Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ErGWmCWH7l17ionMDQ1bcjWBA9Q.roa
File: ErGWmCWH7l17ionMDQ1bcjWBA9Q.roa (raw, json)
Hash identifier: KXTuJMbDBqvi7pGjSlHUdXfA8Tqf7yoKYtNCu9k+O0g=
Subject key identifier: 12:B1:96:98:25:87:EE:5D:7B:8A:89:CC:0D:0D:5B:72:35:81:03:D4
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01942D9C81A45A648E1C272A9786EFC44907
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ErGWmCWH7l17ionMDQ1bcjWBA9Q.roa
Signing time: Fri 03 Jan 2025 19:20:19 +0000
ROA not before: Fri 03 Jan 2025 19:20:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214382
IP address blocks: 85.208.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Apr 2025 19:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2d:9c:81:a4:5a:64:8e:1c:27:2a:97:86:ef:c4:49:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 3 19:20:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12b196982587ee5d7b8a89cc0d0d5b72358103d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:aa:43:06:f4:64:14:f7:19:bf:d4:e5:a2:26:
42:a3:12:77:d7:a6:b4:59:c8:56:5c:a6:7d:60:12:
61:d2:47:b3:c5:9f:71:c2:7f:23:8d:f2:c7:df:b1:
e8:5b:20:95:85:f6:92:15:50:21:f5:32:65:fe:1b:
71:4e:62:f2:35:0b:fa:d3:b0:1b:a5:c8:0b:c7:dd:
91:e9:b6:17:ea:7f:03:30:90:95:d7:2a:17:60:de:
7f:23:9f:5d:99:1f:42:03:a7:66:d0:a5:ff:eb:57:
a8:ed:c0:35:bb:d3:27:91:0b:71:17:54:cb:75:f3:
04:0b:e7:a0:1e:20:5a:ae:e0:e9:39:6e:ab:e2:19:
08:28:fc:5c:fa:77:92:d6:96:20:85:c7:7a:01:7a:
2b:ee:cb:02:d1:6b:d0:fb:e6:8f:3d:00:15:26:f6:
42:b0:6d:42:cf:d6:ef:f7:40:11:83:5a:ca:24:bb:
1e:2f:8c:38:f1:a7:e3:da:4c:fe:0c:ab:97:c3:81:
e3:74:e4:6b:d7:de:0b:62:75:f5:cb:52:7f:fa:2b:
ce:bd:aa:c0:0b:9c:03:47:86:77:be:91:70:1d:bc:
93:7c:a6:87:9c:be:09:56:6e:72:56:e5:4b:96:54:
dc:7b:3a:f5:33:92:cc:37:04:7a:93:ed:70:b8:01:
e3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:B1:96:98:25:87:EE:5D:7B:8A:89:CC:0D:0D:5B:72:35:81:03:D4
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ErGWmCWH7l17ionMDQ1bcjWBA9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.106.0/24
Signature Algorithm: sha256WithRSAEncryption
34:ed:4f:84:0d:2c:45:fb:33:c4:14:e1:56:33:74:9e:b7:87:
33:56:c1:e7:3f:bf:25:39:11:64:34:f9:d4:cc:d4:fe:35:6b:
5b:73:d5:42:de:14:1e:65:7d:92:e1:00:f7:26:f1:a9:b6:f1:
07:12:2e:a2:7c:a9:fe:f5:c3:56:a3:18:51:aa:91:c2:da:04:
68:a5:cb:93:7c:06:76:33:19:b7:b7:c1:98:72:87:f2:8a:2d:
26:a2:5c:67:12:4e:9d:61:9d:f8:6e:67:9f:1c:d7:34:8e:55:
34:8e:39:ca:f0:7a:85:81:92:8b:18:f1:61:f6:05:9a:d7:d6:
6f:18:ec:fe:be:3f:cd:3f:f9:9c:97:44:6b:72:a4:7f:d1:db:
bb:0a:f9:05:d5:c3:ce:2f:e3:c7:bd:15:b1:2e:c4:21:a4:c4:
50:d8:3e:8f:b8:44:6b:46:e1:1d:ae:f2:bd:50:1a:dd:15:4a:
23:1a:24:54:13:0c:e4:ca:94:68:8e:2f:bd:a4:10:d8:75:0a:
40:0f:ac:fe:3f:cc:16:a0:30:3a:27:0a:38:85:7d:8c:49:d5:
de:3b:87:3f:96:7e:64:6d:58:bb:9f:65:97:ea:02:bc:8d:8b:
ca:a9:30:ef:cd:57:49:0f:7b:ac:25:e6:be:e3:ca:cc:d7:0e:
7d:60:80:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQtnIGkWmSOHCcql4bvxEkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAzMTkyMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmIxOTY5ODI1ODdlZTVkN2I4YTg5Y2MwZDBkNWI3MjM1ODEwM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKpDBvRkFPcZv9TloiZCoxJ316a0
WchWXKZ9YBJh0kezxZ9xwn8jjfLH37HoWyCVhfaSFVAh9TJl/htxTmLyNQv607Ab
pcgLx92R6bYX6n8DMJCV1yoXYN5/I59dmR9CA6dm0KX/61eo7cA1u9MnkQtxF1TL
dfMEC+egHiBaruDpOW6r4hkIKPxc+neS1pYghcd6AXor7ssC0WvQ++aPPQAVJvZC
sG1Cz9bv90ARg1rKJLseL4w48afj2kz+DKuXw4HjdORr194LYnX1y1J/+ivOvarA
C5wDR4Z3vpFwHbyTfKaHnL4JVm5yVuVLllTcezr1M5LMNwR6k+1wuAHjUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBKxlpglh+5de4qJzA0NW3I1gQPUMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvRXJHV21DV0g3bDE3aW9uTURRMWJjaldCQTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBqMA0G
CSqGSIb3DQEBCwUAA4IBAQA07U+EDSxF+zPEFOFWM3Set4czVsHnP78lORFkNPnU
zNT+NWtbc9VC3hQeZX2S4QD3JvGptvEHEi6ifKn+9cNWoxhRqpHC2gRopcuTfAZ2
Mxm3t8GYcofyii0molxnEk6dYZ34bmefHNc0jlU0jjnK8HqFgZKLGPFh9gWa19Zv
GOz+vj/NP/mcl0RrcqR/0du7CvkF1cPOL+PHvRWxLsQhpMRQ2D6PuERrRuEdrvK9
UBrdFUojGiRUEwzkypRoji+9pBDYdQpAD6z+P8wWoDA6Jwo4hX2MSdXeO4c/ln5k
bVi7n2WX6gK8jYvKqTDvzVdJD3usJea+48rM1w59YIDJ
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:40:21 2025 by rpki-client