Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/955340-f801-41a7-a9d4-01b7e262eff1/1/_2FjyCenmqJ6VxvGCILSim-M6SA.roa
File: _2FjyCenmqJ6VxvGCILSim-M6SA.roa (raw, json)
Hash identifier: yM4IYpclUGiFfXUZp47IEUPA6HVu9/SxpDA/7bs8Kug=
Subject key identifier: FF:61:63:C8:27:A7:9A:A2:7A:57:1B:C6:08:82:D2:8A:6F:8C:E9:20
Certificate issuer: /CN=bdef8a8ad007aa4dc81d7736189a182b0282bc18
Certificate serial: 018CC4245EA1F0E261BB57702A277F38BBF6
Authority key identifier: BD:EF:8A:8A:D0:07:AA:4D:C8:1D:77:36:18:9A:18:2B:02:82:BC:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ve-KitAHqk3IHXc2GJoYKwKCvBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/955340-f801-41a7-a9d4-01b7e262eff1/1/_2FjyCenmqJ6VxvGCILSim-M6SA.roa
Signing time: Mon 01 Jan 2024 08:29:27 +0000
ROA not before: Mon 01 Jan 2024 08:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205310
IP address blocks: 185.220.228.0/22 maxlen: 24
2a11:c840::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:5e:a1:f0:e2:61:bb:57:70:2a:27:7f:38:bb:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdef8a8ad007aa4dc81d7736189a182b0282bc18
Validity
Not Before: Jan 1 08:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff6163c827a79aa27a571bc60882d28a6f8ce920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:36:4b:da:f9:89:44:52:7b:c5:09:67:64:cb:
2a:0d:e8:d2:da:8b:4a:f5:08:c5:f5:89:77:50:48:
a0:27:ba:41:cb:4f:9f:c3:db:0a:b1:b5:c7:4b:8f:
9b:a5:b6:d5:a5:ec:04:0a:24:f8:9c:c7:8e:cd:06:
48:ce:c8:31:28:31:4b:ca:3e:4c:d2:dc:bc:07:24:
d8:b8:ff:b9:e7:0a:77:33:ad:7b:b6:40:ea:a4:83:
27:00:38:8e:a5:49:c5:ef:a6:bf:26:35:fe:3f:66:
41:3a:51:9a:49:22:85:e2:4b:ed:1c:fc:26:61:17:
eb:6b:a7:36:06:2d:62:59:5d:01:40:ce:9a:9d:ca:
65:5e:60:17:c1:9a:b8:ce:a1:ef:92:8f:12:50:bc:
4f:4c:c4:34:23:c2:d6:40:57:33:c9:f3:e7:1b:5e:
14:a7:0f:9d:5b:5e:d2:96:0e:11:79:36:d9:ca:04:
a2:e9:d9:16:3b:08:a7:b4:c9:fd:8f:11:2d:74:fe:
60:27:e8:e2:df:69:be:40:d7:37:3d:48:3e:14:97:
98:83:bb:a8:cb:fa:ce:08:04:c4:7b:95:97:df:29:
68:6f:eb:de:cd:18:06:66:04:e0:4b:1c:ec:b8:96:
29:dd:88:2c:89:a6:68:9c:d4:62:56:4d:25:4e:b8:
a8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:61:63:C8:27:A7:9A:A2:7A:57:1B:C6:08:82:D2:8A:6F:8C:E9:20
X509v3 Authority Key Identifier:
keyid:BD:EF:8A:8A:D0:07:AA:4D:C8:1D:77:36:18:9A:18:2B:02:82:BC:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ve-KitAHqk3IHXc2GJoYKwKCvBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/955340-f801-41a7-a9d4-01b7e262eff1/1/_2FjyCenmqJ6VxvGCILSim-M6SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/955340-f801-41a7-a9d4-01b7e262eff1/1/ve-KitAHqk3IHXc2GJoYKwKCvBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.228.0/22
IPv6:
2a11:c840::/48
Signature Algorithm: sha256WithRSAEncryption
3c:e4:97:bf:bb:50:8d:65:8f:49:a6:fc:b2:fb:c5:cb:e1:e1:
ca:cf:f4:af:34:7f:91:65:41:68:ed:11:16:aa:cb:1c:21:ca:
fe:eb:43:02:36:68:a3:55:f2:36:ac:b8:55:b6:43:16:6e:fa:
ba:ca:38:09:2d:1c:38:f5:8b:c5:f9:78:be:ef:b5:21:59:f1:
da:3c:55:8a:88:9b:2c:87:8c:26:8d:14:fb:fb:81:5a:8b:91:
ee:ad:7c:75:04:fa:f8:60:e6:63:1a:f2:c5:52:0d:59:ab:86:
c0:0d:b8:0f:67:3b:e8:74:ed:0c:e6:90:1d:ca:51:63:f5:a3:
55:f0:f5:70:b2:79:e0:c1:46:77:90:a0:c4:e5:60:51:80:62:
d0:1b:f3:46:14:22:df:ea:80:0f:17:0a:e5:17:c7:13:c5:9b:
08:d8:03:20:17:a4:27:6e:90:cd:c0:96:5d:62:0a:a8:eb:77:
33:26:e3:78:e7:5c:93:32:08:31:25:7c:ba:25:c1:d0:98:b8:
a9:4c:19:a9:c3:b0:5d:64:e7:a2:4f:fc:4f:1c:ea:61:90:18:
4c:c7:24:52:57:d3:91:0f:8b:1f:08:a8:07:79:42:03:bb:b3:
1c:dd:76:4f:89:38:61:de:1c:d3:8c:af:2e:45:cb:fe:eb:8c:
a7:57:70:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJF6h8OJhu1dwKid/OLv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZWY4YThhZDAwN2FhNGRjODFkNzczNjE4OWExODJiMDI4
MmJjMTgwHhcNMjQwMTAxMDgyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjYxNjNjODI3YTc5YWEyN2E1NzFiYzYwODgyZDI4YTZmOGNlOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDZL2vmJRFJ7xQlnZMsqDejS2otK
9QjF9Yl3UEigJ7pBy0+fw9sKsbXHS4+bpbbVpewECiT4nMeOzQZIzsgxKDFLyj5M
0ty8ByTYuP+55wp3M617tkDqpIMnADiOpUnF76a/JjX+P2ZBOlGaSSKF4kvtHPwm
YRfra6c2Bi1iWV0BQM6ancplXmAXwZq4zqHvko8SULxPTMQ0I8LWQFczyfPnG14U
pw+dW17Slg4ReTbZygSi6dkWOwintMn9jxEtdP5gJ+ji32m+QNc3PUg+FJeYg7uo
y/rOCATEe5WX3ylob+vezRgGZgTgSxzsuJYp3YgsiaZonNRiVk0lTrioMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP9hY8gnp5qielcbxgiC0opvjOkgMB8GA1UdIwQY
MBaAFL3viorQB6pNyB13NhiaGCsCgrwYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmUtS2l0QUhxazNJSFhjMkdKb1lLd0tDdkJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi85NTUzNDAtZjgwMS00MWE3LWE5ZDQt
MDFiN2UyNjJlZmYxLzEvXzJGanlDZW5tcUo2Vnh2R0NJTFNpbS1NNlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi85NTUzNDAtZjgwMS00MWE3LWE5ZDQtMDFiN2UyNjJlZmYx
LzEvdmUtS2l0QUhxazNJSFhjMkdKb1lLd0tDdkJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCudzkMA8E
AgACMAkDBwAqEchAAAAwDQYJKoZIhvcNAQELBQADggEBADzkl7+7UI1lj0mm/LL7
xcvh4crP9K80f5FlQWjtERaqyxwhyv7rQwI2aKNV8jasuFW2QxZu+rrKOAktHDj1
i8X5eL7vtSFZ8do8VYqImyyHjCaNFPv7gVqLke6tfHUE+vhg5mMa8sVSDVmrhsAN
uA9nO+h07QzmkB3KUWP1o1Xw9XCyeeDBRneQoMTlYFGAYtAb80YUIt/qgA8XCuUX
xxPFmwjYAyAXpCdukM3All1iCqjrdzMm43jnXJMyCDElfLolwdCYuKlMGanDsF1k
56JP/E8c6mGQGEzHJFJX05EPix8IqAd5QgO7sxzddk+JOGHeHNOMry5Fy/7rjKdX
cAA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:50 2025 by rpki-client