Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/u0O4o3u_ltJIPTn5kro9HNFW14g.roa
File: u0O4o3u_ltJIPTn5kro9HNFW14g.roa (raw, json)
Hash identifier: bjtiumDN5XN8IQLl81TvHHoNxNq+o/GDKKPYKhCBTTs=
Subject key identifier: BB:43:B8:A3:7B:BF:96:D2:48:3D:39:F9:92:BA:3D:1C:D1:56:D7:88
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 018CC26D2B88E073359002CE4F006021F6D6
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/u0O4o3u_ltJIPTn5kro9HNFW14g.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199450
IP address blocks: 185.12.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Aug 2024 10:21:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2b:88:e0:73:35:90:02:ce:4f:00:60:21:f6:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb43b8a37bbf96d2483d39f992ba3d1cd156d788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d8:35:2c:9e:86:c5:df:59:7f:37:54:05:07:
35:b2:52:f3:2b:64:e2:0b:87:d9:9b:10:f5:c7:c3:
88:5e:6a:8b:98:f2:2f:95:8e:3c:1b:43:4d:e4:b6:
d8:7b:d1:dd:f4:cf:1d:cc:1a:4c:04:44:e5:b8:a0:
39:a8:43:71:4b:3d:b0:0e:5d:93:d9:64:6b:39:99:
3d:56:ee:5e:1b:20:81:0c:e3:8f:07:a8:dc:c7:bb:
c0:7c:81:50:fd:d0:a0:b4:7f:ff:cb:9d:4a:e4:d1:
d8:21:a5:8c:58:b1:75:79:64:4e:1a:66:fa:9a:81:
87:0c:b4:92:fc:1a:85:8e:d4:01:84:e8:88:57:d0:
fa:33:b8:8f:6d:25:a8:c3:85:7c:a0:18:cf:69:3a:
9f:82:d9:7e:74:5e:1d:7f:01:de:7a:85:40:37:c8:
e4:49:d0:57:c9:3b:33:29:f4:12:5e:58:49:e1:a3:
85:28:3a:7f:14:3f:e8:aa:82:8a:e7:88:3a:1f:a3:
21:c2:94:5d:ba:66:28:eb:fb:c6:e8:52:b9:fd:c6:
c4:fb:2a:d6:d0:bd:e8:47:41:86:15:f9:ee:90:b2:
93:4f:6a:68:fe:04:23:8d:00:b1:c8:6a:af:0d:88:
5e:a6:49:fa:95:b1:15:4c:2f:d4:d5:fd:d8:5b:95:
65:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:43:B8:A3:7B:BF:96:D2:48:3D:39:F9:92:BA:3D:1C:D1:56:D7:88
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/u0O4o3u_ltJIPTn5kro9HNFW14g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.10.0/24
Signature Algorithm: sha256WithRSAEncryption
51:57:12:06:6c:dd:79:97:3e:12:17:cc:42:d8:ec:4f:c4:fb:
74:2c:29:a4:75:a9:96:37:2b:95:d7:26:65:d9:47:cb:1d:b0:
af:77:28:61:a2:78:fd:07:c3:95:aa:c9:7f:89:91:ac:a7:7c:
75:e1:2f:ba:e0:b6:5d:39:43:82:62:89:19:ad:af:86:68:cb:
76:a2:c7:dd:ef:35:aa:a0:65:32:97:68:6a:70:52:90:d2:c0:
96:06:b6:f7:3b:13:89:ef:16:5d:73:c6:2d:23:86:0e:e1:5a:
96:e8:5a:41:53:ee:59:76:dc:4d:00:52:35:c9:d0:13:2d:f4:
47:de:06:43:62:11:94:3b:02:88:67:eb:93:5a:b1:6c:f7:2b:
81:6f:b0:2e:3b:30:4b:af:34:40:92:0b:7a:d1:8e:4c:99:b7:
52:cc:27:d3:74:d6:d7:7d:3a:2e:56:98:f5:da:c9:3b:b5:2a:
b1:34:76:e5:07:5f:47:ee:d8:f9:e1:cb:bf:c6:c2:e3:92:79:
40:2a:f5:36:84:a1:5f:76:00:94:de:fc:93:d9:37:90:e7:d4:
32:2f:ff:34:aa:11:6e:e7:10:a2:10:33:82:6a:0f:65:3d:28:
ed:4b:cd:6f:1a:5f:fa:9b:3c:83:b9:9f:b8:c0:71:7a:f7:0a:
c6:41:59:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbSuI4HM1kALOTwBgIfbWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQzYjhhMzdiYmY5NmQyNDgzZDM5Zjk5MmJhM2QxY2QxNTZkNzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtg1LJ6Gxd9ZfzdUBQc1slLzK2Ti
C4fZmxD1x8OIXmqLmPIvlY48G0NN5LbYe9Hd9M8dzBpMBETluKA5qENxSz2wDl2T
2WRrOZk9Vu5eGyCBDOOPB6jcx7vAfIFQ/dCgtH//y51K5NHYIaWMWLF1eWROGmb6
moGHDLSS/BqFjtQBhOiIV9D6M7iPbSWow4V8oBjPaTqfgtl+dF4dfwHeeoVAN8jk
SdBXyTszKfQSXlhJ4aOFKDp/FD/oqoKK54g6H6MhwpRdumYo6/vG6FK5/cbE+yrW
0L3oR0GGFfnukLKTT2po/gQjjQCxyGqvDYhepkn6lbEVTC/U1f3YW5VltwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtDuKN7v5bSSD05+ZK6PRzRVteIMB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvdTBPNG8zdV9sdEpJUFRuNWtybzlITkZXMTRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMtOWNhOThmNDk1MGNm
LzEvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQwKMA0G
CSqGSIb3DQEBCwUAA4IBAQBRVxIGbN15lz4SF8xC2OxPxPt0LCmkdamWNyuV1yZl
2UfLHbCvdyhhonj9B8OVqsl/iZGsp3x14S+64LZdOUOCYokZra+GaMt2osfd7zWq
oGUyl2hqcFKQ0sCWBrb3OxOJ7xZdc8YtI4YO4VqW6FpBU+5ZdtxNAFI1ydATLfRH
3gZDYhGUOwKIZ+uTWrFs9yuBb7AuOzBLrzRAkgt60Y5MmbdSzCfTdNbXfTouVpj1
2sk7tSqxNHblB19H7tj54cu/xsLjknlAKvU2hKFfdgCU3vyT2TeQ59QyL/80qhFu
5xCiEDOCag9lPSjtS81vGl/6mzyDuZ+4wHF69wrGQVnz
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:11 2025 by rpki-client