Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/87_60QueZa3kQoXzj0d68HS5dec.roa
File: 87_60QueZa3kQoXzj0d68HS5dec.roa (raw, json)
Hash identifier: ethOE0agopyt1iBJXFG0c8IAE3oJLx0uJa9lonoo9ig=
Subject key identifier: F3:BF:FA:D1:0B:9E:65:AD:E4:42:85:F3:8F:47:7A:F0:74:B9:75:E7
Certificate issuer: /CN=a6785773df313b91711bf6bc5b149ecc246b9e89
Certificate serial: 0194D508F6758ADAE664860160E44FD533E7
Authority key identifier: A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/87_60QueZa3kQoXzj0d68HS5dec.roa
Signing time: Wed 05 Feb 2025 07:35:21 +0000
ROA not before: Wed 05 Feb 2025 07:35:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211908
IP address blocks: 185.239.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 09:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:08:f6:75:8a:da:e6:64:86:01:60:e4:4f:d5:33:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6785773df313b91711bf6bc5b149ecc246b9e89
Validity
Not Before: Feb 5 07:35:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3bffad10b9e65ade44285f38f477af074b975e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:24:13:e3:3e:a0:1e:dd:c5:72:c7:7d:90:7f:
df:14:ec:87:29:59:8e:90:f9:5c:3d:98:55:10:a0:
0b:3b:d2:c2:d4:71:1d:65:91:f6:c2:2e:2e:87:03:
22:fd:b1:bf:8d:42:16:c9:3c:4a:eb:a0:1c:cc:59:
a2:78:45:be:a1:ba:de:5b:75:a0:71:68:dd:87:4e:
be:1e:5b:fe:2b:4a:64:a2:ca:7a:37:a2:9b:f9:54:
f7:d8:6e:90:79:f0:f3:d5:9e:f2:f2:50:54:86:42:
a3:9c:31:2e:59:63:2e:6b:a1:bf:1c:32:1f:b7:cd:
84:5a:f5:b4:f3:32:7b:9a:89:22:35:5d:78:f0:33:
f2:7a:79:f2:46:6c:09:85:ae:fd:c0:32:ce:ba:12:
c3:dd:d9:08:e7:42:fa:ec:d2:85:50:d5:bb:ec:62:
3b:67:52:00:21:95:cf:6e:18:ed:61:c9:66:eb:79:
5a:06:ef:63:3e:26:37:51:88:7e:d0:08:db:81:08:
3a:c9:ad:93:e1:0b:62:4b:0d:ab:15:1b:df:41:21:
ed:75:37:50:80:13:50:aa:39:d8:5d:e9:4d:5d:90:
aa:5b:b5:74:a1:01:37:ec:c6:44:1a:b9:24:b9:d3:
af:cf:7b:cc:a1:e8:3d:7f:96:49:27:03:95:8d:c7:
b5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:BF:FA:D1:0B:9E:65:AD:E4:42:85:F3:8F:47:7A:F0:74:B9:75:E7
X509v3 Authority Key Identifier:
keyid:A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/87_60QueZa3kQoXzj0d68HS5dec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.178.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:e9:67:8a:a4:49:db:ad:c9:9e:ce:78:25:70:43:94:19:ca:
cd:13:d9:20:b1:27:e0:f2:fe:d8:7f:15:10:b6:f8:e8:50:8d:
38:8c:65:55:29:f1:18:4c:bc:60:98:5e:75:16:ba:d4:46:ea:
a9:9c:6c:c2:f4:a9:9b:a8:25:0d:d3:7a:3e:ed:22:96:8d:d2:
c4:56:5b:cc:11:4a:3f:28:f3:f8:9f:b2:c6:a3:db:ce:2c:60:
48:cf:37:51:13:68:06:1b:60:04:18:cd:b8:01:d8:72:eb:50:
b8:62:d5:04:40:e4:26:95:9a:5b:11:24:ba:62:cb:91:9d:92:
59:c1:d3:a8:54:d4:5f:ca:d4:99:79:49:28:2d:5f:24:12:81:
39:b6:d9:f5:a5:29:b7:34:d0:9f:fa:1a:aa:26:8a:7c:53:8b:
1c:86:1b:b7:6a:48:03:55:90:56:b0:be:18:02:c3:d0:2a:a3:
47:b4:3a:8e:71:c2:94:c5:8e:8f:20:ef:5f:af:9f:50:bc:0d:
9c:d4:4d:fa:bb:ac:fb:9f:4b:77:43:6e:ee:6d:19:2a:5e:74:
f8:43:97:ea:4e:7e:1b:4e:1b:ac:e7:0f:2e:16:a9:b2:14:4b:
a0:9e:01:27:fa:9c:df:03:cd:95:70:e8:6c:1a:fa:f5:4e:13:
ac:b6:b5:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTVCPZ1itrmZIYBYORP1TPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Nzg1NzczZGYzMTNiOTE3MTFiZjZiYzViMTQ5ZWNjMjQ2
YjllODkwHhcNMjUwMjA1MDczNTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2JmZmFkMTBiOWU2NWFkZTQ0Mjg1ZjM4ZjQ3N2FmMDc0Yjk3NWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiQT4z6gHt3Fcsd9kH/fFOyHKVmO
kPlcPZhVEKALO9LC1HEdZZH2wi4uhwMi/bG/jUIWyTxK66AczFmieEW+obreW3Wg
cWjdh06+Hlv+K0pkosp6N6Kb+VT32G6QefDz1Z7y8lBUhkKjnDEuWWMua6G/HDIf
t82EWvW08zJ7mokiNV148DPyennyRmwJha79wDLOuhLD3dkI50L67NKFUNW77GI7
Z1IAIZXPbhjtYclm63laBu9jPiY3UYh+0AjbgQg6ya2T4QtiSw2rFRvfQSHtdTdQ
gBNQqjnYXelNXZCqW7V0oQE37MZEGrkkudOvz3vMoeg9f5ZJJwOVjce17wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPO/+tELnmWt5EKF849HevB0uXXnMB8GA1UdIwQY
MBaAFKZ4V3PfMTuRcRv2vFsUnswka56JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEt
ZDc1ODY5YzBjNzFlLzEvODdfNjBRdWVaYTNrUW9YemowZDY4SFM1ZGVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEtZDc1ODY5YzBjNzFl
LzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue+yMA0G
CSqGSIb3DQEBCwUAA4IBAQBN6WeKpEnbrcmeznglcEOUGcrNE9kgsSfg8v7YfxUQ
tvjoUI04jGVVKfEYTLxgmF51FrrURuqpnGzC9KmbqCUN03o+7SKWjdLEVlvMEUo/
KPP4n7LGo9vOLGBIzzdRE2gGG2AEGM24Adhy61C4YtUEQOQmlZpbESS6YsuRnZJZ
wdOoVNRfytSZeUkoLV8kEoE5ttn1pSm3NNCf+hqqJop8U4schhu3akgDVZBWsL4Y
AsPQKqNHtDqOccKUxY6PIO9fr59QvA2c1E36u6z7n0t3Q27ubRkqXnT4Q5fqTn4b
Thus5w8uFqmyFEugngEn+pzfA82VcOhsGvr1ThOstrUk
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:45:33 2025 by rpki-client