Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/095ecf-7d6a-4881-88e7-fe24ed2adcff/1/A16sbg_5C-5VwK6V0mvxUO4RLgE.roa
File: A16sbg_5C-5VwK6V0mvxUO4RLgE.roa (raw, json)
Hash identifier: 42gryE7c7McSKg5vwM7TWbUOC+3HEBfZKK14CWkNa4Q=
Subject key identifier: 03:5E:AC:6E:0F:F9:0B:EE:55:C0:AE:95:D2:6B:F1:50:EE:11:2E:01
Certificate issuer: /CN=25717849a69ad8df87088da658b2305b8594c8c4
Certificate serial: 018CC9BAAB3E4E5B85A1D2D4078EA4AE0B5D
Authority key identifier: 25:71:78:49:A6:9A:D8:DF:87:08:8D:A6:58:B2:30:5B:85:94:C8:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXF4Saaa2N-HCI2mWLIwW4WUyMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/095ecf-7d6a-4881-88e7-fe24ed2adcff/1/A16sbg_5C-5VwK6V0mvxUO4RLgE.roa
Signing time: Tue 02 Jan 2024 10:31:43 +0000
ROA not before: Tue 02 Jan 2024 10:31:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211204
IP address blocks: 185.205.9.0/24 maxlen: 24
185.205.10.0/24 maxlen: 24
185.205.8.0/24 maxlen: 24
185.205.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:ab:3e:4e:5b:85:a1:d2:d4:07:8e:a4:ae:0b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25717849a69ad8df87088da658b2305b8594c8c4
Validity
Not Before: Jan 2 10:31:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=035eac6e0ff90bee55c0ae95d26bf150ee112e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:eb:a5:47:c8:5e:6a:28:1c:1e:aa:42:76:03:
41:d7:0c:ef:6d:46:e4:c1:9d:b3:09:7a:30:19:23:
c6:00:e3:d3:ea:38:d7:27:8c:4d:5b:1c:62:1a:cd:
0b:e3:fe:26:26:aa:cb:78:57:c4:89:cf:31:1b:20:
21:ce:32:b2:a0:6a:90:ab:6a:05:5f:7c:40:9c:10:
e3:55:85:24:45:bc:76:96:19:1f:5f:4f:63:3d:04:
42:cf:93:fe:0c:8f:fc:8a:6f:13:e1:41:68:97:71:
c6:08:9f:29:b1:36:5f:3d:87:45:95:70:24:61:7a:
cf:9e:cf:c4:df:4b:84:c9:cd:3a:a4:4f:de:95:49:
b5:8b:eb:4e:a5:97:ca:20:ed:74:56:e3:79:ca:7d:
62:d7:09:9d:7f:4f:f6:12:ca:46:3c:3f:45:6e:93:
e3:30:d9:50:27:e5:e5:53:5c:08:d1:8c:73:52:b8:
f0:06:3d:77:3b:f7:ca:c5:92:27:a8:da:9a:cc:4d:
8f:66:09:21:81:01:34:a5:e6:ed:01:da:7a:e6:da:
83:a6:c4:19:47:8a:ca:f1:7a:79:ae:d8:fa:93:a5:
c7:54:54:2e:0a:e3:c6:62:5c:98:a2:a6:dc:31:31:
d2:3d:b6:60:2f:ae:88:56:11:86:4b:10:cd:34:bb:
c8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:5E:AC:6E:0F:F9:0B:EE:55:C0:AE:95:D2:6B:F1:50:EE:11:2E:01
X509v3 Authority Key Identifier:
keyid:25:71:78:49:A6:9A:D8:DF:87:08:8D:A6:58:B2:30:5B:85:94:C8:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXF4Saaa2N-HCI2mWLIwW4WUyMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/095ecf-7d6a-4881-88e7-fe24ed2adcff/1/A16sbg_5C-5VwK6V0mvxUO4RLgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/095ecf-7d6a-4881-88e7-fe24ed2adcff/1/JXF4Saaa2N-HCI2mWLIwW4WUyMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.8.0/22
Signature Algorithm: sha256WithRSAEncryption
22:c3:34:5f:be:b2:6a:23:27:0b:80:3e:8e:b7:8b:80:9b:64:
e5:77:a7:6e:27:d8:0d:17:75:0e:09:20:5e:dc:4e:a0:c8:a5:
0a:1f:d1:77:8e:a4:d9:0d:89:5a:b6:49:06:9f:81:e6:b4:40:
a2:e6:a5:93:43:a5:f9:c9:a8:8a:8b:3d:1a:96:3f:d2:cb:13:
26:3e:b2:8c:67:51:a4:80:0f:d9:4b:e4:02:a9:d0:c6:fb:39:
bd:6f:fa:b9:ff:88:6f:7d:ce:98:97:76:1a:5c:6d:ab:89:c5:
56:07:0c:6f:62:4b:79:bd:4a:c0:2b:ff:70:46:07:69:5b:6e:
4f:82:cb:38:8e:13:d9:d8:84:07:8b:e4:99:53:0f:f9:74:d2:
ea:39:b2:09:42:25:0c:a2:4b:ab:3a:f6:49:1f:14:58:4c:5a:
23:42:d3:75:4a:fc:cb:95:8f:54:07:51:e5:d7:61:34:83:05:
6e:27:40:c0:a3:cf:5a:fd:20:44:79:59:9f:ab:e0:52:c3:2f:
c9:86:74:13:70:a2:d6:7c:1c:0b:9d:c2:36:af:ed:cb:a4:31:
8d:d4:55:55:7b:07:8c:db:ca:40:6c:a5:72:4a:f5:e5:99:53:
56:0e:f3:95:12:61:10:d7:34:39:38:2d:63:13:12:a9:9b:b9:
01:d9:7d:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJuqs+TluFodLUB46krgtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NzE3ODQ5YTY5YWQ4ZGY4NzA4OGRhNjU4YjIzMDViODU5
NGM4YzQwHhcNMjQwMTAyMTAzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzVlYWM2ZTBmZjkwYmVlNTVjMGFlOTVkMjZiZjE1MGVlMTEyZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOulR8heaigcHqpCdgNB1wzvbUbk
wZ2zCXowGSPGAOPT6jjXJ4xNWxxiGs0L4/4mJqrLeFfEic8xGyAhzjKyoGqQq2oF
X3xAnBDjVYUkRbx2lhkfX09jPQRCz5P+DI/8im8T4UFol3HGCJ8psTZfPYdFlXAk
YXrPns/E30uEyc06pE/elUm1i+tOpZfKIO10VuN5yn1i1wmdf0/2EspGPD9FbpPj
MNlQJ+XlU1wI0YxzUrjwBj13O/fKxZInqNqazE2PZgkhgQE0pebtAdp65tqDpsQZ
R4rK8Xp5rtj6k6XHVFQuCuPGYlyYoqbcMTHSPbZgL66IVhGGSxDNNLvIlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANerG4P+QvuVcCuldJr8VDuES4BMB8GA1UdIwQY
MBaAFCVxeEmmmtjfhwiNpliyMFuFlMjEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlhGNFNhYWEyTi1IQ0kybVdMSXdXNFdVeU1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8wOTVlY2YtN2Q2YS00ODgxLTg4ZTct
ZmUyNGVkMmFkY2ZmLzEvQTE2c2JnXzVDLTVWd0s2VjBtdnhVTzRSTGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8wOTVlY2YtN2Q2YS00ODgxLTg4ZTctZmUyNGVkMmFkY2Zm
LzEvSlhGNFNhYWEyTi1IQ0kybVdMSXdXNFdVeU1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc0IMA0G
CSqGSIb3DQEBCwUAA4IBAQAiwzRfvrJqIycLgD6Ot4uAm2Tld6duJ9gNF3UOCSBe
3E6gyKUKH9F3jqTZDYlatkkGn4HmtECi5qWTQ6X5yaiKiz0alj/SyxMmPrKMZ1Gk
gA/ZS+QCqdDG+zm9b/q5/4hvfc6Yl3YaXG2ricVWBwxvYkt5vUrAK/9wRgdpW25P
gss4jhPZ2IQHi+SZUw/5dNLqObIJQiUMokurOvZJHxRYTFojQtN1SvzLlY9UB1Hl
12E0gwVuJ0DAo89a/SBEeVmfq+BSwy/JhnQTcKLWfBwLncI2r+3LpDGN1FVVeweM
28pAbKVySvXlmVNWDvOVEmEQ1zQ5OC1jExKpm7kB2X2A
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:27 2025 by rpki-client