Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/elWDusDYRJqiBaIO7NVJpheE6y8.roa
File: elWDusDYRJqiBaIO7NVJpheE6y8.roa (raw, json)
Hash identifier: cXRDoPJV05JHXkQoLp92uMCidMP8L9xluQrHg5CzY/w=
Subject key identifier: 7A:55:83:BA:C0:D8:44:9A:A2:05:A2:0E:EC:D5:49:A6:17:84:EB:2F
Certificate issuer: /CN=3501772457e0f827b9e920b00cd114824a5fa621
Certificate serial: 018CC492FE358AE998E3A5E57D6EF1CE0874
Authority key identifier: 35:01:77:24:57:E0:F8:27:B9:E9:20:B0:0C:D1:14:82:4A:5F:A6:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQF3JFfg-Ce56SCwDNEUgkpfpiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/elWDusDYRJqiBaIO7NVJpheE6y8.roa
Signing time: Mon 01 Jan 2024 10:30:16 +0000
ROA not before: Mon 01 Jan 2024 10:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200911
IP address blocks: 185.88.122.0/23 maxlen: 23
185.88.120.0/23 maxlen: 23
185.88.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:fe:35:8a:e9:98:e3:a5:e5:7d:6e:f1:ce:08:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3501772457e0f827b9e920b00cd114824a5fa621
Validity
Not Before: Jan 1 10:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a5583bac0d8449aa205a20eecd549a61784eb2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:67:03:f1:6a:21:69:98:b0:cc:e9:ee:d8:9e:
f4:18:8c:e0:bc:67:1b:9f:32:8c:8d:d8:4c:ea:fb:
9a:5e:93:a0:50:6e:52:a7:33:89:f8:8a:9a:8d:7f:
de:4b:41:f3:31:47:a5:46:cd:79:6b:bf:2f:66:4e:
a6:93:52:81:85:a0:44:41:95:61:db:64:dc:7c:60:
42:61:cd:a7:38:98:51:36:a3:0f:49:ce:82:2c:40:
70:9a:53:c6:b2:12:e2:c6:5b:5c:35:d0:5a:7d:1c:
3f:31:c1:54:d9:a2:4d:7a:f7:23:61:d1:42:e6:d1:
06:21:79:29:70:e9:6c:2f:d8:94:f7:32:bc:13:b0:
4c:5e:c7:bd:fb:ab:17:4c:2d:ee:5a:8b:7a:cb:e3:
5d:81:ba:19:fa:31:f8:72:5e:a9:27:ed:68:f8:38:
3c:9a:62:68:fc:21:89:dd:1f:27:36:82:72:10:83:
75:28:ce:3b:e5:cf:89:f1:d0:9c:15:ab:56:c7:90:
ef:96:60:df:e0:9f:2f:8c:1f:02:60:82:20:f7:de:
ae:69:78:a7:f4:2f:78:12:12:41:dd:a5:c7:2f:9c:
81:d3:23:2a:38:0a:1e:5d:21:85:26:f9:78:7b:b9:
5b:6c:5a:20:0f:45:a4:5f:a6:9d:b5:80:86:e8:38:
8e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:55:83:BA:C0:D8:44:9A:A2:05:A2:0E:EC:D5:49:A6:17:84:EB:2F
X509v3 Authority Key Identifier:
keyid:35:01:77:24:57:E0:F8:27:B9:E9:20:B0:0C:D1:14:82:4A:5F:A6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQF3JFfg-Ce56SCwDNEUgkpfpiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/elWDusDYRJqiBaIO7NVJpheE6y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.120.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:97:c9:8a:30:0a:aa:91:4c:dd:96:c9:96:e4:1d:07:07:01:
09:e9:2e:65:2d:2f:72:f4:37:13:86:ff:05:b6:60:dc:21:3a:
ca:bd:be:7e:b8:d2:fc:b3:3e:94:f7:29:8d:b0:07:ba:3b:c2:
a4:ed:60:26:8e:dd:88:aa:cb:a1:bf:ae:04:39:bc:08:c0:7a:
2c:7c:ad:fc:1a:2b:41:07:6e:59:b5:09:04:c6:c2:2b:f4:46:
ab:b3:71:8d:77:3a:1c:01:83:e9:8b:57:72:1e:24:6e:c9:71:
c9:6d:e8:8d:72:08:65:52:6b:0d:d8:69:23:78:cb:6c:2b:74:
82:6e:cf:50:2a:6b:31:f4:99:f2:10:df:88:17:ee:91:d0:82:
26:5a:d7:f7:63:02:22:2c:94:10:3a:99:c1:61:63:e7:61:d7:
b2:cf:2f:ee:78:0d:6d:0f:b3:d8:76:3d:01:f3:5d:4f:fe:d2:
a8:4c:65:8f:e2:b0:fd:ba:ab:66:00:30:2b:1b:df:94:cc:9d:
3d:f7:d9:74:00:f7:d1:f0:28:0c:79:67:b8:c7:ff:d0:18:92:
51:45:d8:33:dc:96:15:8a:3c:5a:ca:7c:b1:f9:0e:61:50:9b:
15:b5:bb:42:cd:d7:34:81:07:31:3e:56:cb:90:d1:0d:80:2f:
20:25:6c:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkv41iumY46XlfW7xzgh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MDE3NzI0NTdlMGY4MjdiOWU5MjBiMDBjZDExNDgyNGE1
ZmE2MjEwHhcNMjQwMTAxMTAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTU1ODNiYWMwZDg0NDlhYTIwNWEyMGVlY2Q1NDlhNjE3ODRlYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmcD8WohaZiwzOnu2J70GIzgvGcb
nzKMjdhM6vuaXpOgUG5SpzOJ+IqajX/eS0HzMUelRs15a78vZk6mk1KBhaBEQZVh
22TcfGBCYc2nOJhRNqMPSc6CLEBwmlPGshLixltcNdBafRw/McFU2aJNevcjYdFC
5tEGIXkpcOlsL9iU9zK8E7BMXse9+6sXTC3uWot6y+NdgboZ+jH4cl6pJ+1o+Dg8
mmJo/CGJ3R8nNoJyEIN1KM475c+J8dCcFatWx5DvlmDf4J8vjB8CYIIg996uaXin
9C94EhJB3aXHL5yB0yMqOAoeXSGFJvl4e7lbbFogD0WkX6adtYCG6DiO3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHpVg7rA2ESaogWiDuzVSaYXhOsvMB8GA1UdIwQY
MBaAFDUBdyRX4PgnuekgsAzRFIJKX6YhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlFGM0pGZmctQ2U1NlNDd0RORVVna3BmcGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi85MDM5MzEtMTY5OC00MWI3LWFmMzQt
OWRkODI3MzVkYTNkLzEvZWxXRHVzRFlSSnFpQmFJTzdOVkpwaGVFNnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi85MDM5MzEtMTY5OC00MWI3LWFmMzQtOWRkODI3MzVkYTNk
LzEvTlFGM0pGZmctQ2U1NlNDd0RORVVna3BmcGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVh4MA0G
CSqGSIb3DQEBCwUAA4IBAQCdl8mKMAqqkUzdlsmW5B0HBwEJ6S5lLS9y9DcThv8F
tmDcITrKvb5+uNL8sz6U9ymNsAe6O8Kk7WAmjt2Iqsuhv64EObwIwHosfK38GitB
B25ZtQkExsIr9Ears3GNdzocAYPpi1dyHiRuyXHJbeiNcghlUmsN2GkjeMtsK3SC
bs9QKmsx9JnyEN+IF+6R0IImWtf3YwIiLJQQOpnBYWPnYdeyzy/ueA1tD7PYdj0B
811P/tKoTGWP4rD9uqtmADArG9+UzJ0999l0APfR8CgMeWe4x//QGJJRRdgz3JYV
ijxaynyx+Q5hUJsVtbtCzdc0gQcxPlbLkNENgC8gJWxF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:49 2025 by rpki-client