Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/tvVmBokwmPtZUbK0bEwW9Q5YpQQ.roa
File: tvVmBokwmPtZUbK0bEwW9Q5YpQQ.roa (raw, json)
Hash identifier: axANsarz1ZUsjfMBbDNzNEHnnVX1Mzj/uswzI6s2GHw=
Subject key identifier: B6:F5:66:06:89:30:98:FB:59:51:B2:B4:6C:4C:16:F5:0E:58:A5:04
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 018CC94ACAB61559615E459E6CE8F236D0C3
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/tvVmBokwmPtZUbK0bEwW9Q5YpQQ.roa
Signing time: Tue 02 Jan 2024 08:29:31 +0000
ROA not before: Tue 02 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57111
IP address blocks: 185.103.112.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 27 Sep 2024 07:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:ca:b6:15:59:61:5e:45:9e:6c:e8:f2:36:d0:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Jan 2 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6f56606893098fb5951b2b46c4c16f50e58a504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fc:6d:d4:ec:07:84:02:f7:ee:f8:23:c2:ab:
9a:6b:c8:9e:ca:0d:bf:53:d0:ea:82:d4:e1:e9:ff:
5b:ba:d0:ab:0b:bf:3a:67:b1:8a:52:9b:a2:49:df:
82:a0:72:fb:3f:25:e8:a9:d4:ef:1d:67:80:44:c8:
5a:e7:89:68:62:fa:30:cc:50:a4:39:40:f6:b8:e4:
45:d1:0a:77:cd:c0:19:ac:6a:8a:93:71:e2:c3:0d:
6c:cb:ef:b7:91:dc:c5:50:b6:c9:76:fb:46:14:d4:
42:e5:25:26:d6:b7:49:71:55:b7:cd:97:ac:8c:7e:
a7:ac:20:0e:da:d3:9c:f2:0a:f7:85:2a:9b:9c:e7:
5d:96:05:b1:68:9d:5a:21:40:8f:03:2a:10:f9:99:
eb:f1:8f:3c:41:1f:20:a8:0d:93:3b:a7:b1:31:11:
c7:c9:ae:61:74:b9:c4:82:6c:2b:30:0f:1c:00:a2:
72:8a:ef:5d:f9:75:6d:24:b8:af:d6:1c:e8:16:dd:
de:3e:7d:09:ea:ec:1e:91:6b:47:f8:e7:fa:7a:47:
4f:d0:37:50:0e:ac:1c:82:32:e8:0c:fc:b5:a7:2e:
1e:b2:86:0c:b9:a5:4f:06:ab:39:a0:ca:56:10:90:
3e:3c:1d:b7:73:5d:2b:4a:21:d6:20:f3:a4:ce:b7:
30:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F5:66:06:89:30:98:FB:59:51:B2:B4:6C:4C:16:F5:0E:58:A5:04
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/tvVmBokwmPtZUbK0bEwW9Q5YpQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.112.0/22
Signature Algorithm: sha256WithRSAEncryption
90:61:94:dd:94:67:88:30:59:0d:d3:fb:ab:0d:e8:53:6c:09:
05:2d:f6:6c:fa:f3:c9:48:0c:a5:4a:c1:ce:34:d8:18:1c:5c:
ec:b5:42:19:31:6b:16:7c:28:df:90:8b:e4:66:d8:71:a3:d1:
bc:af:1f:26:f9:ea:f9:af:df:18:50:58:d3:54:22:cd:0f:b8:
6b:a8:af:7a:60:ad:7a:9a:18:3f:64:31:22:69:90:33:22:be:
c1:76:e0:1f:43:8d:9d:88:2a:28:17:9b:14:31:1a:49:93:fe:
e3:74:54:a8:bf:cb:1e:fb:bb:3a:02:b5:c2:93:e6:41:7b:03:
9c:88:95:29:1b:1f:2b:cb:2a:c2:a4:b7:f5:ef:2c:40:46:cb:
08:2e:01:4b:cc:70:b9:4a:3c:f3:69:d6:4b:c2:80:54:46:89:
f5:e8:3e:0c:57:5f:f1:00:43:5f:a4:6f:ea:de:24:2b:cc:ba:
7c:d6:8f:e2:b7:2f:9e:56:3e:94:da:3a:ba:97:9b:82:a2:04:
5f:de:2a:1c:a1:58:76:71:2a:54:b5:b8:48:1d:66:59:0c:2b:
1d:7d:c5:6f:99:fc:91:a7:83:9d:ac:31:db:a0:85:9c:e3:78:
de:88:dd:43:f7:d4:07:4f:3f:a8:c4:09:47:f2:92:0d:52:12:
36:6a:b1:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJSsq2FVlhXkWebOjyNtDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjQwMTAyMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmY1NjYwNjg5MzA5OGZiNTk1MWIyYjQ2YzRjMTZmNTBlNThhNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPxt1OwHhAL37vgjwquaa8ieyg2/
U9DqgtTh6f9butCrC786Z7GKUpuiSd+CoHL7PyXoqdTvHWeARMha54loYvowzFCk
OUD2uORF0Qp3zcAZrGqKk3Hiww1sy++3kdzFULbJdvtGFNRC5SUm1rdJcVW3zZes
jH6nrCAO2tOc8gr3hSqbnOddlgWxaJ1aIUCPAyoQ+Znr8Y88QR8gqA2TO6exMRHH
ya5hdLnEgmwrMA8cAKJyiu9d+XVtJLiv1hzoFt3ePn0J6uwekWtH+Of6ekdP0DdQ
DqwcgjLoDPy1py4esoYMuaVPBqs5oMpWEJA+PB23c10rSiHWIPOkzrcwmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLb1ZgaJMJj7WVGytGxMFvUOWKUEMB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvdHZWbUJva3dtUHRaVWJLMGJFd1c5UTVZcFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWdwMA0G
CSqGSIb3DQEBCwUAA4IBAQCQYZTdlGeIMFkN0/urDehTbAkFLfZs+vPJSAylSsHO
NNgYHFzstUIZMWsWfCjfkIvkZthxo9G8rx8m+er5r98YUFjTVCLND7hrqK96YK16
mhg/ZDEiaZAzIr7BduAfQ42diCooF5sUMRpJk/7jdFSov8se+7s6ArXCk+ZBewOc
iJUpGx8ryyrCpLf17yxARssILgFLzHC5SjzzadZLwoBURon16D4MV1/xAENfpG/q
3iQrzLp81o/ity+eVj6U2jq6l5uCogRf3iocoVh2cSpUtbhIHWZZDCsdfcVvmfyR
p4OdrDHboIWc43jeiN1D99QHTz+oxAlH8pINUhI2arE0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:12 2025 by rpki-client