Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/L0oHCMBzumqyC7eqnuxyhoOfZZs.roa
File: L0oHCMBzumqyC7eqnuxyhoOfZZs.roa (raw, json)
Hash identifier: wNaWMyaCW60TKEo9hSbIt1EwxaIOn/JAAP54w0h4GgU=
Subject key identifier: 2F:4A:07:08:C0:73:BA:6A:B2:0B:B7:AA:9E:EC:72:86:83:9F:65:9B
Certificate issuer: /CN=bd8f9c03e757f3db514ca38d15ada451fa2e9615
Certificate serial: 01917E82288DF753E006A7C4432B5220D110
Authority key identifier: BD:8F:9C:03:E7:57:F3:DB:51:4C:A3:8D:15:AD:A4:51:FA:2E:96:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vY-cA-dX89tRTKONFa2kUfoulhU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/L0oHCMBzumqyC7eqnuxyhoOfZZs.roa
Signing time: Fri 23 Aug 2024 09:12:24 +0000
ROA not before: Fri 23 Aug 2024 09:12:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.109.96.0/22 maxlen: 24
193.3.28.0/24 maxlen: 24
2a04:a0c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:82:28:8d:f7:53:e0:06:a7:c4:43:2b:52:20:d1:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd8f9c03e757f3db514ca38d15ada451fa2e9615
Validity
Not Before: Aug 23 09:12:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f4a0708c073ba6ab20bb7aa9eec7286839f659b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:81:bd:1a:ec:72:0b:ac:56:67:fc:d8:09:37:
a1:40:33:65:db:f1:56:b9:38:bb:dc:14:af:59:a4:
56:08:07:68:87:b1:fb:53:0e:f4:ac:ee:3e:6f:73:
2d:33:ef:a9:e5:ed:54:55:54:e6:6d:63:6d:27:5e:
e4:c3:77:e9:02:63:5d:b9:ee:15:78:21:1a:7e:00:
a9:df:69:46:26:8c:ac:03:59:52:bf:18:28:3d:f5:
69:16:dc:d3:99:4e:8e:e5:6f:52:66:fc:68:21:7d:
ee:2c:3d:bf:2a:3a:18:85:74:ec:83:2d:42:23:21:
d9:69:65:c1:8e:5b:d3:97:52:ff:16:54:39:ab:37:
81:29:fd:1d:1c:c5:4f:e8:fe:bf:a3:af:94:fb:2c:
f6:45:b3:ce:8c:02:15:9b:c0:e2:a7:db:9f:c2:31:
4e:98:eb:0b:6c:4b:21:03:41:16:1e:77:a5:7d:c3:
0e:50:ee:68:f1:e9:68:80:49:7d:fd:68:04:44:13:
e0:8e:10:61:f0:0a:ed:bb:cc:bf:0e:6f:a7:f4:6a:
79:f5:5e:a8:c0:e1:85:a3:c6:56:28:ab:7c:98:b1:
dd:6b:7f:b4:2a:e7:e5:6f:c0:75:38:e9:1f:36:8a:
a0:88:9a:66:86:3d:04:15:69:d0:19:5c:89:5d:c8:
e4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:4A:07:08:C0:73:BA:6A:B2:0B:B7:AA:9E:EC:72:86:83:9F:65:9B
X509v3 Authority Key Identifier:
keyid:BD:8F:9C:03:E7:57:F3:DB:51:4C:A3:8D:15:AD:A4:51:FA:2E:96:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vY-cA-dX89tRTKONFa2kUfoulhU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/L0oHCMBzumqyC7eqnuxyhoOfZZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/vY-cA-dX89tRTKONFa2kUfoulhU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.96.0/22
193.3.28.0/24
IPv6:
2a04:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
bc:b7:e5:18:52:f1:3a:75:41:4b:6a:d2:96:af:04:6b:e6:8a:
e9:19:61:d1:c5:27:75:65:12:d6:fb:4f:47:e8:e5:41:78:d1:
68:4e:76:12:77:94:9a:70:72:16:ae:73:2f:0e:f0:c7:e6:f4:
04:1b:e5:55:0b:07:f0:8a:49:36:e7:db:0b:1f:4e:ca:cb:49:
b3:17:3b:56:97:aa:f0:8b:0a:a4:ac:d8:10:72:71:61:37:57:
d2:eb:20:03:8a:a0:3c:04:cc:87:00:9d:b5:2a:fd:7e:98:1d:
b4:f7:0e:c3:06:a3:ce:cc:0c:89:d8:ec:cd:b4:40:3f:22:13:
ea:cf:44:f9:51:bf:1e:d4:ae:10:f8:ed:3f:cc:54:41:aa:2e:
c0:48:a0:aa:a2:32:ec:62:fe:4c:c0:ad:0a:7f:52:c6:06:2d:
c7:1a:fe:14:a2:aa:52:c9:50:39:3c:5f:15:06:67:f0:82:22:
f9:d3:bc:f8:ae:19:74:99:7b:90:a1:24:e9:45:4e:88:43:2d:
9f:cc:3e:9c:8d:c4:09:34:d5:bd:37:0a:be:1a:74:17:ce:7c:
9d:7f:3f:ae:82:e7:f0:60:7e:40:6c:3b:8f:72:35:21:62:44:
6d:be:0e:62:36:b1:92:c2:51:67:1e:74:da:fa:9e:f5:bd:9e:
07:13:77:15
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZF+giiN91PgBqfEQytSINEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOGY5YzAzZTc1N2YzZGI1MTRjYTM4ZDE1YWRhNDUxZmEy
ZTk2MTUwHhcNMjQwODIzMDkxMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjRhMDcwOGMwNzNiYTZhYjIwYmI3YWE5ZWVjNzI4NjgzOWY2NTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4G9GuxyC6xWZ/zYCTehQDNl2/FW
uTi73BSvWaRWCAdoh7H7Uw70rO4+b3MtM++p5e1UVVTmbWNtJ17kw3fpAmNdue4V
eCEafgCp32lGJoysA1lSvxgoPfVpFtzTmU6O5W9SZvxoIX3uLD2/KjoYhXTsgy1C
IyHZaWXBjlvTl1L/FlQ5qzeBKf0dHMVP6P6/o6+U+yz2RbPOjAIVm8Dip9ufwjFO
mOsLbEshA0EWHnelfcMOUO5o8elogEl9/WgERBPgjhBh8Artu8y/Dm+n9Gp59V6o
wOGFo8ZWKKt8mLHda3+0Kuflb8B1OOkfNoqgiJpmhj0EFWnQGVyJXcjkTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC9KBwjAc7pqsgu3qp7scoaDn2WbMB8GA1UdIwQY
MBaAFL2PnAPnV/PbUUyjjRWtpFH6LpYVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlktY0EtZFg4OXRSVEtPTkZhMmtVZm91bGhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9iODNlNDctYmMwNC00OTJkLTlhMDct
ZWNkZDgxNzQwMDdhLzEvTDBvSENNQnp1bXF5QzdlcW51eHlob09mWlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9iODNlNDctYmMwNC00OTJkLTlhMDctZWNkZDgxNzQwMDdh
LzEvdlktY0EtZFg4OXRSVEtPTkZhMmtVZm91bGhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuW1gAwQA
wQMcMA0EAgACMAcDBQMqBKDAMA0GCSqGSIb3DQEBCwUAA4IBAQC8t+UYUvE6dUFL
atKWrwRr5orpGWHRxSd1ZRLW+09H6OVBeNFoTnYSd5SacHIWrnMvDvDH5vQEG+VV
Cwfwikk259sLH07Ky0mzFztWl6rwiwqkrNgQcnFhN1fS6yADiqA8BMyHAJ21Kv1+
mB209w7DBqPOzAyJ2OzNtEA/IhPqz0T5Ub8e1K4Q+O0/zFRBqi7ASKCqojLsYv5M
wK0Kf1LGBi3HGv4UoqpSyVA5PF8VBmfwgiL507z4rhl0mXuQoSTpRU6IQy2fzD6c
jcQJNNW9Nwq+GnQXznydfz+ugufwYH5AbDuPcjUhYkRtvg5iNrGSwlFnHnTa+p71
vZ4HE3cV
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:46:53 2025 by rpki-client