Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/cbFuEi-Wzuj6qs1Iw08IvscFjEA.roa
File: cbFuEi-Wzuj6qs1Iw08IvscFjEA.roa (raw, json)
Hash identifier: ITWKvJeTi2m+XKjG8SpY4dgstUNbKicZGbCFskf0QHk=
Subject key identifier: 71:B1:6E:12:2F:96:CE:E8:FA:AA:CD:48:C3:4F:08:BE:C7:05:8C:40
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018E75C715D56E2B374B3B7CF1C70DA5749C
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/cbFuEi-Wzuj6qs1Iw08IvscFjEA.roa
Signing time: Mon 25 Mar 2024 13:22:45 +0000
ROA not before: Mon 25 Mar 2024 13:22:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.209.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 13:06:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:c7:15:d5:6e:2b:37:4b:3b:7c:f1:c7:0d:a5:74:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Mar 25 13:22:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71b16e122f96cee8faaacd48c34f08bec7058c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a9:2f:34:db:d4:3c:8b:71:7a:24:58:47:19:
61:36:7d:19:69:ba:6a:d0:e9:fd:7a:3a:07:c5:7b:
d6:d7:f3:51:39:e2:2b:b0:d4:c1:6a:53:b9:1b:83:
fd:15:d7:65:bc:0a:2b:72:65:41:ab:30:2b:90:58:
21:df:c1:2b:fb:37:37:98:50:fe:38:38:aa:47:bf:
3f:76:33:2e:59:27:c4:a6:cb:a0:10:00:6d:a2:80:
18:01:56:2e:4c:31:bb:75:bd:10:23:06:d8:9d:0d:
92:01:8d:6b:2b:d3:22:56:46:09:7c:4b:24:ec:74:
de:cb:c8:2b:7c:cd:49:0d:aa:e7:d5:89:4b:4b:31:
b8:2f:f5:59:5b:e3:b7:86:a8:7d:31:39:00:d7:03:
2e:66:6a:7d:75:b2:45:99:71:16:4d:12:ee:0d:6e:
55:36:71:c4:8b:9f:ce:1b:1a:07:00:70:22:68:65:
42:d6:3e:f0:f3:5a:0b:c1:34:7f:4b:2d:78:8e:d8:
4c:1a:88:10:d6:96:44:0b:54:f2:c2:e5:b2:3b:90:
b2:1b:2c:db:77:d1:4a:4b:b6:8f:56:fb:12:36:78:
2a:ff:91:f6:87:ec:c1:ee:7a:d6:74:48:02:97:2e:
16:67:c7:31:07:ae:c6:4b:0c:75:49:57:25:ee:bb:
b4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B1:6E:12:2F:96:CE:E8:FA:AA:CD:48:C3:4F:08:BE:C7:05:8C:40
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/cbFuEi-Wzuj6qs1Iw08IvscFjEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.163.0/24
Signature Algorithm: sha256WithRSAEncryption
09:81:e0:2a:aa:87:8f:94:06:b7:e3:09:8e:fb:e8:58:15:88:
29:e9:60:92:1e:4f:6c:d2:01:c1:02:96:f4:04:0a:80:6e:9c:
b5:25:ec:90:97:ac:e5:28:b0:e9:59:4f:6b:c3:ff:b9:72:f2:
1a:4d:ff:56:d5:1d:df:07:75:73:00:da:e3:30:10:5c:43:ad:
72:54:62:4e:1a:63:f6:f5:a0:2b:37:8d:e7:b4:00:45:87:fb:
88:d3:64:5f:2d:1b:12:d9:8e:90:cc:17:87:0c:e5:b8:dd:4f:
29:16:5d:42:85:e5:7b:59:cf:32:7d:cd:df:30:cb:4c:b7:62:
c2:5b:e8:8b:bb:56:9f:a1:60:b8:43:b1:11:09:41:ca:36:76:
57:c0:04:39:39:fa:9d:84:61:2f:35:a0:22:df:7c:95:c7:cd:
db:5c:d9:79:23:e5:60:e2:c0:24:6e:44:53:d7:d1:b3:65:e2:
2b:82:8f:be:bf:8f:39:63:c6:2a:9d:3b:ec:77:f5:70:a1:10:
df:ab:eb:9e:59:00:17:5c:c2:29:b2:36:e6:2e:c8:7c:7f:14:
7c:dc:0f:5e:6f:19:71:e7:f3:f5:a6:92:74:e8:f7:87:54:dc:
0a:2b:36:1e:01:39:b7:81:00:14:e7:f2:ab:be:34:7e:3b:2e:
0f:18:87:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY51xxXVbis3Szt88ccNpXScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMzI1MTMyMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWIxNmUxMjJmOTZjZWU4ZmFhYWNkNDhjMzRmMDhiZWM3MDU4YzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6kvNNvUPItxeiRYRxlhNn0Zabpq
0On9ejoHxXvW1/NROeIrsNTBalO5G4P9FddlvAorcmVBqzArkFgh38Er+zc3mFD+
ODiqR78/djMuWSfEpsugEABtooAYAVYuTDG7db0QIwbYnQ2SAY1rK9MiVkYJfEsk
7HTey8grfM1JDarn1YlLSzG4L/VZW+O3hqh9MTkA1wMuZmp9dbJFmXEWTRLuDW5V
NnHEi5/OGxoHAHAiaGVC1j7w81oLwTR/Sy14jthMGogQ1pZEC1TywuWyO5CyGyzb
d9FKS7aPVvsSNngq/5H2h+zB7nrWdEgCly4WZ8cxB67GSwx1SVcl7ru0ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHGxbhIvls7o+qrNSMNPCL7HBYxAMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvY2JGdUVpLVd6dWo2cXMxSXcwOEl2c2NGakVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdGjMA0G
CSqGSIb3DQEBCwUAA4IBAQAJgeAqqoePlAa34wmO++hYFYgp6WCSHk9s0gHBApb0
BAqAbpy1JeyQl6zlKLDpWU9rw/+5cvIaTf9W1R3fB3VzANrjMBBcQ61yVGJOGmP2
9aArN43ntABFh/uI02RfLRsS2Y6QzBeHDOW43U8pFl1CheV7Wc8yfc3fMMtMt2LC
W+iLu1afoWC4Q7ERCUHKNnZXwAQ5OfqdhGEvNaAi33yVx83bXNl5I+Vg4sAkbkRT
19GzZeIrgo++v485Y8YqnTvsd/VwoRDfq+ueWQAXXMIpsjbmLsh8fxR83A9ebxlx
5/P1ppJ06PeHVNwKKzYeATm3gQAU5/KrvjR+Oy4PGIcn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:04 2025 by rpki-client