Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/8Aj5yZvIaRCTPPIRD1Ei7xUa5wo.roa
File: 8Aj5yZvIaRCTPPIRD1Ei7xUa5wo.roa (raw, json)
Hash identifier: cgjQTIaAntAKyL0kPDwMiGYTUv+j5EBscMAQ27+8T4M=
Subject key identifier: F0:08:F9:C9:9B:C8:69:10:93:3C:F2:11:0F:51:22:EF:15:1A:E7:0A
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 019428242BA43AE4039F5D40E27E72D42E96
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/8Aj5yZvIaRCTPPIRD1Ei7xUa5wo.roa
Signing time: Thu 02 Jan 2025 17:50:46 +0000
ROA not before: Thu 02 Jan 2025 17:50:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207691
IP address blocks: 185.43.56.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 09:28:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:2b:a4:3a:e4:03:9f:5d:40:e2:7e:72:d4:2e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 2 17:50:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f008f9c99bc86910933cf2110f5122ef151ae70a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9f:f4:36:d9:cc:4d:51:37:c7:e6:75:67:be:
b5:58:c1:79:16:b2:62:02:75:d8:51:48:a4:45:97:
e5:92:25:96:d0:79:51:79:6d:f2:ce:81:77:45:ed:
46:d6:48:46:dd:e0:87:e2:bd:1e:4b:17:5e:47:40:
39:9e:af:9d:fa:e1:26:62:1e:36:4f:03:6c:f7:98:
9a:85:88:09:43:0b:8e:41:9c:f4:b1:b3:db:ac:b9:
c1:b3:4f:2e:08:02:10:43:d7:9b:6c:c6:a7:8c:bb:
67:65:ba:c0:2f:12:1f:2e:4e:54:fa:bb:49:9f:27:
88:61:d9:a1:a5:db:d9:d3:50:ce:56:fc:7f:b0:d0:
36:c8:12:14:09:ba:03:aa:bf:88:bf:04:b7:aa:01:
34:fc:c3:92:bf:5d:43:9a:7b:fc:30:b9:2d:33:d1:
a2:27:69:6e:a5:3e:a2:e5:62:af:d5:00:77:8d:8e:
ac:0e:71:cc:6f:90:38:bd:46:ca:82:60:59:95:91:
a1:a7:08:8c:27:7f:c5:9e:b2:9b:f0:cc:07:3c:f9:
3d:af:5f:81:35:c0:80:fe:1d:65:af:d8:8a:b9:ae:
32:54:52:dd:61:53:e8:3a:c8:14:4d:51:64:69:0f:
fd:e7:8a:f2:1d:5f:e8:21:59:aa:04:85:30:34:d9:
18:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:08:F9:C9:9B:C8:69:10:93:3C:F2:11:0F:51:22:EF:15:1A:E7:0A
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/8Aj5yZvIaRCTPPIRD1Ei7xUa5wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.56.0/23
Signature Algorithm: sha256WithRSAEncryption
81:ef:e1:ed:91:d0:01:39:eb:81:01:37:18:15:37:e1:66:e4:
45:0a:83:49:97:34:cb:17:35:23:8f:13:fc:99:e0:7f:df:83:
21:df:e2:c5:b9:8b:74:f0:74:dd:0c:fd:fe:7c:96:e9:68:b1:
b3:1c:8c:f6:a2:36:f2:aa:74:02:72:04:ad:7d:12:4d:9a:6e:
df:56:14:b1:43:8a:6a:f6:be:7b:21:b7:f2:15:b4:81:16:80:
2b:c2:11:f3:3e:c2:5c:16:30:ea:fb:06:04:45:62:be:be:75:
b9:a4:1d:a5:a0:73:e9:36:14:29:ec:d2:18:ee:af:bc:b3:dc:
22:5c:e5:5b:c9:f4:bb:67:26:74:d8:ef:9b:67:9b:31:5b:f8:
cc:a3:61:71:63:73:4a:6d:41:02:ac:64:b7:96:3f:7a:02:bd:
5c:2c:a4:dd:ad:3b:4b:f8:4c:8e:cf:4d:99:42:b5:b4:41:61:
f2:fa:1f:dd:84:fc:74:02:13:41:60:5f:bb:64:7f:72:17:9f:
87:d2:a0:d5:2a:85:28:92:f6:fb:b3:f2:5a:ee:6a:89:4e:63:
c8:ab:23:5c:bc:15:e7:40:ae:cc:94:91:03:ad:c1:bb:53:08:
25:17:d7:8e:d4:f4:53:98:e7:6d:ef:a7:14:cb:3e:b9:4c:21:
14:b5:d5:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJCukOuQDn11A4n5y1C6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTAyMTc1MDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDA4ZjljOTliYzg2OTEwOTMzY2YyMTEwZjUxMjJlZjE1MWFlNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5/0NtnMTVE3x+Z1Z761WMF5FrJi
AnXYUUikRZflkiWW0HlReW3yzoF3Re1G1khG3eCH4r0eSxdeR0A5nq+d+uEmYh42
TwNs95iahYgJQwuOQZz0sbPbrLnBs08uCAIQQ9ebbManjLtnZbrALxIfLk5U+rtJ
nyeIYdmhpdvZ01DOVvx/sNA2yBIUCboDqr+IvwS3qgE0/MOSv11Dmnv8MLktM9Gi
J2lupT6i5WKv1QB3jY6sDnHMb5A4vUbKgmBZlZGhpwiMJ3/FnrKb8MwHPPk9r1+B
NcCA/h1lr9iKua4yVFLdYVPoOsgUTVFkaQ/954ryHV/oIVmqBIUwNNkYvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPAI+cmbyGkQkzzyEQ9RIu8VGucKMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvOEFqNXladklhUkNUUFBJUkQxRWk3eFVhNXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSs4MA0G
CSqGSIb3DQEBCwUAA4IBAQCB7+HtkdABOeuBATcYFTfhZuRFCoNJlzTLFzUjjxP8
meB/34Mh3+LFuYt08HTdDP3+fJbpaLGzHIz2ojbyqnQCcgStfRJNmm7fVhSxQ4pq
9r57IbfyFbSBFoArwhHzPsJcFjDq+wYERWK+vnW5pB2loHPpNhQp7NIY7q+8s9wi
XOVbyfS7ZyZ02O+bZ5sxW/jMo2FxY3NKbUECrGS3lj96Ar1cLKTdrTtL+EyOz02Z
QrW0QWHy+h/dhPx0AhNBYF+7ZH9yF5+H0qDVKoUokvb7s/Ja7mqJTmPIqyNcvBXn
QK7MlJEDrcG7UwglF9eO1PRTmOdt76cUyz65TCEUtdWE
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:34:32 2025 by rpki-client