Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/p2WJvV3YceLAQCo-tgaKjrkRESY.roa
File: p2WJvV3YceLAQCo-tgaKjrkRESY.roa (raw, json)
Hash identifier: tH/14iPJdrNcmS71sWrOht1bJao8Jziw4A599XVVPtU=
Subject key identifier: A7:65:89:BD:5D:D8:71:E2:C0:40:2A:3E:B6:06:8A:8E:B9:11:11:26
Certificate issuer: /CN=7af57dd52c75fce39ffe2915469d9e656dbcb873
Certificate serial: 0193CF08B3DC60C9BA9A1E2233842F9B2551
Authority key identifier: 7A:F5:7D:D5:2C:75:FC:E3:9F:FE:29:15:46:9D:9E:65:6D:BC:B8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/p2WJvV3YceLAQCo-tgaKjrkRESY.roa
Signing time: Mon 16 Dec 2024 10:34:34 +0000
ROA not before: Mon 16 Dec 2024 10:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211261
IP address blocks: 185.204.200.0/24 maxlen: 24
185.204.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:08:b3:dc:60:c9:ba:9a:1e:22:33:84:2f:9b:25:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7af57dd52c75fce39ffe2915469d9e656dbcb873
Validity
Not Before: Dec 16 10:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a76589bd5dd871e2c0402a3eb6068a8eb9111126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b1:74:35:64:70:fb:19:2b:be:8e:21:67:9e:
0f:43:0a:1b:4e:e4:76:c8:c0:2c:72:2d:7c:7c:61:
76:d6:98:63:bd:76:c6:8f:91:bf:1d:61:76:73:9e:
98:10:c5:c1:1e:7c:4a:62:09:6f:a8:ae:06:c5:66:
1f:2d:4c:5d:34:c1:6c:1c:9f:53:98:c6:00:8a:0c:
fa:49:66:a1:63:6f:39:98:92:3f:f6:66:e9:f3:bf:
4c:8c:c8:a2:cf:81:db:99:42:09:d8:1d:9c:90:6c:
1e:8d:16:a1:9c:c9:b0:06:58:b0:f5:a0:51:1b:b6:
58:2a:88:99:1a:7f:f0:d9:d1:30:a6:88:28:05:08:
44:11:98:1d:ae:15:3a:92:e8:d9:1f:b8:3d:d5:b6:
00:97:d0:1d:a8:1c:99:35:ff:e2:9d:f0:29:98:a9:
c7:39:fc:31:34:f7:dc:5d:68:f1:37:4c:82:36:7e:
07:0b:fa:a4:68:99:b8:c6:19:e7:4a:f5:58:84:ab:
a0:01:44:d5:fd:3b:96:79:12:1c:14:88:f1:08:ac:
41:2b:b6:2e:c7:6e:cf:f4:dd:a2:3f:c5:79:84:47:
e6:48:99:8a:98:b9:80:5e:42:8e:6e:a7:77:44:06:
fe:e5:89:2e:5c:f1:13:da:7f:f1:f0:d1:2d:aa:29:
88:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:65:89:BD:5D:D8:71:E2:C0:40:2A:3E:B6:06:8A:8E:B9:11:11:26
X509v3 Authority Key Identifier:
keyid:7A:F5:7D:D5:2C:75:FC:E3:9F:FE:29:15:46:9D:9E:65:6D:BC:B8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/p2WJvV3YceLAQCo-tgaKjrkRESY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.200.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:7f:f6:42:6a:90:d8:b8:06:31:55:77:2b:f9:42:75:42:af:
27:76:68:a8:12:f2:ed:64:74:d2:7e:a0:be:12:49:c9:20:fd:
2b:b0:ba:60:77:d6:3d:f7:76:32:f8:83:13:f1:13:a3:1e:d6:
44:8c:91:d9:83:c0:91:a5:f4:06:f3:82:70:43:55:37:d2:7e:
88:32:87:1b:11:00:82:7c:be:cb:ca:64:6b:e2:41:ac:7b:37:
88:fc:6a:23:d0:05:58:8c:0f:a4:8e:54:dc:56:98:e4:70:25:
af:82:06:a2:8e:fe:7e:78:de:a7:19:60:e3:26:4e:62:a3:19:
45:41:da:cf:28:9b:65:b2:9d:de:9c:53:56:19:c0:e1:18:11:
93:3b:53:26:81:d7:5c:18:98:eb:33:ea:b8:d8:ba:95:2a:3a:
ee:0d:94:c2:a2:df:16:52:17:b5:14:a1:f5:e2:d1:9b:c5:a3:
c6:0c:ce:07:8e:ad:ed:1e:4a:a9:fb:7a:e9:cb:14:da:5c:d7:
b3:2f:d8:ad:13:51:46:3a:eb:53:40:dd:58:4f:38:f2:a7:3d:
e8:b6:0e:7a:b2:4b:d9:74:63:27:d4:56:48:a4:43:e1:7c:6d:
45:a4:6b:15:57:49:13:c9:97:99:cf:60:2b:4e:ed:f3:94:42:
e3:16:2d:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPPCLPcYMm6mh4iM4QvmyVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZjU3ZGQ1MmM3NWZjZTM5ZmZlMjkxNTQ2OWQ5ZTY1NmRi
Y2I4NzMwHhcNMjQxMjE2MTAzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzY1ODliZDVkZDg3MWUyYzA0MDJhM2ViNjA2OGE4ZWI5MTExMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27F0NWRw+xkrvo4hZ54PQwobTuR2
yMAsci18fGF21phjvXbGj5G/HWF2c56YEMXBHnxKYglvqK4GxWYfLUxdNMFsHJ9T
mMYAigz6SWahY285mJI/9mbp879MjMiiz4HbmUIJ2B2ckGwejRahnMmwBliw9aBR
G7ZYKoiZGn/w2dEwpogoBQhEEZgdrhU6kujZH7g91bYAl9AdqByZNf/infApmKnH
OfwxNPfcXWjxN0yCNn4HC/qkaJm4xhnnSvVYhKugAUTV/TuWeRIcFIjxCKxBK7Yu
x27P9N2iP8V5hEfmSJmKmLmAXkKObqd3RAb+5YkuXPET2n/x8NEtqimIUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKdlib1d2HHiwEAqPrYGio65EREmMB8GA1UdIwQY
MBaAFHr1fdUsdfzjn/4pFUadnmVtvLhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZWOTFTeDFfT09mX2lrVlJwMmVaVzI4dUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84Nzk3ZGUtM2FlOS00ZTA1LTgwZmYt
YzI1MzQwOTZjNjBkLzEvcDJXSnZWM1ljZUxBUUNvLXRnYUtqcmtSRVNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84Nzk3ZGUtM2FlOS00ZTA1LTgwZmYtYzI1MzQwOTZjNjBk
LzEvZXZWOTFTeDFfT09mX2lrVlJwMmVaVzI4dUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuczIMA0G
CSqGSIb3DQEBCwUAA4IBAQBKf/ZCapDYuAYxVXcr+UJ1Qq8ndmioEvLtZHTSfqC+
EknJIP0rsLpgd9Y993Yy+IMT8ROjHtZEjJHZg8CRpfQG84JwQ1U30n6IMocbEQCC
fL7LymRr4kGsezeI/Goj0AVYjA+kjlTcVpjkcCWvggaijv5+eN6nGWDjJk5ioxlF
QdrPKJtlsp3enFNWGcDhGBGTO1MmgddcGJjrM+q42LqVKjruDZTCot8WUhe1FKH1
4tGbxaPGDM4Hjq3tHkqp+3rpyxTaXNezL9itE1FGOutTQN1YTzjypz3otg56skvZ
dGMn1FZIpEPhfG1FpGsVV0kTyZeZz2ArTu3zlELjFi2w
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:01:48 2025 by rpki-client