Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/b459f1-6499-4e14-acfb-ea788ad3296a/1/L9fcRSRPuEHQWHz1015EQgR0UC4.roa
File: L9fcRSRPuEHQWHz1015EQgR0UC4.roa (raw, json)
Hash identifier: Il9yw4vcO3l9/ivXndN6IBJ4nXjn31vW7nyQ8OMU1Sc=
Subject key identifier: 2F:D7:DC:45:24:4F:B8:41:D0:58:7C:F5:D3:5E:44:42:04:74:50:2E
Certificate issuer: /CN=7b385e86167d5ccc22fd85892560ae760b5f2898
Certificate serial: 018CC3488BD5908C92572817A090D8842EA2
Authority key identifier: 7B:38:5E:86:16:7D:5C:CC:22:FD:85:89:25:60:AE:76:0B:5F:28:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ezhehhZ9XMwi_YWJJWCudgtfKJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/b459f1-6499-4e14-acfb-ea788ad3296a/1/L9fcRSRPuEHQWHz1015EQgR0UC4.roa
Signing time: Mon 01 Jan 2024 04:29:20 +0000
ROA not before: Mon 01 Jan 2024 04:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31673
IP address blocks: 185.226.136.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8b:d5:90:8c:92:57:28:17:a0:90:d8:84:2e:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b385e86167d5ccc22fd85892560ae760b5f2898
Validity
Not Before: Jan 1 04:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fd7dc45244fb841d0587cf5d35e44420474502e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8c:ff:80:fc:e4:57:ab:70:78:19:83:43:3e:
7d:da:d3:5c:22:3f:28:dc:20:cd:f2:21:28:10:88:
69:d2:bd:4a:e9:d6:56:04:38:ea:61:c2:8e:d3:56:
a7:9f:fc:3b:dc:78:4f:0a:a0:01:62:53:8b:4f:d9:
f8:f4:11:3b:91:8e:f8:90:a1:92:08:95:fe:f3:51:
06:e0:d2:98:ee:8f:b8:81:c1:ac:38:37:83:c2:85:
61:c5:89:8f:41:19:3d:f3:13:84:9a:fc:68:99:ec:
5b:16:8e:55:d8:22:88:ce:53:eb:68:b2:a2:b3:da:
ce:90:d7:5e:2e:fe:72:2e:23:b1:fe:0c:98:e2:25:
45:73:bb:0a:f7:d6:d4:51:bd:8a:b4:2c:88:7e:f0:
41:f9:75:55:1d:50:39:40:28:51:a5:f8:7b:7a:43:
75:2f:4e:76:19:b3:c0:96:8e:a4:f1:44:10:85:20:
9d:40:9f:b9:a5:60:a1:e6:e6:6b:10:e7:81:c2:0a:
4e:51:34:d3:3a:24:ad:80:96:49:78:1d:5a:b6:1e:
c3:4c:fe:a6:68:0d:eb:b3:87:8d:72:9a:8d:7e:d6:
79:c4:21:c3:8a:fb:a0:51:ff:ea:7b:e5:d7:f5:c1:
77:69:23:27:80:ee:40:21:36:7e:3f:17:52:56:a5:
4e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D7:DC:45:24:4F:B8:41:D0:58:7C:F5:D3:5E:44:42:04:74:50:2E
X509v3 Authority Key Identifier:
keyid:7B:38:5E:86:16:7D:5C:CC:22:FD:85:89:25:60:AE:76:0B:5F:28:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ezhehhZ9XMwi_YWJJWCudgtfKJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/b459f1-6499-4e14-acfb-ea788ad3296a/1/L9fcRSRPuEHQWHz1015EQgR0UC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/b459f1-6499-4e14-acfb-ea788ad3296a/1/ezhehhZ9XMwi_YWJJWCudgtfKJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.136.0/23
Signature Algorithm: sha256WithRSAEncryption
e0:8d:bf:6e:28:df:ca:e4:1b:83:d2:60:b0:33:74:f8:6f:8a:
6e:cf:5f:c9:56:cf:17:e2:39:4b:4d:f5:58:28:57:d5:d0:54:
66:8e:06:b1:5d:84:ae:7a:4a:df:b5:e3:a4:4b:f9:66:12:d1:
2c:5d:82:55:a0:8a:ee:a8:9d:6b:e1:09:1a:e6:e2:21:9e:0c:
55:47:eb:3e:cd:d2:10:6e:3a:b4:e6:6f:94:dc:58:53:2e:7d:
7c:b9:36:22:88:ff:9a:e7:7c:45:6c:5b:39:d6:66:6f:a7:b3:
12:ba:ae:cf:57:49:90:30:81:1a:13:7d:30:bc:70:fb:d6:00:
66:f7:d0:ca:e4:71:61:4b:41:c3:92:7c:85:60:69:6b:b4:72:
07:b7:87:a7:27:1f:ca:9c:67:65:ec:cc:b4:d4:f2:81:4a:a2:
4f:c0:76:15:34:6c:22:93:cf:d1:42:6c:a7:39:a8:00:4a:c4:
c8:60:98:0e:f2:1a:e6:43:01:67:61:72:aa:a0:ce:0a:ce:d3:
eb:c2:64:a5:24:1b:97:b9:34:46:24:97:19:1e:bd:1d:48:d9:
c5:d1:14:ba:b8:49:81:72:1f:38:8c:50:97:a3:95:81:f4:a4:
d1:24:8f:f2:9c:18:ef:4c:4d:40:1c:e2:92:32:d8:94:43:9d:
fa:fe:02:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSIvVkIySVygXoJDYhC6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMzg1ZTg2MTY3ZDVjY2MyMmZkODU4OTI1NjBhZTc2MGI1
ZjI4OTgwHhcNMjQwMTAxMDQyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmQ3ZGM0NTI0NGZiODQxZDA1ODdjZjVkMzVlNDQ0MjA0NzQ1MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIz/gPzkV6tweBmDQz592tNcIj8o
3CDN8iEoEIhp0r1K6dZWBDjqYcKO01ann/w73HhPCqABYlOLT9n49BE7kY74kKGS
CJX+81EG4NKY7o+4gcGsODeDwoVhxYmPQRk98xOEmvxomexbFo5V2CKIzlPraLKi
s9rOkNdeLv5yLiOx/gyY4iVFc7sK99bUUb2KtCyIfvBB+XVVHVA5QChRpfh7ekN1
L052GbPAlo6k8UQQhSCdQJ+5pWCh5uZrEOeBwgpOUTTTOiStgJZJeB1ath7DTP6m
aA3rs4eNcpqNftZ5xCHDivugUf/qe+XX9cF3aSMngO5AITZ+PxdSVqVOvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/X3EUkT7hB0Fh89dNeREIEdFAuMB8GA1UdIwQY
MBaAFHs4XoYWfVzMIv2FiSVgrnYLXyiYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXpoZWhoWjlYTXdpX1lXSkpXQ3VkZ3RmS0pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9iNDU5ZjEtNjQ5OS00ZTE0LWFjZmIt
ZWE3ODhhZDMyOTZhLzEvTDlmY1JTUlB1RUhRV0h6MTAxNUVRZ1IwVUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9iNDU5ZjEtNjQ5OS00ZTE0LWFjZmItZWE3ODhhZDMyOTZh
LzEvZXpoZWhoWjlYTXdpX1lXSkpXQ3VkZ3RmS0pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBueKIMA0G
CSqGSIb3DQEBCwUAA4IBAQDgjb9uKN/K5BuD0mCwM3T4b4puz1/JVs8X4jlLTfVY
KFfV0FRmjgaxXYSuekrfteOkS/lmEtEsXYJVoIruqJ1r4Qka5uIhngxVR+s+zdIQ
bjq05m+U3FhTLn18uTYiiP+a53xFbFs51mZvp7MSuq7PV0mQMIEaE30wvHD71gBm
99DK5HFhS0HDknyFYGlrtHIHt4enJx/KnGdl7My01PKBSqJPwHYVNGwik8/RQmyn
OagASsTIYJgO8hrmQwFnYXKqoM4KztPrwmSlJBuXuTRGJJcZHr0dSNnF0RS6uEmB
ch84jFCXo5WB9KTRJI/ynBjvTE1AHOKSMtiUQ536/gKw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:22 2025 by rpki-client