Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/A8i0oDVccO-EM3bZ4IiRNe_v0ok.roa
File: A8i0oDVccO-EM3bZ4IiRNe_v0ok.roa (raw, json)
Hash identifier: BsMWkaKBHfKPF7zAG5IYMAaq4J67iSCAPkAvGAD9Zz0=
Subject key identifier: 03:C8:B4:A0:35:5C:70:EF:84:33:76:D9:E0:88:91:35:EF:EF:D2:89
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018CC9BC6F791922FAB3522CDCCAC21B7971
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/A8i0oDVccO-EM3bZ4IiRNe_v0ok.roa
Signing time: Tue 02 Jan 2024 10:33:38 +0000
ROA not before: Tue 02 Jan 2024 10:33:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215906
IP address blocks: 46.20.106.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 23:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:6f:79:19:22:fa:b3:52:2c:dc:ca:c2:1b:79:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 2 10:33:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03c8b4a0355c70ef843376d9e0889135efefd289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c5:a9:c2:61:46:ef:b0:84:05:ba:ab:71:ec:
d0:03:d0:82:af:3e:69:c5:4e:b8:a9:ac:38:1b:06:
42:72:e1:e1:d7:33:32:fe:18:cb:1d:cb:f7:bb:04:
37:14:20:23:36:49:24:fe:35:c7:16:37:b4:b1:8d:
9e:48:8e:9a:8d:5b:40:d9:1c:10:06:bb:3e:56:7c:
7f:62:30:43:15:43:55:9b:fa:62:6f:62:6b:fa:de:
5e:70:cc:eb:dd:aa:ac:04:9e:26:6c:81:51:fe:8f:
a7:18:76:71:c8:ba:dc:f5:38:89:2a:24:e1:48:d0:
fd:49:ad:6e:1a:aa:14:38:67:14:49:dc:53:a5:5b:
b4:5a:4b:c8:39:4b:2e:fb:c2:1b:81:49:5d:72:08:
d2:17:c7:c6:a0:1f:d8:19:7e:7c:5b:f3:26:0e:96:
19:bd:5c:79:42:84:1f:d9:b2:6d:46:b2:be:c0:d2:
12:ec:bc:ee:88:07:04:c5:7f:a9:e2:21:cb:86:66:
79:46:a3:c3:eb:f1:32:7f:42:2d:18:15:7f:35:cb:
4c:42:02:02:8e:9a:0d:bc:ef:3b:2e:39:66:e4:91:
c2:9b:26:32:86:2b:07:19:b9:e1:1d:aa:e7:3e:cf:
e9:fa:20:e5:ba:b0:23:77:7b:d6:65:05:23:71:e2:
f0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C8:B4:A0:35:5C:70:EF:84:33:76:D9:E0:88:91:35:EF:EF:D2:89
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/A8i0oDVccO-EM3bZ4IiRNe_v0ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.106.0/24
185.100.168.0/24
Signature Algorithm: sha256WithRSAEncryption
64:00:19:1c:c1:f7:08:9a:45:61:0d:bb:a4:00:be:47:fb:31:
4c:36:0e:75:dd:b7:88:31:f4:37:2e:11:08:4f:f8:aa:84:79:
62:8b:25:24:f6:53:8a:3b:51:ff:c7:ef:55:52:c4:8c:be:13:
3f:1e:29:b2:d2:7e:71:1c:8d:16:f1:57:ab:97:6e:63:f1:30:
ee:f8:0c:e6:e6:9d:a5:d4:c2:c9:ef:c0:92:d1:6c:a6:e3:a4:
7f:f0:fc:a2:df:b3:21:9c:ed:20:08:4b:28:9e:13:84:de:77:
d3:81:d1:26:6b:23:9c:9a:2f:03:c7:9b:9f:04:ce:55:aa:20:
da:db:f0:fd:f5:b7:7b:d8:5d:57:75:31:bd:ca:97:db:36:52:
93:ba:86:34:a0:84:6e:0d:dd:ce:b3:44:b2:37:f8:1e:36:85:
43:5c:0e:d2:7e:71:36:75:43:a5:16:48:e9:2f:5a:5e:b6:dc:
c4:38:83:e4:62:35:63:76:61:c9:91:20:fd:41:25:76:98:b7:
85:6b:da:38:16:73:fb:4d:17:66:07:06:8f:04:c7:92:24:14:
16:ae:b5:c6:22:3b:42:d8:4f:cb:85:15:2a:4f:f8:c4:ee:6e:
e9:7f:8a:31:c4:c8:d5:9e:8e:51:b6:e0:50:12:9d:9b:ce:90:
dd:30:6b:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvG95GSL6s1Is3MrCG3lxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMTAyMTAzMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2M4YjRhMDM1NWM3MGVmODQzMzc2ZDllMDg4OTEzNWVmZWZkMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcWpwmFG77CEBbqrcezQA9CCrz5p
xU64qaw4GwZCcuHh1zMy/hjLHcv3uwQ3FCAjNkkk/jXHFje0sY2eSI6ajVtA2RwQ
Brs+Vnx/YjBDFUNVm/pib2Jr+t5ecMzr3aqsBJ4mbIFR/o+nGHZxyLrc9TiJKiTh
SND9Sa1uGqoUOGcUSdxTpVu0WkvIOUsu+8IbgUldcgjSF8fGoB/YGX58W/MmDpYZ
vVx5QoQf2bJtRrK+wNIS7LzuiAcExX+p4iHLhmZ5RqPD6/Eyf0ItGBV/NctMQgIC
jpoNvO87Ljlm5JHCmyYyhisHGbnhHarnPs/p+iDlurAjd3vWZQUjceLwkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAPItKA1XHDvhDN22eCIkTXv79KJMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvQThpMG9EVmNjTy1FTTNiWjRJaVJOZV92MG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALhRqAwQA
uWSoMA0GCSqGSIb3DQEBCwUAA4IBAQBkABkcwfcImkVhDbukAL5H+zFMNg513beI
MfQ3LhEIT/iqhHliiyUk9lOKO1H/x+9VUsSMvhM/Himy0n5xHI0W8Verl25j8TDu
+Azm5p2l1MLJ78CS0Wym46R/8Pyi37MhnO0gCEsonhOE3nfTgdEmayOcmi8Dx5uf
BM5VqiDa2/D99bd72F1XdTG9ypfbNlKTuoY0oIRuDd3Os0SyN/geNoVDXA7SfnE2
dUOlFkjpL1pettzEOIPkYjVjdmHJkSD9QSV2mLeFa9o4FnP7TRdmBwaPBMeSJBQW
rrXGIjtC2E/LhRUqT/jE7m7pf4oxxMjVno5RtuBQEp2bzpDdMGth
-----END CERTIFICATE-----
Generated at Sat May 10 08:27:24 2025 by rpki-client