Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/FOIPjOkuHjJ7V7lJv3cNCP8VvaQ.roa
File: FOIPjOkuHjJ7V7lJv3cNCP8VvaQ.roa (raw, json)
Hash identifier: aRnDtQw7TpC4C2dXCGLigiXx/yzlx+HgltBTk+KvLlk=
Subject key identifier: 14:E2:0F:8C:E9:2E:1E:32:7B:57:B9:49:BF:77:0D:08:FF:15:BD:A4
Certificate issuer: /CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Certificate serial: 01904B69F9A49C12F1D3DCD80206D0F3FCE3
Authority key identifier: 12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/FOIPjOkuHjJ7V7lJv3cNCP8VvaQ.roa
Signing time: Mon 24 Jun 2024 18:02:34 +0000
ROA not before: Mon 24 Jun 2024 18:02:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3758
IP address blocks: 185.114.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 06:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4b:69:f9:a4:9c:12:f1:d3:dc:d8:02:06:d0:f3:fc:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Validity
Not Before: Jun 24 18:02:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14e20f8ce92e1e327b57b949bf770d08ff15bda4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bb:30:e3:65:c0:d9:aa:9b:b0:1a:d6:9d:0c:
cd:e9:b2:b4:69:de:30:1f:08:52:0e:89:b9:c8:91:
e6:fb:7c:d0:fc:ee:ae:b0:93:ee:bc:4d:c1:08:41:
7d:8c:62:01:e3:3e:59:ab:e6:9c:c9:1e:c6:af:38:
6f:b7:5c:fe:64:83:e4:16:c0:44:03:e9:fa:8e:f4:
a8:ee:44:a2:5c:80:d8:9f:67:be:4a:6f:c4:76:f6:
9c:99:4f:c3:ab:8a:89:c5:82:97:62:8e:46:4a:27:
a2:cf:b3:93:92:74:66:f2:64:80:d2:c0:0b:c4:ff:
18:e8:ff:a2:f9:74:c8:ad:cd:10:18:00:52:3f:0e:
95:9d:a7:6f:a1:1f:03:fc:5a:7d:16:c3:ec:5b:97:
f1:29:e7:fe:e8:a1:03:aa:44:5c:c5:6e:2f:64:b4:
91:7b:04:b6:82:f8:e8:19:5d:b3:46:9c:fd:f5:9a:
f7:f9:8c:3f:0d:81:9f:1a:4d:30:a4:69:c3:c2:45:
38:a1:e6:ff:65:9b:43:10:84:8f:9a:6c:28:e6:c5:
b6:e0:65:21:fe:20:a7:5a:2f:83:e3:ee:67:ba:b0:
1f:97:51:fa:9a:64:a1:c7:25:98:c5:66:03:13:9a:
20:6f:84:2b:3d:f0:73:b3:05:9b:48:84:a4:31:1e:
fd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E2:0F:8C:E9:2E:1E:32:7B:57:B9:49:BF:77:0D:08:FF:15:BD:A4
X509v3 Authority Key Identifier:
keyid:12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/FOIPjOkuHjJ7V7lJv3cNCP8VvaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.32.0/24
Signature Algorithm: sha256WithRSAEncryption
59:99:63:73:64:18:c6:78:5d:53:b4:78:78:88:2b:aa:8a:61:
cf:bf:16:c2:f8:3c:c5:53:c9:f8:d0:30:cc:3a:6a:3a:ce:03:
01:7d:00:8a:45:47:2d:9d:db:d0:c3:d8:ca:9c:e4:39:cd:ae:
28:60:dc:c3:74:f7:c6:79:a6:c9:be:89:c0:f6:a8:7e:59:cb:
a4:2d:e9:3b:6a:e0:e5:67:bb:25:aa:b9:f6:e0:e7:79:d5:31:
01:4e:fd:fa:d0:f6:91:be:cb:9e:72:4e:0d:37:2c:56:be:f8:
69:94:39:e7:a8:c6:80:1b:4e:33:c5:b3:ec:8a:b6:9b:e0:9a:
00:2c:2f:db:db:ff:ce:84:29:5c:8a:4b:9f:f2:33:83:80:94:
f7:3e:87:bf:35:bd:61:42:ff:76:76:2c:a2:1b:23:ac:27:04:
ff:f4:9c:a0:f7:95:da:b8:25:94:4d:a2:d6:8a:24:ae:ec:88:
f4:d8:09:8d:c5:c1:a0:b7:c6:d4:b6:7d:02:d2:d7:1b:2e:78:
57:f9:b9:bc:44:65:50:08:c6:db:24:ef:f1:e6:f6:81:f6:d2:
0e:3b:e9:fc:c7:7e:a0:82:c6:9b:4f:9b:4e:f4:94:0a:f7:7c:
39:10:2b:7b:d0:de:a6:f2:a8:82:66:e7:fb:b2:8f:62:fe:78:
6c:8d:19:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBLafmknBLx09zYAgbQ8/zjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTRhN2UyYThjNzAxMjMyNWFlOTczZWQxYTJiYmEwNWIy
YmI5YzEwHhcNMjQwNjI0MTgwMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGUyMGY4Y2U5MmUxZTMyN2I1N2I5NDliZjc3MGQwOGZmMTViZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLsw42XA2aqbsBrWnQzN6bK0ad4w
HwhSDom5yJHm+3zQ/O6usJPuvE3BCEF9jGIB4z5Zq+acyR7Grzhvt1z+ZIPkFsBE
A+n6jvSo7kSiXIDYn2e+Sm/EdvacmU/Dq4qJxYKXYo5GSieiz7OTknRm8mSA0sAL
xP8Y6P+i+XTIrc0QGABSPw6VnadvoR8D/Fp9FsPsW5fxKef+6KEDqkRcxW4vZLSR
ewS2gvjoGV2zRpz99Zr3+Yw/DYGfGk0wpGnDwkU4oeb/ZZtDEISPmmwo5sW24GUh
/iCnWi+D4+5nurAfl1H6mmShxyWYxWYDE5ogb4QrPfBzswWbSISkMR79IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBTiD4zpLh4ye1e5Sb93DQj/Fb2kMB8GA1UdIwQY
MBaAFBIUp+KoxwEjJa6XPtGiu6BbK7nBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQt
ZTljMzY0OWMxMjE4LzEvRk9JUGpPa3VIako3VjdsSnYzY05DUDhWdmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQtZTljMzY0OWMxMjE4
LzEvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXIgMA0G
CSqGSIb3DQEBCwUAA4IBAQBZmWNzZBjGeF1TtHh4iCuqimHPvxbC+DzFU8n40DDM
Omo6zgMBfQCKRUctndvQw9jKnOQ5za4oYNzDdPfGeabJvonA9qh+WcukLek7auDl
Z7slqrn24Od51TEBTv360PaRvsueck4NNyxWvvhplDnnqMaAG04zxbPsirab4JoA
LC/b2//OhClcikuf8jODgJT3Poe/Nb1hQv92diyiGyOsJwT/9Jyg95XauCWUTaLW
iiSu7Ij02AmNxcGgt8bUtn0C0tcbLnhX+bm8RGVQCMbbJO/x5vaB9tIOO+n8x36g
gsabT5tO9JQK93w5ECt70N6m8qiCZuf7so9i/nhsjRko
-----END CERTIFICATE-----
Generated at Tue Nov 5 08:36:25 2024 by rpki-client on console-fra.rpki-client.org