Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/l5ZJYrWKonuXgsNPEmYmll1YxkA.roa
File: l5ZJYrWKonuXgsNPEmYmll1YxkA.roa (raw, json)
Hash identifier: s4ezHJls1XHJ7IqkvzQIUX841XXJvebzw07LpomhPbU=
Subject key identifier: 97:96:49:62:B5:8A:A2:7B:97:82:C3:4F:12:66:26:96:5D:58:C6:40
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0191FFD97BA0D513670F2F9E10E165528027
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/l5ZJYrWKonuXgsNPEmYmll1YxkA.roa
Signing time: Tue 17 Sep 2024 11:58:48 +0000
ROA not before: Tue 17 Sep 2024 11:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 85.117.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 17:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:d9:7b:a0:d5:13:67:0f:2f:9e:10:e1:65:52:80:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Sep 17 11:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97964962b58aa27b9782c34f126626965d58c640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8d:ca:79:ff:c0:6c:17:b6:f0:57:fe:7a:33:
4e:65:33:8a:2d:6a:0a:d7:30:14:99:71:67:cc:01:
6f:c4:9e:85:eb:ff:9d:9f:4e:71:0e:d5:3c:8d:56:
09:32:0d:1f:de:3d:9f:dc:5a:52:18:1a:aa:33:a7:
4f:2a:d3:31:ac:60:8d:45:ac:83:6c:f7:81:73:d7:
12:75:52:52:9a:63:d2:27:e3:45:f4:e5:a7:5e:0d:
bb:c5:4a:c0:bf:15:05:bb:eb:4d:bc:39:a2:8b:a1:
23:df:ad:f7:b3:ce:82:db:e7:f1:f9:09:28:5a:d1:
e1:6b:2b:db:a5:78:90:9b:3c:10:9c:b3:33:0b:29:
ee:cb:12:de:a2:cd:f2:c2:44:9b:a6:20:65:ee:75:
88:2b:96:7c:6e:d4:d7:26:0b:78:15:0f:8a:20:50:
90:6b:51:e3:b3:dd:40:ba:45:37:61:ad:0f:e5:65:
7b:f6:77:3f:1c:dc:8e:30:6f:3a:f9:b6:cd:3c:3f:
1f:e0:0a:bf:e1:7c:e8:26:96:30:a1:72:d8:ed:45:
8d:7e:84:4d:c6:1c:f5:75:09:e8:83:42:7d:58:ee:
b1:88:33:bd:8f:49:1e:9d:ba:6e:1e:f4:90:a3:0f:
7f:ef:ca:d4:a1:18:00:03:d3:87:bc:d4:6c:fb:d4:
1b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:96:49:62:B5:8A:A2:7B:97:82:C3:4F:12:66:26:96:5D:58:C6:40
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/l5ZJYrWKonuXgsNPEmYmll1YxkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.243.0/24
Signature Algorithm: sha256WithRSAEncryption
38:49:cc:1d:21:c9:bb:ae:8e:06:c0:ea:c4:f0:9d:f6:75:2a:
1a:c3:e7:ab:6b:4b:64:7d:62:c8:1c:4c:a5:57:dd:57:16:e3:
a5:e5:97:fb:0b:04:31:15:40:df:9a:89:4d:ce:ae:3a:07:6e:
89:f3:51:4c:48:b7:ed:7b:76:0a:c8:9a:c7:f2:5b:f9:98:f1:
ab:37:34:97:da:c4:58:d4:e9:5c:14:41:82:60:4b:8a:8e:ad:
9d:2f:e0:54:bf:1c:25:ab:79:f6:04:d2:a0:57:85:47:63:9a:
b1:1f:38:fa:45:c6:a0:02:09:b4:b0:60:47:a9:1b:82:82:e5:
27:b9:5e:27:32:cc:80:14:ca:7d:21:86:f0:ae:91:1b:7e:0c:
46:45:f5:f2:88:46:9d:e7:57:fe:5b:b3:dc:67:0a:af:bd:96:
57:fd:ad:dd:3a:3d:3b:e0:b3:e3:c3:93:e4:bb:9f:2f:bd:91:
6e:fa:05:3c:29:78:5c:ad:64:7d:bf:b3:84:10:57:94:1e:cb:
6a:c5:31:96:bd:28:ba:3a:e4:9d:dc:46:0b:f6:b1:5e:ef:f1:
e2:77:70:28:88:ff:f7:92:4e:3a:60:fc:06:e2:9d:05:89:7b:
64:cd:3e:d3:ba:14:8a:72:d0:e5:f8:84:3c:9d:75:0a:f5:1b:
f0:c4:4f:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZH/2Xug1RNnDy+eEOFlUoAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwOTE3MTE1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzk2NDk2MmI1OGFhMjdiOTc4MmMzNGYxMjY2MjY5NjVkNThjNjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm43Kef/AbBe28Ff+ejNOZTOKLWoK
1zAUmXFnzAFvxJ6F6/+dn05xDtU8jVYJMg0f3j2f3FpSGBqqM6dPKtMxrGCNRayD
bPeBc9cSdVJSmmPSJ+NF9OWnXg27xUrAvxUFu+tNvDmii6Ej3633s86C2+fx+Qko
WtHhayvbpXiQmzwQnLMzCynuyxLeos3ywkSbpiBl7nWIK5Z8btTXJgt4FQ+KIFCQ
a1Hjs91AukU3Ya0P5WV79nc/HNyOMG86+bbNPD8f4Aq/4XzoJpYwoXLY7UWNfoRN
xhz1dQnog0J9WO6xiDO9j0kenbpuHvSQow9/78rUoRgAA9OHvNRs+9QbRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJeWSWK1iqJ7l4LDTxJmJpZdWMZAMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvbDVaSllyV0tvbnVYZ3NOUEVtWW1sbDFZeGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXXzMA0G
CSqGSIb3DQEBCwUAA4IBAQA4ScwdIcm7ro4GwOrE8J32dSoaw+era0tkfWLIHEyl
V91XFuOl5Zf7CwQxFUDfmolNzq46B26J81FMSLfte3YKyJrH8lv5mPGrNzSX2sRY
1OlcFEGCYEuKjq2dL+BUvxwlq3n2BNKgV4VHY5qxHzj6RcagAgm0sGBHqRuCguUn
uV4nMsyAFMp9IYbwrpEbfgxGRfXyiEad51f+W7PcZwqvvZZX/a3dOj074LPjw5Pk
u58vvZFu+gU8KXhcrWR9v7OEEFeUHstqxTGWvSi6OuSd3EYL9rFe7/Hid3AoiP/3
kk46YPwG4p0FiXtkzT7TuhSKctDl+IQ8nXUK9RvwxE8e
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:41:55 2025 by rpki-client