Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/B3HUcA6Bmw_KBHaUC_1eTK-cLDo.roa
File: B3HUcA6Bmw_KBHaUC_1eTK-cLDo.roa (raw, json)
Hash identifier: DcjHuaOnPXb2khby+WSyl3lF59x0NtE6Ls4w3RsOAEk=
Subject key identifier: 07:71:D4:70:0E:81:9B:0F:CA:04:76:94:0B:FD:5E:4C:AF:9C:2C:3A
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 019398C6DE7577BEE41AD5F9154D4126B382
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/B3HUcA6Bmw_KBHaUC_1eTK-cLDo.roa
Signing time: Thu 05 Dec 2024 21:43:10 +0000
ROA not before: Thu 05 Dec 2024 21:43:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151612
IP address blocks: 85.117.243.0/24 maxlen: 24
185.236.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:98:c6:de:75:77:be:e4:1a:d5:f9:15:4d:41:26:b3:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Dec 5 21:43:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0771d4700e819b0fca0476940bfd5e4caf9c2c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8b:5f:4c:31:21:c9:83:4d:b6:68:81:fc:e6:
9a:8f:70:ab:4a:07:bd:aa:64:03:4f:57:1d:2f:86:
be:83:bb:70:23:04:43:cf:1e:c7:97:ad:9b:00:0d:
50:e9:73:c6:b9:ad:e2:2f:a4:64:66:ec:33:2b:49:
44:3b:35:5d:8b:b7:7b:a4:51:2d:99:5e:5c:ad:c4:
0b:fe:62:72:8b:d1:7d:07:a8:ac:18:aa:7e:55:d5:
59:4d:14:ae:2f:53:3b:66:c6:81:9c:8e:e3:43:45:
af:c8:f8:fd:b1:21:01:6c:b5:9b:12:37:73:52:d0:
d9:5f:a1:40:f1:21:6f:76:aa:b5:c2:6a:7a:85:3e:
90:37:0e:c6:20:3a:e7:cc:db:23:7c:ef:fb:25:c1:
00:b4:27:b1:33:24:1a:ea:e7:d8:7a:aa:1c:3b:aa:
10:9f:3b:d0:18:1e:9f:f4:bd:ba:d1:54:1a:28:10:
39:46:0e:30:3c:3e:6b:53:75:0a:69:8a:33:d1:b2:
7f:88:a0:c1:af:86:b9:7b:b6:d8:77:bb:0f:28:3e:
80:34:7e:1f:0e:32:41:8e:8f:85:01:60:e5:db:c5:
70:c8:9a:46:d9:01:09:f2:3c:cf:1a:ac:8c:f0:29:
d0:e9:11:ac:d2:43:09:29:fc:92:8b:1f:54:89:8b:
3a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:71:D4:70:0E:81:9B:0F:CA:04:76:94:0B:FD:5E:4C:AF:9C:2C:3A
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/B3HUcA6Bmw_KBHaUC_1eTK-cLDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.243.0/24
185.236.8.0/24
Signature Algorithm: sha256WithRSAEncryption
31:b3:83:27:ec:ff:68:8b:9b:a2:6a:f5:90:69:81:8f:71:b6:
5f:2d:f9:82:8d:41:11:6d:ca:32:8f:3d:2d:ed:f3:65:b2:f5:
c3:cc:76:da:8b:4e:24:68:1f:df:a4:39:13:98:76:bd:a8:19:
c8:1a:e9:8c:bd:00:9d:37:34:d2:9e:43:bd:f1:ba:fd:31:eb:
d7:3a:ba:62:c7:b5:2f:39:1a:c7:76:e5:ee:a9:7c:6f:67:b0:
c9:6c:39:30:38:a3:1e:9d:d1:dd:ae:40:a4:6b:0e:df:41:53:
30:27:57:ec:f8:52:2f:e3:10:d1:5e:e2:31:10:04:19:4c:9e:
67:76:c1:ff:a8:a3:de:94:75:5f:9c:4a:c9:36:d2:a3:90:9e:
36:ee:88:ad:22:53:a9:4d:78:89:4e:d4:f2:c8:f1:09:18:65:
ef:5b:22:fb:5c:68:0c:68:57:76:5a:0b:4c:4d:23:34:43:f7:
72:f2:17:f6:6f:fd:6f:a4:b4:5e:97:12:02:02:6e:ca:6a:31:
b4:49:b4:29:8d:b0:93:6f:d1:e7:89:57:59:cd:54:05:cc:da:
a1:af:3f:b8:d7:11:c7:76:c6:f7:33:ca:97:97:40:24:b8:1f:
cd:5b:90:8c:29:04:bc:6d:23:15:27:01:cf:73:ab:a5:d8:53:
e5:b9:5e:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOYxt51d77kGtX5FU1BJrOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQxMjA1MjE0MzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzcxZDQ3MDBlODE5YjBmY2EwNDc2OTQwYmZkNWU0Y2FmOWMyYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4tfTDEhyYNNtmiB/Oaaj3CrSge9
qmQDT1cdL4a+g7twIwRDzx7Hl62bAA1Q6XPGua3iL6RkZuwzK0lEOzVdi7d7pFEt
mV5crcQL/mJyi9F9B6isGKp+VdVZTRSuL1M7ZsaBnI7jQ0WvyPj9sSEBbLWbEjdz
UtDZX6FA8SFvdqq1wmp6hT6QNw7GIDrnzNsjfO/7JcEAtCexMyQa6ufYeqocO6oQ
nzvQGB6f9L260VQaKBA5Rg4wPD5rU3UKaYoz0bJ/iKDBr4a5e7bYd7sPKD6ANH4f
DjJBjo+FAWDl28VwyJpG2QEJ8jzPGqyM8CnQ6RGs0kMJKfySix9UiYs6gQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAdx1HAOgZsPygR2lAv9XkyvnCw6MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvQjNIVWNBNkJtd19LQkhhVUNfMWVUSy1jTERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVXXzAwQA
uewIMA0GCSqGSIb3DQEBCwUAA4IBAQAxs4Mn7P9oi5uiavWQaYGPcbZfLfmCjUER
bcoyjz0t7fNlsvXDzHbai04kaB/fpDkTmHa9qBnIGumMvQCdNzTSnkO98br9MevX
Orpix7UvORrHduXuqXxvZ7DJbDkwOKMendHdrkCkaw7fQVMwJ1fs+FIv4xDRXuIx
EAQZTJ5ndsH/qKPelHVfnErJNtKjkJ427oitIlOpTXiJTtTyyPEJGGXvWyL7XGgM
aFd2WgtMTSM0Q/dy8hf2b/1vpLRelxICAm7KajG0SbQpjbCTb9HniVdZzVQFzNqh
rz+41xHHdsb3M8qXl0AkuB/NW5CMKQS8bSMVJwHPc6ul2FPluV5G
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:37:56 2025 by rpki-client