Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/2b9tiu8duKuvcAmNjpqT8m0A-XI.roa
File: 2b9tiu8duKuvcAmNjpqT8m0A-XI.roa (raw, json)
Hash identifier: GsNH1Llwy83ylXvXG68xSlUgK9ZdZd0EDzdfPrk3Bgw=
Subject key identifier: D9:BF:6D:8A:EF:1D:B8:AB:AF:70:09:8D:8E:9A:93:F2:6D:00:F9:72
Certificate issuer: /CN=ef8669e70cea94973afd34fb08eb59e9d86b57fc
Certificate serial: 018CC94CBCFC428E4159DABA954A13B1D010
Authority key identifier: EF:86:69:E7:0C:EA:94:97:3A:FD:34:FB:08:EB:59:E9:D8:6B:57:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/74Zp5wzqlJc6_TT7COtZ6dhrV_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/2b9tiu8duKuvcAmNjpqT8m0A-XI.roa
Signing time: Tue 02 Jan 2024 08:31:38 +0000
ROA not before: Tue 02 Jan 2024 08:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35425
IP address blocks: 185.128.221.0/24 maxlen: 24
2a03:9ba0::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 16 Feb 2024 13:39:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:bc:fc:42:8e:41:59:da:ba:95:4a:13:b1:d0:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef8669e70cea94973afd34fb08eb59e9d86b57fc
Validity
Not Before: Jan 2 08:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9bf6d8aef1db8abaf70098d8e9a93f26d00f972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:57:03:58:76:7c:c4:ad:88:d3:29:04:47:80:
1b:5d:c3:49:b5:53:a7:0e:73:7a:72:23:06:89:61:
ea:86:0d:01:37:ee:60:f1:95:ef:ec:f7:8f:a5:81:
dc:8b:fd:65:a2:8b:21:97:7c:a6:e5:17:15:c9:0a:
62:d6:86:eb:53:15:01:22:cb:29:e8:67:c9:5e:d0:
ef:ae:53:f4:8b:38:59:7d:c6:75:a3:0d:08:06:18:
ef:ae:c2:38:ab:8a:b8:2c:bc:5f:15:14:9f:26:34:
a4:0c:6c:c5:4a:f3:b0:88:64:3b:53:53:56:5a:63:
2a:a0:3a:23:be:18:06:85:93:1a:55:53:50:cc:cf:
87:10:83:61:76:56:39:f4:c0:ca:7c:e1:22:ae:f3:
52:27:7f:7f:9b:37:b7:dc:a8:0f:12:1c:00:d0:4f:
d8:d9:fd:48:86:11:a1:11:6f:e1:f6:eb:85:2e:9a:
15:c9:6b:c4:4b:7e:be:45:a8:7c:ce:10:42:0c:69:
7b:09:29:ed:b1:fc:6a:c3:c5:95:00:08:bc:f7:53:
3d:f4:b9:6f:50:fa:30:11:2d:f4:2b:a0:c3:22:a4:
b0:20:e1:c9:aa:cf:c1:66:e7:f9:d5:fa:67:52:03:
d5:a8:ac:1b:cf:22:92:b1:21:d5:57:72:8e:6e:6a:
cc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:BF:6D:8A:EF:1D:B8:AB:AF:70:09:8D:8E:9A:93:F2:6D:00:F9:72
X509v3 Authority Key Identifier:
keyid:EF:86:69:E7:0C:EA:94:97:3A:FD:34:FB:08:EB:59:E9:D8:6B:57:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/74Zp5wzqlJc6_TT7COtZ6dhrV_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/2b9tiu8duKuvcAmNjpqT8m0A-XI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/74Zp5wzqlJc6_TT7COtZ6dhrV_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.221.0/24
IPv6:
2a03:9ba0::/40
Signature Algorithm: sha256WithRSAEncryption
72:d6:91:a4:94:3a:a1:5e:02:1c:83:a9:62:36:ce:1b:0f:02:
cc:57:49:4c:a8:bd:69:39:34:27:0a:66:b3:bb:b7:b3:98:cb:
76:45:a0:bc:d2:78:06:9d:61:f9:a7:05:b4:ef:1f:bd:d5:7b:
70:f8:98:3c:38:04:90:a8:f6:d2:19:02:53:ed:71:c9:2d:69:
c9:7a:cd:0e:ce:e4:92:26:2b:42:e8:b3:4f:fe:66:79:16:9d:
5a:ed:44:2c:e5:34:52:23:ae:89:18:7d:da:14:5a:c4:3c:5c:
5a:c1:f1:32:78:c5:47:9b:e6:47:9d:8a:31:7a:9d:66:e9:1d:
73:ae:bc:f0:10:78:c7:3f:90:05:e7:bc:06:bc:a1:44:9e:0a:
3d:71:d1:0c:e0:83:80:b8:58:31:c6:e9:7f:1c:13:0c:a5:64:
ef:6a:6b:49:db:d5:de:42:2d:5e:d3:df:f2:67:2b:96:a7:3f:
ab:5c:17:41:a2:e7:3e:9b:ee:c6:a6:27:ff:50:b8:a1:58:2a:
78:83:72:21:9e:48:33:f5:84:0a:b0:c4:0d:85:8d:b5:1c:60:
1c:d4:79:b9:c5:82:71:30:65:10:5b:a0:42:84:63:be:7a:da:
2b:36:3b:b7:65:e3:e3:22:87:45:32:ed:d2:bc:39:73:af:87:
05:68:a3:ad
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzJTLz8Qo5BWdq6lUoTsdAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmODY2OWU3MGNlYTk0OTczYWZkMzRmYjA4ZWI1OWU5ZDg2
YjU3ZmMwHhcNMjQwMTAyMDgzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWJmNmQ4YWVmMWRiOGFiYWY3MDA5OGQ4ZTlhOTNmMjZkMDBmOTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVcDWHZ8xK2I0ykER4AbXcNJtVOn
DnN6ciMGiWHqhg0BN+5g8ZXv7PePpYHci/1looshl3ym5RcVyQpi1obrUxUBIssp
6GfJXtDvrlP0izhZfcZ1ow0IBhjvrsI4q4q4LLxfFRSfJjSkDGzFSvOwiGQ7U1NW
WmMqoDojvhgGhZMaVVNQzM+HEINhdlY59MDKfOEirvNSJ39/mze33KgPEhwA0E/Y
2f1IhhGhEW/h9uuFLpoVyWvES36+Rah8zhBCDGl7CSntsfxqw8WVAAi891M99Llv
UPowES30K6DDIqSwIOHJqs/BZuf51fpnUgPVqKwbzyKSsSHVV3KObmrMewIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFNm/bYrvHbirr3AJjY6ak/JtAPlyMB8GA1UdIwQY
MBaAFO+GaecM6pSXOv00+wjrWenYa1f8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzRacDV3enFsSmM2X1RUN0NPdFo2ZGhyVl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8zOTdjMWUtNTFhNy00MTZmLWE0NWMt
MmEwMjEzMTc5YzA3LzEvMmI5dGl1OGR1S3V2Y0FtTmpwcVQ4bTBBLVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8zOTdjMWUtNTFhNy00MTZmLWE0NWMtMmEwMjEzMTc5YzA3
LzEvNzRacDV3enFsSmM2X1RUN0NPdFo2ZGhyVl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuYDdMA4E
AgACMAgDBgAqA5ugADANBgkqhkiG9w0BAQsFAAOCAQEActaRpJQ6oV4CHIOpYjbO
Gw8CzFdJTKi9aTk0Jwpms7u3s5jLdkWgvNJ4Bp1h+acFtO8fvdV7cPiYPDgEkKj2
0hkCU+1xyS1pyXrNDs7kkiYrQuizT/5meRadWu1ELOU0UiOuiRh92hRaxDxcWsHx
MnjFR5vmR52KMXqdZukdc6688BB4xz+QBee8BryhRJ4KPXHRDOCDgLhYMcbpfxwT
DKVk72prSdvV3kItXtPf8mcrlqc/q1wXQaLnPpvuxqYn/1C4oVgqeINyIZ5IM/WE
CrDEDYWNtRxgHNR5ucWCcTBlEFugQoRjvnraKzY7t2Xj4yKHRTLt0rw5c6+HBWij
rQ==
-----END CERTIFICATE-----
Generated at Fri Feb 16 18:30:32 2024 by rpki-client on console-ams.rpki-client.org