Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/008f91-aee3-4408-8393-14b76b76f2bb/1/n2p0BG1jA5ahLX2OTmFS9tAdcEA.roa
File: n2p0BG1jA5ahLX2OTmFS9tAdcEA.roa (raw, json)
Hash identifier: 8ISrD4CX4K30rYBL3yfVC3szE0VYEhDZy6vlbVtOGk4=
Subject key identifier: 9F:6A:74:04:6D:63:03:96:A1:2D:7D:8E:4E:61:52:F6:D0:1D:70:40
Certificate issuer: /CN=aa679589c1c48897d09b2d4fed7a66044a876ea3
Certificate serial: 019543363D20EEC9DE09EF726ED77BAFFB64
Authority key identifier: AA:67:95:89:C1:C4:88:97:D0:9B:2D:4F:ED:7A:66:04:4A:87:6E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qmeVicHEiJfQmy1P7XpmBEqHbqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/008f91-aee3-4408-8393-14b76b76f2bb/1/n2p0BG1jA5ahLX2OTmFS9tAdcEA.roa
Signing time: Wed 26 Feb 2025 17:03:02 +0000
ROA not before: Wed 26 Feb 2025 17:03:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20771
IP address blocks: 185.163.200.0/22 maxlen: 24
185.163.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Feb 2025 09:11:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:43:36:3d:20:ee:c9:de:09:ef:72:6e:d7:7b:af:fb:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa679589c1c48897d09b2d4fed7a66044a876ea3
Validity
Not Before: Feb 26 17:03:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f6a74046d630396a12d7d8e4e6152f6d01d7040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cc:d1:c6:b7:53:b3:84:10:71:42:62:64:51:
55:9f:58:46:49:3f:5d:67:d9:9a:44:aa:8b:29:a7:
53:39:82:00:40:a5:7a:79:ca:c1:21:70:cc:41:29:
ff:c3:2b:b2:d3:4e:17:a7:e4:b8:18:07:58:d3:53:
b8:05:65:64:a3:1b:d3:13:b1:b1:52:a6:fd:c6:e7:
bb:89:45:3e:65:e0:52:64:59:12:52:4e:f1:95:f9:
cf:7c:08:cb:53:8d:d4:5e:01:e9:a9:6c:6b:dc:f6:
44:38:f6:d4:00:07:37:de:e8:e8:f6:c2:e0:a3:d2:
1e:ea:45:68:e2:50:5b:fe:2c:2e:25:76:39:53:6f:
07:e4:f7:a5:e7:6a:a0:57:2f:00:e7:53:4f:8b:a3:
08:65:d3:ed:93:c6:fe:04:dd:9b:9c:e9:35:b9:4d:
c6:f0:0b:39:ef:da:8d:01:7a:3a:3d:01:3f:86:f0:
d8:ef:a1:9e:eb:5c:44:06:e7:98:9d:87:75:6b:12:
5e:ba:9b:a8:00:e1:2c:6d:6c:ed:43:07:9a:d1:68:
8e:b4:7f:52:db:9c:ed:66:db:7d:24:45:64:28:c5:
25:64:8f:4e:69:d2:92:1e:bd:0a:bc:cb:f4:85:5c:
ca:1d:8c:18:97:de:30:9b:45:cb:bb:a0:9d:2f:5a:
b5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:6A:74:04:6D:63:03:96:A1:2D:7D:8E:4E:61:52:F6:D0:1D:70:40
X509v3 Authority Key Identifier:
keyid:AA:67:95:89:C1:C4:88:97:D0:9B:2D:4F:ED:7A:66:04:4A:87:6E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qmeVicHEiJfQmy1P7XpmBEqHbqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/008f91-aee3-4408-8393-14b76b76f2bb/1/n2p0BG1jA5ahLX2OTmFS9tAdcEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/008f91-aee3-4408-8393-14b76b76f2bb/1/qmeVicHEiJfQmy1P7XpmBEqHbqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.200.0/22
Signature Algorithm: sha256WithRSAEncryption
84:1c:3f:79:23:1f:57:71:56:1e:a4:ae:41:32:81:23:b6:c4:
05:ec:f5:3d:54:b6:3c:b1:60:88:73:88:87:cb:8b:f6:9f:1a:
c8:e9:56:c7:cb:29:ce:71:5e:7f:b9:e9:d0:bf:c0:ae:17:96:
ea:8e:70:46:cd:41:cb:c6:eb:77:19:2b:5d:b4:5e:4f:5b:08:
c1:0d:a5:7f:1a:70:d2:cc:85:47:9a:1c:ef:27:bb:b4:e9:a8:
39:56:77:59:c2:3d:69:7b:c9:67:00:0f:f3:39:57:dd:bb:8b:
50:fd:e8:12:40:c8:09:e6:b9:3f:af:c3:91:43:2d:5d:c5:47:
21:0b:8b:24:08:fb:a3:e9:26:3d:9e:6f:d9:3c:21:b9:47:e4:
18:33:5c:a2:4d:bb:ee:8a:fa:3b:f9:d6:e7:46:91:09:06:1f:
96:f6:80:80:f8:78:00:07:17:9b:04:11:16:eb:43:f3:00:1b:
8f:94:57:e9:b1:38:95:53:78:33:47:a3:18:15:c4:76:5c:3e:
52:94:7d:55:0a:1e:8d:2a:62:ef:89:e0:74:e6:e3:16:9a:5a:
94:c0:16:d9:f9:c4:2b:c7:eb:31:90:84:d1:ea:28:4c:29:9e:
5b:93:2b:12:9c:91:2b:30:c6:a7:fc:bc:26:96:93:59:b1:1e:
0b:98:c9:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVDNj0g7sneCe9ybtd7r/tkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNjc5NTg5YzFjNDg4OTdkMDliMmQ0ZmVkN2E2NjA0NGE4
NzZlYTMwHhcNMjUwMjI2MTcwMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjZhNzQwNDZkNjMwMzk2YTEyZDdkOGU0ZTYxNTJmNmQwMWQ3MDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0szRxrdTs4QQcUJiZFFVn1hGST9d
Z9maRKqLKadTOYIAQKV6ecrBIXDMQSn/wyuy004Xp+S4GAdY01O4BWVkoxvTE7Gx
Uqb9xue7iUU+ZeBSZFkSUk7xlfnPfAjLU43UXgHpqWxr3PZEOPbUAAc33ujo9sLg
o9Ie6kVo4lBb/iwuJXY5U28H5Pel52qgVy8A51NPi6MIZdPtk8b+BN2bnOk1uU3G
8As579qNAXo6PQE/hvDY76Ge61xEBueYnYd1axJeupuoAOEsbWztQwea0WiOtH9S
25ztZtt9JEVkKMUlZI9OadKSHr0KvMv0hVzKHYwYl94wm0XLu6CdL1q10QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ9qdARtYwOWoS19jk5hUvbQHXBAMB8GA1UdIwQY
MBaAFKpnlYnBxIiX0JstT+16ZgRKh26jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW1lVmljSEVpSmZRbXkxUDdYcG1CRXFIYnFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8wMDhmOTEtYWVlMy00NDA4LTgzOTMt
MTRiNzZiNzZmMmJiLzEvbjJwMEJHMWpBNWFoTFgyT1RtRlM5dEFkY0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8wMDhmOTEtYWVlMy00NDA4LTgzOTMtMTRiNzZiNzZmMmJi
LzEvcW1lVmljSEVpSmZRbXkxUDdYcG1CRXFIYnFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCEHD95Ix9XcVYepK5BMoEjtsQF7PU9VLY8sWCIc4iH
y4v2nxrI6VbHyynOcV5/uenQv8CuF5bqjnBGzUHLxut3GStdtF5PWwjBDaV/GnDS
zIVHmhzvJ7u06ag5VndZwj1pe8lnAA/zOVfdu4tQ/egSQMgJ5rk/r8ORQy1dxUch
C4skCPuj6SY9nm/ZPCG5R+QYM1yiTbvuivo7+dbnRpEJBh+W9oCA+HgABxebBBEW
60PzABuPlFfpsTiVU3gzR6MYFcR2XD5SlH1VCh6NKmLvieB05uMWmlqUwBbZ+cQr
x+sxkITR6ihMKZ5bkysSnJErMMan/LwmlpNZsR4LmMlQ
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:43:58 2025 by rpki-client