Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/yKa16hm2ff-Ca3Sx-UbTaOCD05E.roa
File: yKa16hm2ff-Ca3Sx-UbTaOCD05E.roa (raw, json)
Hash identifier: 3HR4qTMsAPkvFWmMyqpaM7lK1f7bFMIjx4Gl++XMPUk=
Subject key identifier: C8:A6:B5:EA:19:B6:7D:FF:82:6B:74:B1:F9:46:D3:68:E0:83:D3:91
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 0192328B3DD606377BCCD761B70174C13A48
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/yKa16hm2ff-Ca3Sx-UbTaOCD05E.roa
Signing time: Fri 27 Sep 2024 08:13:58 +0000
ROA not before: Fri 27 Sep 2024 08:13:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57111
IP address blocks: 185.103.112.0/22 maxlen: 24
185.199.24.0/22 maxlen: 24
185.204.132.0/22 maxlen: 24
2a0a:9440::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:32:8b:3d:d6:06:37:7b:cc:d7:61:b7:01:74:c1:3a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Sep 27 08:13:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8a6b5ea19b67dff826b74b1f946d368e083d391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:51:98:7a:53:51:73:7c:01:24:16:8d:12:bf:
88:ed:f3:2a:0e:a6:da:eb:ae:5b:56:1f:b6:21:4a:
5e:28:db:d6:74:82:50:72:ce:e3:e8:dd:a6:18:a0:
c9:41:69:66:d5:5a:c9:af:3f:9e:af:49:dc:08:1a:
0a:94:a9:9e:09:3b:5d:27:46:73:b6:1f:37:e0:8b:
6d:85:6c:78:6d:27:4c:3b:c5:ae:5c:ff:f1:e8:22:
52:1a:40:c7:f3:80:af:13:3f:be:a0:3d:53:4d:0b:
5b:60:02:27:81:19:49:ed:6e:80:0b:8f:ad:13:ed:
5a:cf:c7:cc:b7:e9:e7:17:b4:bd:47:6e:32:de:3e:
b1:f7:7f:2a:5c:15:4a:a5:ba:72:ea:26:ef:1d:31:
ec:8a:d3:9a:33:cd:f5:8f:f3:46:47:1a:c5:71:cc:
dc:c7:1a:1c:c3:38:b1:ad:be:4e:f4:a5:97:ae:6f:
40:7c:ec:2b:57:b5:03:f2:aa:91:34:71:3f:78:26:
53:67:a0:12:9c:7b:cb:57:cd:54:b7:4f:9e:fb:8e:
4d:77:4e:42:1c:b4:a1:a7:4a:4a:49:68:4c:28:38:
6f:2d:23:61:48:18:84:ed:39:91:09:27:56:2d:7a:
ca:dd:5b:b3:a5:52:0a:a5:10:92:fb:1d:a0:dd:c6:
9c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A6:B5:EA:19:B6:7D:FF:82:6B:74:B1:F9:46:D3:68:E0:83:D3:91
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/yKa16hm2ff-Ca3Sx-UbTaOCD05E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.112.0/22
185.199.24.0/22
185.204.132.0/22
IPv6:
2a0a:9440::/29
Signature Algorithm: sha256WithRSAEncryption
81:22:b2:b5:89:b7:c6:dd:e7:48:70:97:0c:92:85:67:09:aa:
81:f7:76:c9:4a:6f:84:c0:1f:46:93:5a:f6:19:58:a5:76:6e:
97:26:5a:fe:fd:11:b7:fd:d3:9c:67:0d:5b:08:f7:07:95:54:
93:c8:a4:a8:84:59:d5:cd:fd:d3:2f:65:71:e0:09:25:1e:15:
43:84:ed:b3:e1:01:50:64:ba:54:8e:35:2e:ce:f9:2e:53:3f:
ec:c1:21:ce:91:f5:81:67:4d:35:55:fa:d9:a0:90:fb:80:7c:
68:a5:bb:c7:78:00:ad:52:5e:aa:0b:6d:c0:99:62:e5:b6:8c:
bd:08:35:a2:4c:72:17:66:86:03:c3:d3:d0:d5:45:07:03:ff:
ba:7e:5a:b0:37:f6:f5:23:1d:87:97:52:86:d7:fa:c4:46:ff:
86:78:c1:7d:69:3d:2f:82:30:3e:6f:e2:cb:b4:82:e9:f8:77:
17:04:2c:4f:19:bf:f7:3c:a8:af:c0:98:3d:46:1e:ef:2b:b6:
c6:ea:ef:4c:fd:a3:2a:5f:6f:0e:d3:21:7c:32:f7:20:90:b0:
1b:3b:eb:e5:83:2d:78:b9:9a:25:0d:c6:b1:6f:dc:c6:9d:e6:
31:f6:91:b2:42:8d:ce:d1:d0:4b:28:3c:22:e3:d1:df:6b:81:
b0:ab:cd:8b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZIyiz3WBjd7zNdhtwF0wTpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjQwOTI3MDgxMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGE2YjVlYTE5YjY3ZGZmODI2Yjc0YjFmOTQ2ZDM2OGUwODNkMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVGYelNRc3wBJBaNEr+I7fMqDqba
665bVh+2IUpeKNvWdIJQcs7j6N2mGKDJQWlm1VrJrz+er0ncCBoKlKmeCTtdJ0Zz
th834ItthWx4bSdMO8WuXP/x6CJSGkDH84CvEz++oD1TTQtbYAIngRlJ7W6AC4+t
E+1az8fMt+nnF7S9R24y3j6x938qXBVKpbpy6ibvHTHsitOaM831j/NGRxrFcczc
xxocwzixrb5O9KWXrm9AfOwrV7UD8qqRNHE/eCZTZ6ASnHvLV81Ut0+e+45Nd05C
HLShp0pKSWhMKDhvLSNhSBiE7TmRCSdWLXrK3VuzpVIKpRCS+x2g3cacSwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMimteoZtn3/gmt0sflG02jgg9ORMB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEveUthMTZobTJmZi1DYTNTeC1VYlRhT0NEMDVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWdwAwQC
uccYAwQCucyEMA0EAgACMAcDBQMqCpRAMA0GCSqGSIb3DQEBCwUAA4IBAQCBIrK1
ibfG3edIcJcMkoVnCaqB93bJSm+EwB9Gk1r2GVildm6XJlr+/RG3/dOcZw1bCPcH
lVSTyKSohFnVzf3TL2Vx4AklHhVDhO2z4QFQZLpUjjUuzvkuUz/swSHOkfWBZ001
VfrZoJD7gHxopbvHeACtUl6qC23AmWLltoy9CDWiTHIXZoYDw9PQ1UUHA/+6flqw
N/b1Ix2Hl1KG1/rERv+GeMF9aT0vgjA+b+LLtILp+HcXBCxPGb/3PKivwJg9Rh7v
K7bG6u9M/aMqX28O0yF8MvcgkLAbO+vlgy14uZolDcaxb9zGneYx9pGyQo3O0dBL
KDwi49Hfa4Gwq82L
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:31 2025 by rpki-client