Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/_9y2Q3RYrK8s9Ovxcom9WHwtjag.roa
File: _9y2Q3RYrK8s9Ovxcom9WHwtjag.roa (raw, json)
Hash identifier: pAtAbT/e3CTxj01/hd3dcxHfv6Qbi5yHpOUTUpWcn5o=
Subject key identifier: FF:DC:B6:43:74:58:AC:AF:2C:F4:EB:F1:72:89:BD:58:7C:2D:8D:A8
Certificate issuer: /CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Certificate serial: 018CC2DB00BA61D03DD4856E21DC19373F10
Authority key identifier: FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/_9y2Q3RYrK8s9Ovxcom9WHwtjag.roa
Signing time: Mon 01 Jan 2024 02:29:41 +0000
ROA not before: Mon 01 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 185.240.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 16:51:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:00:ba:61:d0:3d:d4:85:6e:21:dc:19:37:3f:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Validity
Not Before: Jan 1 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffdcb6437458acaf2cf4ebf17289bd587c2d8da8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b4:ab:4e:6a:d7:b4:98:78:79:a1:b5:b5:bc:
37:c0:c2:71:59:be:94:bb:15:68:3f:a1:c6:4b:30:
04:18:1a:b8:5a:9a:cf:cf:f9:21:4d:ec:0d:d4:c2:
20:90:d1:78:52:50:e9:67:58:0f:79:ba:bc:52:3c:
20:39:a6:b4:f9:12:df:32:34:b7:39:6a:6a:c0:d5:
69:62:c5:68:b5:8d:c2:85:13:ad:1c:1b:66:4b:39:
8b:79:3e:32:d0:57:0d:bf:b3:16:16:90:ff:e1:cb:
fc:e5:0e:0f:31:2a:0b:b3:8e:25:de:5a:20:cf:eb:
49:90:63:fd:a2:ef:f4:62:c3:72:72:7f:36:30:34:
a6:12:da:dc:db:63:e3:87:38:11:77:3b:09:4e:9c:
00:fd:32:64:09:e7:cb:88:a8:12:ab:de:e6:12:8b:
a2:e4:e3:3a:b2:7e:a3:a3:89:86:ed:84:f3:0a:bd:
99:3a:21:ce:90:1b:76:94:dc:bc:c2:c9:75:48:da:
6b:d0:50:fb:2d:11:f8:86:1a:3c:04:fb:80:87:06:
ae:90:18:b2:8f:78:45:0a:4b:78:3f:87:f8:c6:ef:
ba:41:ac:c4:34:17:00:1d:16:1e:1e:a2:d7:6d:ab:
ac:24:1a:5a:96:9b:f3:ea:dd:3c:fa:48:10:81:bc:
03:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DC:B6:43:74:58:AC:AF:2C:F4:EB:F1:72:89:BD:58:7C:2D:8D:A8
X509v3 Authority Key Identifier:
keyid:FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/_9y2Q3RYrK8s9Ovxcom9WHwtjag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.160.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:54:1a:41:69:d7:d6:85:63:1a:0c:56:0c:17:03:67:83:a9:
51:31:2f:c4:da:c1:0b:29:86:54:13:6a:f4:a3:0f:9b:64:d0:
19:26:bd:d7:76:26:9d:40:ca:f4:71:ec:67:93:e2:f2:79:73:
43:a6:dc:a9:be:d7:dc:3b:d2:92:16:04:69:8a:30:e0:e3:45:
ff:72:b4:b2:3e:84:d2:9f:ec:92:ff:04:e2:fd:75:43:4b:5e:
af:ab:ba:03:a5:75:cf:c0:0d:83:3e:83:bf:d8:71:d8:62:10:
02:f8:aa:51:75:1e:6c:90:70:d0:52:4a:f2:18:38:57:0d:56:
19:f3:71:fb:b1:7d:61:46:8f:6b:84:f9:25:1f:90:a6:60:e1:
9c:0c:4f:d1:90:70:04:be:b0:49:eb:80:a9:35:db:dd:f0:65:
a4:6e:fc:81:98:40:ca:b8:c3:97:b1:94:dd:df:d0:5e:9c:7a:
00:73:f1:c0:9e:dd:2a:4b:92:b6:ea:39:15:67:bb:61:b8:ba:
0e:f9:61:68:35:ce:21:2c:3c:5c:04:7c:e4:42:7e:0f:77:64:
1f:5c:c9:04:2b:19:ea:4b:48:d3:08:ce:33:84:be:c6:b7:a6:
d6:b5:75:63:67:98:40:2f:7b:0f:aa:ec:43:85:6c:05:7d:9f:
44:7b:b8:c6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzC2wC6YdA91IVuIdwZNz8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMmU3MmFiZjdiMTcyOGZkYTZhYTBiMDQxM2Q4ODU0ODEy
ZWEzNjEwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmRjYjY0Mzc0NThhY2FmMmNmNGViZjE3Mjg5YmQ1ODdjMmQ4ZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7SrTmrXtJh4eaG1tbw3wMJxWb6U
uxVoP6HGSzAEGBq4WprPz/khTewN1MIgkNF4UlDpZ1gPebq8UjwgOaa0+RLfMjS3
OWpqwNVpYsVotY3ChROtHBtmSzmLeT4y0FcNv7MWFpD/4cv85Q4PMSoLs44l3log
z+tJkGP9ou/0YsNycn82MDSmEtrc22PjhzgRdzsJTpwA/TJkCefLiKgSq97mEoui
5OM6sn6jo4mG7YTzCr2ZOiHOkBt2lNy8wsl1SNpr0FD7LRH4hho8BPuAhwaukBiy
j3hFCkt4P4f4xu+6QazENBcAHRYeHqLXbausJBpalpvz6t08+kgQgbwDdwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFP/ctkN0WKyvLPTr8XKJvVh8LY2oMB8GA1UdIwQY
MBaAFPoucqv3sXKP2mqgsEE9iFSBLqNhMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1pNXlxX2V4Y29fYWFxQ3dRVDJJVklFdW8yRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvZjYxNTkxLTdjYTgtNGE5YS04OTlm
LWEzNjZkYTI1MWE4My8xL185eTJRM1JZcks4czlPdnhjb205V0h3dGphZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWMvZjYxNTkxLTdjYTgtNGE5YS04OTlmLWEzNjZkYTI1MWE4
My8xLzEtaTV5cV9leGNvX2FhcUN3UVQySVZJRXVvMkUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC58KAw
DQYJKoZIhvcNAQELBQADggEBAExUGkFp19aFYxoMVgwXA2eDqVExL8TawQsphlQT
avSjD5tk0Bkmvdd2Jp1AyvRx7GeT4vJ5c0Om3Km+19w70pIWBGmKMODjRf9ytLI+
hNKf7JL/BOL9dUNLXq+rugOldc/ADYM+g7/YcdhiEAL4qlF1HmyQcNBSSvIYOFcN
VhnzcfuxfWFGj2uE+SUfkKZg4ZwMT9GQcAS+sEnrgKk1293wZaRu/IGYQMq4w5ex
lN3f0F6cegBz8cCe3SpLkrbqORVnu2G4ug75YWg1ziEsPFwEfORCfg93ZB9cyQQr
GepLSNMIzjOEvsa3pta1dWNnmEAvew+q7EOFbAV9n0R7uMY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:37:26 2025 by rpki-client