Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/8qpCI0vcqvQfOrCy7xDbAlGfMiw.roa
File: 8qpCI0vcqvQfOrCy7xDbAlGfMiw.roa (raw, json)
Hash identifier: balnX1TT3LLMLgMcMZ/dra9bMdjmjJSnxz46wdaIazo=
Subject key identifier: F2:AA:42:23:4B:DC:AA:F4:1F:3A:B0:B2:EF:10:DB:02:51:9F:32:2C
Certificate issuer: /CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Certificate serial: 018E93FAB58476D685CC327E492B4BFE24E9
Authority key identifier: 36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/8qpCI0vcqvQfOrCy7xDbAlGfMiw.roa
Signing time: Sun 31 Mar 2024 10:07:44 +0000
ROA not before: Sun 31 Mar 2024 10:07:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216425
IP address blocks: 185.113.66.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jul 2024 14:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:93:fa:b5:84:76:d6:85:cc:32:7e:49:2b:4b:fe:24:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Validity
Not Before: Mar 31 10:07:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2aa42234bdcaaf41f3ab0b2ef10db02519f322c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:65:89:a1:49:a5:be:91:4f:71:4d:d2:4d:a3:
87:ef:7b:27:30:56:cc:ed:68:c0:43:b4:3c:e2:38:
8e:08:de:34:bb:2e:79:c3:cd:f2:a6:4f:ae:73:43:
49:10:bd:45:85:1b:87:fa:11:c3:76:61:7d:65:99:
fb:71:9e:9d:50:a0:16:7f:f0:7c:fa:11:fa:dc:86:
7b:97:a8:d5:27:e9:62:7b:6e:4c:80:d2:5a:9e:fd:
1c:01:fd:61:8d:c1:78:d0:3b:64:b3:71:d9:75:80:
a0:c6:a6:b1:e6:a9:ba:0a:79:99:1c:70:06:e0:65:
b3:2c:aa:71:ef:51:b9:41:9f:f9:a4:4a:8a:07:00:
36:d4:74:d1:54:07:f4:f3:24:50:86:03:0e:69:0f:
a3:44:09:bc:c0:94:58:bc:57:08:0c:81:7a:d8:07:
b8:3e:19:3f:6a:b6:6d:31:cd:7f:62:3b:7e:71:5b:
c1:52:95:0e:64:77:cc:8e:65:5b:ff:08:18:5e:e9:
77:ab:39:a9:7c:3e:61:42:56:fd:83:e5:33:39:b8:
2c:d1:77:43:95:91:dc:36:87:8c:a1:13:d8:1c:9f:
02:48:a7:e5:f0:ed:7c:dd:61:65:82:34:59:cd:b8:
89:7b:f4:b4:6e:70:47:f9:50:22:f4:4f:83:dd:d2:
70:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AA:42:23:4B:DC:AA:F4:1F:3A:B0:B2:EF:10:DB:02:51:9F:32:2C
X509v3 Authority Key Identifier:
keyid:36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/8qpCI0vcqvQfOrCy7xDbAlGfMiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/NpT8xr9qh0D6eBRkH9nW7I2GLl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.66.0/23
Signature Algorithm: sha256WithRSAEncryption
c3:26:1f:fc:2c:bf:8a:bf:fe:4a:3b:83:6e:03:8d:91:63:f0:
bd:61:eb:0e:bc:6b:a8:70:25:77:b4:1e:8a:45:20:08:5e:fa:
99:0d:54:07:45:d5:0e:bc:70:96:4f:bf:c0:2a:85:ef:48:ce:
a2:07:e3:33:30:71:04:c1:71:47:5c:83:a8:06:73:0f:2f:41:
a7:76:5c:d6:6b:d7:ab:5a:1e:e1:fe:66:81:90:d6:01:8d:05:
67:57:17:3a:d6:11:f8:95:ce:ae:3d:93:00:a4:4c:9e:39:41:
32:da:2d:d9:4b:52:ee:35:17:55:39:76:6a:a7:01:20:30:c5:
67:ef:0e:43:86:44:14:f6:ed:d7:ef:64:2c:36:51:a9:42:a4:
8e:fb:05:39:c3:3d:d3:7e:3a:1a:17:5e:3a:d9:05:00:70:aa:
11:8f:fd:55:4b:c7:23:6e:61:dc:a4:fe:97:a6:6b:30:d8:0c:
02:73:1a:18:0b:55:c0:ae:76:5d:ce:90:d0:d6:10:6b:00:cf:
71:75:fb:4e:66:74:18:43:1b:c8:56:e4:5e:57:00:28:4e:7c:
67:62:50:44:e1:e4:e1:da:4a:e6:d1:d0:e2:4e:6c:53:7f:0a:
fc:61:f4:61:96:ab:f0:bf:66:3e:a4:9f:34:51:b4:c7:2a:ef:
60:15:1d:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6T+rWEdtaFzDJ+SStL/iTpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTRmY2M2YmY2YTg3NDBmYTc4MTQ2NDFmZDlkNmVjOGQ4
NjJlNWYwHhcNMjQwMzMxMTAwNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFhNDIyMzRiZGNhYWY0MWYzYWIwYjJlZjEwZGIwMjUxOWYzMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmWJoUmlvpFPcU3STaOH73snMFbM
7WjAQ7Q84jiOCN40uy55w83ypk+uc0NJEL1FhRuH+hHDdmF9ZZn7cZ6dUKAWf/B8
+hH63IZ7l6jVJ+lie25MgNJanv0cAf1hjcF40Dtks3HZdYCgxqax5qm6CnmZHHAG
4GWzLKpx71G5QZ/5pEqKBwA21HTRVAf08yRQhgMOaQ+jRAm8wJRYvFcIDIF62Ae4
Phk/arZtMc1/Yjt+cVvBUpUOZHfMjmVb/wgYXul3qzmpfD5hQlb9g+UzObgs0XdD
lZHcNoeMoRPYHJ8CSKfl8O183WFlgjRZzbiJe/S0bnBH+VAi9E+D3dJwlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKqQiNL3Kr0Hzqwsu8Q2wJRnzIsMB8GA1UdIwQY
MBaAFDaU/Ma/aodA+ngUZB/Z1uyNhi5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUt
MGQzZmNlNDI5YmRlLzEvOHFwQ0kwdmNxdlFmT3JDeTd4RGJBbEdmTWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUtMGQzZmNlNDI5YmRl
LzEvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuXFCMA0G
CSqGSIb3DQEBCwUAA4IBAQDDJh/8LL+Kv/5KO4NuA42RY/C9YesOvGuocCV3tB6K
RSAIXvqZDVQHRdUOvHCWT7/AKoXvSM6iB+MzMHEEwXFHXIOoBnMPL0GndlzWa9er
Wh7h/maBkNYBjQVnVxc61hH4lc6uPZMApEyeOUEy2i3ZS1LuNRdVOXZqpwEgMMVn
7w5DhkQU9u3X72QsNlGpQqSO+wU5wz3TfjoaF1462QUAcKoRj/1VS8cjbmHcpP6X
pmsw2AwCcxoYC1XArnZdzpDQ1hBrAM9xdftOZnQYQxvIVuReVwAoTnxnYlBE4eTh
2krm0dDiTmxTfwr8YfRhlqvwv2Y+pJ80UbTHKu9gFR0c
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:11 2025 by rpki-client