Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/3fFRdObYXWZ1pj6hAopPyHNGJkY.roa
File: 3fFRdObYXWZ1pj6hAopPyHNGJkY.roa (raw, json)
Hash identifier: zPOb4OunwIsof+7o+9EbHzRQgW5bnBm/dISlMsS3HOQ=
Subject key identifier: DD:F1:51:74:E6:D8:5D:66:75:A6:3E:A1:02:8A:4F:C8:73:46:26:46
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019205E863B3070DC999DADCF9DD4EAA9B8C
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/3fFRdObYXWZ1pj6hAopPyHNGJkY.roa
Signing time: Wed 18 Sep 2024 16:12:48 +0000
ROA not before: Wed 18 Sep 2024 16:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 45.8.185.0/24 maxlen: 24
85.209.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:05:e8:63:b3:07:0d:c9:99:da:dc:f9:dd:4e:aa:9b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 18 16:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddf15174e6d85d6675a63ea1028a4fc873462646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:32:c1:3e:02:cb:0b:8e:97:6c:c4:94:ab:c3:
be:d0:94:5b:ee:b6:a7:1f:44:20:77:3e:8b:60:eb:
88:7d:b2:21:fc:a4:08:3f:3f:8c:e4:72:02:ba:a0:
af:ea:63:93:a3:82:3a:be:85:79:8c:2f:67:30:e2:
90:49:c3:83:73:dd:a9:c8:23:36:5e:10:00:c1:6b:
b1:a1:3b:c8:2c:8f:44:48:8a:24:b0:9e:c2:f8:6d:
2b:fb:80:26:44:e2:ba:6e:7e:ed:c0:2b:24:5f:6a:
f5:b7:70:a3:c2:23:fe:03:b7:7d:6e:e7:34:1f:1c:
64:3a:b2:8e:2a:04:b1:80:96:3e:55:ec:d6:56:16:
0f:37:f7:ec:0b:35:d7:1e:e0:5e:84:30:f2:5b:ee:
ff:9a:78:cd:d1:3c:97:69:9e:1c:1d:db:fe:e9:61:
dd:21:b5:11:ef:61:64:9e:1c:45:bf:9a:f5:fe:e8:
3c:33:dd:c8:76:fe:b7:21:e5:32:f7:27:22:08:91:
b7:d1:e0:b8:81:e6:bc:d9:93:04:3e:ce:b2:b4:17:
ab:04:1c:7e:f0:23:75:14:78:16:ac:06:83:46:44:
e5:37:ee:33:b3:39:be:79:1d:16:38:32:93:62:5d:
a7:26:d0:c8:ff:9b:4a:a2:62:5b:ec:86:da:91:fc:
ce:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F1:51:74:E6:D8:5D:66:75:A6:3E:A1:02:8A:4F:C8:73:46:26:46
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/3fFRdObYXWZ1pj6hAopPyHNGJkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.185.0/24
85.209.162.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:68:29:de:7d:f2:ae:91:57:8d:49:95:fe:05:69:52:02:74:
11:96:a0:6e:17:bd:7b:9d:21:f0:94:66:b1:87:52:4c:2c:fd:
45:21:3b:80:ec:db:7d:14:1c:5d:7e:b2:df:92:f8:87:4d:a8:
46:f4:d0:31:de:27:ab:00:74:b3:40:02:f8:87:9f:62:08:69:
03:46:e6:50:05:72:c6:2a:db:d6:a2:92:dc:83:5a:73:f9:ae:
c8:a6:8e:96:7a:25:ef:a7:c3:03:5c:c5:d1:7d:7b:3c:ff:68:
30:c1:76:0e:76:81:4c:3c:e3:c0:d5:5a:f7:5c:3e:95:4a:cf:
9f:a8:9c:d4:2e:c1:60:07:99:3c:d2:05:0f:a8:7f:94:35:f4:
37:3c:9b:14:30:6c:60:e9:ee:46:c3:91:d2:ef:03:df:30:96:
c7:a8:1a:36:b9:42:cb:9b:f1:ba:6b:5c:5a:db:ce:ec:36:fa:
1d:2d:f3:ba:d1:ce:71:4b:58:76:19:c5:2a:de:ee:ad:da:a1:
a1:f8:77:63:71:88:57:ab:db:d7:c5:29:35:7c:e7:3b:a3:62:
9f:54:6e:0a:df:19:d2:b0:e7:65:ff:59:a5:59:39:5d:2c:83:
41:73:9c:fa:af:ff:94:b4:59:94:b8:db:ed:d5:92:5a:a3:c8:
39:db:0b:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIF6GOzBw3Jmdrc+d1OqpuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwOTE4MTYxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGYxNTE3NGU2ZDg1ZDY2NzVhNjNlYTEwMjhhNGZjODczNDYyNjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTLBPgLLC46XbMSUq8O+0JRb7ran
H0Qgdz6LYOuIfbIh/KQIPz+M5HICuqCv6mOTo4I6voV5jC9nMOKQScODc92pyCM2
XhAAwWuxoTvILI9ESIoksJ7C+G0r+4AmROK6bn7twCskX2r1t3CjwiP+A7d9buc0
HxxkOrKOKgSxgJY+VezWVhYPN/fsCzXXHuBehDDyW+7/mnjN0TyXaZ4cHdv+6WHd
IbUR72FknhxFv5r1/ug8M93Idv63IeUy9yciCJG30eC4gea82ZMEPs6ytBerBBx+
8CN1FHgWrAaDRkTlN+4zszm+eR0WODKTYl2nJtDI/5tKomJb7IbakfzOJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN3xUXTm2F1mdaY+oQKKT8hzRiZGMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvM2ZGUmRPYllYV1oxcGo2aEFvcFB5SE5HSmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQi5AwQA
VdGiMA0GCSqGSIb3DQEBCwUAA4IBAQC9aCneffKukVeNSZX+BWlSAnQRlqBuF717
nSHwlGaxh1JMLP1FITuA7Nt9FBxdfrLfkviHTahG9NAx3ierAHSzQAL4h59iCGkD
RuZQBXLGKtvWopLcg1pz+a7Ipo6WeiXvp8MDXMXRfXs8/2gwwXYOdoFMPOPA1Vr3
XD6VSs+fqJzULsFgB5k80gUPqH+UNfQ3PJsUMGxg6e5Gw5HS7wPfMJbHqBo2uULL
m/G6a1xa287sNvodLfO60c5xS1h2GcUq3u6t2qGh+HdjcYhXq9vXxSk1fOc7o2Kf
VG4K3xnSsOdl/1mlWTldLINBc5z6r/+UtFmUuNvt1ZJao8g52wsL
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:26:01 2025 by rpki-client