Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/3c5026-5011-4689-8367-7b4e5e184735/1/IFzOwGxVVeOQPXEX-BDHRviwwUk.roa
File: IFzOwGxVVeOQPXEX-BDHRviwwUk.roa (raw, json)
Hash identifier: cQkzJr8k9kujVOmXadv7uFUdAThqoGyxanXhg8UpSUM=
Subject key identifier: 20:5C:CE:C0:6C:55:55:E3:90:3D:71:17:F8:10:C7:46:F8:B0:C1:49
Certificate issuer: /CN=3fcff98aaa5b48dc6158d2fc65f25c5097b5e26a
Certificate serial: 01926266AC4590C4B67EFE27B1274E5675C5
Authority key identifier: 3F:CF:F9:8A:AA:5B:48:DC:61:58:D2:FC:65:F2:5C:50:97:B5:E2:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P8_5iqpbSNxhWNL8ZfJcUJe14mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/3c5026-5011-4689-8367-7b4e5e184735/1/IFzOwGxVVeOQPXEX-BDHRviwwUk.roa
Signing time: Sun 06 Oct 2024 15:15:48 +0000
ROA not before: Sun 06 Oct 2024 15:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214087
IP address blocks: 185.184.30.0/23 maxlen: 23
2a10:ac82::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Oct 2024 18:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:62:66:ac:45:90:c4:b6:7e:fe:27:b1:27:4e:56:75:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fcff98aaa5b48dc6158d2fc65f25c5097b5e26a
Validity
Not Before: Oct 6 15:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=205ccec06c5555e3903d7117f810c746f8b0c149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5a:eb:4f:cc:4f:c6:3e:5b:dd:d5:49:85:08:
80:9e:f4:b0:f6:f7:8d:f0:ab:de:57:80:cc:f0:fa:
02:c5:0a:d3:ed:39:bc:73:23:5d:f9:32:05:43:83:
3d:77:f6:f1:a7:dd:bf:76:db:20:29:ac:a6:95:7c:
59:1c:7d:13:53:07:15:19:90:7e:a8:bc:86:a0:ae:
39:2c:07:fe:5b:ef:30:af:5f:31:35:52:30:21:d1:
c8:d8:c9:06:c2:72:5e:de:cc:38:1e:c7:ab:df:a0:
cc:65:74:19:85:c1:2b:c2:a2:b4:5d:20:df:66:ee:
b4:ae:74:eb:ea:2e:8a:de:5f:57:7c:8e:2b:77:1b:
1b:b0:80:79:5a:1f:81:f4:f5:e6:71:85:ec:73:89:
62:1a:94:7a:7f:46:bc:43:fb:3a:5d:79:6f:f4:45:
6f:a5:32:b6:c6:5a:f4:30:d6:75:0b:55:c0:9b:6e:
9d:e5:bc:c5:2e:19:eb:f4:82:2c:92:e3:11:ca:29:
21:6d:f9:a1:71:df:95:4b:21:81:d8:b1:81:9c:9e:
22:9a:4b:ef:af:56:7b:60:16:e0:b3:23:a0:48:cc:
82:d3:bf:71:f9:b7:65:cb:97:4d:1e:00:45:90:61:
0a:07:12:f2:97:65:d8:ca:54:94:3a:94:a3:1c:d1:
73:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:5C:CE:C0:6C:55:55:E3:90:3D:71:17:F8:10:C7:46:F8:B0:C1:49
X509v3 Authority Key Identifier:
keyid:3F:CF:F9:8A:AA:5B:48:DC:61:58:D2:FC:65:F2:5C:50:97:B5:E2:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P8_5iqpbSNxhWNL8ZfJcUJe14mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3c5026-5011-4689-8367-7b4e5e184735/1/IFzOwGxVVeOQPXEX-BDHRviwwUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3c5026-5011-4689-8367-7b4e5e184735/1/P8_5iqpbSNxhWNL8ZfJcUJe14mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.30.0/23
IPv6:
2a10:ac82::/32
Signature Algorithm: sha256WithRSAEncryption
05:0b:8c:10:5b:0e:51:46:9b:65:84:b7:8e:05:84:58:f7:00:
36:26:a3:c7:de:17:bd:33:4c:46:bf:b1:e2:1c:2c:0c:6e:77:
c5:c6:72:52:ca:f1:b1:6f:7c:b5:2a:99:6a:d1:d8:95:e2:11:
f9:77:c6:6e:4a:a2:1e:9e:ad:51:44:26:2c:94:3f:31:2a:5b:
41:54:76:92:26:5d:fc:f0:05:0e:fd:53:1e:34:fa:88:2d:f5:
e7:d1:18:2d:b1:fa:04:32:35:1f:bb:54:a2:90:5d:ed:5a:3c:
da:4c:67:ae:3c:61:ba:94:20:7c:3f:a8:54:56:7a:80:f7:bc:
0e:95:f3:e2:a3:9e:51:93:61:5e:8d:30:ac:8a:a5:ba:69:bd:
d2:d6:e0:d7:8b:bf:70:cc:68:97:53:ef:ee:03:e1:27:66:0d:
4c:53:72:f5:49:d9:6f:2f:bd:59:ef:87:15:e6:2e:d7:be:a2:
94:33:99:04:93:f9:c6:4f:e7:10:7f:a9:06:ca:a3:3a:14:bd:
f3:ef:f3:4e:c9:93:e8:5e:c9:89:c3:ad:87:e8:3f:c0:ea:26:
02:06:a7:17:07:78:e0:b7:f1:4d:c0:e2:a3:e3:3c:08:3e:e4:
3f:b3:9e:af:d8:d1:07:64:87:ad:42:bf:c5:ee:eb:15:00:c4:
49:8e:04:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJiZqxFkMS2fv4nsSdOVnXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmY2ZmOThhYWE1YjQ4ZGM2MTU4ZDJmYzY1ZjI1YzUwOTdi
NWUyNmEwHhcNMjQxMDA2MTUxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDVjY2VjMDZjNTU1NWUzOTAzZDcxMTdmODEwYzc0NmY4YjBjMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplrrT8xPxj5b3dVJhQiAnvSw9veN
8KveV4DM8PoCxQrT7Tm8cyNd+TIFQ4M9d/bxp92/dtsgKaymlXxZHH0TUwcVGZB+
qLyGoK45LAf+W+8wr18xNVIwIdHI2MkGwnJe3sw4Hser36DMZXQZhcErwqK0XSDf
Zu60rnTr6i6K3l9XfI4rdxsbsIB5Wh+B9PXmcYXsc4liGpR6f0a8Q/s6XXlv9EVv
pTK2xlr0MNZ1C1XAm26d5bzFLhnr9IIskuMRyikhbfmhcd+VSyGB2LGBnJ4imkvv
r1Z7YBbgsyOgSMyC079x+bdly5dNHgBFkGEKBxLyl2XYylSUOpSjHNFzDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCBczsBsVVXjkD1xF/gQx0b4sMFJMB8GA1UdIwQY
MBaAFD/P+YqqW0jcYVjS/GXyXFCXteJqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDhfNWlxcGJTTnhoV05MOFpmSmNVSmUxNG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zYzUwMjYtNTAxMS00Njg5LTgzNjct
N2I0ZTVlMTg0NzM1LzEvSUZ6T3dHeFZWZU9RUFhFWC1CREhSdml3d1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zYzUwMjYtNTAxMS00Njg5LTgzNjctN2I0ZTVlMTg0NzM1
LzEvUDhfNWlxcGJTTnhoV05MOFpmSmNVSmUxNG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBubgeMA0E
AgACMAcDBQAqEKyCMA0GCSqGSIb3DQEBCwUAA4IBAQAFC4wQWw5RRptlhLeOBYRY
9wA2JqPH3he9M0xGv7HiHCwMbnfFxnJSyvGxb3y1Kplq0diV4hH5d8ZuSqIenq1R
RCYslD8xKltBVHaSJl388AUO/VMeNPqILfXn0RgtsfoEMjUfu1SikF3tWjzaTGeu
PGG6lCB8P6hUVnqA97wOlfPio55Rk2FejTCsiqW6ab3S1uDXi79wzGiXU+/uA+En
Zg1MU3L1SdlvL71Z74cV5i7XvqKUM5kEk/nGT+cQf6kGyqM6FL3z7/NOyZPoXsmJ
w62H6D/A6iYCBqcXB3jgt/FNwOKj4zwIPuQ/s56v2NEHZIetQr/F7usVAMRJjgR8
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:48:49 2025 by rpki-client