Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/R84KhoSd7ew1QsmSwr9fLf11qnA.roa
File: R84KhoSd7ew1QsmSwr9fLf11qnA.roa (raw, json)
Hash identifier: fKzs1pbCHOcyDy/0uZzomx6VjjMz9qHR9dYYgh8GzpQ=
Subject key identifier: 47:CE:0A:86:84:9D:ED:EC:35:42:C9:92:C2:BF:5F:2D:FD:75:AA:70
Certificate issuer: /CN=f67ed4f7d35575281c176cae3ddcbd40cc5c1dd6
Certificate serial: 018CC7954FA1FAA302497B31BBA820D5805C
Authority key identifier: F6:7E:D4:F7:D3:55:75:28:1C:17:6C:AE:3D:DC:BD:40:CC:5C:1D:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/R84KhoSd7ew1QsmSwr9fLf11qnA.roa
Signing time: Tue 02 Jan 2024 00:31:40 +0000
ROA not before: Tue 02 Jan 2024 00:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50520
IP address blocks: 185.134.112.0/22 maxlen: 22
185.134.112.0/24 maxlen: 24
185.134.113.0/24 maxlen: 24
185.134.115.0/24 maxlen: 24
185.134.114.0/24 maxlen: 24
2a02:fa80:ca02::/48 maxlen: 48
2a02:fa80::/32 maxlen: 32
2a02:fa80:fa80::/48 maxlen: 48
2a02:fa80:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:4f:a1:fa:a3:02:49:7b:31:bb:a8:20:d5:80:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f67ed4f7d35575281c176cae3ddcbd40cc5c1dd6
Validity
Not Before: Jan 2 00:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47ce0a86849dedec3542c992c2bf5f2dfd75aa70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:35:9c:19:58:4e:a3:b1:07:ad:f2:6a:51:60:
d3:f4:19:19:96:1b:25:cc:8b:e8:b2:40:7b:2c:0e:
96:4c:f8:f7:0f:f0:05:ca:dc:11:6e:98:19:4c:43:
80:00:cc:8f:41:46:c3:34:ec:81:99:10:67:ab:6e:
a7:ad:29:5e:d6:ab:3c:80:49:67:32:e1:94:44:6a:
5d:d5:a3:2e:35:e6:76:81:f9:7f:a8:47:53:a1:e6:
84:3f:bf:31:24:5d:62:e3:98:49:41:c4:65:df:bd:
27:94:0f:d3:cc:7a:b4:8a:e0:dd:a9:68:6d:b3:8a:
0b:75:32:c3:23:ee:9f:0b:6e:20:57:10:d8:e2:8e:
9d:04:6a:fd:21:e6:6b:4d:00:91:0d:e5:9b:09:cc:
d2:cb:73:6c:c5:ed:2b:9e:30:b2:97:9c:b8:4a:fe:
76:ff:6b:ef:5b:b4:9a:fb:89:31:53:14:67:d8:36:
c4:b2:51:cc:30:4a:e5:5f:42:ce:db:e7:e6:c0:a1:
db:b7:f3:75:aa:de:a8:2b:a7:fe:37:7c:df:38:0e:
6d:ac:d7:e5:75:2f:26:4e:f7:02:32:6d:13:d0:e4:
3e:d2:43:da:0a:c4:58:de:75:a3:c7:01:98:92:5e:
85:1d:6a:dd:3f:fc:50:09:c3:ba:7d:b7:5a:c4:d1:
61:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:CE:0A:86:84:9D:ED:EC:35:42:C9:92:C2:BF:5F:2D:FD:75:AA:70
X509v3 Authority Key Identifier:
keyid:F6:7E:D4:F7:D3:55:75:28:1C:17:6C:AE:3D:DC:BD:40:CC:5C:1D:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/R84KhoSd7ew1QsmSwr9fLf11qnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/9n7U99NVdSgcF2yuPdy9QMxcHdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.112.0/22
IPv6:
2a02:fa80::/32
Signature Algorithm: sha256WithRSAEncryption
1b:93:6a:f1:f2:2b:39:93:3d:cd:c3:a1:ce:a9:60:39:68:c3:
a7:4d:ae:11:57:2a:75:bc:78:54:58:1c:03:a9:c2:d2:1c:07:
57:ce:8a:d6:d3:40:c2:c3:13:60:23:d3:ae:c9:09:df:ca:30:
09:77:c1:72:09:24:01:b0:9e:f0:61:ca:16:6f:9e:1e:d0:13:
00:f2:0b:13:b3:26:50:89:45:4e:a1:b1:2b:74:10:fb:2f:bb:
a5:ff:26:b2:27:55:ed:10:22:f2:1d:7c:f7:29:3d:9b:b6:31:
19:1d:07:86:39:5e:19:10:4a:d9:b8:76:19:92:cc:7c:63:8c:
36:91:ec:32:6b:2a:94:d1:08:bf:4b:77:cc:c6:0a:d4:b0:08:
6c:1e:4c:99:b1:86:43:8d:c4:bb:d0:17:b3:6b:95:41:68:e7:
02:6d:2e:17:ec:6e:ed:fe:02:e4:90:6e:d3:77:7b:1c:6c:38:
ae:3c:d1:f6:35:3c:32:1e:22:66:1a:d4:d7:b0:e9:89:d3:41:
92:73:90:59:58:f6:36:d5:ae:b8:d9:b6:38:e0:39:c7:3e:19:
30:7e:34:33:a6:94:b9:96:5c:e6:50:be:90:60:77:70:4d:55:
47:7c:3f:5b:0b:ae:23:da:c2:5c:f0:47:9e:41:fd:b9:24:94:
c2:35:b1:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlU+h+qMCSXsxu6gg1YBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2N2VkNGY3ZDM1NTc1MjgxYzE3NmNhZTNkZGNiZDQwY2M1
YzFkZDYwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2NlMGE4Njg0OWRlZGVjMzU0MmM5OTJjMmJmNWYyZGZkNzVhYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTWcGVhOo7EHrfJqUWDT9BkZlhsl
zIvoskB7LA6WTPj3D/AFytwRbpgZTEOAAMyPQUbDNOyBmRBnq26nrSle1qs8gEln
MuGURGpd1aMuNeZ2gfl/qEdToeaEP78xJF1i45hJQcRl370nlA/TzHq0iuDdqWht
s4oLdTLDI+6fC24gVxDY4o6dBGr9IeZrTQCRDeWbCczSy3Nsxe0rnjCyl5y4Sv52
/2vvW7Sa+4kxUxRn2DbEslHMMErlX0LO2+fmwKHbt/N1qt6oK6f+N3zfOA5trNfl
dS8mTvcCMm0T0OQ+0kPaCsRY3nWjxwGYkl6FHWrdP/xQCcO6fbdaxNFh6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEfOCoaEne3sNULJksK/Xy39dapwMB8GA1UdIwQY
MBaAFPZ+1PfTVXUoHBdsrj3cvUDMXB3WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOW43VTk5TlZkU2djRjJ5dVBkeTlRTXhjSGRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iNjJlNzctMzU3YS00YWFkLWJiMjct
ZjQ0ODVhZWQ3NDI5LzEvUjg0S2hvU2Q3ZXcxUXNtU3dyOWZMZjExcW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iNjJlNzctMzU3YS00YWFkLWJiMjctZjQ0ODVhZWQ3NDI5
LzEvOW43VTk5TlZkU2djRjJ5dVBkeTlRTXhjSGRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYZwMA0E
AgACMAcDBQAqAvqAMA0GCSqGSIb3DQEBCwUAA4IBAQAbk2rx8is5kz3Nw6HOqWA5
aMOnTa4RVyp1vHhUWBwDqcLSHAdXzorW00DCwxNgI9OuyQnfyjAJd8FyCSQBsJ7w
YcoWb54e0BMA8gsTsyZQiUVOobErdBD7L7ul/yayJ1XtECLyHXz3KT2btjEZHQeG
OV4ZEErZuHYZksx8Y4w2kewyayqU0Qi/S3fMxgrUsAhsHkyZsYZDjcS70Beza5VB
aOcCbS4X7G7t/gLkkG7Td3scbDiuPNH2NTwyHiJmGtTXsOmJ00GSc5BZWPY21a64
2bY44DnHPhkwfjQzppS5llzmUL6QYHdwTVVHfD9bC64j2sJc8EeeQf25JJTCNbGJ
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:52:26 2025 by rpki-client