Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/4d1696-3341-4ddb-8e23-34e2279be765/1/cPhkDjJgh31RBIH0SoBmiiIkClQ.roa
File: cPhkDjJgh31RBIH0SoBmiiIkClQ.roa (raw, json)
Hash identifier: KcmtOfR9kAyvlIP65rwL9eK9sUjmjt+aJOeRyn5SwQ0=
Subject key identifier: 70:F8:64:0E:32:60:87:7D:51:04:81:F4:4A:80:66:8A:22:24:0A:54
Certificate issuer: /CN=cb12d8ba2e0894dd06ca143a5517234e584af8c7
Certificate serial: 01921494CB6814A9261742CB317A6CD45089
Authority key identifier: CB:12:D8:BA:2E:08:94:DD:06:CA:14:3A:55:17:23:4E:58:4A:F8:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxLYui4IlN0GyhQ6VRcjTlhK-Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/4d1696-3341-4ddb-8e23-34e2279be765/1/cPhkDjJgh31RBIH0SoBmiiIkClQ.roa
Signing time: Sat 21 Sep 2024 12:35:48 +0000
ROA not before: Sat 21 Sep 2024 12:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39512
IP address blocks: 81.24.208.0/20 maxlen: 20
2a00:c200::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:14:94:cb:68:14:a9:26:17:42:cb:31:7a:6c:d4:50:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb12d8ba2e0894dd06ca143a5517234e584af8c7
Validity
Not Before: Sep 21 12:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70f8640e3260877d510481f44a80668a22240a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:21:55:c8:cd:7e:c3:40:cf:67:2a:a8:ca:d5:
7a:58:35:63:ea:d5:8f:00:22:e8:cf:69:86:af:63:
bb:d2:81:7a:a7:2f:89:7f:f5:a7:31:dd:ab:eb:58:
fa:2c:bf:70:42:c6:a4:13:34:90:f6:7a:31:7e:8c:
e7:b7:bf:d4:e5:e9:9d:32:a8:64:89:90:84:b1:72:
bf:27:12:45:49:9b:80:67:c5:5c:65:e9:65:1d:0e:
10:38:a0:e0:2e:42:79:e1:3d:a0:56:91:25:68:f5:
fa:4d:2a:f6:2e:b0:ae:4a:f1:23:01:3a:6e:17:2c:
0c:01:f7:5b:ea:a7:01:bc:be:d4:39:df:e9:1a:fc:
2a:65:ce:32:42:2e:59:12:41:45:65:30:6d:47:58:
95:df:16:50:79:32:3e:a4:ff:c4:28:a9:b0:6f:34:
69:fb:a0:69:1a:de:7e:1b:b3:1d:65:a2:a4:76:2b:
30:7c:78:58:ff:ff:bd:b3:b0:89:39:03:a6:61:f1:
1b:9d:57:3c:73:53:13:a0:96:7d:00:89:94:38:e5:
14:b6:84:0e:e1:28:58:de:3f:5b:91:a6:66:7f:3d:
f8:39:85:e2:95:57:ac:6e:bf:85:e9:39:d4:12:5b:
74:24:2b:87:9a:a2:14:01:8e:4c:69:66:f3:6d:86:
4f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F8:64:0E:32:60:87:7D:51:04:81:F4:4A:80:66:8A:22:24:0A:54
X509v3 Authority Key Identifier:
keyid:CB:12:D8:BA:2E:08:94:DD:06:CA:14:3A:55:17:23:4E:58:4A:F8:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxLYui4IlN0GyhQ6VRcjTlhK-Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/4d1696-3341-4ddb-8e23-34e2279be765/1/cPhkDjJgh31RBIH0SoBmiiIkClQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/4d1696-3341-4ddb-8e23-34e2279be765/1/yxLYui4IlN0GyhQ6VRcjTlhK-Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.208.0/20
IPv6:
2a00:c200::/32
Signature Algorithm: sha256WithRSAEncryption
49:ef:e7:e3:ef:f8:2f:92:79:2a:ff:13:c7:2d:36:68:ed:72:
bb:99:17:22:8c:bb:32:0b:ba:1c:ba:5b:d1:b1:34:06:09:81:
57:3e:7e:65:66:f1:8c:74:0f:da:6a:da:97:45:b9:3d:3b:12:
a5:cf:ce:75:73:55:16:e6:1b:40:b6:27:6c:a9:b1:80:2c:6e:
5b:8a:5b:54:03:36:13:c9:69:a7:bf:c2:05:50:41:45:cb:eb:
d1:9c:b2:d2:57:fd:d3:5d:ef:f3:0c:7f:a8:e5:13:91:a1:5d:
4a:d2:75:6b:23:ee:ef:61:c5:ef:b1:7c:fc:e6:26:74:af:7a:
32:81:39:45:02:f4:84:e1:13:41:42:ba:56:81:09:6f:4a:75:
89:90:97:96:ee:7e:a4:5d:e2:c8:1a:f7:3b:56:8b:a8:e8:89:
f4:fe:9e:a6:7d:6b:48:84:8b:ee:79:5b:5b:51:c3:58:ce:f3:
40:cf:ad:ac:bb:53:ce:75:d9:4e:d0:5a:4a:d9:a5:fe:91:3d:
ad:2b:a7:05:00:41:38:81:30:ce:51:ae:7d:ea:00:3b:e2:e3:
72:9c:9e:7c:0c:b3:ae:2e:ab:12:95:81:17:d3:77:cc:96:12:
e3:b7:29:36:2c:4c:2b:c3:5f:9f:a8:0a:86:df:34:a2:da:28:
e0:77:6b:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZIUlMtoFKkmF0LLMXps1FCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTJkOGJhMmUwODk0ZGQwNmNhMTQzYTU1MTcyMzRlNTg0
YWY4YzcwHhcNMjQwOTIxMTIzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGY4NjQwZTMyNjA4NzdkNTEwNDgxZjQ0YTgwNjY4YTIyMjQwYTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiFVyM1+w0DPZyqoytV6WDVj6tWP
ACLoz2mGr2O70oF6py+Jf/WnMd2r61j6LL9wQsakEzSQ9noxfoznt7/U5emdMqhk
iZCEsXK/JxJFSZuAZ8VcZellHQ4QOKDgLkJ54T2gVpElaPX6TSr2LrCuSvEjATpu
FywMAfdb6qcBvL7UOd/pGvwqZc4yQi5ZEkFFZTBtR1iV3xZQeTI+pP/EKKmwbzRp
+6BpGt5+G7MdZaKkdiswfHhY//+9s7CJOQOmYfEbnVc8c1MToJZ9AImUOOUUtoQO
4ShY3j9bkaZmfz34OYXilVesbr+F6TnUElt0JCuHmqIUAY5MaWbzbYZP1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHD4ZA4yYId9UQSB9EqAZooiJApUMB8GA1UdIwQY
MBaAFMsS2LouCJTdBsoUOlUXI05YSvjHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhMWXVpNElsTjBHeWhRNlZSY2pUbGhLLU1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi80ZDE2OTYtMzM0MS00ZGRiLThlMjMt
MzRlMjI3OWJlNzY1LzEvY1Boa0RqSmdoMzFSQklIMFNvQm1paUlrQ2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi80ZDE2OTYtMzM0MS00ZGRiLThlMjMtMzRlMjI3OWJlNzY1
LzEveXhMWXVpNElsTjBHeWhRNlZSY2pUbGhLLU1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEURjQMA0E
AgACMAcDBQAqAMIAMA0GCSqGSIb3DQEBCwUAA4IBAQBJ7+fj7/gvknkq/xPHLTZo
7XK7mRcijLsyC7oculvRsTQGCYFXPn5lZvGMdA/aatqXRbk9OxKlz851c1UW5htA
tidsqbGALG5biltUAzYTyWmnv8IFUEFFy+vRnLLSV/3TXe/zDH+o5RORoV1K0nVr
I+7vYcXvsXz85iZ0r3oygTlFAvSE4RNBQrpWgQlvSnWJkJeW7n6kXeLIGvc7Vouo
6In0/p6mfWtIhIvueVtbUcNYzvNAz62su1POddlO0FpK2aX+kT2tK6cFAEE4gTDO
Ua596gA74uNynJ58DLOuLqsSlYEX03fMlhLjtyk2LEwrw1+fqAqG3zSi2ijgd2sD
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:35:31 2025 by rpki-client