Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/ff63a8-974c-4ccc-8cd8-24023403bb0c/1/J6ob4qLDTBHq0B8WD1EHKMOj4gk.roa
File: J6ob4qLDTBHq0B8WD1EHKMOj4gk.roa (raw, json)
Hash identifier: 57UjxKjGGN9EUVEfBvR4Etnf/Xv+MeSSOoixhR+OvJI=
Subject key identifier: 27:AA:1B:E2:A2:C3:4C:11:EA:D0:1F:16:0F:51:07:28:C3:A3:E2:09
Certificate issuer: /CN=8a8d19ad31c84a74856b0a6b3cc100e47a2b2aac
Certificate serial: 018CC94CFD0B88EEE2682EC11E71AB101CBF
Authority key identifier: 8A:8D:19:AD:31:C8:4A:74:85:6B:0A:6B:3C:C1:00:E4:7A:2B:2A:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/io0ZrTHISnSFawprPMEA5HorKqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/ff63a8-974c-4ccc-8cd8-24023403bb0c/1/J6ob4qLDTBHq0B8WD1EHKMOj4gk.roa
Signing time: Tue 02 Jan 2024 08:31:54 +0000
ROA not before: Tue 02 Jan 2024 08:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34863
IP address blocks: 185.163.64.0/22 maxlen: 22
2a0a:7400::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:fd:0b:88:ee:e2:68:2e:c1:1e:71:ab:10:1c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a8d19ad31c84a74856b0a6b3cc100e47a2b2aac
Validity
Not Before: Jan 2 08:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27aa1be2a2c34c11ead01f160f510728c3a3e209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4c:46:9b:c5:6c:dd:30:a3:52:e8:ec:4c:c9:
ae:c6:2e:4e:92:94:09:76:9b:96:25:32:d9:0d:2a:
23:8b:55:92:b3:b4:98:f3:a4:d0:41:94:2c:59:a2:
b6:22:80:a0:9a:52:4e:ae:71:ed:04:b8:b2:95:58:
01:d9:c7:60:04:24:bf:34:08:82:d5:76:3e:7b:ed:
78:80:10:3e:99:2d:7e:b9:b7:97:12:b2:84:70:ba:
25:e6:ba:27:fe:0d:d8:78:4c:e3:a6:5f:4c:0e:4f:
50:52:e2:50:b0:98:81:04:de:b7:06:79:b1:e7:ec:
4e:2c:2b:f0:1c:0a:2c:75:31:6f:17:e8:a9:f6:ad:
a4:ae:db:2a:7f:ff:f4:c4:4e:fe:18:0b:97:0c:52:
cd:13:2d:42:f9:6a:93:6d:aa:c4:19:b8:86:33:cc:
cb:17:1b:93:51:27:f1:7a:9c:04:07:64:33:34:ab:
4d:41:29:1c:f3:96:a1:07:10:d0:5a:f0:ef:aa:e7:
6d:0c:26:93:04:cc:b5:51:59:6e:41:d3:e1:cf:48:
5e:77:8b:73:4e:fb:52:a6:09:e8:b3:25:af:0b:bf:
59:ec:d1:ab:ec:98:6c:53:19:4f:80:7f:8c:95:81:
1f:76:96:77:40:eb:7e:a7:1c:f9:23:ef:18:ca:68:
e3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:AA:1B:E2:A2:C3:4C:11:EA:D0:1F:16:0F:51:07:28:C3:A3:E2:09
X509v3 Authority Key Identifier:
keyid:8A:8D:19:AD:31:C8:4A:74:85:6B:0A:6B:3C:C1:00:E4:7A:2B:2A:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/io0ZrTHISnSFawprPMEA5HorKqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ff63a8-974c-4ccc-8cd8-24023403bb0c/1/J6ob4qLDTBHq0B8WD1EHKMOj4gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ff63a8-974c-4ccc-8cd8-24023403bb0c/1/io0ZrTHISnSFawprPMEA5HorKqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.64.0/22
IPv6:
2a0a:7400::/29
Signature Algorithm: sha256WithRSAEncryption
6c:3e:6a:f4:77:10:2a:1b:91:18:4d:ee:90:f7:61:b9:96:ea:
f9:05:87:7d:58:63:ed:34:be:c0:ec:20:9c:a5:4d:69:76:5e:
34:8b:b8:ef:1b:2d:6a:21:b7:c5:1f:e2:90:47:bc:09:4e:03:
bc:69:82:8c:e2:38:f7:7d:a0:db:22:f2:ef:a6:54:35:95:ba:
6e:53:f4:d5:8b:b5:ca:bd:21:b7:d4:e5:b0:d0:12:0a:2e:11:
d3:68:8b:e4:85:ee:ed:ea:b3:76:e1:e8:17:a1:58:ee:fa:35:
c1:59:c4:1a:2e:f8:32:31:51:ca:50:cf:e7:24:cb:83:12:a0:
56:52:00:96:0f:1f:f1:b8:23:7b:8c:1b:8e:04:e0:41:a4:fa:
26:b1:2b:59:31:8b:6a:84:59:40:f4:93:a7:96:e0:93:12:fd:
0e:60:2f:af:da:4d:2c:30:49:6a:b8:9a:c1:2c:60:15:66:1b:
d7:d0:8c:01:05:75:5e:e9:ef:55:a0:79:5d:65:24:a8:f3:86:
34:f5:c8:b1:90:a9:6d:42:66:50:fc:4e:0a:11:d7:66:89:d1:
0a:28:f2:e7:70:cc:d2:5e:aa:93:2d:2f:72:b6:19:ca:c8:97:
19:ba:e6:22:59:12:a6:96:23:18:06:ca:df:45:2c:20:77:95:
f3:59:54:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTP0LiO7iaC7BHnGrEBy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhOGQxOWFkMzFjODRhNzQ4NTZiMGE2YjNjYzEwMGU0N2Ey
YjJhYWMwHhcNMjQwMTAyMDgzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2FhMWJlMmEyYzM0YzExZWFkMDFmMTYwZjUxMDcyOGMzYTNlMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhExGm8Vs3TCjUujsTMmuxi5OkpQJ
dpuWJTLZDSoji1WSs7SY86TQQZQsWaK2IoCgmlJOrnHtBLiylVgB2cdgBCS/NAiC
1XY+e+14gBA+mS1+ubeXErKEcLol5ron/g3YeEzjpl9MDk9QUuJQsJiBBN63Bnmx
5+xOLCvwHAosdTFvF+ip9q2krtsqf//0xE7+GAuXDFLNEy1C+WqTbarEGbiGM8zL
FxuTUSfxepwEB2QzNKtNQSkc85ahBxDQWvDvqudtDCaTBMy1UVluQdPhz0hed4tz
TvtSpgnosyWvC79Z7NGr7JhsUxlPgH+MlYEfdpZ3QOt+pxz5I+8YymjjnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCeqG+Kiw0wR6tAfFg9RByjDo+IJMB8GA1UdIwQY
MBaAFIqNGa0xyEp0hWsKazzBAOR6KyqsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW8wWnJUSElTblNGYXdwclBNRUE1SG9yS3F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mZjYzYTgtOTc0Yy00Y2NjLThjZDgt
MjQwMjM0MDNiYjBjLzEvSjZvYjRxTERUQkhxMEI4V0QxRUhLTU9qNGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mZjYzYTgtOTc0Yy00Y2NjLThjZDgtMjQwMjM0MDNiYjBj
LzEvaW8wWnJUSElTblNGYXdwclBNRUE1SG9yS3F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaNAMA0E
AgACMAcDBQMqCnQAMA0GCSqGSIb3DQEBCwUAA4IBAQBsPmr0dxAqG5EYTe6Q92G5
lur5BYd9WGPtNL7A7CCcpU1pdl40i7jvGy1qIbfFH+KQR7wJTgO8aYKM4jj3faDb
IvLvplQ1lbpuU/TVi7XKvSG31OWw0BIKLhHTaIvkhe7t6rN24egXoVju+jXBWcQa
LvgyMVHKUM/nJMuDEqBWUgCWDx/xuCN7jBuOBOBBpPomsStZMYtqhFlA9JOnluCT
Ev0OYC+v2k0sMElquJrBLGAVZhvX0IwBBXVe6e9VoHldZSSo84Y09cixkKltQmZQ
/E4KEddmidEKKPLncMzSXqqTLS9ythnKyJcZuuYiWRKmliMYBsrfRSwgd5XzWVS2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:02 2025 by rpki-client