Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/8nsd2Fl_4l9aDmHRmiXissPW-UY.roa
File: 8nsd2Fl_4l9aDmHRmiXissPW-UY.roa (raw, json)
Hash identifier: 6+VeijKnMoB/BfuI6phbsgI2kEXZ4Qow20clChnUNM0=
Subject key identifier: F2:7B:1D:D8:59:7F:E2:5F:5A:0E:61:D1:9A:25:E2:B2:C3:D6:F9:46
Certificate issuer: /CN=e378a94b9964ea5e9f8b05938702ba58316b500f
Certificate serial: 0194176F51B6DB09FD3803D2EE1274503703
Authority key identifier: E3:78:A9:4B:99:64:EA:5E:9F:8B:05:93:87:02:BA:58:31:6B:50:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/43ipS5lk6l6fiwWThwK6WDFrUA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/8nsd2Fl_4l9aDmHRmiXissPW-UY.roa
Signing time: Mon 30 Dec 2024 11:59:18 +0000
ROA not before: Mon 30 Dec 2024 11:59:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50057
IP address blocks: 185.161.112.0/24 maxlen: 24
185.161.113.0/24 maxlen: 24
185.161.114.0/24 maxlen: 24
185.161.115.0/24 maxlen: 24
193.150.66.0/24 maxlen: 24
2a07:c200::/32 maxlen: 32
2a07:c201::/32 maxlen: 32
2a07:c202::/32 maxlen: 32
2a07:c203::/32 maxlen: 32
2a07:c204::/32 maxlen: 32
2a07:c205::/32 maxlen: 32
2a07:c206::/32 maxlen: 32
2a07:c207::/32 maxlen: 32
2a0f:6400::/32 maxlen: 32
2a0f:6401::/32 maxlen: 32
2a0f:6402::/32 maxlen: 32
2a0f:6403::/32 maxlen: 32
2a0f:6404::/32 maxlen: 32
2a0f:6405::/32 maxlen: 32
2a0f:6406::/32 maxlen: 32
2a0f:6407::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:17:6f:51:b6:db:09:fd:38:03:d2:ee:12:74:50:37:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e378a94b9964ea5e9f8b05938702ba58316b500f
Validity
Not Before: Dec 30 11:59:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f27b1dd8597fe25f5a0e61d19a25e2b2c3d6f946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bd:55:3f:d0:0b:20:dc:0a:8d:28:9f:0f:3b:
d5:55:3d:31:b7:3f:25:dd:76:0f:da:81:b1:28:b9:
7a:1a:fe:5f:89:c0:a8:2d:29:bf:d2:c6:6a:2e:fa:
4b:1e:a4:b1:58:44:f5:46:1e:2e:1f:9c:03:c1:6d:
79:e0:ae:c4:d5:59:c6:78:af:c0:c2:3e:f5:d6:c1:
62:7f:16:43:9c:84:00:84:ee:ce:8b:82:f8:37:36:
44:3f:39:d6:22:64:9a:62:6e:d6:91:ba:3e:c2:fb:
f2:75:70:77:f9:d0:96:14:ff:13:ff:fc:09:3d:98:
b8:5e:ce:23:bc:72:61:49:4a:50:45:c7:8a:11:22:
13:90:88:64:86:30:8e:d6:92:d4:f2:56:b1:88:52:
69:42:96:29:e3:ea:3e:a9:b1:0c:4a:f4:d1:d0:08:
83:38:d5:d8:95:b8:7f:cc:23:b4:53:25:46:6a:dc:
a5:16:d6:40:50:61:7b:c5:9e:00:7b:9e:84:d8:94:
13:d1:87:75:40:27:5e:c5:83:94:fe:d1:29:d4:55:
19:ef:c7:e7:d9:8e:02:da:9f:b2:dd:af:f6:6d:1e:
a9:21:fa:c7:d1:b5:d7:23:15:52:7a:30:10:fd:30:
3e:0c:08:6b:1b:0c:da:f0:40:28:3a:0c:cc:2e:a8:
0f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7B:1D:D8:59:7F:E2:5F:5A:0E:61:D1:9A:25:E2:B2:C3:D6:F9:46
X509v3 Authority Key Identifier:
keyid:E3:78:A9:4B:99:64:EA:5E:9F:8B:05:93:87:02:BA:58:31:6B:50:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/43ipS5lk6l6fiwWThwK6WDFrUA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/8nsd2Fl_4l9aDmHRmiXissPW-UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/43ipS5lk6l6fiwWThwK6WDFrUA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.112.0/22
193.150.66.0/24
IPv6:
2a07:c200::/29
2a0f:6400::/29
Signature Algorithm: sha256WithRSAEncryption
02:69:f1:4b:91:5f:4a:04:d9:13:18:dc:8b:1c:b8:58:f5:a6:
b1:31:2d:32:ba:70:51:56:f1:b8:b3:15:ef:d1:8f:bd:5f:80:
ad:89:2b:51:c8:c3:7a:74:85:3b:9c:71:07:94:15:66:ee:09:
0a:cc:9e:c6:76:a2:b7:aa:b2:4c:ab:02:e9:41:9c:cd:e3:40:
3c:46:46:b1:2c:bf:a1:e6:1c:55:40:ef:b8:b0:71:c0:c1:94:
eb:ae:d6:bf:d1:71:f5:70:6a:f3:07:93:77:c6:db:ac:a5:76:
de:c1:00:ef:5a:b3:a8:a9:d8:f5:f9:11:5b:87:2a:35:c7:7e:
5f:36:1c:9b:34:c3:a1:dd:f5:71:b3:14:47:8c:f0:16:ea:27:
b9:2b:1a:10:ba:84:e8:7e:e6:f7:db:96:f4:eb:ee:ff:87:7b:
76:34:25:41:6b:3e:44:df:89:2e:52:be:8b:45:08:b4:94:ef:
f8:dd:9f:ba:4d:0a:af:58:17:e0:e8:62:6f:38:a5:dc:17:59:
e5:aa:d6:b6:19:1f:3c:e1:c3:0d:4e:0a:3b:5a:df:5d:6d:84:
83:66:b2:67:67:85:dd:a7:40:2b:65:7c:32:a7:e2:2c:76:83:
24:62:97:0d:c8:8f:e8:54:57:3e:a2:a6:54:82:78:e1:c5:bf:
02:95:bd:fc
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQXb1G22wn9OAPS7hJ0UDcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNzhhOTRiOTk2NGVhNWU5ZjhiMDU5Mzg3MDJiYTU4MzE2
YjUwMGYwHhcNMjQxMjMwMTE1OTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjdiMWRkODU5N2ZlMjVmNWEwZTYxZDE5YTI1ZTJiMmMzZDZmOTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur1VP9ALINwKjSifDzvVVT0xtz8l
3XYP2oGxKLl6Gv5ficCoLSm/0sZqLvpLHqSxWET1Rh4uH5wDwW154K7E1VnGeK/A
wj711sFifxZDnIQAhO7Oi4L4NzZEPznWImSaYm7Wkbo+wvvydXB3+dCWFP8T//wJ
PZi4Xs4jvHJhSUpQRceKESITkIhkhjCO1pLU8laxiFJpQpYp4+o+qbEMSvTR0AiD
ONXYlbh/zCO0UyVGatylFtZAUGF7xZ4Ae56E2JQT0Yd1QCdexYOU/tEp1FUZ78fn
2Y4C2p+y3a/2bR6pIfrH0bXXIxVSejAQ/TA+DAhrGwza8EAoOgzMLqgPmQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPJ7HdhZf+JfWg5h0Zol4rLD1vlGMB8GA1UdIwQY
MBaAFON4qUuZZOpen4sFk4cCulgxa1APMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDNpcFM1bGs2bDZmaXdXVGh3SzZXREZyVUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy82YTVlOGMtZDgzMS00MWUzLTg0ZTUt
ZjQyMTc2Y2QwNDQ1LzEvOG5zZDJGbF80bDlhRG1IUm1pWGlzc1BXLVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy82YTVlOGMtZDgzMS00MWUzLTg0ZTUtZjQyMTc2Y2QwNDQ1
LzEvNDNpcFM1bGs2bDZmaXdXVGh3SzZXREZyVUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuaFwAwQA
wZZCMBQEAgACMA4DBQMqB8IAAwUDKg9kADANBgkqhkiG9w0BAQsFAAOCAQEAAmnx
S5FfSgTZExjcixy4WPWmsTEtMrpwUVbxuLMV79GPvV+ArYkrUcjDenSFO5xxB5QV
Zu4JCsyexnait6qyTKsC6UGczeNAPEZGsSy/oeYcVUDvuLBxwMGU667Wv9Fx9XBq
8weTd8bbrKV23sEA71qzqKnY9fkRW4cqNcd+XzYcmzTDod31cbMUR4zwFuonuSsa
ELqE6H7m99uW9Ovu/4d7djQlQWs+RN+JLlK+i0UItJTv+N2fuk0Kr1gX4Ohibzil
3BdZ5arWthkfPOHDDU4KO1rfXW2Eg2ayZ2eF3adAK2V8MqfiLHaDJGKXDciP6FRX
PqKmVIJ44cW/ApW9/A==
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:00:15 2025 by rpki-client