Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/9BlDw0oMA4AdB-U1_bUF1qQNP3g.roa
File: 9BlDw0oMA4AdB-U1_bUF1qQNP3g.roa (raw, json)
Hash identifier: SDvfW1Wzb5A8qa1iwOOF6GEYfG+Z+BPLVc7MhhZXxwI=
Subject key identifier: F4:19:43:C3:4A:0C:03:80:1D:07:E5:35:FD:B5:05:D6:A4:0D:3F:78
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 019131B7A55679A900DB79197BBDB0812B20
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/9BlDw0oMA4AdB-U1_bUF1qQNP3g.roa
Signing time: Thu 08 Aug 2024 11:20:04 +0000
ROA not before: Thu 08 Aug 2024 11:20:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 85.117.243.0/24 maxlen: 24
194.110.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 11:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:b7:a5:56:79:a9:00:db:79:19:7b:bd:b0:81:2b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Aug 8 11:20:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f41943c34a0c03801d07e535fdb505d6a40d3f78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4e:74:87:7f:82:e9:80:3a:22:bd:b4:e6:ec:
8a:32:7c:b4:99:42:16:4b:bd:2f:51:db:72:c6:8a:
5b:db:af:f4:0d:85:2c:37:e5:15:da:df:b2:45:d7:
7f:df:8e:20:ea:19:92:a0:cb:70:78:4b:a8:81:3e:
69:71:52:42:44:d0:7b:4e:e3:57:63:c6:72:76:18:
64:4b:70:2f:08:0d:93:a6:e5:af:6e:9d:ad:31:c6:
5e:85:04:4a:cc:37:5a:4c:3e:70:5c:59:31:b4:f9:
ad:e0:f1:8e:ec:1b:e6:85:ba:b5:3e:26:87:f6:bf:
a6:52:49:6e:f1:0e:61:f0:57:9d:c3:24:ff:39:46:
9e:f5:4a:8d:36:57:2b:41:0e:e5:49:b2:74:9f:31:
5a:89:ca:0d:c7:8f:d6:ca:2e:f5:a3:00:f4:a4:ed:
80:7c:52:9c:1b:ef:7c:56:a6:64:2f:2b:ff:d7:f1:
9c:fa:32:5d:26:93:6b:ce:28:fd:21:37:e1:e1:ca:
aa:84:2f:df:a7:ad:10:70:97:03:0e:ec:54:a9:37:
ab:05:fa:56:97:9b:8d:24:25:29:2b:26:37:ea:bb:
77:48:0d:11:70:29:85:f6:8e:a0:73:28:ec:b4:14:
f3:42:07:f6:81:89:1d:73:43:aa:e0:8f:8d:cd:7c:
9a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:19:43:C3:4A:0C:03:80:1D:07:E5:35:FD:B5:05:D6:A4:0D:3F:78
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/9BlDw0oMA4AdB-U1_bUF1qQNP3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.243.0/24
194.110.174.0/24
Signature Algorithm: sha256WithRSAEncryption
82:a8:c9:33:c9:11:03:76:89:9a:04:fe:14:67:d8:df:a1:1b:
a2:5e:b9:1e:cf:bd:e3:4a:cc:95:d6:ea:0a:c0:ed:63:ce:4e:
31:44:56:96:db:c6:f1:12:e9:16:35:de:ff:d5:2b:34:28:dc:
fe:00:be:83:21:81:55:9b:f8:80:88:38:3c:41:4d:a6:25:a3:
24:3d:89:d7:60:c4:52:78:c8:46:fa:0c:9f:4b:bc:4f:93:88:
50:23:90:91:32:b9:00:f4:59:d0:5b:a0:ea:0b:1f:e7:83:d7:
08:65:20:db:82:98:bd:95:e3:f5:35:5c:76:3a:02:ea:77:cc:
a0:b3:34:6d:0e:05:5f:43:fb:3f:d8:94:1b:57:5d:cc:fc:24:
4c:7b:69:0b:b6:ac:f0:55:cf:92:83:58:19:75:d5:23:6c:05:
a9:20:c8:b7:38:2b:c4:85:6a:da:f7:ba:6d:39:4f:39:43:51:
ad:2b:5a:b5:e6:93:4b:b9:5a:bb:8b:3e:ed:5b:2b:a9:e0:8c:
91:ec:77:2f:9d:25:37:1b:7e:4d:8f:b4:89:bd:64:fa:78:87:
e8:a2:79:6e:2a:ad:a0:0d:b3:ef:a7:5f:51:d5:84:98:14:39:
36:b7:1d:08:2a:61:19:78:b7:1b:e0:57:ed:f0:13:66:7d:03:
89:a4:e3:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZExt6VWeakA23kZe72wgSsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwODA4MTEyMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDE5NDNjMzRhMGMwMzgwMWQwN2U1MzVmZGI1MDVkNmE0MGQzZjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE50h3+C6YA6Ir205uyKMny0mUIW
S70vUdtyxopb26/0DYUsN+UV2t+yRdd/344g6hmSoMtweEuogT5pcVJCRNB7TuNX
Y8ZydhhkS3AvCA2TpuWvbp2tMcZehQRKzDdaTD5wXFkxtPmt4PGO7Bvmhbq1PiaH
9r+mUklu8Q5h8FedwyT/OUae9UqNNlcrQQ7lSbJ0nzFaicoNx4/Wyi71owD0pO2A
fFKcG+98VqZkLyv/1/Gc+jJdJpNrzij9ITfh4cqqhC/fp60QcJcDDuxUqTerBfpW
l5uNJCUpKyY36rt3SA0RcCmF9o6gcyjstBTzQgf2gYkdc0Oq4I+NzXyaQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPQZQ8NKDAOAHQflNf21BdakDT94MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvOUJsRHcwb01BNEFkQi1VMV9iVUYxcVFOUDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVXXzAwQA
wm6uMA0GCSqGSIb3DQEBCwUAA4IBAQCCqMkzyREDdomaBP4UZ9jfoRuiXrkez73j
SsyV1uoKwO1jzk4xRFaW28bxEukWNd7/1Ss0KNz+AL6DIYFVm/iAiDg8QU2mJaMk
PYnXYMRSeMhG+gyfS7xPk4hQI5CRMrkA9FnQW6DqCx/ng9cIZSDbgpi9leP1NVx2
OgLqd8ygszRtDgVfQ/s/2JQbV13M/CRMe2kLtqzwVc+Sg1gZddUjbAWpIMi3OCvE
hWra97ptOU85Q1GtK1q15pNLuVq7iz7tWyup4IyR7HcvnSU3G35Nj7SJvWT6eIfo
onluKq2gDbPvp19R1YSYFDk2tx0IKmEZeLcb4Fft8BNmfQOJpOPe
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:45:31 2025 by rpki-client