Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a5d00d-6266-46ea-bc8c-4182bedb98a1/1/2IoFO6g5T6jAKewxA_kqSnimyLY.roa
File: 2IoFO6g5T6jAKewxA_kqSnimyLY.roa (raw, json)
Hash identifier: LqXDkV9kfzn4G3cp4b86a2rg1R8d5+3Se9ra66jlTa4=
Subject key identifier: D8:8A:05:3B:A8:39:4F:A8:C0:29:EC:31:03:F9:2A:4A:78:A6:C8:B6
Certificate issuer: /CN=49d8663d3b969e0253a26d5425bee1c5d443b361
Certificate serial: 018CC56E0AF86F85A311079C5A6C76196835
Authority key identifier: 49:D8:66:3D:3B:96:9E:02:53:A2:6D:54:25:BE:E1:C5:D4:43:B3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SdhmPTuWngJTom1UJb7hxdRDs2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a5d00d-6266-46ea-bc8c-4182bedb98a1/1/2IoFO6g5T6jAKewxA_kqSnimyLY.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31726
IP address blocks: 185.117.192.0/22 maxlen: 22
2a06:8600::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0a:f8:6f:85:a3:11:07:9c:5a:6c:76:19:68:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49d8663d3b969e0253a26d5425bee1c5d443b361
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d88a053ba8394fa8c029ec3103f92a4a78a6c8b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:dd:24:f7:f2:0f:4b:cb:e1:86:19:c2:9a:10:
23:23:10:c8:3e:df:75:cc:f2:5b:87:8b:9d:ba:bb:
9e:d4:90:1f:a6:f6:67:64:05:20:50:3a:1b:f8:0a:
e3:3d:41:35:51:de:4f:05:d7:75:d3:c5:26:a2:8e:
9a:28:ea:73:2d:72:e2:87:a4:06:31:90:48:eb:0e:
71:2a:e1:a4:77:5c:a0:08:5f:4d:09:f1:57:19:bd:
a4:6e:6d:1c:b5:da:70:b0:ec:ae:ed:12:c0:a9:12:
aa:5e:7b:5c:7c:a5:53:04:33:40:55:6c:2d:cf:5b:
4b:a0:16:3f:5c:f3:0a:57:12:c3:e7:3c:59:53:c5:
ab:33:86:bb:d0:38:31:fc:1a:98:6a:ee:01:ce:64:
19:82:59:21:f1:77:6c:72:d8:35:d0:35:bd:39:b7:
ca:ef:52:09:d5:cd:67:47:6a:de:73:21:0d:85:3c:
d5:96:18:0c:09:a1:88:a8:48:19:e6:fe:8d:25:43:
21:8b:13:10:64:a9:0a:62:dc:12:fd:e5:29:af:32:
6e:ff:5d:55:cf:94:a8:69:8e:fa:1c:f4:38:5c:7a:
c4:ea:7a:2b:24:dc:78:d0:a4:96:9e:b1:1c:e1:ed:
0b:87:c7:ed:8e:1e:fd:45:c3:98:4f:f3:b2:fc:8e:
7e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:8A:05:3B:A8:39:4F:A8:C0:29:EC:31:03:F9:2A:4A:78:A6:C8:B6
X509v3 Authority Key Identifier:
keyid:49:D8:66:3D:3B:96:9E:02:53:A2:6D:54:25:BE:E1:C5:D4:43:B3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SdhmPTuWngJTom1UJb7hxdRDs2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a5d00d-6266-46ea-bc8c-4182bedb98a1/1/2IoFO6g5T6jAKewxA_kqSnimyLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a5d00d-6266-46ea-bc8c-4182bedb98a1/1/SdhmPTuWngJTom1UJb7hxdRDs2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.192.0/22
IPv6:
2a06:8600::/29
Signature Algorithm: sha256WithRSAEncryption
a0:5e:b8:11:3d:ff:f9:33:40:6c:99:3e:78:b8:35:d5:a5:2e:
f1:55:cb:b3:f6:e1:c1:d2:f6:de:1e:bd:25:01:98:3c:f8:6f:
32:db:eb:22:2d:fc:8c:6a:e7:2e:f7:54:ae:1c:7a:9a:e1:da:
ea:94:b1:b6:31:43:4c:29:5a:95:0d:d8:64:89:76:30:0f:a7:
f0:9e:ac:ff:eb:cb:fc:62:70:b6:64:81:9d:b0:c4:09:db:4c:
55:79:a5:88:63:17:a3:58:48:5a:a5:d6:cd:a6:78:8b:af:84:
95:91:78:98:1e:c3:a5:9c:b7:7e:16:95:10:5f:d8:6f:a4:60:
18:fc:97:e4:3e:4a:b2:d7:41:d3:d0:1f:68:44:d9:81:8a:b2:
b4:b8:ee:ef:60:c1:c6:ee:41:7c:99:a9:f3:88:c9:69:95:74:
ed:1a:78:e8:56:c1:c7:d7:d9:e9:06:dd:48:c8:d5:66:9f:64:
9c:a5:9c:73:65:34:51:41:84:51:8d:f1:2a:f8:c8:d0:78:de:
f1:1b:fb:29:70:d9:3b:22:0e:5c:2d:8f:8e:46:8c:fe:6e:ba:
eb:ee:e9:4a:37:92:97:9d:88:2f:6e:8a:f8:84:c0:ae:4c:7d:
9e:ed:be:88:4e:82:2f:7c:73:83:4e:db:be:df:aa:6e:f2:dd:
fd:10:d8:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbgr4b4WjEQecWmx2GWg1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZDg2NjNkM2I5NjllMDI1M2EyNmQ1NDI1YmVlMWM1ZDQ0
M2IzNjEwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODhhMDUzYmE4Mzk0ZmE4YzAyOWVjMzEwM2Y5MmE0YTc4YTZjOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid0k9/IPS8vhhhnCmhAjIxDIPt91
zPJbh4udurue1JAfpvZnZAUgUDob+ArjPUE1Ud5PBdd108Umoo6aKOpzLXLih6QG
MZBI6w5xKuGkd1ygCF9NCfFXGb2kbm0ctdpwsOyu7RLAqRKqXntcfKVTBDNAVWwt
z1tLoBY/XPMKVxLD5zxZU8WrM4a70Dgx/BqYau4BzmQZglkh8Xdsctg10DW9ObfK
71IJ1c1nR2recyENhTzVlhgMCaGIqEgZ5v6NJUMhixMQZKkKYtwS/eUprzJu/11V
z5SoaY76HPQ4XHrE6norJNx40KSWnrEc4e0Lh8ftjh79RcOYT/Oy/I5+ZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNiKBTuoOU+owCnsMQP5Kkp4psi2MB8GA1UdIwQY
MBaAFEnYZj07lp4CU6JtVCW+4cXUQ7NhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2RobVBUdVduZ0pUb20xVUpiN2h4ZFJEczJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNWQwMGQtNjI2Ni00NmVhLWJjOGMt
NDE4MmJlZGI5OGExLzEvMklvRk82ZzVUNmpBS2V3eEFfa3FTbmlteUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNWQwMGQtNjI2Ni00NmVhLWJjOGMtNDE4MmJlZGI5OGEx
LzEvU2RobVBUdVduZ0pUb20xVUpiN2h4ZFJEczJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXXAMA0E
AgACMAcDBQMqBoYAMA0GCSqGSIb3DQEBCwUAA4IBAQCgXrgRPf/5M0BsmT54uDXV
pS7xVcuz9uHB0vbeHr0lAZg8+G8y2+siLfyMaucu91SuHHqa4drqlLG2MUNMKVqV
DdhkiXYwD6fwnqz/68v8YnC2ZIGdsMQJ20xVeaWIYxejWEhapdbNpniLr4SVkXiY
HsOlnLd+FpUQX9hvpGAY/JfkPkqy10HT0B9oRNmBirK0uO7vYMHG7kF8manziMlp
lXTtGnjoVsHH19npBt1IyNVmn2ScpZxzZTRRQYRRjfEq+MjQeN7xG/spcNk7Ig5c
LY+ORoz+brrr7ulKN5KXnYgvbor4hMCuTH2e7b6IToIvfHODTtu+36pu8t39ENj6
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:01 2025 by rpki-client