Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/OBDhS310Lj8imgTatClh_ey1cfc.roa
File: OBDhS310Lj8imgTatClh_ey1cfc.roa (raw, json)
Hash identifier: dX4NtCv2/3Lgbbrs123wYilGR93FWbnKscPPGMoDhbs=
Subject key identifier: 38:10:E1:4B:7D:74:2E:3F:22:9A:04:DA:B4:29:61:FD:EC:B5:71:F7
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01941D77D18CB601110B0B1826AC2C321C37
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/OBDhS310Lj8imgTatClh_ey1cfc.roa
Signing time: Tue 31 Dec 2024 16:06:19 +0000
ROA not before: Tue 31 Dec 2024 16:06:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214025
IP address blocks: 85.115.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1d:77:d1:8c:b6:01:11:0b:0b:18:26:ac:2c:32:1c:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Dec 31 16:06:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3810e14b7d742e3f229a04dab42961fdecb571f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fe:fd:6b:62:b7:3c:9f:14:cb:52:4b:bf:a7:
d6:48:d3:be:17:8d:2e:c4:7c:ee:ed:df:96:e7:8c:
55:02:cb:cb:6c:d8:7a:3a:6f:d1:90:47:17:75:0c:
9c:0c:de:0f:73:be:83:8b:dc:e8:04:cc:d9:55:43:
37:07:58:1c:d4:99:87:a3:3a:3f:62:78:0f:2f:a4:
b4:7a:51:10:44:d8:6a:69:c6:4b:37:b5:fa:f8:4b:
91:c9:1b:04:15:22:1b:5b:66:56:d6:d4:2a:d3:2a:
0f:54:3d:7a:9c:2c:ed:ca:5c:31:75:9b:4a:36:b0:
10:3f:b8:2c:81:35:8c:50:d9:bf:db:b6:4f:79:62:
a6:bc:36:1f:93:52:50:40:fb:95:31:17:8e:16:54:
2a:7e:1e:a0:13:14:ba:a3:f3:11:4c:ac:33:0f:8c:
92:3a:2a:f2:c3:15:9b:3a:34:fd:5a:bc:0b:7e:9a:
90:7b:76:ed:ec:93:d1:2a:cb:9a:83:9c:c7:ab:c0:
52:8f:96:fb:01:5f:e7:39:13:02:b3:4e:5f:0c:c9:
5c:c0:bf:dc:6f:7b:53:95:5e:5e:5f:af:19:d8:9d:
cd:3e:66:69:f9:e6:41:9c:78:64:8b:99:27:4e:52:
de:a7:33:65:43:1e:77:67:ad:56:ca:05:26:b1:30:
bf:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:10:E1:4B:7D:74:2E:3F:22:9A:04:DA:B4:29:61:FD:EC:B5:71:F7
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/OBDhS310Lj8imgTatClh_ey1cfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.211.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:2b:ae:56:6a:f3:fe:36:99:9f:fe:9d:90:44:93:c2:ae:45:
f2:fd:e3:e3:32:f8:b4:cc:91:3c:22:e5:3d:1f:45:2d:94:fe:
9f:b8:15:f9:88:22:89:95:0a:25:a9:0e:24:4a:8d:51:30:3c:
12:ca:b8:38:02:06:d6:fa:92:e4:71:a8:22:6a:c5:f2:7b:c4:
cc:e7:5a:07:9c:31:36:ce:5f:69:dc:af:7a:cb:b2:56:93:79:
77:cc:d9:2e:04:32:25:fd:72:64:da:8d:d2:a9:8d:4b:5e:55:
3a:09:3f:5c:82:9c:49:e0:00:74:8e:cb:1e:b1:b9:8e:cd:4e:
86:25:ab:a3:52:0e:55:33:25:88:c7:7a:24:c4:20:b6:7c:7a:
13:f4:19:4a:d4:2c:99:a0:b4:1a:b2:fa:27:ac:7d:b8:d8:36:
bd:dd:10:e6:b4:d8:80:28:48:92:b1:bb:05:66:89:3e:72:c2:
bc:81:c5:9e:01:fb:2d:95:2c:4e:cd:8c:3f:1a:ed:67:03:73:
9a:5b:61:dc:63:2a:68:14:14:9d:63:34:b9:76:65:88:0c:68:
93:79:bd:cb:39:a1:5f:e9:a4:3c:fb:a2:a1:27:7b:c0:a0:bd:
8d:23:3a:6c:96:84:e1:40:ba:85:4f:97:60:d6:cd:2a:56:2f:
cc:0d:c0:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQdd9GMtgERCwsYJqwsMhw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQxMjMxMTYwNjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODEwZTE0YjdkNzQyZTNmMjI5YTA0ZGFiNDI5NjFmZGVjYjU3MWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov79a2K3PJ8Uy1JLv6fWSNO+F40u
xHzu7d+W54xVAsvLbNh6Om/RkEcXdQycDN4Pc76Di9zoBMzZVUM3B1gc1JmHozo/
YngPL6S0elEQRNhqacZLN7X6+EuRyRsEFSIbW2ZW1tQq0yoPVD16nCztylwxdZtK
NrAQP7gsgTWMUNm/27ZPeWKmvDYfk1JQQPuVMReOFlQqfh6gExS6o/MRTKwzD4yS
OirywxWbOjT9WrwLfpqQe3bt7JPRKsuag5zHq8BSj5b7AV/nORMCs05fDMlcwL/c
b3tTlV5eX68Z2J3NPmZp+eZBnHhki5knTlLepzNlQx53Z61WygUmsTC/DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgQ4Ut9dC4/IpoE2rQpYf3stXH3MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvT0JEaFMzMTBMajhpbWdUYXRDbGhfZXkxY2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXPTMA0G
CSqGSIb3DQEBCwUAA4IBAQC5K65WavP+Npmf/p2QRJPCrkXy/ePjMvi0zJE8IuU9
H0UtlP6fuBX5iCKJlQolqQ4kSo1RMDwSyrg4AgbW+pLkcagiasXye8TM51oHnDE2
zl9p3K96y7JWk3l3zNkuBDIl/XJk2o3SqY1LXlU6CT9cgpxJ4AB0jssesbmOzU6G
JaujUg5VMyWIx3okxCC2fHoT9BlK1CyZoLQasvonrH242Da93RDmtNiAKEiSsbsF
Zok+csK8gcWeAfstlSxOzYw/Gu1nA3OaW2HcYypoFBSdYzS5dmWIDGiTeb3LOaFf
6aQ8+6KhJ3vAoL2NIzpsloThQLqFT5dg1s0qVi/MDcCj
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:15:04 2025 by rpki-client