Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/e4ffc5-fb8d-4c40-8b73-bfeb7cea209d/1/i63p9T_YnjNuY9o34idQuavjRpg.roa
File: i63p9T_YnjNuY9o34idQuavjRpg.roa (raw, json)
Hash identifier: 0NUcWmVkfiAMFAns8e4R658rcO3Jyg4Ctojwz0twDGM=
Subject key identifier: 8B:AD:E9:F5:3F:D8:9E:33:6E:63:DA:37:E2:27:50:B9:AB:E3:46:98
Certificate issuer: /CN=4baff48ad1145b100c783fb7afb6f3028bd8f34e
Certificate serial: 018CC5012DA56E4F502BE80A76150ED755FE
Authority key identifier: 4B:AF:F4:8A:D1:14:5B:10:0C:78:3F:B7:AF:B6:F3:02:8B:D8:F3:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S6_0itEUWxAMeD-3r7bzAovY804.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/e4ffc5-fb8d-4c40-8b73-bfeb7cea209d/1/i63p9T_YnjNuY9o34idQuavjRpg.roa
Signing time: Mon 01 Jan 2024 12:30:37 +0000
ROA not before: Mon 01 Jan 2024 12:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48943
IP address blocks: 185.254.140.0/22 maxlen: 22
2a0c:4e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2d:a5:6e:4f:50:2b:e8:0a:76:15:0e:d7:55:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4baff48ad1145b100c783fb7afb6f3028bd8f34e
Validity
Not Before: Jan 1 12:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bade9f53fd89e336e63da37e22750b9abe34698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a2:32:77:ce:91:f4:56:40:23:d6:f7:53:06:
ac:74:1a:ca:45:92:5b:d7:82:6a:60:55:38:93:53:
ef:31:0a:36:97:9c:31:c4:f2:90:7e:b4:97:55:b4:
4c:b5:6a:54:b3:3d:7e:55:ed:38:af:17:6d:74:07:
f0:d4:d2:94:71:5f:be:84:04:ad:bd:d2:0b:36:08:
23:10:94:32:15:fa:db:ca:dd:7c:e5:4a:40:ab:62:
ab:f7:49:8e:3b:02:1e:c0:e9:03:7c:f5:c3:ee:0a:
39:8f:72:bc:28:99:a1:ab:5b:f4:f5:fb:55:ad:52:
a5:54:28:e1:0f:f3:72:69:e9:8a:4c:b5:1b:0d:06:
a7:3c:9f:84:0f:c9:6a:2b:c7:49:1b:a6:2d:a4:c2:
36:0f:ee:56:e4:9f:80:a3:ce:02:c9:d3:c9:09:1f:
c7:53:4e:b6:70:c3:fb:bc:c2:d7:49:53:e5:c5:b5:
6c:9c:0f:05:c1:6e:c7:c4:9c:42:01:91:cc:6a:3d:
bb:92:d5:66:83:97:03:91:40:7b:c3:da:3c:40:4f:
e0:6e:24:7b:de:2d:de:6b:7f:b1:84:78:fd:f4:e3:
73:bd:b8:8c:69:30:90:63:dc:6a:1e:31:77:cd:f5:
19:68:30:04:ec:4c:c7:99:95:fa:83:1c:67:7f:fe:
04:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:AD:E9:F5:3F:D8:9E:33:6E:63:DA:37:E2:27:50:B9:AB:E3:46:98
X509v3 Authority Key Identifier:
keyid:4B:AF:F4:8A:D1:14:5B:10:0C:78:3F:B7:AF:B6:F3:02:8B:D8:F3:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S6_0itEUWxAMeD-3r7bzAovY804.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e4ffc5-fb8d-4c40-8b73-bfeb7cea209d/1/i63p9T_YnjNuY9o34idQuavjRpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e4ffc5-fb8d-4c40-8b73-bfeb7cea209d/1/S6_0itEUWxAMeD-3r7bzAovY804.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.140.0/22
IPv6:
2a0c:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
a2:46:1a:38:65:3e:3e:17:b3:5b:93:99:0b:b4:7a:ae:d5:0e:
dd:47:86:c6:57:e0:6f:8f:b4:d7:1f:7f:5d:02:41:89:53:cc:
a3:1d:91:f8:76:ce:8d:cf:19:68:45:c7:5f:2c:70:71:a5:ca:
95:32:72:dc:49:0a:c8:97:fa:8d:69:1d:f4:0b:93:b7:98:7d:
c6:37:1a:3b:61:d1:c7:12:87:07:d1:b9:f6:ae:a6:06:77:98:
9d:cc:be:21:63:0b:d4:57:79:7c:2d:5d:d8:d8:26:c3:3a:df:
28:da:25:de:bf:54:b9:ec:e2:83:a0:f5:0d:00:76:66:8b:a7:
cf:23:9d:31:8c:e2:47:d2:85:52:51:8b:36:f0:44:26:d5:c4:
94:bc:e1:09:70:d6:65:41:90:e2:e5:50:5a:97:61:f2:59:bd:
06:6b:09:47:07:85:b1:e3:34:59:10:cd:62:4f:c0:75:2f:ae:
c1:4a:2d:be:e8:db:9e:84:56:66:0b:1e:6e:09:15:73:da:71:
22:8d:3a:0f:9a:a0:b5:65:2e:2c:b7:61:35:f1:91:a4:6c:b6:
d1:1c:a9:4e:ae:d0:13:38:51:32:11:08:66:0a:99:ad:2b:9e:
84:a8:ca:c3:00:87:27:10:80:23:2f:bc:7d:e9:b0:35:69:9f:
7f:6a:ec:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAS2lbk9QK+gKdhUO11X+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYWZmNDhhZDExNDViMTAwYzc4M2ZiN2FmYjZmMzAyOGJk
OGYzNGUwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmFkZTlmNTNmZDg5ZTMzNmU2M2RhMzdlMjI3NTBiOWFiZTM0Njk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqIyd86R9FZAI9b3UwasdBrKRZJb
14JqYFU4k1PvMQo2l5wxxPKQfrSXVbRMtWpUsz1+Ve04rxdtdAfw1NKUcV++hASt
vdILNggjEJQyFfrbyt185UpAq2Kr90mOOwIewOkDfPXD7go5j3K8KJmhq1v09ftV
rVKlVCjhD/NyaemKTLUbDQanPJ+ED8lqK8dJG6YtpMI2D+5W5J+Ao84CydPJCR/H
U062cMP7vMLXSVPlxbVsnA8FwW7HxJxCAZHMaj27ktVmg5cDkUB7w9o8QE/gbiR7
3i3ea3+xhHj99ONzvbiMaTCQY9xqHjF3zfUZaDAE7EzHmZX6gxxnf/4EmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIut6fU/2J4zbmPaN+InULmr40aYMB8GA1UdIwQY
MBaAFEuv9IrRFFsQDHg/t6+28wKL2PNOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzZfMGl0RVVXeEFNZUQtM3I3YnpBb3ZZODA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9lNGZmYzUtZmI4ZC00YzQwLThiNzMt
YmZlYjdjZWEyMDlkLzEvaTYzcDlUX1luak51WTlvMzRpZFF1YXZqUnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9lNGZmYzUtZmI4ZC00YzQwLThiNzMtYmZlYjdjZWEyMDlk
LzEvUzZfMGl0RVVXeEFNZUQtM3I3YnpBb3ZZODA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf6MMA0E
AgACMAcDBQMqDE5AMA0GCSqGSIb3DQEBCwUAA4IBAQCiRho4ZT4+F7Nbk5kLtHqu
1Q7dR4bGV+Bvj7TXH39dAkGJU8yjHZH4ds6NzxloRcdfLHBxpcqVMnLcSQrIl/qN
aR30C5O3mH3GNxo7YdHHEocH0bn2rqYGd5idzL4hYwvUV3l8LV3Y2CbDOt8o2iXe
v1S57OKDoPUNAHZmi6fPI50xjOJH0oVSUYs28EQm1cSUvOEJcNZlQZDi5VBal2Hy
Wb0GawlHB4Wx4zRZEM1iT8B1L67BSi2+6NuehFZmCx5uCRVz2nEijToPmqC1ZS4s
t2E18ZGkbLbRHKlOrtATOFEyEQhmCpmtK56EqMrDAIcnEIAjL7x96bA1aZ9/auzA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:00 2025 by rpki-client