Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/985867-d6c9-4db0-b808-44ef5674fe30/1/uSqq8MyKQAQk32XoX0R8_IcAniw.roa
File: uSqq8MyKQAQk32XoX0R8_IcAniw.roa (raw, json)
Hash identifier: K4rBX9JbCmdRIrT42hR+YZY9quviPEjoWJh7cg//iRU=
Subject key identifier: B9:2A:AA:F0:CC:8A:40:04:24:DF:65:E8:5F:44:7C:FC:87:00:9E:2C
Certificate issuer: /CN=8a9fd2cddf4b44de79a5bfc8ca19a56f552eb4e8
Certificate serial: 01934451C5D99D6523DC0D43578C0FAAD91F
Authority key identifier: 8A:9F:D2:CD:DF:4B:44:DE:79:A5:BF:C8:CA:19:A5:6F:55:2E:B4:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ip_Szd9LRN55pb_Iyhmlb1UutOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/985867-d6c9-4db0-b808-44ef5674fe30/1/uSqq8MyKQAQk32XoX0R8_IcAniw.roa
Signing time: Tue 19 Nov 2024 12:07:09 +0000
ROA not before: Tue 19 Nov 2024 12:07:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202482
IP address blocks: 185.161.28.0/24 maxlen: 24
185.161.29.0/24 maxlen: 24
185.161.30.0/24 maxlen: 24
185.161.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:51:c5:d9:9d:65:23:dc:0d:43:57:8c:0f:aa:d9:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a9fd2cddf4b44de79a5bfc8ca19a56f552eb4e8
Validity
Not Before: Nov 19 12:07:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b92aaaf0cc8a400424df65e85f447cfc87009e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2e:fd:c2:91:d3:f1:1d:24:61:8b:26:1a:47:
f8:ae:1e:10:96:c8:81:ab:7c:65:10:2a:fa:af:9f:
e2:73:e8:23:ad:02:b2:3e:99:c4:76:00:bb:24:f4:
6e:85:ea:b9:26:cb:d6:9b:22:01:6c:24:d4:ef:90:
2f:79:87:37:a9:d7:4f:fe:29:31:d4:a0:f0:99:f2:
54:32:13:8e:3e:14:26:bf:d6:dd:c3:ac:db:02:25:
af:03:2c:52:e1:d8:90:bf:a1:b6:ee:94:7d:a9:12:
04:70:b4:d4:3d:80:ed:aa:62:b7:32:d5:0c:76:ab:
20:50:68:8c:c1:cd:16:8d:02:c2:d7:4c:40:0d:2b:
f0:7e:e3:2c:02:b4:0a:df:a4:a8:f4:61:9c:f0:b4:
78:b9:1d:3b:74:74:3c:3b:f5:5e:f6:cf:2a:2c:34:
31:a8:4e:ca:d2:62:4f:0c:37:fb:72:11:9c:ab:c6:
84:c5:c7:6d:22:b9:23:4d:5f:a3:1a:97:1b:fe:e3:
0a:7c:05:9a:b0:81:69:f3:77:0e:db:0c:f1:67:ac:
77:d2:0a:66:c1:a7:c4:53:5a:73:d2:62:4c:08:9c:
10:3a:e6:7f:f9:88:da:e4:3d:2e:86:2f:55:2a:c6:
12:8e:ee:f5:07:4e:dc:b8:f0:54:6b:97:6d:81:f6:
24:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2A:AA:F0:CC:8A:40:04:24:DF:65:E8:5F:44:7C:FC:87:00:9E:2C
X509v3 Authority Key Identifier:
keyid:8A:9F:D2:CD:DF:4B:44:DE:79:A5:BF:C8:CA:19:A5:6F:55:2E:B4:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ip_Szd9LRN55pb_Iyhmlb1UutOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/985867-d6c9-4db0-b808-44ef5674fe30/1/uSqq8MyKQAQk32XoX0R8_IcAniw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/985867-d6c9-4db0-b808-44ef5674fe30/1/ip_Szd9LRN55pb_Iyhmlb1UutOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.28.0/22
Signature Algorithm: sha256WithRSAEncryption
73:d2:71:75:cc:f2:ba:40:7f:c2:4b:6c:a6:a6:cf:ac:3f:9e:
cd:b1:43:e1:9c:e3:c9:e0:a0:c3:23:45:1d:37:e9:12:fe:35:
a3:5e:61:6b:f0:d2:72:ca:ce:cc:75:8a:b1:7d:59:82:b1:16:
5a:2c:31:79:f8:55:48:27:42:e8:b4:b3:82:9a:7f:58:0b:f2:
f1:d3:bb:10:65:42:2c:33:02:6e:be:ec:c5:c3:79:3c:22:30:
ff:8a:56:75:bd:0a:71:3e:cb:5b:f1:23:b4:4d:b9:81:fd:4f:
c4:d4:09:d0:25:95:f6:44:25:97:e4:05:ad:fd:a5:f5:91:d8:
b9:6f:81:52:58:fe:72:9f:a9:0d:16:b4:69:a8:c5:5e:4c:a9:
8f:93:6f:55:4b:dd:f8:e1:37:d3:a6:51:d2:3f:c2:2b:a1:02:
fe:21:d4:15:01:06:e9:d4:a1:1d:81:70:43:2b:60:47:ee:94:
10:4a:ff:d3:ca:53:b4:60:2f:68:fa:d1:01:5d:72:2f:43:ee:
e4:01:05:1a:a3:b4:50:af:6e:76:25:27:5f:01:bc:19:b8:d1:
f4:84:10:27:47:6e:b8:4c:5a:58:66:61:50:2f:75:f1:38:18:
c9:86:77:d4:a5:fa:69:44:47:14:a9:47:4a:87:18:cd:03:03:
8f:4b:4e:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNEUcXZnWUj3A1DV4wPqtkfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhOWZkMmNkZGY0YjQ0ZGU3OWE1YmZjOGNhMTlhNTZmNTUy
ZWI0ZTgwHhcNMjQxMTE5MTIwNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTJhYWFmMGNjOGE0MDA0MjRkZjY1ZTg1ZjQ0N2NmYzg3MDA5ZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzi79wpHT8R0kYYsmGkf4rh4QlsiB
q3xlECr6r5/ic+gjrQKyPpnEdgC7JPRuheq5JsvWmyIBbCTU75AveYc3qddP/ikx
1KDwmfJUMhOOPhQmv9bdw6zbAiWvAyxS4diQv6G27pR9qRIEcLTUPYDtqmK3MtUM
dqsgUGiMwc0WjQLC10xADSvwfuMsArQK36So9GGc8LR4uR07dHQ8O/Ve9s8qLDQx
qE7K0mJPDDf7chGcq8aExcdtIrkjTV+jGpcb/uMKfAWasIFp83cO2wzxZ6x30gpm
wafEU1pz0mJMCJwQOuZ/+Yja5D0uhi9VKsYSju71B07cuPBUa5dtgfYk6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLkqqvDMikAEJN9l6F9EfPyHAJ4sMB8GA1UdIwQY
MBaAFIqf0s3fS0TeeaW/yMoZpW9VLrToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXBfU3pkOUxSTjU1cGJfSXlobWxiMVV1dE9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ODU4NjctZDZjOS00ZGIwLWI4MDgt
NDRlZjU2NzRmZTMwLzEvdVNxcThNeUtRQVFrMzJYb1gwUjhfSWNBbml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ODU4NjctZDZjOS00ZGIwLWI4MDgtNDRlZjU2NzRmZTMw
LzEvaXBfU3pkOUxSTjU1cGJfSXlobWxiMVV1dE9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaEcMA0G
CSqGSIb3DQEBCwUAA4IBAQBz0nF1zPK6QH/CS2ymps+sP57NsUPhnOPJ4KDDI0Ud
N+kS/jWjXmFr8NJyys7MdYqxfVmCsRZaLDF5+FVIJ0LotLOCmn9YC/Lx07sQZUIs
MwJuvuzFw3k8IjD/ilZ1vQpxPstb8SO0TbmB/U/E1AnQJZX2RCWX5AWt/aX1kdi5
b4FSWP5yn6kNFrRpqMVeTKmPk29VS9344TfTplHSP8IroQL+IdQVAQbp1KEdgXBD
K2BH7pQQSv/TylO0YC9o+tEBXXIvQ+7kAQUao7RQr252JSdfAbwZuNH0hBAnR264
TFpYZmFQL3XxOBjJhnfUpfppREcUqUdKhxjNAwOPS07c
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:44 2025 by rpki-client