Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/c4ccc3-65d6-485d-9be0-a7a5f478dd72/1/0Ut0A-imkE79bF0y_-U7GwCLeZY.roa
File: 0Ut0A-imkE79bF0y_-U7GwCLeZY.roa (raw, json)
Hash identifier: bKmXe/vUIQlDCo3QAEJNxAJbvj7FRnylrVs6eLptZhM=
Subject key identifier: D1:4B:74:03:E8:A6:90:4E:FD:6C:5D:32:FF:E5:3B:1B:00:8B:79:96
Certificate issuer: /CN=5a94c4bc4d2563e252ebfcc0fbc2ac199cce608a
Certificate serial: 018CC94BE50FC6CB750D918D54438A244D6D
Authority key identifier: 5A:94:C4:BC:4D:25:63:E2:52:EB:FC:C0:FB:C2:AC:19:9C:CE:60:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpTEvE0lY-JS6_zA-8KsGZzOYIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/c4ccc3-65d6-485d-9be0-a7a5f478dd72/1/0Ut0A-imkE79bF0y_-U7GwCLeZY.roa
Signing time: Tue 02 Jan 2024 08:30:43 +0000
ROA not before: Tue 02 Jan 2024 08:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43242
IP address blocks: 185.171.92.0/24 maxlen: 24
185.171.93.0/24 maxlen: 24
185.171.92.0/22 maxlen: 22
185.171.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 08:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:e5:0f:c6:cb:75:0d:91:8d:54:43:8a:24:4d:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a94c4bc4d2563e252ebfcc0fbc2ac199cce608a
Validity
Not Before: Jan 2 08:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d14b7403e8a6904efd6c5d32ffe53b1b008b7996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:91:c9:df:43:49:60:a3:a8:94:4a:f1:74:11:
dc:82:c6:1e:6f:20:37:11:79:1e:9d:de:cb:28:b0:
7e:88:37:dc:21:50:3f:7a:50:3d:a5:5a:fd:3b:5c:
58:f6:bf:53:3b:10:44:33:35:77:14:9c:ee:04:87:
89:69:5a:ee:20:d9:c5:ac:6f:ac:f5:08:e1:ed:2e:
f4:82:ea:6c:73:a9:57:e7:7a:4a:5b:8d:e7:13:90:
57:bd:97:38:b5:b1:d3:13:38:60:7f:b9:da:62:ba:
0a:36:f7:fb:24:4b:ad:34:2c:08:2d:c6:e1:e2:9d:
43:87:15:73:1c:2d:9e:2a:66:37:4d:4b:3a:04:ba:
9c:b0:5f:c6:21:f9:cf:d2:1c:ba:91:bc:27:57:0b:
a3:2c:8a:64:26:f8:b0:e8:bc:5e:98:e5:e1:fc:01:
b0:50:e6:ef:bc:5f:7a:46:b7:a7:06:91:99:07:5a:
23:74:49:34:70:d8:33:04:d6:07:0d:09:70:46:87:
2f:7a:12:04:13:69:f7:ae:30:8b:68:9a:ba:40:bd:
48:45:61:95:e8:c8:14:49:72:86:71:ae:d4:3b:38:
71:12:c3:91:69:ab:c3:e0:34:70:e5:99:e4:08:e5:
37:92:49:7f:e8:43:33:58:e8:2d:05:bd:7c:c8:46:
c2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4B:74:03:E8:A6:90:4E:FD:6C:5D:32:FF:E5:3B:1B:00:8B:79:96
X509v3 Authority Key Identifier:
keyid:5A:94:C4:BC:4D:25:63:E2:52:EB:FC:C0:FB:C2:AC:19:9C:CE:60:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpTEvE0lY-JS6_zA-8KsGZzOYIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c4ccc3-65d6-485d-9be0-a7a5f478dd72/1/0Ut0A-imkE79bF0y_-U7GwCLeZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c4ccc3-65d6-485d-9be0-a7a5f478dd72/1/WpTEvE0lY-JS6_zA-8KsGZzOYIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.92.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:54:1d:bc:f4:53:e0:9f:b1:4a:ff:82:85:14:31:1b:7c:a5:
c7:fc:5c:54:77:e7:40:a9:0b:25:19:62:ac:34:55:e0:09:49:
bd:c5:00:8d:83:eb:d4:e8:d0:70:b6:42:9e:f7:b5:76:ba:52:
1b:75:b0:db:02:da:1b:db:92:c9:7c:b8:aa:a4:b2:69:d7:8c:
9e:20:e9:30:b2:74:d0:d1:33:7d:4f:41:1c:5b:43:9e:c1:90:
b4:4e:80:27:98:9a:55:86:19:49:c0:b5:0d:02:60:79:6a:7b:
5b:c5:26:d4:28:6b:66:5f:a0:70:e4:ef:d5:b4:7e:5a:32:53:
4f:21:32:38:a9:f9:0d:1d:92:e7:e6:37:05:62:18:14:32:76:
fa:90:81:d8:57:e0:23:0f:e1:3c:9a:5a:63:a0:6b:95:b4:50:
60:47:b6:74:1f:e1:65:21:54:f0:95:da:f3:a8:89:b0:dd:41:
0c:11:81:f3:bc:62:00:9d:4a:0a:f9:81:43:5a:74:22:a8:87:
10:0e:64:fb:89:f7:55:28:df:c5:29:8d:64:4b:2e:d7:11:b7:
d8:b7:9d:37:fd:16:d4:62:64:e6:07:d5:4d:c7:b8:1a:2a:e4:
0e:b9:93:46:b7:76:c8:99:d3:8f:4f:13:90:97:e8:3f:f9:2f:
8f:cd:c0:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJS+UPxst1DZGNVEOKJE1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTRjNGJjNGQyNTYzZTI1MmViZmNjMGZiYzJhYzE5OWNj
ZTYwOGEwHhcNMjQwMTAyMDgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRiNzQwM2U4YTY5MDRlZmQ2YzVkMzJmZmU1M2IxYjAwOGI3OTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZHJ30NJYKOolErxdBHcgsYebyA3
EXkend7LKLB+iDfcIVA/elA9pVr9O1xY9r9TOxBEMzV3FJzuBIeJaVruINnFrG+s
9Qjh7S70gupsc6lX53pKW43nE5BXvZc4tbHTEzhgf7naYroKNvf7JEutNCwILcbh
4p1DhxVzHC2eKmY3TUs6BLqcsF/GIfnP0hy6kbwnVwujLIpkJviw6LxemOXh/AGw
UObvvF96RrenBpGZB1ojdEk0cNgzBNYHDQlwRocvehIEE2n3rjCLaJq6QL1IRWGV
6MgUSXKGca7UOzhxEsORaavD4DRw5ZnkCOU3kkl/6EMzWOgtBb18yEbCQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFLdAPoppBO/WxdMv/lOxsAi3mWMB8GA1UdIwQY
MBaAFFqUxLxNJWPiUuv8wPvCrBmczmCKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BURXZFMGxZLUpTNl96QS04S3NHWnpPWUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9jNGNjYzMtNjVkNi00ODVkLTliZTAt
YTdhNWY0NzhkZDcyLzEvMFV0MEEtaW1rRTc5YkYweV8tVTdHd0NMZVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9jNGNjYzMtNjVkNi00ODVkLTliZTAtYTdhNWY0NzhkZDcy
LzEvV3BURXZFMGxZLUpTNl96QS04S3NHWnpPWUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuatcMA0G
CSqGSIb3DQEBCwUAA4IBAQA9VB289FPgn7FK/4KFFDEbfKXH/FxUd+dAqQslGWKs
NFXgCUm9xQCNg+vU6NBwtkKe97V2ulIbdbDbAtob25LJfLiqpLJp14yeIOkwsnTQ
0TN9T0EcW0OewZC0ToAnmJpVhhlJwLUNAmB5antbxSbUKGtmX6Bw5O/VtH5aMlNP
ITI4qfkNHZLn5jcFYhgUMnb6kIHYV+AjD+E8mlpjoGuVtFBgR7Z0H+FlIVTwldrz
qImw3UEMEYHzvGIAnUoK+YFDWnQiqIcQDmT7ifdVKN/FKY1kSy7XEbfYt503/RbU
YmTmB9VNx7gaKuQOuZNGt3bImdOPTxOQl+g/+S+PzcA+
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:26:55 2025 by rpki-client