Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/4a7901-85d8-43ea-adb2-799910c1545f/1/8no_E84XFEUiNb1fPl5D2kLIIY0.roa
File: 8no_E84XFEUiNb1fPl5D2kLIIY0.roa (raw, json)
Hash identifier: azxgABg1/qNdjbIJIjl0XZVuqH2B9RQLKMDOxJHdxXA=
Subject key identifier: F2:7A:3F:13:CE:17:14:45:22:35:BD:5F:3E:5E:43:DA:42:C8:21:8D
Certificate issuer: /CN=9f5d5b7f792644ff7072a43acc9c865194be4adc
Certificate serial: 0194266BC6B6951EC2CD9EF014A2A40CE58E
Authority key identifier: 9F:5D:5B:7F:79:26:44:FF:70:72:A4:3A:CC:9C:86:51:94:BE:4A:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n11bf3kmRP9wcqQ6zJyGUZS-Stw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/4a7901-85d8-43ea-adb2-799910c1545f/1/8no_E84XFEUiNb1fPl5D2kLIIY0.roa
Signing time: Thu 02 Jan 2025 09:49:44 +0000
ROA not before: Thu 02 Jan 2025 09:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34766
IP address blocks: 185.138.56.0/22 maxlen: 22
2a07:a80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 21 Jan 2025 08:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c6:b6:95:1e:c2:cd:9e:f0:14:a2:a4:0c:e5:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5d5b7f792644ff7072a43acc9c865194be4adc
Validity
Not Before: Jan 2 09:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f27a3f13ce1714452235bd5f3e5e43da42c8218d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:74:43:13:58:e7:64:35:35:f4:25:dd:a4:f7:
10:9e:b4:17:e4:88:d4:e7:3f:af:9f:73:13:02:32:
2c:e9:17:d6:f6:2e:68:19:9d:ca:08:3a:02:15:f9:
a6:9a:67:12:b5:97:5a:00:8a:c1:50:77:8a:16:08:
fc:3b:c2:7f:e4:06:55:9b:2d:4c:70:b4:b0:1e:57:
6d:ee:c1:af:81:1c:0c:88:cf:f4:c8:41:43:f7:d4:
0d:83:84:9c:c3:cd:ae:a0:00:40:c4:2e:da:ba:20:
8a:a2:99:d0:96:7b:72:01:a6:da:11:69:d4:ba:c3:
87:8c:c1:00:62:78:31:06:18:7f:52:b0:80:8b:0c:
2c:0d:05:2a:7b:42:ec:87:58:e5:27:43:ac:e9:b7:
9f:37:d9:68:a5:15:0a:28:2e:63:12:98:04:cf:32:
77:b7:59:ae:7a:54:53:01:22:4a:69:fc:73:49:ac:
cc:95:8c:6c:e1:a7:37:54:bb:8a:37:1c:ce:67:c8:
33:ad:81:8e:4c:aa:4e:31:fe:71:65:b7:fe:90:86:
62:81:09:c2:fa:1d:a4:b7:98:ab:90:17:08:f6:e2:
9e:f9:64:0c:00:03:9d:af:c1:4e:d9:de:a0:8e:42:
cc:b4:c7:05:96:1b:30:35:ad:28:67:c4:18:ad:a6:
46:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7A:3F:13:CE:17:14:45:22:35:BD:5F:3E:5E:43:DA:42:C8:21:8D
X509v3 Authority Key Identifier:
keyid:9F:5D:5B:7F:79:26:44:FF:70:72:A4:3A:CC:9C:86:51:94:BE:4A:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n11bf3kmRP9wcqQ6zJyGUZS-Stw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4a7901-85d8-43ea-adb2-799910c1545f/1/8no_E84XFEUiNb1fPl5D2kLIIY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4a7901-85d8-43ea-adb2-799910c1545f/1/n11bf3kmRP9wcqQ6zJyGUZS-Stw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.56.0/22
IPv6:
2a07:a80::/29
Signature Algorithm: sha256WithRSAEncryption
2f:8d:38:ff:06:e6:d6:d1:64:b4:b9:f6:cf:ce:f9:67:e9:06:
54:37:8b:41:f8:bc:83:3a:c0:67:6f:c6:74:9d:c7:fc:80:6b:
b7:43:db:65:12:34:37:38:b8:5a:12:8d:52:c4:d7:79:e9:b6:
b0:e1:45:89:9c:71:1d:17:2d:27:4e:96:78:f1:49:3e:b8:fe:
0e:0b:74:35:01:a8:cb:5a:10:08:e4:99:f1:b1:d1:69:6f:52:
32:48:d2:10:13:c7:d6:51:db:a6:0c:ec:50:02:91:9a:0a:4b:
5e:31:d2:7d:66:27:2c:80:22:e8:b0:71:15:9a:ef:e1:a5:e1:
e3:6e:bd:bc:c5:20:e3:70:3a:35:05:c9:c3:52:72:52:04:b4:
b4:a9:b6:8c:9c:9b:4c:10:bc:f1:1e:9d:c1:0b:66:00:8b:a4:
61:5c:1a:33:38:63:01:41:77:f4:8b:4b:f6:16:a7:de:2a:c9:
a5:ad:ca:6d:1f:4c:dc:78:65:f3:c5:c9:f2:64:97:02:9f:c2:
cf:e7:ea:0d:11:12:0a:f1:44:f2:65:63:49:41:99:19:de:0f:
d2:bc:f6:ec:98:f1:f2:b7:1d:6a:e6:f1:8c:33:c9:9d:c0:d1:
84:9f:cf:26:2b:00:6c:9d:4a:68:a4:42:e4:d7:97:fe:3e:b5:
29:7d:21:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma8a2lR7CzZ7wFKKkDOWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNWQ1YjdmNzkyNjQ0ZmY3MDcyYTQzYWNjOWM4NjUxOTRi
ZTRhZGMwHhcNMjUwMTAyMDk0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjdhM2YxM2NlMTcxNDQ1MjIzNWJkNWYzZTVlNDNkYTQyYzgyMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHRDE1jnZDU19CXdpPcQnrQX5IjU
5z+vn3MTAjIs6RfW9i5oGZ3KCDoCFfmmmmcStZdaAIrBUHeKFgj8O8J/5AZVmy1M
cLSwHldt7sGvgRwMiM/0yEFD99QNg4Scw82uoABAxC7auiCKopnQlntyAabaEWnU
usOHjMEAYngxBhh/UrCAiwwsDQUqe0Lsh1jlJ0Os6befN9lopRUKKC5jEpgEzzJ3
t1muelRTASJKafxzSazMlYxs4ac3VLuKNxzOZ8gzrYGOTKpOMf5xZbf+kIZigQnC
+h2kt5irkBcI9uKe+WQMAAOdr8FO2d6gjkLMtMcFlhswNa0oZ8QYraZGewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPJ6PxPOFxRFIjW9Xz5eQ9pCyCGNMB8GA1UdIwQY
MBaAFJ9dW395JkT/cHKkOsychlGUvkrcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjExYmYza21SUDl3Y3FRNnpKeUdVWlMtU3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80YTc5MDEtODVkOC00M2VhLWFkYjIt
Nzk5OTEwYzE1NDVmLzEvOG5vX0U4NFhGRVVpTmIxZlBsNUQya0xJSVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80YTc5MDEtODVkOC00M2VhLWFkYjItNzk5OTEwYzE1NDVm
LzEvbjExYmYza21SUDl3Y3FRNnpKeUdVWlMtU3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYo4MA0E
AgACMAcDBQMqBwqAMA0GCSqGSIb3DQEBCwUAA4IBAQAvjTj/BubW0WS0ufbPzvln
6QZUN4tB+LyDOsBnb8Z0ncf8gGu3Q9tlEjQ3OLhaEo1SxNd56baw4UWJnHEdFy0n
TpZ48Uk+uP4OC3Q1AajLWhAI5JnxsdFpb1IySNIQE8fWUdumDOxQApGaCkteMdJ9
ZicsgCLosHEVmu/hpeHjbr28xSDjcDo1BcnDUnJSBLS0qbaMnJtMELzxHp3BC2YA
i6RhXBozOGMBQXf0i0v2FqfeKsmlrcptH0zceGXzxcnyZJcCn8LP5+oNERIK8UTy
ZWNJQZkZ3g/SvPbsmPHytx1q5vGMM8mdwNGEn88mKwBsnUpopELk15f+PrUpfSHv
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:18:39 2025 by rpki-client