Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/aQME1LbpuxbvKR9E5kbMwcmujJ4.roa
File: aQME1LbpuxbvKR9E5kbMwcmujJ4.roa (raw, json)
Hash identifier: PDB6Leyk68XORXDx8mJTOV7vEPdPRpH5bbPI0p2cRhA=
Subject key identifier: 69:03:04:D4:B6:E9:BB:16:EF:29:1F:44:E6:46:CC:C1:C9:AE:8C:9E
Certificate issuer: /CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Certificate serial: 018D17F1AFC7CDF9244EE10FFB6489CE6A06
Authority key identifier: A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/aQME1LbpuxbvKR9E5kbMwcmujJ4.roa
Signing time: Wed 17 Jan 2024 15:02:11 +0000
ROA not before: Wed 17 Jan 2024 15:02:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61169
IP address blocks: 185.8.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 09:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:17:f1:af:c7:cd:f9:24:4e:e1:0f:fb:64:89:ce:6a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Validity
Not Before: Jan 17 15:02:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=690304d4b6e9bb16ef291f44e646ccc1c9ae8c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:dc:a2:17:cd:41:62:86:ce:e1:a5:eb:a0:ae:
c2:5e:97:2f:bb:a5:86:b8:04:f4:3d:e6:a4:24:a0:
ad:bb:ef:4e:d8:2d:3d:5f:38:0b:ee:7b:ae:ba:8e:
32:03:15:9f:cd:2a:03:31:e9:96:39:32:bc:5e:bf:
20:bc:02:bf:1b:64:f7:1f:0a:8e:a2:91:c0:5c:5e:
c8:e4:54:8c:89:d5:e8:80:23:75:72:8c:fd:0b:69:
53:01:d0:22:7e:f1:df:91:2c:10:ec:7b:6f:b1:ee:
94:bf:e2:72:b6:7b:f6:87:a5:0c:c1:f2:9d:5a:2b:
9a:79:4e:7d:bd:a8:76:f7:7d:33:6a:c1:14:78:8e:
25:e1:33:06:92:fa:01:46:eb:31:99:6a:ef:85:fe:
2e:c9:d4:0c:a7:28:7c:c4:18:ff:d1:e8:ad:72:28:
97:90:99:15:89:95:a6:4c:c4:3f:30:64:80:db:fe:
6f:80:45:36:6f:39:34:3d:6b:20:96:5d:cf:42:c1:
92:b4:44:a3:a6:9c:d0:42:59:2e:61:9e:95:6e:45:
5b:b7:e2:44:86:71:d8:06:8b:0e:6d:0d:d1:29:70:
88:a6:e2:5b:86:50:70:c2:42:53:79:2d:8b:15:c1:
5d:b9:0e:ff:2b:95:62:fd:be:6a:df:b7:af:22:32:
99:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:03:04:D4:B6:E9:BB:16:EF:29:1F:44:E6:46:CC:C1:C9:AE:8C:9E
X509v3 Authority Key Identifier:
keyid:A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/aQME1LbpuxbvKR9E5kbMwcmujJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.237.0/24
Signature Algorithm: sha256WithRSAEncryption
20:b4:6f:49:1f:f3:52:96:cf:75:a9:2f:9d:4f:3d:b9:4e:d1:
46:a3:0f:68:45:f1:74:08:33:0a:8b:d6:b8:36:92:9f:d5:08:
4c:70:a5:d2:a7:85:93:5a:04:d9:35:79:f0:94:00:2d:7f:87:
b1:e6:d6:cd:08:6f:37:e0:b3:1c:8e:4f:b8:80:64:af:14:1d:
b2:6b:a5:f0:cd:ee:87:82:5f:fe:27:e2:56:23:8c:c8:61:81:
95:48:7d:60:e5:17:69:eb:4c:12:61:0f:cf:ee:a6:33:d5:1e:
d1:c9:0f:b2:bc:54:94:f2:01:11:ee:da:54:fa:c1:15:ac:8b:
97:b8:6f:86:a1:a3:48:13:2b:8c:0e:96:35:13:b0:9c:c8:34:
40:02:63:40:c0:15:bd:7f:e7:51:9c:43:be:f9:aa:63:62:f6:
ce:2d:9b:26:8d:e3:56:c0:64:57:b1:f9:d1:d3:70:4d:ec:c6:
e9:9f:32:9f:f3:14:e1:b0:65:99:2e:67:db:14:d5:2c:5d:19:
06:21:2f:e2:ef:77:d9:0e:80:4e:87:c9:ba:25:25:48:ea:58:
6d:79:b6:1e:64:04:37:a7:73:3e:36:0b:a4:17:88:98:81:44:
79:4b:6d:02:44:23:9c:2d:13:c4:15:99:6d:a4:20:42:5f:a8:
8c:94:e5:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0X8a/HzfkkTuEP+2SJzmoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YjlkZjdlOThmNmYzOWZlMmJhNDAyMmRhMjc3ZDI4MTk4
MjgwMjEwHhcNMjQwMTE3MTUwMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTAzMDRkNGI2ZTliYjE2ZWYyOTFmNDRlNjQ2Y2NjMWM5YWU4YzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdyiF81BYobO4aXroK7CXpcvu6WG
uAT0PeakJKCtu+9O2C09XzgL7nuuuo4yAxWfzSoDMemWOTK8Xr8gvAK/G2T3HwqO
opHAXF7I5FSMidXogCN1coz9C2lTAdAifvHfkSwQ7Htvse6Uv+Jytnv2h6UMwfKd
WiuaeU59vah2930zasEUeI4l4TMGkvoBRusxmWrvhf4uydQMpyh8xBj/0eitciiX
kJkViZWmTMQ/MGSA2/5vgEU2bzk0PWsgll3PQsGStESjppzQQlkuYZ6VbkVbt+JE
hnHYBosObQ3RKXCIpuJbhlBwwkJTeS2LFcFduQ7/K5Vi/b5q37evIjKZ5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkDBNS26bsW7ykfROZGzMHJroyeMB8GA1UdIwQY
MBaAFKW5336Y9vOf4rpAItonfSgZgoAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAt
MGFjN2I3ZWRlNDJiLzEvYVFNRTFMYnB1eGJ2S1I5RTVrYk13Y211ako0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAtMGFjN2I3ZWRlNDJi
LzEvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQjtMA0G
CSqGSIb3DQEBCwUAA4IBAQAgtG9JH/NSls91qS+dTz25TtFGow9oRfF0CDMKi9a4
NpKf1QhMcKXSp4WTWgTZNXnwlAAtf4ex5tbNCG834LMcjk+4gGSvFB2ya6Xwze6H
gl/+J+JWI4zIYYGVSH1g5Rdp60wSYQ/P7qYz1R7RyQ+yvFSU8gER7tpU+sEVrIuX
uG+GoaNIEyuMDpY1E7CcyDRAAmNAwBW9f+dRnEO++apjYvbOLZsmjeNWwGRXsfnR
03BN7MbpnzKf8xThsGWZLmfbFNUsXRkGIS/i73fZDoBOh8m6JSVI6lhtebYeZAQ3
p3M+NgukF4iYgUR5S20CRCOcLRPEFZltpCBCX6iMlOVe
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:16:51 2025 by rpki-client