Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/DoUZsaom4p69iIAzynElJU4BVJI.roa
File: DoUZsaom4p69iIAzynElJU4BVJI.roa (raw, json)
Hash identifier: BA3J+u1FdUKwOUROuxwB3g3emIyli7OdIlAskmFxIYg=
Subject key identifier: 0E:85:19:B1:AA:26:E2:9E:BD:88:80:33:CA:71:25:25:4E:01:54:92
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018CC3B67A0AC46A0AD5195BC8C085AF919E
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/DoUZsaom4p69iIAzynElJU4BVJI.roa
Signing time: Mon 01 Jan 2024 06:29:24 +0000
ROA not before: Mon 01 Jan 2024 06:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 185.236.11.0/24 maxlen: 24
85.117.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 20:06:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7a:0a:c4:6a:0a:d5:19:5b:c8:c0:85:af:91:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 06:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e8519b1aa26e29ebd888033ca7125254e015492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e8:ef:dd:64:66:1f:31:ed:14:0f:b3:55:bd:
33:a9:8c:30:c4:c3:b4:27:98:1c:2e:67:0d:88:d0:
83:79:fe:53:7d:fd:70:3c:1a:d3:a9:20:33:33:b5:
7c:34:91:b5:97:3c:7c:c1:a0:a8:b9:df:fc:ba:76:
76:20:57:51:5a:9a:36:24:22:c7:78:32:c4:10:15:
c3:06:6e:30:f5:ff:75:6e:f2:06:19:d8:50:ab:76:
b6:6b:f2:25:3d:b0:d1:67:9b:fe:f4:10:0f:9b:32:
c3:6e:1a:9c:cd:5e:87:26:77:32:89:19:4f:5c:b3:
84:16:ee:7b:d9:26:29:7a:aa:d4:a9:56:f8:f9:a2:
77:b1:86:ad:4c:fb:dd:53:e6:88:98:28:18:fc:bf:
94:08:72:17:a4:d1:66:65:85:f9:e8:56:dc:61:ff:
a9:0e:8d:e7:77:c2:ee:27:ce:57:97:f2:44:b0:f8:
98:74:b0:04:cf:53:4b:eb:59:94:10:77:76:17:8a:
cb:5b:d9:de:04:7b:50:9f:b8:a1:cf:0b:41:7a:f4:
26:a7:97:3d:ad:69:ce:b4:11:99:e4:8e:0a:20:39:
80:9e:86:e7:5c:f5:1d:49:61:33:10:28:24:36:48:
06:b1:06:63:ac:f7:15:f2:7f:25:0f:3e:38:84:d7:
3a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:85:19:B1:AA:26:E2:9E:BD:88:80:33:CA:71:25:25:4E:01:54:92
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/DoUZsaom4p69iIAzynElJU4BVJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.243.0/24
185.236.11.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:4f:ab:a6:5b:fd:1c:b2:f1:47:db:71:3b:da:35:df:05:91:
6a:a0:2b:02:32:b3:64:b9:cb:7c:08:4a:30:be:cf:10:2f:fc:
26:ba:ef:59:d2:c7:21:73:c4:63:60:c8:9d:e3:f5:34:88:c4:
37:f2:e8:fb:78:18:80:23:70:1e:7d:e2:d3:e4:e5:fd:b9:85:
20:70:3a:33:d3:7b:9c:83:e2:72:97:51:a6:0e:23:cd:ec:b2:
0e:5f:ee:96:46:78:c5:12:d7:e9:c6:7a:56:00:a0:39:24:4c:
10:f5:55:ed:17:04:a4:04:a1:1c:63:5b:dd:0e:44:56:92:c9:
77:8d:27:10:7f:af:18:c2:f6:0f:41:b3:c9:6c:c5:a9:62:a7:
61:fa:72:fb:59:77:5d:fb:d8:86:76:c2:36:f5:86:c4:52:f9:
a0:25:4a:23:86:74:bc:f0:49:b3:1b:97:3b:57:8d:94:41:99:
31:75:f1:76:d2:b0:b2:05:ab:ba:91:bf:a2:e6:06:ff:aa:26:
03:a9:c5:08:33:59:a7:d0:20:bb:b0:98:d2:50:9e:0a:e6:27:
1e:28:67:6e:a7:a2:ac:42:9c:b5:4d:aa:ab:7a:0b:c5:32:75:
30:d7:f3:6f:fe:ef:f8:68:01:0f:26:2a:10:a1:2c:c6:d7:f5:
6d:e3:8d:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtnoKxGoK1RlbyMCFr5GeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwMTAxMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTg1MTliMWFhMjZlMjllYmQ4ODgwMzNjYTcxMjUyNTRlMDE1NDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmejv3WRmHzHtFA+zVb0zqYwwxMO0
J5gcLmcNiNCDef5Tff1wPBrTqSAzM7V8NJG1lzx8waCoud/8unZ2IFdRWpo2JCLH
eDLEEBXDBm4w9f91bvIGGdhQq3a2a/IlPbDRZ5v+9BAPmzLDbhqczV6HJncyiRlP
XLOEFu572SYpeqrUqVb4+aJ3sYatTPvdU+aImCgY/L+UCHIXpNFmZYX56FbcYf+p
Do3nd8LuJ85Xl/JEsPiYdLAEz1NL61mUEHd2F4rLW9neBHtQn7ihzwtBevQmp5c9
rWnOtBGZ5I4KIDmAnobnXPUdSWEzECgkNkgGsQZjrPcV8n8lDz44hNc6rQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA6FGbGqJuKevYiAM8pxJSVOAVSSMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvRG9VWnNhb200cDY5aUlBenluRWxKVTRCVkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVXXzAwQA
uewLMA0GCSqGSIb3DQEBCwUAA4IBAQBuT6umW/0csvFH23E72jXfBZFqoCsCMrNk
uct8CEowvs8QL/wmuu9Z0schc8RjYMid4/U0iMQ38uj7eBiAI3AefeLT5OX9uYUg
cDoz03ucg+Jyl1GmDiPN7LIOX+6WRnjFEtfpxnpWAKA5JEwQ9VXtFwSkBKEcY1vd
DkRWksl3jScQf68YwvYPQbPJbMWpYqdh+nL7WXdd+9iGdsI29YbEUvmgJUojhnS8
8EmzG5c7V42UQZkxdfF20rCyBau6kb+i5gb/qiYDqcUIM1mn0CC7sJjSUJ4K5ice
KGdup6KsQpy1TaqregvFMnUw1/Nv/u/4aAEPJioQoSzG1/Vt4418
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:45:26 2025 by rpki-client