Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/_lCejYwniIq-mEGm79w1rh2f-LU.roa
File: _lCejYwniIq-mEGm79w1rh2f-LU.roa (raw, json)
Hash identifier: SRj7qA5NdGCVKToEwPs5oJWYRVVDEw945NMkGWYaryI=
Subject key identifier: FE:50:9E:8D:8C:27:88:8A:BE:98:41:A6:EF:DC:35:AE:1D:9F:F8:B5
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0194228E440FB71509D862CD3E44146CCD45
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/_lCejYwniIq-mEGm79w1rh2f-LU.roa
Signing time: Wed 01 Jan 2025 15:48:56 +0000
ROA not before: Wed 01 Jan 2025 15:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 85.115.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 06:36:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:44:0f:b7:15:09:d8:62:cd:3e:44:14:6c:cd:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 15:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe509e8d8c27888abe9841a6efdc35ae1d9ff8b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7e:df:03:cc:12:b4:b5:92:69:9a:b0:f5:70:
3e:2b:a7:2a:1a:be:e1:e6:b9:c2:be:0e:74:6a:f9:
b8:81:d0:55:04:76:18:2a:5b:2c:43:4d:0c:2e:2d:
cf:23:e6:9d:02:24:b8:1b:7f:95:8d:d4:58:d1:09:
67:9e:95:ef:06:7f:3d:44:01:da:7a:1f:49:10:50:
97:b0:db:0f:69:3d:37:a7:a5:ee:10:9b:21:bf:75:
4f:6d:ff:3b:48:fd:c8:d0:22:6e:42:3f:79:93:37:
9a:1b:85:2c:6a:12:50:b3:c8:ea:9b:20:94:c8:2a:
26:f0:fd:86:13:8f:55:57:8c:30:36:5f:6b:32:af:
f6:99:c7:be:80:a8:94:b0:ad:92:c1:ea:e3:9c:18:
2b:0a:f4:9e:4f:b6:d3:ae:c0:65:a9:04:03:3e:4b:
fd:ea:57:3b:d1:96:43:55:c4:11:94:67:b6:77:66:
87:84:73:b9:fa:2b:5a:31:91:e2:36:89:ed:6f:9e:
93:76:02:e5:df:88:81:b4:3a:26:13:58:06:2e:83:
68:24:85:e3:59:5c:ef:fd:72:37:bf:c0:28:b7:af:
7b:14:c4:3a:2b:67:47:c4:fe:ce:f2:6a:7c:c8:94:
a0:be:39:63:76:e8:14:fb:a9:ef:ea:fe:74:fa:73:
67:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:50:9E:8D:8C:27:88:8A:BE:98:41:A6:EF:DC:35:AE:1D:9F:F8:B5
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/_lCejYwniIq-mEGm79w1rh2f-LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.210.0/24
Signature Algorithm: sha256WithRSAEncryption
df:a1:6a:78:ba:eb:a0:1e:d3:21:3f:d2:4d:66:1b:90:34:3b:
28:80:ec:e1:87:93:d5:ef:b0:4a:56:ca:49:c1:6b:12:95:dd:
3a:1c:1c:f9:00:bd:1a:dc:ae:e4:9b:30:79:96:99:c3:eb:35:
e6:8f:59:65:ab:50:48:e6:ed:b9:ef:e7:65:81:86:43:7e:b5:
7d:8e:f7:57:d1:e9:b9:a5:66:12:c1:fd:d0:2f:f7:df:13:59:
dd:9e:75:e9:e5:d1:18:66:28:ce:ff:db:0c:08:24:8d:72:44:
4a:06:65:c3:a6:4e:0d:84:a6:0d:e2:d4:aa:e7:55:f0:ab:b5:
f3:cf:13:f6:3b:00:28:01:7a:6c:0e:c7:d5:30:9b:66:c0:68:
da:b5:96:66:56:29:08:f1:57:2f:9b:23:65:ba:89:37:ab:b0:
d3:85:19:f5:59:e4:a1:28:3b:a1:50:c1:1c:1e:90:97:90:1b:
46:aa:1d:16:71:94:2e:5d:d7:67:a5:04:57:c3:d3:97:36:2c:
81:81:ad:f2:ea:fc:ed:ed:a5:7a:d2:1a:2b:47:18:2f:0e:a1:
d0:87:2d:f9:8a:a2:d5:ca:98:f7:3e:65:ab:fe:22:ea:58:ed:
21:bc:b0:b8:26:66:96:a6:9c:ce:a1:62:49:52:39:3b:6d:47:
84:ef:aa:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijkQPtxUJ2GLNPkQUbM1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwMTAxMTU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTUwOWU4ZDhjMjc4ODhhYmU5ODQxYTZlZmRjMzVhZTFkOWZmOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv37fA8wStLWSaZqw9XA+K6cqGr7h
5rnCvg50avm4gdBVBHYYKlssQ00MLi3PI+adAiS4G3+VjdRY0QlnnpXvBn89RAHa
eh9JEFCXsNsPaT03p6XuEJshv3VPbf87SP3I0CJuQj95kzeaG4UsahJQs8jqmyCU
yCom8P2GE49VV4wwNl9rMq/2mce+gKiUsK2SwerjnBgrCvSeT7bTrsBlqQQDPkv9
6lc70ZZDVcQRlGe2d2aHhHO5+itaMZHiNontb56TdgLl34iBtDomE1gGLoNoJIXj
WVzv/XI3v8Aot697FMQ6K2dHxP7O8mp8yJSgvjljdugU+6nv6v50+nNnVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP5Qno2MJ4iKvphBpu/cNa4dn/i1MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvX2xDZWpZd25pSXEtbUVHbTc5dzFyaDJmLUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXPSMA0G
CSqGSIb3DQEBCwUAA4IBAQDfoWp4uuugHtMhP9JNZhuQNDsogOzhh5PV77BKVspJ
wWsSld06HBz5AL0a3K7kmzB5lpnD6zXmj1llq1BI5u257+dlgYZDfrV9jvdX0em5
pWYSwf3QL/ffE1ndnnXp5dEYZijO/9sMCCSNckRKBmXDpk4NhKYN4tSq51Xwq7Xz
zxP2OwAoAXpsDsfVMJtmwGjatZZmVikI8VcvmyNluok3q7DThRn1WeShKDuhUMEc
HpCXkBtGqh0WcZQuXddnpQRXw9OXNiyBga3y6vzt7aV60horRxgvDqHQhy35iqLV
ypj3PmWr/iLqWO0hvLC4JmaWppzOoWJJUjk7bUeE76rb
-----END CERTIFICATE-----
Generated at Sat Apr 12 01:36:26 2025 by rpki-client