Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/n8gXumOjMXu-oXNn0o2hCEt6sf0.roa
File: n8gXumOjMXu-oXNn0o2hCEt6sf0.roa (raw, json)
Hash identifier: RShEikTujlvTrmPn2T8ldIZzlLdMpgKRlj8DoHjESNE=
Subject key identifier: 9F:C8:17:BA:63:A3:31:7B:BE:A1:73:67:D2:8D:A1:08:4B:7A:B1:FD
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0194170B8713AF1EF0AEB52B42ED31EEAD35
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/n8gXumOjMXu-oXNn0o2hCEt6sf0.roa
Signing time: Mon 30 Dec 2024 10:10:18 +0000
ROA not before: Mon 30 Dec 2024 10:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 85.115.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:17:0b:87:13:af:1e:f0:ae:b5:2b:42:ed:31:ee:ad:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Dec 30 10:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fc817ba63a3317bbea17367d28da1084b7ab1fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:38:cb:22:7f:8d:1f:f6:5f:64:9d:fe:20:8f:
e0:47:16:41:29:bd:41:0f:bc:ba:84:42:8d:39:c9:
c6:8c:47:6c:d1:09:62:4c:b0:dc:2c:fa:38:ba:ce:
a1:4b:51:8d:fb:c1:99:ec:99:98:26:6b:77:7c:1d:
57:75:2d:5f:87:86:6f:71:6b:37:c7:dc:15:26:9f:
99:df:42:0c:c8:10:c3:d8:3b:db:2e:4e:de:60:4d:
02:04:f2:a2:e6:8c:2e:86:be:91:c5:25:a8:8b:14:
a0:12:f9:88:d6:5d:3a:de:d2:6d:5e:92:7b:b5:1f:
e7:de:d3:27:ba:2c:4e:2b:5e:50:6e:b8:53:0c:55:
05:8d:88:b4:24:c9:cb:f8:03:6d:8f:56:18:d7:10:
72:92:c7:1e:43:55:02:c2:24:6f:ea:46:2c:b9:fc:
bf:b1:4e:59:25:30:aa:0b:db:4e:51:49:c4:cb:89:
19:85:c4:41:c3:88:51:c2:36:1b:18:e5:a9:a8:79:
49:f5:68:ce:2f:ca:79:7f:ee:e7:e1:dc:37:71:d3:
52:8a:76:25:f5:27:6a:45:6e:13:c0:5b:53:b8:f8:
dd:94:21:83:cb:7d:0e:b9:13:1f:0b:87:aa:a4:88:
2c:7d:03:70:77:fe:6d:7c:cc:e6:a4:8a:91:8e:8c:
31:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C8:17:BA:63:A3:31:7B:BE:A1:73:67:D2:8D:A1:08:4B:7A:B1:FD
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/n8gXumOjMXu-oXNn0o2hCEt6sf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.210.0/24
Signature Algorithm: sha256WithRSAEncryption
19:06:e4:27:33:ca:12:7c:8c:34:c0:7d:83:39:2d:4f:74:2b:
2d:3d:f3:1b:c4:4c:81:16:c6:45:c5:cd:e2:d5:de:ee:b2:fb:
dd:b4:b0:0a:de:d5:75:62:b7:4c:7d:14:a3:72:c9:c1:92:98:
e6:c0:cc:ac:21:37:69:c7:04:84:e8:2d:77:90:1f:f9:4e:9c:
f7:f2:0b:75:55:f8:da:76:30:d6:0d:3c:3b:62:91:3c:f1:fd:
eb:e8:1f:ce:6e:51:fc:2c:e6:a9:3a:e2:28:f3:63:28:c5:d2:
8d:b3:c1:59:e3:fb:e2:01:de:fa:61:43:aa:7b:57:d3:22:99:
41:46:b7:45:0d:18:4c:ad:88:82:31:71:8c:fd:5b:47:8e:7e:
2b:0b:18:03:b0:44:4f:82:73:22:46:d4:b8:5c:2d:98:47:9c:
6f:c3:0d:78:d1:b0:50:33:65:ca:7d:3a:08:19:4c:d1:f5:b8:
85:f2:45:3b:1b:6b:d4:1b:84:d9:6b:7a:ca:c9:74:43:58:54:
e1:dd:ac:1c:6b:a7:ec:96:f5:fb:38:5e:3d:9e:08:60:0e:3b:
f4:4a:29:a5:87:ce:3b:31:fc:03:43:45:e8:12:e6:7f:6a:f7:
5b:cd:ba:6a:35:fd:01:98:e6:a6:c4:e1:dc:9b:43:14:0e:ea:
0b:9d:75:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQXC4cTrx7wrrUrQu0x7q01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQxMjMwMTAxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmM4MTdiYTYzYTMzMTdiYmVhMTczNjdkMjhkYTEwODRiN2FiMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjjLIn+NH/ZfZJ3+II/gRxZBKb1B
D7y6hEKNOcnGjEds0QliTLDcLPo4us6hS1GN+8GZ7JmYJmt3fB1XdS1fh4ZvcWs3
x9wVJp+Z30IMyBDD2DvbLk7eYE0CBPKi5owuhr6RxSWoixSgEvmI1l063tJtXpJ7
tR/n3tMnuixOK15QbrhTDFUFjYi0JMnL+ANtj1YY1xByksceQ1UCwiRv6kYsufy/
sU5ZJTCqC9tOUUnEy4kZhcRBw4hRwjYbGOWpqHlJ9WjOL8p5f+7n4dw3cdNSinYl
9SdqRW4TwFtTuPjdlCGDy30OuRMfC4eqpIgsfQNwd/5tfMzmpIqRjowx+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ/IF7pjozF7vqFzZ9KNoQhLerH9MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvbjhnWHVtT2pNWHUtb1hObjBvMmhDRXQ2c2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXPSMA0G
CSqGSIb3DQEBCwUAA4IBAQAZBuQnM8oSfIw0wH2DOS1PdCstPfMbxEyBFsZFxc3i
1d7usvvdtLAK3tV1YrdMfRSjcsnBkpjmwMysITdpxwSE6C13kB/5Tpz38gt1Vfja
djDWDTw7YpE88f3r6B/OblH8LOapOuIo82MoxdKNs8FZ4/viAd76YUOqe1fTIplB
RrdFDRhMrYiCMXGM/VtHjn4rCxgDsERPgnMiRtS4XC2YR5xvww140bBQM2XKfToI
GUzR9biF8kU7G2vUG4TZa3rKyXRDWFTh3awca6fslvX7OF49nghgDjv0Simlh847
MfwDQ0XoEuZ/avdbzbpqNf0BmOamxOHcm0MUDuoLnXW0
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:01:38 2025 by rpki-client