Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/RAVrWVAnw_qOVwAr74kc0s3Uwrc.roa
File: RAVrWVAnw_qOVwAr74kc0s3Uwrc.roa (raw, json)
Hash identifier: qm7+Q8wcuXXmvW0nficrN6uQmd8Pj+Ua8GzPSq8HHIw=
Subject key identifier: 44:05:6B:59:50:27:C3:FA:8E:57:00:2B:EF:89:1C:D2:CD:D4:C2:B7
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018DA6FFDADED3E4C694B79E78A50BF52E1C
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/RAVrWVAnw_qOVwAr74kc0s3Uwrc.roa
Signing time: Wed 14 Feb 2024 09:43:22 +0000
ROA not before: Wed 14 Feb 2024 09:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35758
IP address blocks: 5.253.186.0/24 maxlen: 24
185.114.205.0/24 maxlen: 24
185.219.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 17:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a6:ff:da:de:d3:e4:c6:94:b7:9e:78:a5:0b:f5:2e:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Feb 14 09:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44056b595027c3fa8e57002bef891cd2cdd4c2b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e1:f3:bc:bb:74:da:dc:74:25:c8:db:fa:f7:
f6:8e:77:3c:65:5a:c7:6d:27:d7:3e:a4:1f:b4:a6:
35:7d:f9:a6:b8:1e:2a:36:67:60:08:29:db:b9:b3:
88:83:20:6a:6d:c3:fa:8b:a4:c8:f7:2d:64:5e:45:
26:54:26:61:6f:d3:e4:a4:80:d1:6e:ed:e1:0b:db:
aa:6d:44:c8:c3:59:f1:66:d2:f5:fe:01:c1:9d:b8:
77:88:cc:30:2c:f4:5b:42:8b:46:7e:b8:38:cd:8f:
fb:b2:ad:9c:07:74:45:65:6d:bd:04:23:a4:3a:6d:
4d:64:51:55:31:e9:66:ba:cf:a6:d8:71:b4:1b:28:
4d:69:9f:fb:99:a4:07:82:75:ed:72:5e:c9:1f:a0:
13:46:4b:05:00:5e:a9:8b:76:97:56:ed:b3:3d:6b:
35:94:06:0c:5c:25:a4:c7:80:c0:0a:36:b1:8f:39:
c0:50:01:d4:ac:4c:bc:68:21:a2:76:68:a8:78:98:
18:8b:1a:28:80:dd:7b:09:df:b7:ee:0d:3c:c2:2d:
69:d8:b1:c2:b7:2e:f7:8c:a6:8e:19:a7:3c:51:17:
f4:b2:fa:36:ad:e0:66:75:d2:c8:22:17:97:ca:f1:
7f:b0:81:cb:27:3a:c1:8e:f6:52:62:13:b7:f0:1a:
a3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:05:6B:59:50:27:C3:FA:8E:57:00:2B:EF:89:1C:D2:CD:D4:C2:B7
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/RAVrWVAnw_qOVwAr74kc0s3Uwrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.186.0/24
185.114.205.0/24
185.219.162.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:4e:16:50:b1:ad:dc:c0:cc:ac:b1:26:df:54:3e:59:1b:74:
d7:8c:1a:13:1f:8b:46:dd:7b:09:e8:ba:4e:19:1a:3d:a1:4a:
06:cc:0e:da:14:9e:98:50:3e:51:d1:0a:47:44:47:bb:47:cd:
6b:c3:05:b4:d2:0a:32:34:dd:5c:be:51:ca:04:d5:40:df:e1:
ca:88:bc:04:f4:f1:e8:27:cd:5b:82:31:92:a1:a2:7e:95:65:
95:f0:83:42:dd:ac:08:ba:ce:d5:f5:29:19:a1:fc:33:53:13:
35:a2:1f:ed:14:02:25:dd:db:10:19:53:4b:35:5b:9a:e6:c8:
c4:9d:a6:e6:69:2f:19:48:47:d2:88:cb:bd:33:99:ea:e8:45:
bd:30:97:8c:1a:d6:cf:17:ee:2e:cb:a9:b4:cf:32:96:81:1d:
c8:12:21:7d:85:e3:a5:6f:89:84:38:3e:0d:cc:54:ba:63:70:
a2:98:d7:f5:95:4f:df:37:e3:c5:68:a9:46:7b:c7:30:9b:a0:
f2:b7:53:b7:dd:9d:ac:8b:bc:45:b0:b8:8b:a1:d8:a6:f2:ff:
2b:f2:6a:c0:93:5c:ea:18:61:57:dd:45:e6:41:37:e0:68:06:
82:cc:63:b5:ca:96:b7:b3:3f:3d:97:5f:fc:09:a4:75:6a:9f:
51:b0:c5:c8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2m/9re0+TGlLeeeKUL9S4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjQwMjE0MDk0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDA1NmI1OTUwMjdjM2ZhOGU1NzAwMmJlZjg5MWNkMmNkZDRjMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuHzvLt02tx0Jcjb+vf2jnc8ZVrH
bSfXPqQftKY1ffmmuB4qNmdgCCnbubOIgyBqbcP6i6TI9y1kXkUmVCZhb9PkpIDR
bu3hC9uqbUTIw1nxZtL1/gHBnbh3iMwwLPRbQotGfrg4zY/7sq2cB3RFZW29BCOk
Om1NZFFVMelmus+m2HG0GyhNaZ/7maQHgnXtcl7JH6ATRksFAF6pi3aXVu2zPWs1
lAYMXCWkx4DACjaxjznAUAHUrEy8aCGidmioeJgYixoogN17Cd+37g08wi1p2LHC
ty73jKaOGac8URf0svo2reBmddLIIheXyvF/sIHLJzrBjvZSYhO38BqjIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEQFa1lQJ8P6jlcAK++JHNLN1MK3MB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvUkFWcldWQW53X3FPVndBcjc0a2MwczNVd3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABf26AwQA
uXLNAwQAuduiMA0GCSqGSIb3DQEBCwUAA4IBAQBtThZQsa3cwMyssSbfVD5ZG3TX
jBoTH4tG3XsJ6LpOGRo9oUoGzA7aFJ6YUD5R0QpHREe7R81rwwW00goyNN1cvlHK
BNVA3+HKiLwE9PHoJ81bgjGSoaJ+lWWV8INC3awIus7V9SkZofwzUxM1oh/tFAIl
3dsQGVNLNVua5sjEnabmaS8ZSEfSiMu9M5nq6EW9MJeMGtbPF+4uy6m0zzKWgR3I
EiF9heOlb4mEOD4NzFS6Y3CimNf1lU/fN+PFaKlGe8cwm6Dyt1O33Z2si7xFsLiL
odim8v8r8mrAk1zqGGFX3UXmQTfgaAaCzGO1ypa3sz89l1/8CaR1ap9RsMXI
-----END CERTIFICATE-----
Generated at Thu Jul 11 19:21:51 2024 by rpki-client on console-ams.rpki-client.org