Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/8hgKNOMZKcY_Ubc96GOloIRdIpU.roa
File: 8hgKNOMZKcY_Ubc96GOloIRdIpU.roa (raw, json)
Hash identifier: HVl52eYXBtSx5hRXRkLesW9QZf4Rdynn1/ooR5SEp/E=
Subject key identifier: F2:18:0A:34:E3:19:29:C6:3F:51:B7:3D:E8:63:A5:A0:84:5D:22:95
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 019122274619189EFC145A491D32E35670D2
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/8hgKNOMZKcY_Ubc96GOloIRdIpU.roa
Signing time: Mon 05 Aug 2024 10:48:04 +0000
ROA not before: Mon 05 Aug 2024 10:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41956
IP address blocks: 185.6.148.0/24 maxlen: 24
185.6.149.0/24 maxlen: 24
185.6.150.0/24 maxlen: 24
185.6.151.0/24 maxlen: 24
212.30.40.0/24 maxlen: 24
212.30.52.0/24 maxlen: 24
212.30.53.0/24 maxlen: 24
212.30.54.0/24 maxlen: 24
212.30.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:22:27:46:19:18:9e:fc:14:5a:49:1d:32:e3:56:70:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Aug 5 10:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2180a34e31929c63f51b73de863a5a0845d2295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:07:f5:4e:92:db:f9:c3:bd:38:9c:47:fc:f9:
31:d2:1e:39:50:22:67:7f:be:01:d8:96:d7:a4:6c:
94:6b:41:ac:d1:a4:db:31:2d:e7:4c:40:b0:3a:bc:
03:6a:36:2f:0c:28:91:04:23:0b:a9:40:af:2e:2a:
8a:55:79:7d:c1:33:ea:b9:cd:4e:9d:80:f8:e1:e8:
1b:b6:ef:01:cb:65:15:b2:82:ad:cb:8b:89:0d:46:
0e:65:e9:bd:d5:9a:59:97:c8:a6:dc:69:86:6f:fd:
a6:d5:cb:6a:47:57:4a:ee:be:46:29:be:5a:e6:7c:
1d:a5:3e:47:ec:c4:1f:ca:a4:4e:52:bb:75:f3:0f:
15:a5:3e:ec:bf:a2:29:05:ea:3b:24:9c:17:ff:70:
d4:08:06:25:e5:62:fe:5e:3f:c6:1b:e8:b8:6f:6b:
d7:fc:5a:ef:ee:59:5b:b9:6e:87:ba:e2:60:d8:15:
a3:67:9c:7d:49:36:e5:59:08:ef:e9:53:c5:6c:cd:
23:38:f3:88:ef:c6:72:f8:f6:49:7d:79:7b:6b:be:
4b:54:75:0a:42:9c:56:72:7c:b9:15:46:86:a7:06:
b0:4c:b4:99:9c:69:9c:b2:15:6c:00:eb:5f:ea:df:
7b:2c:44:9f:fe:e3:db:58:d5:b8:07:3b:24:d9:23:
2b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:18:0A:34:E3:19:29:C6:3F:51:B7:3D:E8:63:A5:A0:84:5D:22:95
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/8hgKNOMZKcY_Ubc96GOloIRdIpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.148.0/22
212.30.40.0/24
212.30.52.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:b5:a6:f8:dd:7a:e8:4f:80:4c:a9:92:03:aa:75:ee:b7:84:
6e:ae:e6:2b:d4:77:b1:15:64:6e:61:bd:42:26:ca:b0:e5:c5:
90:e2:10:08:2b:df:3b:8f:c8:77:7b:0b:b2:76:11:53:ba:ab:
c2:31:64:a9:d2:7d:fc:0c:67:24:d4:c4:30:36:bf:ac:bf:00:
e3:fb:e8:a5:85:17:9b:c8:26:e1:c3:46:ac:bb:5f:67:0a:ea:
cf:72:cf:7e:2a:81:f8:9e:90:98:c6:43:d1:4d:3a:c7:48:b2:
4c:b5:79:2d:8c:fc:1e:06:4d:9e:bb:dc:b9:f7:50:bc:41:31:
d7:d3:cd:71:83:24:d2:e8:cd:70:9a:17:08:c6:2a:ee:cd:26:
4f:4b:f0:32:78:ed:bf:40:06:16:38:9b:29:32:84:ee:1b:61:
9f:e4:8e:b0:d7:aa:8c:94:e6:37:e4:8a:5a:3f:68:a3:0d:4b:
0c:f5:da:e4:49:a2:78:8d:05:20:51:2c:24:4c:bd:a7:d2:ca:
b1:0f:72:f2:1a:ab:24:c4:50:12:77:93:01:c6:e2:70:74:40:
9e:e2:dd:07:ce:ec:cd:81:8f:e2:f6:19:c6:61:3a:c5:4f:8f:
57:c0:43:85:c4:ba:89:26:69:34:e1:0c:d7:f1:b6:d8:53:bc:
88:dd:50:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEiJ0YZGJ78FFpJHTLjVnDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjQwODA1MTA0ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjE4MGEzNGUzMTkyOWM2M2Y1MWI3M2RlODYzYTVhMDg0NWQyMjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngf1TpLb+cO9OJxH/Pkx0h45UCJn
f74B2JbXpGyUa0Gs0aTbMS3nTECwOrwDajYvDCiRBCMLqUCvLiqKVXl9wTPquc1O
nYD44egbtu8By2UVsoKty4uJDUYOZem91ZpZl8im3GmGb/2m1ctqR1dK7r5GKb5a
5nwdpT5H7MQfyqROUrt18w8VpT7sv6IpBeo7JJwX/3DUCAYl5WL+Xj/GG+i4b2vX
/Frv7llbuW6HuuJg2BWjZ5x9STblWQjv6VPFbM0jOPOI78Zy+PZJfXl7a75LVHUK
QpxWcny5FUaGpwawTLSZnGmcshVsAOtf6t97LESf/uPbWNW4Bzsk2SMr+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPIYCjTjGSnGP1G3PehjpaCEXSKVMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvOGhnS05PTVpLY1lfVWJjOTZHT2xvSVJkSXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuQaUAwQA
1B4oAwQC1B40MA0GCSqGSIb3DQEBCwUAA4IBAQCitab43XroT4BMqZIDqnXut4Ru
ruYr1HexFWRuYb1CJsqw5cWQ4hAIK987j8h3ewuydhFTuqvCMWSp0n38DGck1MQw
Nr+svwDj++ilhRebyCbhw0asu19nCurPcs9+KoH4npCYxkPRTTrHSLJMtXktjPwe
Bk2eu9y591C8QTHX081xgyTS6M1wmhcIxiruzSZPS/AyeO2/QAYWOJspMoTuG2Gf
5I6w16qMlOY35IpaP2ijDUsM9drkSaJ4jQUgUSwkTL2n0sqxD3LyGqskxFASd5MB
xuJwdECe4t0HzuzNgY/i9hnGYTrFT49XwEOFxLqJJmk04QzX8bbYU7yI3VC5
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:10:13 2025 by rpki-client