Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/syBkKQClvaM6RRHgEwquGxOSftQ.roa
File: syBkKQClvaM6RRHgEwquGxOSftQ.roa (raw, json)
Hash identifier: K7H/kt//ExG7naqhre/MwmM9UTRWpXoRFhJRpmZVCjI=
Subject key identifier: B3:20:64:29:00:A5:BD:A3:3A:45:11:E0:13:0A:AE:1B:13:92:7E:D4
Certificate issuer: /CN=f53353f368dd801cd6102232dfa1cea69dd8cb6c
Certificate serial: 018CC26D6DFA663555260699A895052A45CE
Authority key identifier: F5:33:53:F3:68:DD:80:1C:D6:10:22:32:DF:A1:CE:A6:9D:D8:CB:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9TNT82jdgBzWECIy36HOpp3Yy2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/syBkKQClvaM6RRHgEwquGxOSftQ.roa
Signing time: Mon 01 Jan 2024 00:30:00 +0000
ROA not before: Mon 01 Jan 2024 00:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201534
IP address blocks: 185.71.219.0/24 maxlen: 24
185.71.216.0/24 maxlen: 24
185.71.218.0/24 maxlen: 24
185.71.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6d:fa:66:35:55:26:06:99:a8:95:05:2a:45:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f53353f368dd801cd6102232dfa1cea69dd8cb6c
Validity
Not Before: Jan 1 00:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b320642900a5bda33a4511e0130aae1b13927ed4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fe:19:02:b1:4f:62:dc:a4:19:e7:fd:85:c2:
29:10:c0:3b:2b:44:cd:1f:e7:c3:66:05:3e:53:7e:
9e:0d:2f:6d:be:1f:74:92:e9:f9:c3:4f:2e:22:fa:
52:b6:dc:1a:72:87:bb:1e:d1:41:00:b4:6d:59:aa:
b9:4e:6e:b3:c6:5a:06:06:b1:5b:d2:ce:e6:b1:4b:
8b:4f:7f:ec:7f:3e:80:37:42:7a:19:24:cb:5a:25:
ab:0a:17:70:ec:29:af:db:61:e2:d2:4d:49:ca:49:
bb:1d:13:a9:9f:11:fb:0d:b9:16:88:c6:2a:a7:b0:
d3:7a:52:7f:96:a5:5f:38:1c:ba:76:7a:ec:84:d0:
fa:84:a3:14:15:da:df:f9:e4:a9:f3:5c:c7:a2:aa:
ae:8b:b9:e2:38:37:dc:29:e1:63:15:ca:e1:e1:63:
0f:39:71:2c:fc:29:84:29:3f:dd:0b:7e:83:21:03:
a2:de:60:4e:fa:c2:27:d7:71:52:8f:67:05:b9:f3:
62:17:76:22:3e:58:2a:41:5b:09:bd:d7:f2:f0:56:
a4:3c:34:b0:c1:e2:48:da:29:07:6f:3e:45:83:8a:
f6:fd:6a:fe:2d:b5:0a:8d:47:34:77:d3:90:e8:c6:
b8:fe:a9:23:60:99:03:4a:6f:1b:8c:71:97:08:f5:
65:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:20:64:29:00:A5:BD:A3:3A:45:11:E0:13:0A:AE:1B:13:92:7E:D4
X509v3 Authority Key Identifier:
keyid:F5:33:53:F3:68:DD:80:1C:D6:10:22:32:DF:A1:CE:A6:9D:D8:CB:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9TNT82jdgBzWECIy36HOpp3Yy2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/syBkKQClvaM6RRHgEwquGxOSftQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b8097a-4eed-463b-b65a-0ec7ecb25030/1/9TNT82jdgBzWECIy36HOpp3Yy2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.216.0/22
Signature Algorithm: sha256WithRSAEncryption
48:ef:67:69:0d:5c:91:bf:a3:b1:0c:e6:8c:77:b1:76:f6:1e:
2c:87:92:a7:96:1c:5a:a4:4a:fe:83:f6:b7:fd:8f:5e:36:0b:
5c:0d:1b:7d:d1:ed:1c:6a:f1:49:80:34:a0:bd:5a:cc:e3:51:
68:14:83:d0:e1:8b:21:c9:21:03:e7:54:93:e5:d5:99:0f:21:
09:43:94:de:fb:14:20:97:63:d3:b3:a4:0d:fd:70:04:8d:83:
01:d6:45:6d:c0:1a:6b:dd:9c:2f:b5:43:0b:59:f6:cf:cb:5a:
e9:6d:a3:15:f3:b6:0e:b4:4d:b7:b5:b7:36:91:53:3f:e4:da:
d6:7e:d8:7c:07:c7:cd:ba:a3:a1:d5:9e:18:76:81:cc:34:f7:
f0:01:49:15:1f:dc:32:8d:6a:49:93:5b:fb:55:ef:6b:69:3f:
0b:b9:51:5a:80:63:74:e2:a8:20:78:1c:12:9a:65:db:d3:df:
10:88:96:bb:d2:a4:c1:4b:4b:16:27:64:05:ba:b6:3c:b5:d4:
39:7b:53:ac:b1:00:de:35:a0:74:b7:a3:9b:1a:3f:b4:0d:25:
7f:23:18:04:dd:48:db:e1:72:53:d7:f2:5e:72:da:b8:26:ce:
12:bb:fc:b1:25:96:d7:2b:02:50:b5:2f:42:1d:05:84:84:67:
d2:c8:91:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbW36ZjVVJgaZqJUFKkXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MzM1M2YzNjhkZDgwMWNkNjEwMjIzMmRmYTFjZWE2OWRk
OGNiNmMwHhcNMjQwMTAxMDAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzIwNjQyOTAwYTViZGEzM2E0NTExZTAxMzBhYWUxYjEzOTI3ZWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwP4ZArFPYtykGef9hcIpEMA7K0TN
H+fDZgU+U36eDS9tvh90kun5w08uIvpSttwacoe7HtFBALRtWaq5Tm6zxloGBrFb
0s7msUuLT3/sfz6AN0J6GSTLWiWrChdw7Cmv22Hi0k1Jykm7HROpnxH7DbkWiMYq
p7DTelJ/lqVfOBy6dnrshND6hKMUFdrf+eSp81zHoqqui7niODfcKeFjFcrh4WMP
OXEs/CmEKT/dC36DIQOi3mBO+sIn13FSj2cFufNiF3YiPlgqQVsJvdfy8FakPDSw
weJI2ikHbz5Fg4r2/Wr+LbUKjUc0d9OQ6Ma4/qkjYJkDSm8bjHGXCPVlUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMgZCkApb2jOkUR4BMKrhsTkn7UMB8GA1UdIwQY
MBaAFPUzU/No3YAc1hAiMt+hzqad2MtsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVROVDgyamRnQnpXRUNJeTM2SE9wcDNZeTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iODA5N2EtNGVlZC00NjNiLWI2NWEt
MGVjN2VjYjI1MDMwLzEvc3lCa0tRQ2x2YU02UlJIZ0V3cXVHeE9TZnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iODA5N2EtNGVlZC00NjNiLWI2NWEtMGVjN2VjYjI1MDMw
LzEvOVROVDgyamRnQnpXRUNJeTM2SE9wcDNZeTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUfYMA0G
CSqGSIb3DQEBCwUAA4IBAQBI72dpDVyRv6OxDOaMd7F29h4sh5KnlhxapEr+g/a3
/Y9eNgtcDRt90e0cavFJgDSgvVrM41FoFIPQ4YshySED51ST5dWZDyEJQ5Te+xQg
l2PTs6QN/XAEjYMB1kVtwBpr3ZwvtUMLWfbPy1rpbaMV87YOtE23tbc2kVM/5NrW
fth8B8fNuqOh1Z4YdoHMNPfwAUkVH9wyjWpJk1v7Ve9raT8LuVFagGN04qggeBwS
mmXb098QiJa70qTBS0sWJ2QFurY8tdQ5e1OssQDeNaB0t6ObGj+0DSV/IxgE3Ujb
4XJT1/Jectq4Js4Su/yxJZbXKwJQtS9CHQWEhGfSyJGA
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:25:49 2025 by rpki-client