Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/f8rAhnUskT4IrPDU7TIiF8cyzug.roa
File: f8rAhnUskT4IrPDU7TIiF8cyzug.roa (raw, json)
Hash identifier: Dlww2pgNZoys3A40Ac1mOPQVZ+HY/PBRYLbd0tDpHik=
Subject key identifier: 7F:CA:C0:86:75:2C:91:3E:08:AC:F0:D4:ED:32:22:17:C7:32:CE:E8
Certificate issuer: /CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Certificate serial: 018CC94D9F40381DA1D3A5F177E656B03413
Authority key identifier: 30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/f8rAhnUskT4IrPDU7TIiF8cyzug.roa
Signing time: Tue 02 Jan 2024 08:32:36 +0000
ROA not before: Tue 02 Jan 2024 08:32:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57724
IP address blocks: 185.231.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:9f:40:38:1d:a1:d3:a5:f1:77:e6:56:b0:34:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Validity
Not Before: Jan 2 08:32:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fcac086752c913e08acf0d4ed322217c732cee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:51:50:bc:67:7a:0d:fc:59:3b:3b:6b:60:c2:
da:3d:fa:77:04:cd:9d:cd:fc:a1:b5:b6:80:1e:27:
47:53:d0:ae:85:8e:8b:c5:a5:55:06:71:45:89:90:
48:73:1d:73:8e:17:79:a7:9b:78:6e:87:f2:22:5d:
65:36:17:d4:8b:b9:7e:bc:d2:1c:b0:d0:2b:f5:d4:
91:c5:17:65:46:04:df:30:98:0c:d0:11:26:69:bb:
1b:98:09:e9:df:40:5b:31:c4:c0:55:8d:e1:96:33:
c7:93:10:be:f2:4f:dc:0d:8f:d3:57:71:3c:56:20:
f4:cf:ea:21:02:95:ed:95:58:77:77:4c:31:fa:2a:
18:98:9c:5b:2a:8c:7d:28:8c:ec:e7:6b:c7:8b:5f:
e6:d2:8d:d2:f8:68:41:4b:a9:8a:01:17:3c:78:b3:
4e:39:2b:8e:bf:e9:6d:9f:d8:9e:c3:24:d0:b0:7f:
58:64:c9:94:88:27:e9:7e:9b:5d:4a:6b:c1:f1:5a:
c8:58:12:f3:7d:f1:6b:ce:45:3f:62:fe:99:5a:95:
7d:74:53:d3:9f:1c:6d:73:a6:45:a5:1f:a5:78:38:
6a:87:64:41:04:e7:69:04:5a:31:f5:d7:ba:2b:fb:
6a:3a:0f:8b:7c:28:35:82:94:9e:f0:fb:05:1b:07:
18:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:CA:C0:86:75:2C:91:3E:08:AC:F0:D4:ED:32:22:17:C7:32:CE:E8
X509v3 Authority Key Identifier:
keyid:30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/f8rAhnUskT4IrPDU7TIiF8cyzug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.33.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:29:ab:e7:5c:8f:7f:65:d2:d3:fe:3c:01:d4:fb:82:b9:1a:
52:21:20:d1:9c:27:66:73:f9:b0:cd:e4:52:31:7b:53:fb:a7:
04:f1:ec:50:c0:1d:3d:0b:a3:dc:69:a5:2f:bb:ab:5b:ca:09:
c1:84:e6:b5:0b:32:78:24:69:e7:f9:78:7b:68:cb:aa:ad:de:
fb:59:81:4b:af:9d:82:6a:48:10:56:0c:99:ef:db:2d:9d:a1:
58:3e:0c:df:18:b4:a9:50:e9:50:9c:8c:96:b0:c8:d8:40:a3:
b5:f5:a8:e2:b6:2e:e4:26:5e:24:18:09:fa:ae:78:0d:a2:4e:
8d:80:0e:dd:71:60:00:9d:2d:c3:ae:e6:0a:01:37:32:6c:c5:
91:f9:ef:4b:21:38:20:52:65:4c:16:c6:e6:c6:f6:95:54:98:
d5:ad:4a:d8:45:7e:b3:72:80:b1:c2:c4:98:78:5b:b4:b7:de:
07:fe:7b:30:fb:21:cf:ba:42:90:33:2f:5c:0f:63:9e:d0:b6:
a3:de:33:90:64:71:1f:3d:32:6a:28:74:ba:c5:24:5d:35:31:
aa:a0:74:d6:b0:58:bc:8b:a3:77:35:62:ce:1e:3c:87:dc:18:
f9:bd:f2:24:71:2d:7b:6d:c3:e8:0b:d6:2b:f6:0e:b2:fb:49:
8c:30:58:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTZ9AOB2h06Xxd+ZWsDQTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNmMwODY2ZGMyNTIwOGU2YzA3ZDRhMjFkN2Q4MDUwYjUw
OGQ2YTIwHhcNMjQwMTAyMDgzMjM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmNhYzA4Njc1MmM5MTNlMDhhY2YwZDRlZDMyMjIxN2M3MzJjZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVFQvGd6DfxZOztrYMLaPfp3BM2d
zfyhtbaAHidHU9CuhY6LxaVVBnFFiZBIcx1zjhd5p5t4bofyIl1lNhfUi7l+vNIc
sNAr9dSRxRdlRgTfMJgM0BEmabsbmAnp30BbMcTAVY3hljPHkxC+8k/cDY/TV3E8
ViD0z+ohApXtlVh3d0wx+ioYmJxbKox9KIzs52vHi1/m0o3S+GhBS6mKARc8eLNO
OSuOv+ltn9iewyTQsH9YZMmUiCfpfptdSmvB8VrIWBLzffFrzkU/Yv6ZWpV9dFPT
nxxtc6ZFpR+leDhqh2RBBOdpBFox9de6K/tqOg+LfCg1gpSe8PsFGwcYMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/KwIZ1LJE+CKzw1O0yIhfHMs7oMB8GA1UdIwQY
MBaAFDBsCGbcJSCObAfUoh19gFC1CNaiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUt
MTBlZGI1NDFlNmZmLzEvZjhyQWhuVXNrVDRJclBEVTdUSWlGOGN5enVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUtMTBlZGI1NDFlNmZm
LzEvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuechMA0G
CSqGSIb3DQEBCwUAA4IBAQBcKavnXI9/ZdLT/jwB1PuCuRpSISDRnCdmc/mwzeRS
MXtT+6cE8exQwB09C6PcaaUvu6tbygnBhOa1CzJ4JGnn+Xh7aMuqrd77WYFLr52C
akgQVgyZ79stnaFYPgzfGLSpUOlQnIyWsMjYQKO19ajiti7kJl4kGAn6rngNok6N
gA7dcWAAnS3DruYKATcybMWR+e9LITggUmVMFsbmxvaVVJjVrUrYRX6zcoCxwsSY
eFu0t94H/nsw+yHPukKQMy9cD2Oe0Laj3jOQZHEfPTJqKHS6xSRdNTGqoHTWsFi8
i6N3NWLOHjyH3Bj5vfIkcS17bcPoC9Yr9g6y+0mMMFiV
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:04:33 2025 by rpki-client