Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/d1245c-02cf-48b5-9e42-89753f2b47dc/1/1g85YJKV8Mi-kt63aJE8_emVTKI.roa
File: 1g85YJKV8Mi-kt63aJE8_emVTKI.roa (raw, json)
Hash identifier: c9wij0uWlYCvDAaMNliyaA/wCwTZd3wf6CO7J6BFfUY=
Subject key identifier: D6:0F:39:60:92:95:F0:C8:BE:92:DE:B7:68:91:3C:FD:E9:95:4C:A2
Certificate issuer: /CN=3bca34a3034177d084338d33b089b7e03cca3a8a
Certificate serial: 018CC6B840924B7E13B41C5CF4AA8538D573
Authority key identifier: 3B:CA:34:A3:03:41:77:D0:84:33:8D:33:B0:89:B7:E0:3C:CA:3A:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O8o0owNBd9CEM40zsIm34DzKOoo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/d1245c-02cf-48b5-9e42-89753f2b47dc/1/1g85YJKV8Mi-kt63aJE8_emVTKI.roa
Signing time: Mon 01 Jan 2024 20:30:13 +0000
ROA not before: Mon 01 Jan 2024 20:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13289
IP address blocks: 82.212.224.0/19 maxlen: 19
185.111.34.0/23 maxlen: 23
2a00:cb0:8000::/34 maxlen: 34
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:40:92:4b:7e:13:b4:1c:5c:f4:aa:85:38:d5:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bca34a3034177d084338d33b089b7e03cca3a8a
Validity
Not Before: Jan 1 20:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d60f39609295f0c8be92deb768913cfde9954ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fe:cb:56:f9:3f:e8:1f:08:b3:39:dd:99:5b:
84:5c:a9:05:f9:ba:96:c1:83:41:a2:59:30:4a:35:
bb:98:38:8d:ff:d0:91:65:03:fa:eb:6d:ea:b8:e5:
52:5c:b3:b9:09:50:80:a6:91:c5:76:38:fd:25:4c:
38:8f:e4:64:8f:b2:2d:70:c7:79:f2:35:ed:fc:f1:
ba:dd:3e:37:92:c4:be:10:fc:a6:da:09:22:8a:12:
22:46:40:6b:8e:4c:b0:e5:53:63:55:8f:a2:60:9e:
0a:7a:d6:72:37:56:7a:b6:66:74:15:bd:ad:84:1b:
80:dc:25:b4:db:57:fa:63:b5:33:32:0c:d5:c7:ed:
2f:aa:e4:f8:11:f5:34:73:31:2d:14:fe:d7:e7:5c:
f5:a3:39:59:d6:c4:49:6d:e3:d4:d9:e7:a4:c4:7b:
a9:b2:e5:50:ec:05:cb:43:fe:6f:79:60:b5:98:38:
31:ef:7d:87:52:5b:3a:09:0b:74:54:9d:f7:be:e3:
04:52:82:b1:92:7d:ed:04:5a:0d:1a:27:54:4f:c5:
e4:e7:a3:5e:e6:f2:9a:35:af:3b:ad:0f:b0:f1:dd:
d0:d7:fa:67:ca:3b:75:28:d5:cd:f1:d4:59:ea:e0:
fe:1c:8d:f1:a8:cb:c9:7c:48:69:d6:b8:6a:b5:96:
d4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:0F:39:60:92:95:F0:C8:BE:92:DE:B7:68:91:3C:FD:E9:95:4C:A2
X509v3 Authority Key Identifier:
keyid:3B:CA:34:A3:03:41:77:D0:84:33:8D:33:B0:89:B7:E0:3C:CA:3A:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8o0owNBd9CEM40zsIm34DzKOoo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d1245c-02cf-48b5-9e42-89753f2b47dc/1/1g85YJKV8Mi-kt63aJE8_emVTKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d1245c-02cf-48b5-9e42-89753f2b47dc/1/O8o0owNBd9CEM40zsIm34DzKOoo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.212.224.0/19
185.111.34.0/23
IPv6:
2a00:cb0:8000::/34
Signature Algorithm: sha256WithRSAEncryption
2d:25:53:6d:6f:c5:f0:5b:01:da:d5:6f:0b:b1:2e:a0:62:6f:
f7:33:0a:e3:d8:81:43:4a:53:d4:af:86:c2:4c:ec:65:f5:7a:
74:36:06:7f:f9:63:b4:78:3f:6d:f0:f4:3d:93:e8:08:bc:a7:
f4:36:3c:da:49:01:72:cb:b3:da:a5:a0:fe:ae:93:d9:fb:42:
fa:12:69:21:15:22:bf:67:12:49:a9:49:93:22:d7:25:0a:70:
a8:36:02:77:a7:6c:c0:10:15:21:22:e2:6a:dd:07:a8:6a:6b:
03:1e:19:ee:a6:e0:0a:9f:43:cc:2a:ae:3b:0b:a2:5b:71:86:
00:94:15:f4:20:fd:2b:a8:52:e8:33:61:57:49:be:9b:7a:cc:
39:5d:22:07:c1:58:dc:2c:da:a5:74:1b:b7:fc:68:70:4f:0d:
7c:cb:dc:06:b3:ea:24:0d:f0:75:a2:88:6b:89:5c:3e:ed:b3:
7c:50:b0:d8:aa:67:36:07:a7:a9:6a:f4:0d:07:0c:d0:f5:ed:
47:6f:fb:df:2c:60:b6:31:02:9f:56:eb:07:47:63:b7:3c:09:
12:f8:26:e3:f4:c6:06:3d:a3:ec:2a:43:88:85:14:67:3c:5e:
44:5d:13:1f:d8:e5:f5:fa:3d:54:d2:71:72:3c:37:73:d2:d5:
29:2c:76:4c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzGuECSS34TtBxc9KqFONVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiY2EzNGEzMDM0MTc3ZDA4NDMzOGQzM2IwODliN2UwM2Nj
YTNhOGEwHhcNMjQwMTAxMjAzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjBmMzk2MDkyOTVmMGM4YmU5MmRlYjc2ODkxM2NmZGU5OTU0Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/7LVvk/6B8IszndmVuEXKkF+bqW
wYNBolkwSjW7mDiN/9CRZQP6623quOVSXLO5CVCAppHFdjj9JUw4j+Rkj7ItcMd5
8jXt/PG63T43ksS+EPym2gkiihIiRkBrjkyw5VNjVY+iYJ4KetZyN1Z6tmZ0Fb2t
hBuA3CW021f6Y7UzMgzVx+0vquT4EfU0czEtFP7X51z1ozlZ1sRJbePU2eekxHup
suVQ7AXLQ/5veWC1mDgx732HUls6CQt0VJ33vuMEUoKxkn3tBFoNGidUT8Xk56Ne
5vKaNa87rQ+w8d3Q1/pnyjt1KNXN8dRZ6uD+HI3xqMvJfEhp1rhqtZbUqwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNYPOWCSlfDIvpLet2iRPP3plUyiMB8GA1UdIwQY
MBaAFDvKNKMDQXfQhDONM7CJt+A8yjqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzhvMG93TkJkOUNFTTQwenNJbTM0RHpLT29vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9kMTI0NWMtMDJjZi00OGI1LTllNDIt
ODk3NTNmMmI0N2RjLzEvMWc4NVlKS1Y4TWkta3Q2M2FKRThfZW1WVEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9kMTI0NWMtMDJjZi00OGI1LTllNDItODk3NTNmMmI0N2Rj
LzEvTzhvMG93TkJkOUNFTTQwenNJbTM0RHpLT29vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQFUtTgAwQB
uW8iMA4EAgACMAgDBgYqAAywgDANBgkqhkiG9w0BAQsFAAOCAQEALSVTbW/F8FsB
2tVvC7EuoGJv9zMK49iBQ0pT1K+GwkzsZfV6dDYGf/ljtHg/bfD0PZPoCLyn9DY8
2kkBcsuz2qWg/q6T2ftC+hJpIRUiv2cSSalJkyLXJQpwqDYCd6dswBAVISLiat0H
qGprAx4Z7qbgCp9DzCquOwuiW3GGAJQV9CD9K6hS6DNhV0m+m3rMOV0iB8FY3Cza
pXQbt/xocE8NfMvcBrPqJA3wdaKIa4lcPu2zfFCw2KpnNgenqWr0DQcM0PXtR2/7
3yxgtjECn1brB0djtzwJEvgm4/TGBj2j7CpDiIUUZzxeRF0TH9jl9fo9VNJxcjw3
c9LVKSx2TA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:29 2025 by rpki-client