Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c77833-31ae-4412-b049-70a4a8d7c43f/1/s9WBuDQsMd0uYNipRXQH5Kl-2lM.roa
File: s9WBuDQsMd0uYNipRXQH5Kl-2lM.roa (raw, json)
Hash identifier: VhRkHwoxQA1+nDP/bnmVFAeyxcMzJ1BZpvvwo28hUEM=
Subject key identifier: B3:D5:81:B8:34:2C:31:DD:2E:60:D8:A9:45:74:07:E4:A9:7E:DA:53
Certificate issuer: /CN=9f891ff3477ed7fdaacfae2e3f0dfa64fd92ac0c
Certificate serial: 018CC2DB58C7AEB5E75930EDEA8BA9756B3B
Authority key identifier: 9F:89:1F:F3:47:7E:D7:FD:AA:CF:AE:2E:3F:0D:FA:64:FD:92:AC:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n4kf80d-1_2qz64uPw36ZP2SrAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c77833-31ae-4412-b049-70a4a8d7c43f/1/s9WBuDQsMd0uYNipRXQH5Kl-2lM.roa
Signing time: Mon 01 Jan 2024 02:30:04 +0000
ROA not before: Mon 01 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202720
IP address blocks: 185.1.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:58:c7:ae:b5:e7:59:30:ed:ea:8b:a9:75:6b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f891ff3477ed7fdaacfae2e3f0dfa64fd92ac0c
Validity
Not Before: Jan 1 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3d581b8342c31dd2e60d8a9457407e4a97eda53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:73:d9:0f:ff:02:51:98:44:52:b7:b0:1e:1e:
b0:f9:e7:d6:0c:3a:39:13:7b:a5:77:18:b0:f6:36:
1f:1f:cb:e7:31:88:da:b4:d7:37:89:54:08:f7:d1:
63:ba:57:e9:2e:a3:57:38:87:af:92:3d:5a:86:b3:
cb:d1:99:23:b1:8b:a3:95:06:f1:9f:7f:61:f6:30:
ac:f4:c6:a3:c8:65:eb:10:ff:4a:00:99:91:c6:02:
d1:69:9b:f8:bf:93:b6:f5:0b:cb:43:ae:48:41:00:
dc:64:74:62:97:1f:dd:ef:2d:0a:00:d3:d3:47:0d:
74:52:a8:6a:4a:1c:c3:10:5a:6f:96:fe:79:9b:43:
a4:37:f0:1c:32:75:7f:04:5f:8f:51:ad:eb:63:5b:
31:d4:47:a5:d8:ea:a6:ab:0d:82:60:49:11:e5:59:
b0:c8:6b:85:15:b1:b5:e9:3c:9e:8f:11:2f:b6:92:
7a:1e:1a:bc:df:72:b9:8b:a1:8a:3f:47:23:dd:c7:
22:67:c9:60:38:f0:56:41:e4:79:59:47:0c:0d:7c:
53:59:c9:d3:39:5f:50:6a:1a:3f:50:23:15:3b:94:
fc:0e:e9:04:9e:7a:6f:11:06:87:f3:da:ee:82:84:
4e:0c:07:ae:ff:80:84:ff:ed:57:59:49:32:1e:31:
2d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D5:81:B8:34:2C:31:DD:2E:60:D8:A9:45:74:07:E4:A9:7E:DA:53
X509v3 Authority Key Identifier:
keyid:9F:89:1F:F3:47:7E:D7:FD:AA:CF:AE:2E:3F:0D:FA:64:FD:92:AC:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n4kf80d-1_2qz64uPw36ZP2SrAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c77833-31ae-4412-b049-70a4a8d7c43f/1/s9WBuDQsMd0uYNipRXQH5Kl-2lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c77833-31ae-4412-b049-70a4a8d7c43f/1/n4kf80d-1_2qz64uPw36ZP2SrAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.70.0/24
Signature Algorithm: sha256WithRSAEncryption
19:87:2f:d3:d9:86:76:fc:4d:e2:23:4d:c2:8e:11:9b:a5:31:
e9:cf:cf:95:ca:03:00:19:ee:25:a8:42:94:d0:de:6f:0f:bb:
47:9b:bc:63:9b:da:0b:b7:de:d9:b5:fc:0f:a2:a8:1f:9d:f2:
1d:21:ff:9f:b1:c4:29:a0:73:fa:94:96:de:26:0d:72:67:08:
2b:96:6b:85:86:ee:7d:62:45:59:5b:2e:e7:19:c5:58:f3:7b:
83:30:3d:74:a8:5a:3f:95:30:85:05:3a:3e:60:f4:ad:a0:a5:
c0:58:0c:b5:e3:38:26:86:28:2a:62:5b:da:0d:2a:33:d6:07:
30:49:a5:d2:c4:23:fb:59:8e:3b:a1:8f:83:65:df:10:7c:8c:
9f:4b:8b:7c:d4:7a:ea:c2:a0:fa:33:e3:d8:e2:2b:5e:9b:32:
ea:ff:24:cf:b7:c8:41:31:92:65:cb:af:42:4f:4b:7c:56:94:
93:96:c3:fd:2a:d7:83:18:bf:09:e7:b7:be:3a:e8:82:d7:38:
30:88:8a:38:37:c5:33:d7:80:4b:86:97:e4:a7:2b:7a:c8:02:
e6:1f:18:a4:43:95:9c:92:ea:f1:c0:c4:01:65:c3:1a:d8:65:
ff:69:34:c2:b3:9f:43:4c:8a:9e:60:bf:b3:31:04:d1:56:8c:
0f:d4:2d:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC21jHrrXnWTDt6oupdWs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmODkxZmYzNDc3ZWQ3ZmRhYWNmYWUyZTNmMGRmYTY0ZmQ5
MmFjMGMwHhcNMjQwMTAxMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2Q1ODFiODM0MmMzMWRkMmU2MGQ4YTk0NTc0MDdlNGE5N2VkYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinPZD/8CUZhEUrewHh6w+efWDDo5
E3uldxiw9jYfH8vnMYjatNc3iVQI99FjulfpLqNXOIevkj1ahrPL0ZkjsYujlQbx
n39h9jCs9MajyGXrEP9KAJmRxgLRaZv4v5O29QvLQ65IQQDcZHRilx/d7y0KANPT
Rw10UqhqShzDEFpvlv55m0OkN/AcMnV/BF+PUa3rY1sx1Eel2Oqmqw2CYEkR5Vmw
yGuFFbG16TyejxEvtpJ6Hhq833K5i6GKP0cj3cciZ8lgOPBWQeR5WUcMDXxTWcnT
OV9Qaho/UCMVO5T8DukEnnpvEQaH89rugoRODAeu/4CE/+1XWUkyHjEt8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPVgbg0LDHdLmDYqUV0B+SpftpTMB8GA1UdIwQY
MBaAFJ+JH/NHftf9qs+uLj8N+mT9kqwMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjRrZjgwZC0xXzJxejY0dVB3MzZaUDJTckF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jNzc4MzMtMzFhZS00NDEyLWIwNDkt
NzBhNGE4ZDdjNDNmLzEvczlXQnVEUXNNZDB1WU5pcFJYUUg1S2wtMmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jNzc4MzMtMzFhZS00NDEyLWIwNDktNzBhNGE4ZDdjNDNm
LzEvbjRrZjgwZC0xXzJxejY0dVB3MzZaUDJTckF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQFGMA0G
CSqGSIb3DQEBCwUAA4IBAQAZhy/T2YZ2/E3iI03CjhGbpTHpz8+VygMAGe4lqEKU
0N5vD7tHm7xjm9oLt97ZtfwPoqgfnfIdIf+fscQpoHP6lJbeJg1yZwgrlmuFhu59
YkVZWy7nGcVY83uDMD10qFo/lTCFBTo+YPStoKXAWAy14zgmhigqYlvaDSoz1gcw
SaXSxCP7WY47oY+DZd8QfIyfS4t81HrqwqD6M+PY4itemzLq/yTPt8hBMZJly69C
T0t8VpSTlsP9KteDGL8J57e+OuiC1zgwiIo4N8Uz14BLhpfkpyt6yALmHxikQ5Wc
kurxwMQBZcMa2GX/aTTCs59DTIqeYL+zMQTRVowP1C0H
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:33:35 2025 by rpki-client