
4lcPJeYpF2I5a9i2PcXtflv1Xsi3z86A1t9ybwY1ri4EeLK+/a1fKcr1zU0IW3ZE
PhtvzEVOPuN2SXobMY6Z6PfJQ3fGuXt6jZLcANEA97CnQaexbV25mlytrtDhqOyg
kkSHdV4kmimnEN2oEp4s0zrl14hUfwyDP0LZCGnAV6k8hnFm9cgCp/LFwlbUzSZd
kqdhCtdcoXtnpI3ODJhMf9uiluSfVpaE7qT8IFTILZ4UAY41TSF1Uebw8YE2BSUs
zaquQ26T7flBBaJIpu+N2R1GjYCbtJsGsFwJOw6xvW3v
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:08 2025 by rpki-client