Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/1f75cb-c7b9-4529-bdaf-46c7974bd18a/1/4oNng4SZnDzAK1Q3_8RVjM5kjtw.roa
File: 4oNng4SZnDzAK1Q3_8RVjM5kjtw.roa (raw, json)
Hash identifier: iCVW3R6AYJBzMjM6jjBLzlHC2KZ/rKtbC5DXa5QnONo=
Subject key identifier: E2:83:67:83:84:99:9C:3C:C0:2B:54:37:FF:C4:55:8C:CE:64:8E:DC
Certificate issuer: /CN=518aa4993740df8ad38d92cc0c107234e6dfa05c
Certificate serial: 0192DDAEEE02EE32C78DEA1ED2E8A318778C
Authority key identifier: 51:8A:A4:99:37:40:DF:8A:D3:8D:92:CC:0C:10:72:34:E6:DF:A0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UYqkmTdA34rTjZLMDBByNObfoFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/1f75cb-c7b9-4529-bdaf-46c7974bd18a/1/4oNng4SZnDzAK1Q3_8RVjM5kjtw.roa
Signing time: Wed 30 Oct 2024 13:48:01 +0000
ROA not before: Wed 30 Oct 2024 13:48:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50017
IP address blocks: 185.161.128.0/22 maxlen: 22
2a07:c480::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dd:ae:ee:02:ee:32:c7:8d:ea:1e:d2:e8:a3:18:77:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=518aa4993740df8ad38d92cc0c107234e6dfa05c
Validity
Not Before: Oct 30 13:48:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e283678384999c3cc02b5437ffc4558cce648edc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:68:95:08:98:43:e8:14:3e:4a:6e:e4:7c:22:
ff:b8:04:49:10:06:b4:b0:45:b2:b8:5b:0c:3f:4a:
d6:01:82:32:0b:8f:46:7c:c3:33:11:cc:29:8b:6b:
57:08:50:c6:c2:6a:a4:f9:c9:99:f6:62:0f:9a:77:
1e:f9:21:10:89:4e:11:1c:49:33:44:1d:90:47:0b:
26:20:e3:2b:7c:00:39:63:a3:9b:fb:c9:16:69:d1:
d2:84:72:b1:67:70:1d:eb:0d:a4:73:f4:69:c1:7a:
4a:66:05:54:38:9d:cd:ef:03:ec:5a:12:33:25:a9:
1a:7c:31:8b:2a:63:1f:75:65:26:e4:72:3f:48:35:
0f:ca:f0:0a:3d:f1:42:16:77:04:15:12:56:43:7f:
78:6f:a8:42:22:99:34:ff:4b:0b:30:a1:31:a5:82:
a3:50:91:d9:3b:ec:6f:b9:4d:08:d4:b8:e0:46:b3:
9e:75:35:76:77:1a:38:6e:1f:64:e9:c7:87:00:64:
7d:d5:5b:61:06:f1:71:41:fd:47:19:8d:6a:dd:71:
a5:87:b2:ce:b4:b0:88:41:4d:a7:8a:6e:9f:90:6b:
ac:0a:22:22:5a:1e:ba:bf:1d:1c:18:c1:7e:4b:b3:
5e:30:3e:89:f1:78:6a:98:d9:33:f4:f5:97:82:35:
0f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:83:67:83:84:99:9C:3C:C0:2B:54:37:FF:C4:55:8C:CE:64:8E:DC
X509v3 Authority Key Identifier:
keyid:51:8A:A4:99:37:40:DF:8A:D3:8D:92:CC:0C:10:72:34:E6:DF:A0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UYqkmTdA34rTjZLMDBByNObfoFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/1f75cb-c7b9-4529-bdaf-46c7974bd18a/1/4oNng4SZnDzAK1Q3_8RVjM5kjtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/1f75cb-c7b9-4529-bdaf-46c7974bd18a/1/UYqkmTdA34rTjZLMDBByNObfoFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.128.0/22
IPv6:
2a07:c480::/29
Signature Algorithm: sha256WithRSAEncryption
6e:69:41:1a:99:6e:aa:ee:7f:85:dd:9f:16:da:e3:6d:df:47:
3f:6d:37:ba:62:52:89:ec:21:f1:f1:69:c0:9c:d8:6d:7a:3e:
59:a6:05:38:a0:3c:c7:b6:0f:bb:27:17:06:55:cd:db:e6:90:
8b:89:8f:19:39:b6:b1:fb:2e:8f:ec:f0:d2:c6:d9:78:3e:ab:
c4:c1:fc:ca:fc:9b:ab:c3:67:ca:a6:c3:e1:45:db:29:0a:c3:
49:f7:f6:a7:fe:e9:d6:de:84:6b:c5:91:14:ed:0d:df:8e:12:
50:d2:1e:43:b7:a7:c5:9d:dc:bc:38:32:9d:72:cc:fe:8b:55:
15:10:28:23:c5:77:84:12:a1:47:39:38:c7:89:52:8c:e3:48:
95:a9:be:2f:10:26:02:90:a5:da:3c:bd:2b:50:2a:16:a2:94:
0b:b6:a6:db:f8:ad:0a:5e:33:ec:ae:35:8e:c8:f6:7a:de:5b:
62:bc:8a:24:17:68:f3:1d:a1:15:04:3e:06:11:59:e0:c0:a4:
e6:94:88:a7:8a:90:99:2d:01:bf:b3:6b:bf:88:cf:82:6e:e6:
2a:78:09:2a:1c:d2:7d:72:39:c6:a6:8a:c8:31:a1:69:1d:46:
e1:65:bf:87:27:8f:a2:81:49:f9:c5:be:9a:be:2e:77:4f:ef:
39:57:88:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZLdru4C7jLHjeoe0uijGHeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxOGFhNDk5Mzc0MGRmOGFkMzhkOTJjYzBjMTA3MjM0ZTZk
ZmEwNWMwHhcNMjQxMDMwMTM0ODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjgzNjc4Mzg0OTk5YzNjYzAyYjU0MzdmZmM0NTU4Y2NlNjQ4ZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGiVCJhD6BQ+Sm7kfCL/uARJEAa0
sEWyuFsMP0rWAYIyC49GfMMzEcwpi2tXCFDGwmqk+cmZ9mIPmnce+SEQiU4RHEkz
RB2QRwsmIOMrfAA5Y6Ob+8kWadHShHKxZ3Ad6w2kc/RpwXpKZgVUOJ3N7wPsWhIz
JakafDGLKmMfdWUm5HI/SDUPyvAKPfFCFncEFRJWQ394b6hCIpk0/0sLMKExpYKj
UJHZO+xvuU0I1LjgRrOedTV2dxo4bh9k6ceHAGR91VthBvFxQf1HGY1q3XGlh7LO
tLCIQU2nim6fkGusCiIiWh66vx0cGMF+S7NeMD6J8XhqmNkz9PWXgjUP4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOKDZ4OEmZw8wCtUN//EVYzOZI7cMB8GA1UdIwQY
MBaAFFGKpJk3QN+K042SzAwQcjTm36BcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVlxa21UZEEzNHJUalpMTURCQnlOT2Jmb0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8xZjc1Y2ItYzdiOS00NTI5LWJkYWYt
NDZjNzk3NGJkMThhLzEvNG9Obmc0U1puRHpBSzFRM184UlZqTTVranR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8xZjc1Y2ItYzdiOS00NTI5LWJkYWYtNDZjNzk3NGJkMThh
LzEvVVlxa21UZEEzNHJUalpMTURCQnlOT2Jmb0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaGAMA0E
AgACMAcDBQMqB8SAMA0GCSqGSIb3DQEBCwUAA4IBAQBuaUEamW6q7n+F3Z8W2uNt
30c/bTe6YlKJ7CHx8WnAnNhtej5ZpgU4oDzHtg+7JxcGVc3b5pCLiY8ZObax+y6P
7PDSxtl4PqvEwfzK/Jurw2fKpsPhRdspCsNJ9/an/unW3oRrxZEU7Q3fjhJQ0h5D
t6fFndy8ODKdcsz+i1UVECgjxXeEEqFHOTjHiVKM40iVqb4vECYCkKXaPL0rUCoW
opQLtqbb+K0KXjPsrjWOyPZ63ltivIokF2jzHaEVBD4GEVngwKTmlIinipCZLQG/
s2u/iM+CbuYqeAkqHNJ9cjnGporIMaFpHUbhZb+HJ4+igUn5xb6avi53T+85V4h4
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:03 2025 by rpki-client