Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/cdJiFv7lhvuR3wVLxr4zoavA324.roa
File: cdJiFv7lhvuR3wVLxr4zoavA324.roa (raw, json)
Hash identifier: hHI+L9+syy8dUk+9kyEQTr21uI9hY5q2Mcs4FP4QXFE=
Subject key identifier: 71:D2:62:16:FE:E5:86:FB:91:DF:05:4B:C6:BE:33:A1:AB:C0:DF:6E
Certificate issuer: /CN=08af091858bb99651764399c6565df7a0834dbad
Certificate serial: 018CC86F86F5DF4653283CCD31D7710FFA9A
Authority key identifier: 08:AF:09:18:58:BB:99:65:17:64:39:9C:65:65:DF:7A:08:34:DB:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/cdJiFv7lhvuR3wVLxr4zoavA324.roa
Signing time: Tue 02 Jan 2024 04:30:01 +0000
ROA not before: Tue 02 Jan 2024 04:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210896
IP address blocks: 185.239.24.0/24 maxlen: 24
2a13:f780::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:86:f5:df:46:53:28:3c:cd:31:d7:71:0f:fa:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08af091858bb99651764399c6565df7a0834dbad
Validity
Not Before: Jan 2 04:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d26216fee586fb91df054bc6be33a1abc0df6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ce:1b:38:36:3d:2a:f0:39:ed:ab:78:89:27:
ba:aa:75:4b:1f:ef:29:dc:92:3a:af:0e:d4:bd:52:
b5:d1:18:4a:a1:d3:36:be:9c:34:74:4c:80:6c:cd:
70:de:7f:5d:e7:b5:12:e8:e4:a3:b1:ca:b2:5a:85:
13:46:85:5e:2a:4d:7c:13:75:96:c6:ae:5b:c5:89:
a4:66:90:f1:e5:b7:8e:22:cd:97:37:fe:50:da:0d:
11:62:ed:c6:63:12:11:c4:4e:d6:d6:98:1f:99:16:
1b:85:97:71:36:56:a2:63:cc:10:9c:42:fc:cb:d5:
b8:9a:ed:38:72:b1:b4:31:1c:51:05:32:ac:2b:de:
c7:00:82:7d:b6:f6:1a:b7:51:ff:dc:69:1f:75:64:
69:6e:15:3b:a2:29:79:a4:5e:99:a3:7f:33:fc:58:
39:a4:8c:6c:fe:ac:d0:bc:0f:54:e1:2c:d0:cc:2a:
a2:88:b0:04:df:2b:94:f1:5e:f8:c0:c0:7b:22:72:
d7:28:72:6f:05:74:b3:92:ad:0e:15:b6:1a:2a:d3:
3f:7b:73:bf:b9:ff:7e:2f:29:f2:54:81:02:69:b2:
36:9d:13:e4:95:6b:63:1b:8b:f8:55:38:e1:c4:f3:
1e:03:a7:62:41:63:6c:22:18:51:8e:cc:9e:ff:90:
c6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D2:62:16:FE:E5:86:FB:91:DF:05:4B:C6:BE:33:A1:AB:C0:DF:6E
X509v3 Authority Key Identifier:
keyid:08:AF:09:18:58:BB:99:65:17:64:39:9C:65:65:DF:7A:08:34:DB:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/cdJiFv7lhvuR3wVLxr4zoavA324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/CK8JGFi7mWUXZDmcZWXfegg0260.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.24.0/24
IPv6:
2a13:f780::/29
Signature Algorithm: sha256WithRSAEncryption
9c:d2:0b:0a:04:77:60:0f:d8:dd:41:8a:96:7b:f7:45:39:88:
5a:39:7a:8d:f3:8c:0f:b2:c2:81:0e:f0:52:4b:97:1d:ff:60:
7b:1c:3a:a6:7a:69:d4:d1:1e:26:04:46:2b:73:91:e4:3d:28:
22:42:28:36:9a:c1:79:45:5e:79:fa:fe:e0:c0:40:e7:a3:1c:
17:75:75:b0:81:80:66:43:a5:bf:4d:32:9a:e9:2e:9b:07:5a:
e8:08:21:4e:05:fb:2d:bd:3e:ee:b9:01:97:01:b2:01:0a:d3:
c7:3e:02:5f:56:bc:7e:b3:d0:4b:1d:62:36:e8:3c:3d:99:82:
93:63:4f:f5:1f:9c:f1:2f:d6:97:52:34:50:2a:94:ea:df:bb:
82:1d:8f:1f:4d:66:e8:5d:9d:12:75:71:2f:59:60:b5:a6:e8:
d3:68:c4:32:ac:92:21:8a:41:f5:77:03:cd:1a:bb:c4:c3:c0:
aa:1e:96:ab:f2:c2:0b:bc:b2:fb:24:9b:14:50:f1:6e:32:5c:
76:ac:11:24:c6:06:c9:a3:3c:3b:7d:f5:fb:73:fb:18:b1:8e:
d0:fc:bc:ac:5e:6d:1b:8f:90:f4:02:67:87:32:e0:cd:5d:6f:
7e:e6:9e:4a:66:61:74:ec:cd:cd:e6:01:10:91:1f:1b:b3:c2:
a4:85:43:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb4b130ZTKDzNMddxD/qaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YWYwOTE4NThiYjk5NjUxNzY0Mzk5YzY1NjVkZjdhMDgz
NGRiYWQwHhcNMjQwMTAyMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQyNjIxNmZlZTU4NmZiOTFkZjA1NGJjNmJlMzNhMWFiYzBkZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq84bODY9KvA57at4iSe6qnVLH+8p
3JI6rw7UvVK10RhKodM2vpw0dEyAbM1w3n9d57US6OSjscqyWoUTRoVeKk18E3WW
xq5bxYmkZpDx5beOIs2XN/5Q2g0RYu3GYxIRxE7W1pgfmRYbhZdxNlaiY8wQnEL8
y9W4mu04crG0MRxRBTKsK97HAIJ9tvYat1H/3GkfdWRpbhU7oil5pF6Zo38z/Fg5
pIxs/qzQvA9U4SzQzCqiiLAE3yuU8V74wMB7InLXKHJvBXSzkq0OFbYaKtM/e3O/
uf9+LynyVIECabI2nRPklWtjG4v4VTjhxPMeA6diQWNsIhhRjsye/5DGbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHHSYhb+5Yb7kd8FS8a+M6GrwN9uMB8GA1UdIwQY
MBaAFAivCRhYu5llF2Q5nGVl33oINNutMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0s4SkdGaTdtV1VYWkRtY1pXWGZlZ2cwMjYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83MDBmZDMtYzM2MC00OGFiLThhMDYt
NTYxMjliN2RjMDE4LzEvY2RKaUZ2N2xodnVSM3dWTHhyNHpvYXZBMzI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83MDBmZDMtYzM2MC00OGFiLThhMDYtNTYxMjliN2RjMDE4
LzEvQ0s4SkdGaTdtV1VYWkRtY1pXWGZlZ2cwMjYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAue8YMA0E
AgACMAcDBQMqE/eAMA0GCSqGSIb3DQEBCwUAA4IBAQCc0gsKBHdgD9jdQYqWe/dF
OYhaOXqN84wPssKBDvBSS5cd/2B7HDqmemnU0R4mBEYrc5HkPSgiQig2msF5RV55
+v7gwEDnoxwXdXWwgYBmQ6W/TTKa6S6bB1roCCFOBfstvT7uuQGXAbIBCtPHPgJf
Vrx+s9BLHWI26Dw9mYKTY0/1H5zxL9aXUjRQKpTq37uCHY8fTWboXZ0SdXEvWWC1
pujTaMQyrJIhikH1dwPNGrvEw8CqHpar8sILvLL7JJsUUPFuMlx2rBEkxgbJozw7
ffX7c/sYsY7Q/LysXm0bj5D0AmeHMuDNXW9+5p5KZmF07M3N5gEQkR8bs8KkhUPB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:35 2025 by rpki-client