Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/rosKiAKVsUww6Mzep-WCM6oFRzg.roa
File: rosKiAKVsUww6Mzep-WCM6oFRzg.roa (raw, json)
Hash identifier: UWzVNaAI6n+IA7RHy5gu1vTQnFdoF2WxsLs+AI4EP2c=
Subject key identifier: AE:8B:0A:88:02:95:B1:4C:30:E8:CC:DE:A7:E5:82:33:AA:05:47:38
Certificate issuer: /CN=fef918c5a9330dbbe6eee17cb9a1d62fbc855bde
Certificate serial: 019440286E21ED1451F08E3833481E963A57
Authority key identifier: FE:F9:18:C5:A9:33:0D:BB:E6:EE:E1:7C:B9:A1:D6:2F:BC:85:5B:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/rosKiAKVsUww6Mzep-WCM6oFRzg.roa
Signing time: Tue 07 Jan 2025 09:46:18 +0000
ROA not before: Tue 07 Jan 2025 09:46:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59395
IP address blocks: 185.159.216.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 08 Jan 2025 10:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:40:28:6e:21:ed:14:51:f0:8e:38:33:48:1e:96:3a:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef918c5a9330dbbe6eee17cb9a1d62fbc855bde
Validity
Not Before: Jan 7 09:46:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae8b0a880295b14c30e8ccdea7e58233aa054738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:80:7d:85:de:ea:50:d9:d9:81:13:c2:3f:f4:
ce:cf:cb:d0:7b:e9:02:f6:50:b8:7e:8c:18:eb:0d:
ca:2e:62:ee:09:98:02:96:9b:5c:74:17:ee:b6:ab:
b6:ad:3a:4e:ea:d7:69:f8:b8:98:ae:54:5a:14:9a:
48:1d:6b:e2:1f:a1:75:ff:e6:1e:eb:64:0b:bb:dc:
e3:75:dc:df:99:6e:4b:b8:67:98:a4:77:59:b0:96:
24:ef:19:74:58:82:b8:37:ab:de:8e:74:33:0d:94:
7b:b8:b7:7e:bb:19:cc:78:d0:f0:52:89:80:51:db:
62:b3:67:9f:f2:d6:ab:78:c6:ee:a4:50:55:cb:1a:
ff:e7:6c:80:b5:7f:8f:91:3e:7a:2d:75:fa:33:76:
2d:a7:49:0c:c5:8a:65:06:33:37:d1:54:62:c7:bc:
ef:cc:27:fe:df:27:94:e9:17:a9:ba:ac:03:da:d8:
cd:ba:18:f5:cd:d7:76:c9:7c:96:5f:78:14:4f:04:
29:49:bf:9e:e1:73:1b:d2:25:46:8f:d7:45:19:49:
28:e7:81:a6:ea:22:6a:f1:52:0b:1a:51:b6:b6:f2:
cd:a9:e7:17:c8:33:89:d0:40:0c:ad:e0:28:c0:16:
9b:29:bd:d3:51:22:4b:72:d1:6d:a8:96:a3:36:6d:
76:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:8B:0A:88:02:95:B1:4C:30:E8:CC:DE:A7:E5:82:33:AA:05:47:38
X509v3 Authority Key Identifier:
keyid:FE:F9:18:C5:A9:33:0D:BB:E6:EE:E1:7C:B9:A1:D6:2F:BC:85:5B:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/rosKiAKVsUww6Mzep-WCM6oFRzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.216.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:9e:18:55:f7:52:e1:63:d6:2e:3b:35:4d:32:b5:63:c7:0e:
d0:f4:c5:18:63:a6:d9:e7:19:11:46:7e:4c:b9:a8:8e:f3:ac:
3a:65:4a:30:b8:33:1f:3d:5a:17:3d:c3:df:a2:28:d5:c6:c0:
65:5c:43:12:84:b2:54:ad:fc:02:a8:86:9c:35:38:dc:bd:c7:
39:1c:fe:17:52:be:87:87:67:03:69:95:ca:7b:8f:1d:c2:b6:
01:cf:1a:88:0e:67:bb:3e:f9:f5:98:64:26:b2:4d:d4:35:17:
67:b6:f8:ac:ad:69:05:6e:07:8f:18:88:f9:0e:4b:51:fa:40:
b6:db:ec:3b:6e:83:50:70:77:8a:41:19:da:c9:39:ab:dc:9c:
72:e3:88:b6:2b:73:e6:90:a4:7b:53:6a:2f:27:b7:31:97:e7:
28:e5:2e:d9:da:41:71:b5:2f:58:29:19:a7:df:7b:3c:13:58:
39:92:cb:03:28:76:a9:95:03:29:3b:57:20:65:eb:06:71:b0:
2e:ac:8e:d9:55:78:b4:e3:1a:89:bd:35:0d:59:e9:00:b9:3a:
65:d4:65:07:dc:1d:c0:78:52:06:cb:4c:2e:a1:ff:7c:7b:c0:
67:38:35:46:a7:76:d7:84:54:d4:7a:e5:92:05:f5:31:9e:73:
a7:76:01:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRAKG4h7RRR8I44M0geljpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjkxOGM1YTkzMzBkYmJlNmVlZTE3Y2I5YTFkNjJmYmM4
NTViZGUwHhcNMjUwMTA3MDk0NjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZThiMGE4ODAyOTViMTRjMzBlOGNjZGVhN2U1ODIzM2FhMDU0NzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoB9hd7qUNnZgRPCP/TOz8vQe+kC
9lC4fowY6w3KLmLuCZgClptcdBfutqu2rTpO6tdp+LiYrlRaFJpIHWviH6F1/+Ye
62QLu9zjddzfmW5LuGeYpHdZsJYk7xl0WIK4N6vejnQzDZR7uLd+uxnMeNDwUomA
Udtis2ef8tareMbupFBVyxr/52yAtX+PkT56LXX6M3Ytp0kMxYplBjM30VRix7zv
zCf+3yeU6RepuqwD2tjNuhj1zdd2yXyWX3gUTwQpSb+e4XMb0iVGj9dFGUko54Gm
6iJq8VILGlG2tvLNqecXyDOJ0EAMreAowBabKb3TUSJLctFtqJajNm12NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6LCogClbFMMOjM3qflgjOqBUc4MB8GA1UdIwQY
MBaAFP75GMWpMw275u7hfLmh1i+8hVveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZrWXhha3pEYnZtN3VGOHVhSFdMN3lGVzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lZDY1NWQtNTEwMi00OTMyLWIxZGIt
YmEyODg5YWZhYWRkLzEvcm9zS2lBS1ZzVXd3Nk16ZXAtV0NNNm9GUnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lZDY1NWQtNTEwMi00OTMyLWIxZGItYmEyODg5YWZhYWRk
LzEvX3ZrWXhha3pEYnZtN3VGOHVhSFdMN3lGVzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ/YMA0G
CSqGSIb3DQEBCwUAA4IBAQCpnhhV91LhY9YuOzVNMrVjxw7Q9MUYY6bZ5xkRRn5M
uaiO86w6ZUowuDMfPVoXPcPfoijVxsBlXEMShLJUrfwCqIacNTjcvcc5HP4XUr6H
h2cDaZXKe48dwrYBzxqIDme7Pvn1mGQmsk3UNRdntvisrWkFbgePGIj5DktR+kC2
2+w7boNQcHeKQRnayTmr3Jxy44i2K3PmkKR7U2ovJ7cxl+co5S7Z2kFxtS9YKRmn
33s8E1g5kssDKHaplQMpO1cgZesGcbAurI7ZVXi04xqJvTUNWekAuTpl1GUH3B3A
eFIGy0wuof98e8BnODVGp3bXhFTUeuWSBfUxnnOndgEP
-----END CERTIFICATE-----
Generated at Tue May 13 10:22:18 2025 by rpki-client