Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/616c00-fbeb-4b30-9e25-9e91fca78f47/1/wdZ3CN1CU2pf919GwKmF6kYjoTw.roa
File: wdZ3CN1CU2pf919GwKmF6kYjoTw.roa (raw, json)
Hash identifier: G+lBEqQ2az16U7lC3txJJq6wSQm2sUELHriqATNr62s=
Subject key identifier: C1:D6:77:08:DD:42:53:6A:5F:F7:5F:46:C0:A9:85:EA:46:23:A1:3C
Certificate issuer: /CN=48167dc1dd2bf991d70cf6ee87f4361e75cef20d
Certificate serial: 0194266B9DEB3BBA80DFF77C5A0863E9438D
Authority key identifier: 48:16:7D:C1:DD:2B:F9:91:D7:0C:F6:EE:87:F4:36:1E:75:CE:F2:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SBZ9wd0r-ZHXDPbuh_Q2HnXO8g0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/616c00-fbeb-4b30-9e25-9e91fca78f47/1/wdZ3CN1CU2pf919GwKmF6kYjoTw.roa
Signing time: Thu 02 Jan 2025 09:49:34 +0000
ROA not before: Thu 02 Jan 2025 09:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 185.85.208.0/22 maxlen: 24
2a0d:9c80::/29 maxlen: 48
Validation: Failed, certificate revoked on Sat 04 Jan 2025 22:34:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:9d:eb:3b:ba:80:df:f7:7c:5a:08:63:e9:43:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48167dc1dd2bf991d70cf6ee87f4361e75cef20d
Validity
Not Before: Jan 2 09:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1d67708dd42536a5ff75f46c0a985ea4623a13c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6a:b6:38:fa:5a:68:02:81:7d:bc:ce:4f:00:
0f:6c:c4:26:80:44:25:6d:10:20:ad:a5:33:a6:a7:
35:62:69:09:c1:06:6a:b9:3c:4c:6e:17:74:c4:76:
3c:7e:e9:31:7d:50:c0:e3:eb:46:0a:f6:06:df:10:
68:1b:7b:5f:5e:65:16:ea:65:87:66:1e:67:ed:c5:
dc:f5:40:02:d2:e5:1c:c0:3a:21:ee:21:55:aa:05:
bb:1d:f8:22:fb:75:48:74:02:89:9a:78:b3:d2:fc:
14:b4:7f:ac:98:e4:4a:70:61:8e:fa:6d:12:36:c5:
40:83:31:8d:78:cb:0d:ec:b3:2e:04:49:63:75:ae:
7a:ea:2b:4e:ad:23:66:4a:33:80:c6:8d:eb:d4:06:
95:8f:67:5d:06:55:da:ab:20:8f:d0:79:b5:8e:c5:
04:a9:03:ca:ac:be:63:b9:35:70:d7:d9:74:bd:da:
83:5c:dd:8e:dc:b5:80:7f:11:f5:72:68:d1:e9:d4:
d3:75:bc:9d:0c:0f:8a:15:00:df:8e:c8:b5:ef:da:
64:b9:aa:d5:9b:43:8c:7d:1a:60:20:e0:6e:fe:db:
f0:2c:2e:57:cf:30:0c:f2:8d:62:ed:68:aa:97:a0:
55:23:59:f9:30:ec:b6:44:24:2e:4e:2e:f7:fa:74:
83:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:D6:77:08:DD:42:53:6A:5F:F7:5F:46:C0:A9:85:EA:46:23:A1:3C
X509v3 Authority Key Identifier:
keyid:48:16:7D:C1:DD:2B:F9:91:D7:0C:F6:EE:87:F4:36:1E:75:CE:F2:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SBZ9wd0r-ZHXDPbuh_Q2HnXO8g0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/616c00-fbeb-4b30-9e25-9e91fca78f47/1/wdZ3CN1CU2pf919GwKmF6kYjoTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/616c00-fbeb-4b30-9e25-9e91fca78f47/1/SBZ9wd0r-ZHXDPbuh_Q2HnXO8g0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.208.0/22
IPv6:
2a0d:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
1d:7e:2a:5b:7b:82:82:6e:a0:e8:dd:00:2f:dd:0f:a4:f8:46:
76:b7:d1:09:45:c9:25:2c:f5:c8:e0:96:65:77:5a:9c:a7:e1:
79:c3:cb:eb:11:99:c6:30:1a:2c:8b:71:bd:15:df:3f:d1:b7:
d4:36:1c:43:70:ff:b2:87:b8:4e:96:f1:ea:5d:09:20:c1:a1:
23:28:af:f0:3f:a0:a1:09:b2:d8:f8:1d:13:3c:49:c0:c2:55:
e5:b8:89:76:08:4b:b5:dc:7c:e6:c4:29:2c:c3:7e:95:1d:7f:
8f:7a:9f:7d:9e:12:c8:df:40:91:7f:9a:cb:88:32:a8:33:70:
7c:19:f7:89:58:0d:e7:eb:76:b7:b7:9e:cb:97:ba:7b:0a:c2:
7f:54:61:d6:30:a6:fb:1f:f2:92:72:43:4f:aa:4d:1f:97:d1:
8f:80:8e:d1:9a:e8:22:9f:08:eb:21:6b:dc:e7:ab:d4:4f:de:
d7:82:e3:76:6f:27:5c:5c:c3:05:b9:92:61:11:42:cb:14:9d:
15:6c:99:17:0e:7d:e5:1b:42:5b:fc:88:3d:b3:a6:de:2e:c3:
e3:87:74:77:dc:bf:49:5f:62:20:09:44:7f:1f:ef:19:b3:11:
72:4e:f0:f6:ed:0b:af:03:bb:69:0f:ac:bf:cc:b3:3c:ca:1b:
89:27:86:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma53rO7qA3/d8Wghj6UONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MTY3ZGMxZGQyYmY5OTFkNzBjZjZlZTg3ZjQzNjFlNzVj
ZWYyMGQwHhcNMjUwMTAyMDk0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWQ2NzcwOGRkNDI1MzZhNWZmNzVmNDZjMGE5ODVlYTQ2MjNhMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmq2OPpaaAKBfbzOTwAPbMQmgEQl
bRAgraUzpqc1YmkJwQZquTxMbhd0xHY8fukxfVDA4+tGCvYG3xBoG3tfXmUW6mWH
Zh5n7cXc9UAC0uUcwDoh7iFVqgW7Hfgi+3VIdAKJmniz0vwUtH+smORKcGGO+m0S
NsVAgzGNeMsN7LMuBEljda566itOrSNmSjOAxo3r1AaVj2ddBlXaqyCP0Hm1jsUE
qQPKrL5juTVw19l0vdqDXN2O3LWAfxH1cmjR6dTTdbydDA+KFQDfjsi179pkuarV
m0OMfRpgIOBu/tvwLC5XzzAM8o1i7Wiql6BVI1n5MOy2RCQuTi73+nSDMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMHWdwjdQlNqX/dfRsCphepGI6E8MB8GA1UdIwQY
MBaAFEgWfcHdK/mR1wz27of0Nh51zvINMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0JaOXdkMHItWkhYRFBidWhfUTJIblhPOGcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MTZjMDAtZmJlYi00YjMwLTllMjUt
OWU5MWZjYTc4ZjQ3LzEvd2RaM0NOMUNVMnBmOTE5R3dLbUY2a1lqb1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82MTZjMDAtZmJlYi00YjMwLTllMjUtOWU5MWZjYTc4ZjQ3
LzEvU0JaOXdkMHItWkhYRFBidWhfUTJIblhPOGcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVXQMA0E
AgACMAcDBQMqDZyAMA0GCSqGSIb3DQEBCwUAA4IBAQAdfipbe4KCbqDo3QAv3Q+k
+EZ2t9EJRcklLPXI4JZld1qcp+F5w8vrEZnGMBosi3G9Fd8/0bfUNhxDcP+yh7hO
lvHqXQkgwaEjKK/wP6ChCbLY+B0TPEnAwlXluIl2CEu13HzmxCksw36VHX+Pep99
nhLI30CRf5rLiDKoM3B8GfeJWA3n63a3t57Ll7p7CsJ/VGHWMKb7H/KSckNPqk0f
l9GPgI7RmuginwjrIWvc56vUT97XguN2bydcXMMFuZJhEULLFJ0VbJkXDn3lG0Jb
/Ig9s6beLsPjh3R33L9JX2IgCUR/H+8ZsxFyTvD27QuvA7tpD6y/zLM8yhuJJ4YB
-----END CERTIFICATE-----
Generated at Mon May 12 13:30:35 2025 by rpki-client