Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/y9qZ8jM9Dxc64SIzuoW0gGGL3xk.roa
File: y9qZ8jM9Dxc64SIzuoW0gGGL3xk.roa (raw, json)
Hash identifier: xCDHyfFkL9gHWUYYh7gKq05rANODEhVZW/T7Z84/EDI=
Subject key identifier: CB:DA:99:F2:33:3D:0F:17:3A:E1:22:33:BA:85:B4:80:61:8B:DF:19
Certificate issuer: /CN=afe6f8cae7492d064e03071c9147392eedd45bc7
Certificate serial: 018CC348989EFE1E00617EA191C6452B1768
Authority key identifier: AF:E6:F8:CA:E7:49:2D:06:4E:03:07:1C:91:47:39:2E:ED:D4:5B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-b4yudJLQZOAwcckUc5Lu3UW8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/y9qZ8jM9Dxc64SIzuoW0gGGL3xk.roa
Signing time: Mon 01 Jan 2024 04:29:23 +0000
ROA not before: Mon 01 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213329
IP address blocks: 185.220.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:98:9e:fe:1e:00:61:7e:a1:91:c6:45:2b:17:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afe6f8cae7492d064e03071c9147392eedd45bc7
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbda99f2333d0f173ae12233ba85b480618bdf19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1c:03:6e:f6:84:32:36:26:56:96:20:97:cb:
c8:3b:cf:59:7e:89:d7:86:18:38:e3:26:63:df:9f:
8d:c4:a3:c6:8d:d9:24:97:27:ec:57:37:5e:ae:5e:
ed:b1:60:e5:9c:08:5c:9e:83:d2:3b:64:87:d8:56:
5b:a9:32:5e:b3:af:d1:f0:8a:2d:48:4d:25:ed:ec:
36:00:cc:18:5c:bf:f0:2b:37:f0:1b:5d:ce:43:70:
fe:6c:c0:dd:e6:fb:7c:c8:05:87:ec:ba:d6:0a:1c:
67:13:88:81:54:d1:44:80:71:51:bb:ec:93:dc:13:
49:1e:8b:51:56:9a:58:b3:23:82:58:19:2c:09:e1:
4f:40:60:18:31:a8:fc:82:c1:15:c8:63:00:15:4a:
7b:22:80:99:77:54:90:b9:77:b2:9e:81:d9:1f:cb:
ad:1b:40:1f:3c:20:b1:e4:41:c6:23:61:eb:ef:36:
b1:d4:ad:01:fd:ef:c8:87:e4:95:fc:45:66:11:88:
0a:78:31:d8:ed:76:bc:11:12:eb:3a:eb:37:e7:d4:
c7:c5:5c:62:39:30:13:e1:c6:b3:4a:64:02:17:c8:
02:4e:a5:12:e2:e0:7a:cc:0f:3c:4b:37:ec:f0:37:
82:14:7f:f8:a5:ab:2d:1d:9d:6a:12:99:51:52:4f:
cd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DA:99:F2:33:3D:0F:17:3A:E1:22:33:BA:85:B4:80:61:8B:DF:19
X509v3 Authority Key Identifier:
keyid:AF:E6:F8:CA:E7:49:2D:06:4E:03:07:1C:91:47:39:2E:ED:D4:5B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-b4yudJLQZOAwcckUc5Lu3UW8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/y9qZ8jM9Dxc64SIzuoW0gGGL3xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/r-b4yudJLQZOAwcckUc5Lu3UW8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.221.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:50:08:3b:71:f2:46:ce:1a:79:6b:5b:91:3f:d5:44:7b:7a:
e7:00:d4:dd:34:49:0b:8a:fb:4b:c6:77:78:77:dc:26:9b:bd:
0f:ff:f5:d5:2f:da:d7:f6:bf:64:58:17:32:4e:39:7e:e3:54:
fe:58:74:12:d3:d4:e9:d7:5f:25:90:f8:3d:55:cf:7f:ec:f5:
1f:47:a1:c2:2b:98:c9:c1:6b:1e:f5:18:22:88:84:e0:ea:61:
24:c1:65:8e:bf:ac:cf:f4:9d:06:ba:12:1a:53:d9:23:ae:16:
c5:f9:ec:88:bc:9d:e8:a4:89:06:25:88:f0:e3:66:f1:13:fc:
40:39:a0:3c:9a:c5:a6:b9:53:7d:82:8e:4f:5d:06:bd:a4:b3:
c5:f4:fc:8c:93:99:ce:df:67:ac:fa:5d:6d:fe:19:37:ea:e4:
c1:cd:88:ae:a1:02:3d:66:0a:d1:1b:ab:a4:92:92:0c:3d:74:
28:26:42:ef:2a:90:db:78:75:bb:dd:97:cb:2d:31:59:ff:f4:
96:3d:10:86:41:fe:3c:93:e0:66:63:f0:32:40:a4:9e:25:5c:
7a:bd:91:d4:14:44:89:92:cc:83:97:d1:fd:82:b2:23:af:4f:
3c:7a:e2:93:c3:06:0b:e1:ab:42:87:88:be:92:12:12:e6:9f:
69:ce:0a:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSJie/h4AYX6hkcZFKxdoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZTZmOGNhZTc0OTJkMDY0ZTAzMDcxYzkxNDczOTJlZWRk
NDViYzcwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmRhOTlmMjMzM2QwZjE3M2FlMTIyMzNiYTg1YjQ4MDYxOGJkZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghwDbvaEMjYmVpYgl8vIO89ZfonX
hhg44yZj35+NxKPGjdkklyfsVzderl7tsWDlnAhcnoPSO2SH2FZbqTJes6/R8Iot
SE0l7ew2AMwYXL/wKzfwG13OQ3D+bMDd5vt8yAWH7LrWChxnE4iBVNFEgHFRu+yT
3BNJHotRVppYsyOCWBksCeFPQGAYMaj8gsEVyGMAFUp7IoCZd1SQuXeynoHZH8ut
G0AfPCCx5EHGI2Hr7zax1K0B/e/Ih+SV/EVmEYgKeDHY7Xa8ERLrOus359THxVxi
OTAT4cazSmQCF8gCTqUS4uB6zA88Szfs8DeCFH/4pastHZ1qEplRUk/NIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMvamfIzPQ8XOuEiM7qFtIBhi98ZMB8GA1UdIwQY
MBaAFK/m+MrnSS0GTgMHHJFHOS7t1FvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci1iNHl1ZEpMUVpPQXdjY2tVYzVMdTNVVzhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jOTg3YjYtZWYwMC00ZDI4LWE0YWUt
NjU0OWNkNTlhYTRmLzEveTlxWjhqTTlEeGM2NFNJenVvVzBnR0dMM3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jOTg3YjYtZWYwMC00ZDI4LWE0YWUtNjU0OWNkNTlhYTRm
LzEvci1iNHl1ZEpMUVpPQXdjY2tVYzVMdTNVVzhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudzdMA0G
CSqGSIb3DQEBCwUAA4IBAQCeUAg7cfJGzhp5a1uRP9VEe3rnANTdNEkLivtLxnd4
d9wmm70P//XVL9rX9r9kWBcyTjl+41T+WHQS09Tp118lkPg9Vc9/7PUfR6HCK5jJ
wWse9RgiiITg6mEkwWWOv6zP9J0GuhIaU9kjrhbF+eyIvJ3opIkGJYjw42bxE/xA
OaA8msWmuVN9go5PXQa9pLPF9PyMk5nO32es+l1t/hk36uTBzYiuoQI9ZgrRG6uk
kpIMPXQoJkLvKpDbeHW73ZfLLTFZ//SWPRCGQf48k+BmY/AyQKSeJVx6vZHUFESJ
ksyDl9H9grIjr088euKTwwYL4atCh4i+khIS5p9pzgoS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:48 2025 by rpki-client