Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/KBTSSCEN7mOGE0AUFVynJt-PbG0.roa
File: KBTSSCEN7mOGE0AUFVynJt-PbG0.roa (raw, json)
Hash identifier: 4oFud3dAl/cpYLntObmI+8ugV1LZ9Vu7l3PuDiWugqg=
Subject key identifier: 28:14:D2:48:21:0D:EE:63:86:13:40:14:15:5C:A7:26:DF:8F:6C:6D
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 018CC6B93A1902036D6BCA2436A53CCE99C0
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/KBTSSCEN7mOGE0AUFVynJt-PbG0.roa
Signing time: Mon 01 Jan 2024 20:31:16 +0000
ROA not before: Mon 01 Jan 2024 20:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57705
IP address blocks: 85.187.43.0/24 maxlen: 24
85.187.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3a:19:02:03:6d:6b:ca:24:36:a5:3c:ce:99:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 1 20:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2814d248210dee6386134014155ca726df8f6c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:85:61:fa:fd:77:53:f0:78:8e:a2:f0:df:c7:
e4:f5:ca:e6:51:e9:76:d8:64:45:9c:c9:6f:50:67:
a1:dc:d6:4d:ea:50:3b:bf:5b:18:ad:3f:70:9f:9d:
a9:9f:86:2a:2b:be:7f:04:97:59:6b:df:08:01:2e:
42:50:0e:05:c2:08:54:32:67:6d:f4:b5:f0:e9:a9:
91:ef:8d:e7:d4:b2:35:b7:84:83:1d:4c:a9:e7:c1:
9d:14:0a:2f:7e:27:3f:5a:c4:34:27:c7:a7:80:12:
67:fa:c9:a4:86:d8:2a:e4:f8:9e:18:bc:a6:d1:06:
c0:32:c6:34:42:41:d2:84:6a:73:6c:2e:1b:9b:74:
24:b5:f1:06:7a:1d:51:4b:ff:df:a8:cb:a9:70:a6:
64:f9:fe:ca:72:29:74:74:ef:52:c0:10:15:44:aa:
a3:dc:09:b9:4c:68:2c:d5:53:1f:37:7c:ef:b9:a3:
f6:9f:cf:16:c4:04:41:94:2d:e3:84:ee:d4:b6:9d:
94:1b:f8:50:e6:38:34:75:3a:66:41:58:d6:0f:c5:
f0:84:2c:10:0b:d4:d4:47:9e:b0:42:cf:91:ad:57:
ff:55:41:30:fb:9b:26:a2:e5:b6:17:a9:17:d2:bd:
ca:7e:29:f9:a2:70:85:dc:31:6e:cc:d2:f6:86:6c:
be:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:14:D2:48:21:0D:EE:63:86:13:40:14:15:5C:A7:26:DF:8F:6C:6D
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/KBTSSCEN7mOGE0AUFVynJt-PbG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.17.0/24
85.187.43.0/24
Signature Algorithm: sha256WithRSAEncryption
af:19:71:98:ab:68:c2:cf:0e:67:67:4b:f4:89:aa:b9:39:9c:
5d:e8:74:04:bc:18:e4:47:3a:8c:96:02:f5:2a:62:0d:16:1c:
41:53:74:94:8f:4f:77:04:bf:33:25:f5:b4:75:19:3f:bc:01:
d1:b6:e5:60:63:83:78:df:4e:42:33:8b:1a:cf:b6:66:b4:4b:
d9:f0:1e:2a:69:1d:a8:45:7f:7e:f7:6e:0d:18:5b:57:f9:5a:
3e:b5:75:1d:c0:92:a3:6b:28:c6:51:ce:6a:f0:00:82:4b:c8:
15:b9:e4:28:3c:eb:6f:1e:80:b0:ba:94:7f:7a:e9:ad:90:90:
a8:c0:03:ce:4e:09:7f:1f:1f:b3:b2:9c:30:81:69:5b:cd:71:
1c:05:07:91:ee:98:4f:24:01:21:46:3c:f5:5f:59:60:20:72:
98:b3:62:dc:81:c4:cb:05:a1:60:fc:15:8f:a3:ec:8c:d8:26:
c2:34:c4:34:a1:77:9c:ff:3c:d1:d4:d2:29:4f:41:ac:7c:50:
e0:74:a9:eb:35:56:70:59:4c:9e:cd:71:ef:07:c2:30:16:b3:
45:28:b9:4c:8a:b6:b3:86:c0:d5:30:71:69:7d:72:54:4a:29:
93:7d:f7:d6:5c:66:a0:26:3a:10:1a:a4:a6:c2:53:f3:e1:80:
65:50:74:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuToZAgNta8okNqU8zpnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwMTAxMjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODE0ZDI0ODIxMGRlZTYzODYxMzQwMTQxNTVjYTcyNmRmOGY2YzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6YVh+v13U/B4jqLw38fk9crmUel2
2GRFnMlvUGeh3NZN6lA7v1sYrT9wn52pn4YqK75/BJdZa98IAS5CUA4FwghUMmdt
9LXw6amR743n1LI1t4SDHUyp58GdFAovfic/WsQ0J8engBJn+smkhtgq5PieGLym
0QbAMsY0QkHShGpzbC4bm3QktfEGeh1RS//fqMupcKZk+f7Kcil0dO9SwBAVRKqj
3Am5TGgs1VMfN3zvuaP2n88WxARBlC3jhO7Utp2UG/hQ5jg0dTpmQVjWD8XwhCwQ
C9TUR56wQs+RrVf/VUEw+5smouW2F6kX0r3Kfin5onCF3DFuzNL2hmy+CQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCgU0kghDe5jhhNAFBVcpybfj2xtMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvS0JUU1NDRU43bU9HRTBBVUZWeW5KdC1QYkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVbsRAwQA
VbsrMA0GCSqGSIb3DQEBCwUAA4IBAQCvGXGYq2jCzw5nZ0v0iaq5OZxd6HQEvBjk
RzqMlgL1KmINFhxBU3SUj093BL8zJfW0dRk/vAHRtuVgY4N4305CM4saz7ZmtEvZ
8B4qaR2oRX9+924NGFtX+Vo+tXUdwJKjayjGUc5q8ACCS8gVueQoPOtvHoCwupR/
eumtkJCowAPOTgl/Hx+zspwwgWlbzXEcBQeR7phPJAEhRjz1X1lgIHKYs2LcgcTL
BaFg/BWPo+yM2CbCNMQ0oXec/zzR1NIpT0GsfFDgdKnrNVZwWUyezXHvB8IwFrNF
KLlMirazhsDVMHFpfXJUSimTfffWXGagJjoQGqSmwlPz4YBlUHSy
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:53:53 2025 by rpki-client