Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e66f01-1d9d-4513-956a-f96bfb04e645/1/TfU2d4TFPFwgQgI0kY-LD7n2NV8.roa
File: TfU2d4TFPFwgQgI0kY-LD7n2NV8.roa (raw, json)
Hash identifier: sK0QjRw+rPZkQ1emq3BGagE4+cJ9ZYhQrhwr1TqIt7w=
Subject key identifier: 4D:F5:36:77:84:C5:3C:5C:20:42:02:34:91:8F:8B:0F:B9:F6:35:5F
Certificate issuer: /CN=65cd7803f41fe499e800664e0aacadee19b66d9d
Certificate serial: 018CC3491E22281E0410D5F8AFDBC2ACB622
Authority key identifier: 65:CD:78:03:F4:1F:E4:99:E8:00:66:4E:0A:AC:AD:EE:19:B6:6D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zc14A_Qf5JnoAGZOCqyt7hm2bZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/e66f01-1d9d-4513-956a-f96bfb04e645/1/TfU2d4TFPFwgQgI0kY-LD7n2NV8.roa
Signing time: Mon 01 Jan 2024 04:29:58 +0000
ROA not before: Mon 01 Jan 2024 04:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34622
IP address blocks: 85.197.128.0/18 maxlen: 18
2a05:e840::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1e:22:28:1e:04:10:d5:f8:af:db:c2:ac:b6:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65cd7803f41fe499e800664e0aacadee19b66d9d
Validity
Not Before: Jan 1 04:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4df5367784c53c5c20420234918f8b0fb9f6355f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ff:c8:b5:43:ff:4b:89:2a:57:75:b3:86:55:
90:90:8a:3c:ad:85:77:5d:a6:40:df:78:c7:0b:66:
32:87:75:97:1c:09:21:f0:04:aa:53:29:eb:2a:cc:
be:9a:3c:e7:89:ff:e3:1b:db:bf:f6:06:b2:22:8c:
27:d2:db:ac:8b:8e:28:c5:25:ee:dc:07:69:bb:eb:
79:28:c7:fe:28:6e:9f:eb:1b:f3:3a:18:45:72:1d:
8b:0a:e6:84:c4:ba:95:08:de:b4:15:21:ba:56:50:
85:b4:ac:56:40:8a:90:a6:39:6e:7f:37:40:68:81:
b4:95:27:fa:0d:6c:2f:f1:a8:26:d8:3e:1f:0d:ea:
5f:2d:48:00:9c:95:68:7b:6f:0f:cd:6a:eb:ee:a3:
b7:40:8d:b1:8b:44:5a:6d:11:82:99:de:d1:79:ec:
fc:b1:43:c8:11:d8:1b:b7:b2:5f:dc:36:dd:bc:9d:
63:2f:48:48:a1:ca:28:d3:ba:96:64:fd:ee:38:4a:
c2:84:ca:a5:9e:7b:18:66:82:0c:e1:e4:e6:73:3b:
b4:f6:b0:3e:45:58:2c:5b:df:0c:87:28:d2:83:73:
da:85:f8:4e:6a:5e:06:04:fb:e3:b3:81:64:aa:42:
e3:88:95:1e:43:ac:32:1c:90:22:e5:9b:e5:b8:d3:
d0:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F5:36:77:84:C5:3C:5C:20:42:02:34:91:8F:8B:0F:B9:F6:35:5F
X509v3 Authority Key Identifier:
keyid:65:CD:78:03:F4:1F:E4:99:E8:00:66:4E:0A:AC:AD:EE:19:B6:6D:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zc14A_Qf5JnoAGZOCqyt7hm2bZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e66f01-1d9d-4513-956a-f96bfb04e645/1/TfU2d4TFPFwgQgI0kY-LD7n2NV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e66f01-1d9d-4513-956a-f96bfb04e645/1/Zc14A_Qf5JnoAGZOCqyt7hm2bZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.197.128.0/18
IPv6:
2a05:e840::/29
Signature Algorithm: sha256WithRSAEncryption
38:41:3f:34:43:08:14:5a:37:ae:68:2e:02:49:1d:7d:b2:84:
a2:9b:04:c9:14:e1:bf:c4:25:e2:a0:1e:3c:e4:10:f1:66:fd:
79:ad:f6:f6:a2:e2:bf:49:2b:ca:b3:d0:d0:22:c1:f6:93:0e:
5c:47:59:39:32:28:fb:b9:11:98:fc:46:1e:71:52:59:fc:32:
b7:01:34:d3:72:66:b0:8a:4b:f2:71:00:47:20:eb:49:72:4f:
fc:34:26:f9:e8:09:7e:02:8e:05:ca:7a:bd:c1:89:5d:74:9d:
2a:c0:3f:8f:d5:82:00:9e:b9:3b:16:de:c4:87:54:73:03:ef:
58:81:36:03:2b:23:d9:e9:ec:84:71:ed:9d:6c:ac:cb:2b:78:
34:7f:3d:49:e3:fe:da:f6:d3:b1:c4:e7:e8:cb:17:40:1b:8a:
9c:d8:d8:8b:5d:11:e8:bb:33:b2:0c:7e:6a:0a:fa:9d:61:d5:
71:4d:fd:ed:2b:69:70:14:c1:b6:05:cd:a2:20:b9:e6:8f:23:
03:06:bc:e2:db:d6:22:42:39:51:a6:d3:2e:8c:d5:d5:39:2f:
67:b6:ef:ad:71:17:2c:e6:18:0b:bf:5f:2b:bc:c7:3e:ca:db:
85:6a:be:0e:37:39:a6:00:f5:be:8a:3c:30:dc:d4:ba:b5:5e:
8e:ef:61:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSR4iKB4EENX4r9vCrLYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1Y2Q3ODAzZjQxZmU0OTllODAwNjY0ZTBhYWNhZGVlMTli
NjZkOWQwHhcNMjQwMTAxMDQyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGY1MzY3Nzg0YzUzYzVjMjA0MjAyMzQ5MThmOGIwZmI5ZjYzNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf/ItUP/S4kqV3WzhlWQkIo8rYV3
XaZA33jHC2Yyh3WXHAkh8ASqUynrKsy+mjznif/jG9u/9gayIown0tusi44oxSXu
3Adpu+t5KMf+KG6f6xvzOhhFch2LCuaExLqVCN60FSG6VlCFtKxWQIqQpjlufzdA
aIG0lSf6DWwv8agm2D4fDepfLUgAnJVoe28PzWrr7qO3QI2xi0RabRGCmd7Reez8
sUPIEdgbt7Jf3DbdvJ1jL0hIocoo07qWZP3uOErChMqlnnsYZoIM4eTmczu09rA+
RVgsW98MhyjSg3PahfhOal4GBPvjs4FkqkLjiJUeQ6wyHJAi5ZvluNPQUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE31NneExTxcIEICNJGPiw+59jVfMB8GA1UdIwQY
MBaAFGXNeAP0H+SZ6ABmTgqsre4Ztm2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmMxNEFfUWY1Sm5vQUdaT0NxeXQ3aG0yYlowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9lNjZmMDEtMWQ5ZC00NTEzLTk1NmEt
Zjk2YmZiMDRlNjQ1LzEvVGZVMmQ0VEZQRndnUWdJMGtZLUxEN24yTlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9lNjZmMDEtMWQ5ZC00NTEzLTk1NmEtZjk2YmZiMDRlNjQ1
LzEvWmMxNEFfUWY1Sm5vQUdaT0NxeXQ3aG0yYlowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGVcWAMA0E
AgACMAcDBQMqBehAMA0GCSqGSIb3DQEBCwUAA4IBAQA4QT80QwgUWjeuaC4CSR19
soSimwTJFOG/xCXioB485BDxZv15rfb2ouK/SSvKs9DQIsH2kw5cR1k5Mij7uRGY
/EYecVJZ/DK3ATTTcmawikvycQBHIOtJck/8NCb56Al+Ao4Fynq9wYlddJ0qwD+P
1YIAnrk7Ft7Eh1RzA+9YgTYDKyPZ6eyEce2dbKzLK3g0fz1J4/7a9tOxxOfoyxdA
G4qc2NiLXRHouzOyDH5qCvqdYdVxTf3tK2lwFMG2Bc2iILnmjyMDBrzi29YiQjlR
ptMujNXVOS9ntu+tcRcs5hgLv18rvMc+ytuFar4ONzmmAPW+ijww3NS6tV6O72FI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:07 2025 by rpki-client