Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/4-fNDS3Vs0_qJNOBPQ3GCO8iLL0.roa
File: 4-fNDS3Vs0_qJNOBPQ3GCO8iLL0.roa (raw, json)
Hash identifier: N3OccWSlKzp2UixMb+DpLmp6JgXFX2Ho4wDOrwLQKjY=
Subject key identifier: E3:E7:CD:0D:2D:D5:B3:4F:EA:24:D3:81:3D:0D:C6:08:EF:22:2C:BD
Certificate issuer: /CN=301a648725ee26a460cb9b1cbcd9c9c832c449af
Certificate serial: 018CC8DE54171A65E171BEF92FBA284A6AE3
Authority key identifier: 30:1A:64:87:25:EE:26:A4:60:CB:9B:1C:BC:D9:C9:C8:32:C4:49:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/4-fNDS3Vs0_qJNOBPQ3GCO8iLL0.roa
Signing time: Tue 02 Jan 2024 06:31:02 +0000
ROA not before: Tue 02 Jan 2024 06:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209044
IP address blocks: 5.183.48.0/22 maxlen: 22
185.254.1.0/24 maxlen: 24
2a0e:d200::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:54:17:1a:65:e1:71:be:f9:2f:ba:28:4a:6a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=301a648725ee26a460cb9b1cbcd9c9c832c449af
Validity
Not Before: Jan 2 06:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3e7cd0d2dd5b34fea24d3813d0dc608ef222cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:dc:3b:0c:79:cb:b2:f9:93:b6:03:9b:68:46:
12:10:25:a9:94:a5:28:17:ce:7e:06:36:7c:cb:2a:
19:7a:04:e5:8f:e3:8b:94:ea:aa:73:51:f6:a9:2b:
2c:73:90:0f:37:8b:40:54:c9:89:48:24:8d:c4:e2:
a0:1f:ce:94:bc:93:fc:4a:ea:ac:36:ae:31:f6:2f:
06:17:33:b1:cb:06:98:77:e8:44:fd:e6:c5:cb:10:
27:92:55:70:d6:73:c2:72:06:71:4d:0f:19:4d:fc:
2d:92:4e:b1:be:43:d7:d2:fc:15:82:d0:75:1b:3d:
c6:7a:da:6a:a1:a6:a4:a5:e9:fa:da:38:84:10:62:
b4:e7:43:16:5c:22:79:e1:8a:75:0e:02:14:63:ae:
25:40:e7:ec:2f:78:e8:f1:26:4b:a4:44:d2:76:85:
23:53:b6:d2:92:90:e0:36:44:af:e7:a4:b3:60:ab:
91:3a:3d:1d:ee:12:ce:a3:be:0a:13:76:0e:5d:ff:
bf:d7:ad:a4:e9:d0:a5:92:7c:84:14:20:df:7b:1a:
84:30:7b:9c:ea:96:cd:27:7e:7c:13:09:cf:bd:bc:
9a:64:69:49:37:c6:d3:5e:6a:26:86:d6:4d:04:27:
5c:05:54:47:3a:ac:77:7c:fe:b4:e7:0e:c8:16:5c:
73:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E7:CD:0D:2D:D5:B3:4F:EA:24:D3:81:3D:0D:C6:08:EF:22:2C:BD
X509v3 Authority Key Identifier:
keyid:30:1A:64:87:25:EE:26:A4:60:CB:9B:1C:BC:D9:C9:C8:32:C4:49:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/4-fNDS3Vs0_qJNOBPQ3GCO8iLL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/MBpkhyXuJqRgy5scvNnJyDLESa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.48.0/22
185.254.1.0/24
IPv6:
2a0e:d200::/29
Signature Algorithm: sha256WithRSAEncryption
0d:4c:96:2d:94:97:a7:e2:73:71:ea:83:cd:7f:b9:4c:f8:87:
d7:3b:2f:d0:37:09:53:7e:c3:bf:51:4d:07:e5:c6:62:8d:91:
38:a7:94:a0:50:1c:30:3b:25:04:88:dd:4f:f2:1f:42:f7:a3:
d4:22:9b:6d:08:f6:28:31:88:75:8b:ca:e2:1d:21:df:7f:eb:
8b:89:2d:4a:71:5d:83:bd:f4:92:f6:1e:06:35:03:da:bd:9c:
9a:d9:49:c9:6d:a0:e3:2a:99:f6:79:d5:8d:20:7c:18:1d:26:
a0:64:9f:02:c8:11:f2:9d:a1:c3:ec:45:98:96:63:64:d1:e1:
d2:c1:67:ac:97:58:2a:79:4e:e5:2f:9a:58:b0:0f:81:87:1e:
ce:27:6b:f1:8c:0f:f0:19:4c:8d:f8:e0:c2:8e:40:e8:e5:3b:
6b:2c:19:ff:5d:f5:73:eb:1c:6a:d3:1b:6b:46:1a:12:0d:07:
f4:3f:98:0b:a3:33:a0:47:89:25:7d:60:45:69:79:da:4c:10:
2e:79:1d:5b:97:95:36:fd:ca:29:bc:83:74:e0:34:95:18:ca:
69:38:eb:19:9a:40:6d:60:ac:a0:c9:db:91:20:c2:ab:09:99:
55:3c:39:34:9f:13:f9:ea:15:11:dc:8a:cb:3b:85:73:83:13:
50:a1:69:52
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3lQXGmXhcb75L7ooSmrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMWE2NDg3MjVlZTI2YTQ2MGNiOWIxY2JjZDljOWM4MzJj
NDQ5YWYwHhcNMjQwMTAyMDYzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2U3Y2QwZDJkZDViMzRmZWEyNGQzODEzZDBkYzYwOGVmMjIyY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdw7DHnLsvmTtgObaEYSECWplKUo
F85+BjZ8yyoZegTlj+OLlOqqc1H2qSssc5APN4tAVMmJSCSNxOKgH86UvJP8Suqs
Nq4x9i8GFzOxywaYd+hE/ebFyxAnklVw1nPCcgZxTQ8ZTfwtkk6xvkPX0vwVgtB1
Gz3Getpqoaakpen62jiEEGK050MWXCJ54Yp1DgIUY64lQOfsL3jo8SZLpETSdoUj
U7bSkpDgNkSv56SzYKuROj0d7hLOo74KE3YOXf+/162k6dClknyEFCDfexqEMHuc
6pbNJ358EwnPvbyaZGlJN8bTXmomhtZNBCdcBVRHOqx3fP605w7IFlxzcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOPnzQ0t1bNP6iTTgT0NxgjvIiy9MB8GA1UdIwQY
MBaAFDAaZIcl7iakYMubHLzZycgyxEmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJwa2h5WHVKcVJneTVzY3ZObkp5RExFU2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wMjRmMGYtMjBjNS00ODI4LWIzMzIt
YTViMmQwOWUwNWNmLzEvNC1mTkRTM1ZzMF9xSk5PQlBRM0dDTzhpTEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wMjRmMGYtMjBjNS00ODI4LWIzMzItYTViMmQwOWUwNWNm
LzEvTUJwa2h5WHVKcVJneTVzY3ZObkp5RExFU2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBbcwAwQA
uf4BMA0EAgACMAcDBQMqDtIAMA0GCSqGSIb3DQEBCwUAA4IBAQANTJYtlJen4nNx
6oPNf7lM+IfXOy/QNwlTfsO/UU0H5cZijZE4p5SgUBwwOyUEiN1P8h9C96PUIptt
CPYoMYh1i8riHSHff+uLiS1KcV2DvfSS9h4GNQPavZya2UnJbaDjKpn2edWNIHwY
HSagZJ8CyBHynaHD7EWYlmNk0eHSwWesl1gqeU7lL5pYsA+Bhx7OJ2vxjA/wGUyN
+ODCjkDo5TtrLBn/XfVz6xxq0xtrRhoSDQf0P5gLozOgR4klfWBFaXnaTBAueR1b
l5U2/copvIN04DSVGMppOOsZmkBtYKygyduRIMKrCZlVPDk0nxP56hUR3IrLO4Vz
gxNQoWlS
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:06 2025 by rpki-client