Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/d38360-4d1f-422e-90ae-08b9e1101aa7/1/adtMNQAySxt88Ssc2EmZHEONHy4.roa
File: adtMNQAySxt88Ssc2EmZHEONHy4.roa (raw, json)
Hash identifier: fdZ04ESjlev89LKvcrPk5vmNIRpe6BCeEruETN2RAsc=
Subject key identifier: 69:DB:4C:35:00:32:4B:1B:7C:F1:2B:1C:D8:49:99:1C:43:8D:1F:2E
Certificate issuer: /CN=ccb0ca2291276d7d2a2f8a7050f4ba827fe910a1
Certificate serial: 018CC56E26B4E1AC6ABBFE6F933F1028FF1F
Authority key identifier: CC:B0:CA:22:91:27:6D:7D:2A:2F:8A:70:50:F4:BA:82:7F:E9:10:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zLDKIpEnbX0qL4pwUPS6gn_pEKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/d38360-4d1f-422e-90ae-08b9e1101aa7/1/adtMNQAySxt88Ssc2EmZHEONHy4.roa
Signing time: Mon 01 Jan 2024 14:29:39 +0000
ROA not before: Mon 01 Jan 2024 14:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35754
IP address blocks: 87.254.32.0/19 maxlen: 19
185.247.120.0/22 maxlen: 22
2a03:d500::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:26:b4:e1:ac:6a:bb:fe:6f:93:3f:10:28:ff:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccb0ca2291276d7d2a2f8a7050f4ba827fe910a1
Validity
Not Before: Jan 1 14:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69db4c3500324b1b7cf12b1cd849991c438d1f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:36:a7:55:81:a5:3a:b7:a2:6c:3d:3a:b6:b0:
52:70:8c:41:58:e9:73:73:28:ef:ae:b9:b0:a5:99:
89:e0:e9:f3:a8:c1:d0:19:8a:eb:aa:d1:b3:ac:07:
33:f7:09:8e:7d:9d:36:25:9b:48:41:60:e8:4a:a1:
93:d2:13:5e:24:d4:fb:3e:8c:1b:fb:39:e0:98:61:
5b:64:a1:21:9b:f5:6c:43:5c:21:f0:00:17:d4:1a:
e0:22:e0:de:a0:92:b3:f2:3f:33:d1:71:8b:37:dd:
60:cc:16:9b:48:53:14:29:6b:e7:38:a1:de:94:6d:
58:6d:c1:cf:0a:b4:00:7b:54:6b:f1:63:d9:75:54:
ea:fc:b6:16:20:ae:3b:7e:dc:8f:6f:4f:a6:22:1e:
cc:8a:3c:c6:e8:87:a3:ef:72:0b:bb:2d:64:29:36:
fb:d2:1f:de:35:96:63:90:73:71:32:f2:9d:78:41:
7c:54:11:a7:5b:85:43:60:a6:4e:e1:3a:10:ca:9e:
b3:06:2b:33:48:fc:dc:cc:84:31:24:47:e0:4c:d6:
11:d5:72:b9:d6:5c:a2:11:f3:13:51:6f:8b:ca:e2:
1e:4c:bd:de:0a:c4:1b:8a:23:7c:84:c2:d0:f2:de:
c7:c1:68:1a:52:9a:31:93:8b:5d:a1:03:07:83:44:
a8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:DB:4C:35:00:32:4B:1B:7C:F1:2B:1C:D8:49:99:1C:43:8D:1F:2E
X509v3 Authority Key Identifier:
keyid:CC:B0:CA:22:91:27:6D:7D:2A:2F:8A:70:50:F4:BA:82:7F:E9:10:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zLDKIpEnbX0qL4pwUPS6gn_pEKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d38360-4d1f-422e-90ae-08b9e1101aa7/1/adtMNQAySxt88Ssc2EmZHEONHy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d38360-4d1f-422e-90ae-08b9e1101aa7/1/zLDKIpEnbX0qL4pwUPS6gn_pEKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.32.0/19
185.247.120.0/22
IPv6:
2a03:d500::/32
Signature Algorithm: sha256WithRSAEncryption
bb:e2:d2:42:c7:47:2c:d8:18:f4:b9:6c:3a:2e:02:a0:31:7b:
33:fb:34:15:8d:be:70:9b:02:4e:40:3b:9c:f2:59:05:e6:a0:
57:5d:25:78:fd:79:84:62:bf:3c:92:04:cc:ba:01:de:21:e7:
49:b0:f1:0e:56:48:5d:54:f4:20:bd:a1:cb:8a:cf:9b:e0:7f:
6c:07:c1:31:06:1c:b3:39:41:c7:d0:a3:64:76:fd:47:4b:60:
03:7e:a5:fd:2b:54:f2:06:b7:f6:2f:88:05:97:67:e6:bd:c1:
f7:9c:35:74:07:48:f6:fd:86:bc:e7:62:fa:a1:ec:7b:2d:46:
ae:b2:4b:54:a3:e6:0c:9d:76:f5:82:37:01:18:c7:59:66:f6:
b6:04:88:ed:e1:de:ba:bc:9d:d4:ee:43:44:39:54:f3:94:3e:
c5:0e:52:ed:a5:9d:fa:d5:a4:f2:91:ad:8b:29:31:db:95:88:
bc:67:7d:b2:12:36:0d:94:ff:db:37:53:85:d6:cc:d2:22:1c:
0e:d4:2a:63:76:f2:c6:65:e1:e3:a7:9a:87:7d:50:77:bd:a5:
86:fc:e3:6f:b5:af:a7:5a:80:4a:e4:bd:9b:7f:0a:de:1a:b5:
d7:6d:8d:2f:9e:7d:a3:7b:c8:b5:38:90:a5:94:a7:0e:f1:ae:
44:00:c0:5d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbia04axqu/5vkz8QKP8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYjBjYTIyOTEyNzZkN2QyYTJmOGE3MDUwZjRiYTgyN2Zl
OTEwYTEwHhcNMjQwMTAxMTQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWRiNGMzNTAwMzI0YjFiN2NmMTJiMWNkODQ5OTkxYzQzOGQxZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTanVYGlOreibD06trBScIxBWOlz
cyjvrrmwpZmJ4OnzqMHQGYrrqtGzrAcz9wmOfZ02JZtIQWDoSqGT0hNeJNT7Powb
+zngmGFbZKEhm/VsQ1wh8AAX1BrgIuDeoJKz8j8z0XGLN91gzBabSFMUKWvnOKHe
lG1YbcHPCrQAe1Rr8WPZdVTq/LYWIK47ftyPb0+mIh7MijzG6Iej73ILuy1kKTb7
0h/eNZZjkHNxMvKdeEF8VBGnW4VDYKZO4ToQyp6zBiszSPzczIQxJEfgTNYR1XK5
1lyiEfMTUW+LyuIeTL3eCsQbiiN8hMLQ8t7HwWgaUpoxk4tdoQMHg0SoQwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGnbTDUAMksbfPErHNhJmRxDjR8uMB8GA1UdIwQY
MBaAFMywyiKRJ219Ki+KcFD0uoJ/6RChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekxES0lwRW5iWDBxTDRwd1VQUzZnbl9wRUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9kMzgzNjAtNGQxZi00MjJlLTkwYWUt
MDhiOWUxMTAxYWE3LzEvYWR0TU5RQXlTeHQ4OFNzYzJFbVpIRU9OSHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9kMzgzNjAtNGQxZi00MjJlLTkwYWUtMDhiOWUxMTAxYWE3
LzEvekxES0lwRW5iWDBxTDRwd1VQUzZnbl9wRUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFV/4gAwQC
ufd4MA0EAgACMAcDBQAqA9UAMA0GCSqGSIb3DQEBCwUAA4IBAQC74tJCx0cs2Bj0
uWw6LgKgMXsz+zQVjb5wmwJOQDuc8lkF5qBXXSV4/XmEYr88kgTMugHeIedJsPEO
VkhdVPQgvaHLis+b4H9sB8ExBhyzOUHH0KNkdv1HS2ADfqX9K1TyBrf2L4gFl2fm
vcH3nDV0B0j2/Ya852L6oex7LUausktUo+YMnXb1gjcBGMdZZva2BIjt4d66vJ3U
7kNEOVTzlD7FDlLtpZ361aTyka2LKTHblYi8Z32yEjYNlP/bN1OF1szSIhwO1Cpj
dvLGZeHjp5qHfVB3vaWG/ONvta+nWoBK5L2bfwreGrXXbY0vnn2je8i1OJCllKcO
8a5EAMBd
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:16 2025 by rpki-client