Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/e5c8df-4ef8-4d90-a490-35800e9f170e/1/V3B8ET9Ic4jaRc0NDrlv_thaKog.roa
File: V3B8ET9Ic4jaRc0NDrlv_thaKog.roa (raw, json)
Hash identifier: /VxhmfEJ3NopaVuKgD8AjbB1zMcbDtROT80oOaGIrHQ=
Subject key identifier: 57:70:7C:11:3F:48:73:88:DA:45:CD:0D:0E:B9:6F:FE:D8:5A:2A:88
Certificate issuer: /CN=44f4c5a61978549b248388f9df449d2a95e10a07
Certificate serial: 018CC26D6CEAD8A8368E5FEA602BA5947955
Authority key identifier: 44:F4:C5:A6:19:78:54:9B:24:83:88:F9:DF:44:9D:2A:95:E1:0A:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPTFphl4VJskg4j530SdKpXhCgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/e5c8df-4ef8-4d90-a490-35800e9f170e/1/V3B8ET9Ic4jaRc0NDrlv_thaKog.roa
Signing time: Mon 01 Jan 2024 00:30:00 +0000
ROA not before: Mon 01 Jan 2024 00:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203361
IP address blocks: 185.105.152.0/22 maxlen: 22
2a06:f1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6c:ea:d8:a8:36:8e:5f:ea:60:2b:a5:94:79:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f4c5a61978549b248388f9df449d2a95e10a07
Validity
Not Before: Jan 1 00:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57707c113f487388da45cd0d0eb96ffed85a2a88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e0:a8:f4:a1:6f:bd:b7:5a:9a:2a:e8:f7:30:
c5:3d:9b:30:f1:61:60:e8:d5:11:13:42:6a:d9:cb:
f0:72:0a:2b:2d:c8:03:12:0a:da:7d:8a:c5:b1:19:
7d:58:1e:99:29:44:f8:bf:5c:6e:20:91:33:83:91:
35:9e:a3:77:4a:c6:85:db:a9:0f:07:ee:17:fc:92:
f5:52:be:e0:59:0b:f7:ae:bd:ba:e9:5a:7f:d9:6f:
cc:14:e9:48:bc:60:77:17:34:a7:6d:51:6c:da:06:
32:89:91:25:16:21:a3:6e:a7:fb:88:d6:7c:8e:0f:
76:3a:67:01:f2:5d:f8:8f:13:37:06:29:5f:e5:b6:
3c:6a:2c:5b:29:06:1b:97:b4:5f:02:30:e3:97:2d:
9a:54:2d:c3:17:ed:72:52:df:c4:d1:eb:5d:c2:22:
5b:fc:2f:00:d8:aa:4c:a8:3c:88:da:41:ec:15:b4:
80:0f:d8:38:03:fc:0a:3f:9c:ac:7e:27:50:7b:49:
bc:9c:bb:c7:29:a7:21:ea:ba:47:d1:b9:06:31:a5:
72:16:00:8d:de:9b:4e:82:2c:19:34:43:54:5a:df:
72:19:d4:8f:26:a1:03:9b:54:47:bd:fc:e7:4a:21:
b0:a3:b8:03:00:d6:1c:80:68:03:ce:0f:ce:21:7e:
27:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:70:7C:11:3F:48:73:88:DA:45:CD:0D:0E:B9:6F:FE:D8:5A:2A:88
X509v3 Authority Key Identifier:
keyid:44:F4:C5:A6:19:78:54:9B:24:83:88:F9:DF:44:9D:2A:95:E1:0A:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPTFphl4VJskg4j530SdKpXhCgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e5c8df-4ef8-4d90-a490-35800e9f170e/1/V3B8ET9Ic4jaRc0NDrlv_thaKog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e5c8df-4ef8-4d90-a490-35800e9f170e/1/RPTFphl4VJskg4j530SdKpXhCgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.152.0/22
IPv6:
2a06:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
28:7f:75:e8:94:30:be:95:73:16:3f:7c:de:b4:e8:56:82:1d:
a7:e5:7d:53:16:83:17:89:34:30:10:48:79:1b:92:bb:5c:6d:
9e:72:47:ce:3e:1b:ce:72:4a:ec:f3:88:94:a8:51:98:51:d2:
cd:1a:a0:cc:24:c0:47:9c:d4:d7:9d:5f:fc:26:02:57:fb:e1:
72:07:98:77:09:31:83:d2:22:f4:02:ae:91:ec:a0:0f:86:77:
8a:8b:bb:36:4c:99:79:ed:b7:7b:9e:ee:b3:89:d1:d3:70:0b:
6c:0a:9d:80:7c:4e:f0:2c:ce:59:bc:1a:85:a6:73:07:02:d9:
8e:0c:72:a9:18:47:f8:bc:9d:aa:d9:40:25:2b:1a:52:41:53:
b2:1c:ab:5a:71:a2:ed:10:60:1f:86:3e:44:aa:6e:b4:ed:c2:
21:39:d1:92:5c:9c:c2:ce:92:07:36:00:f0:77:d1:28:f1:dc:
3f:43:0d:21:30:87:af:a1:1d:64:e2:f2:58:b0:7a:23:21:8d:
7c:6b:a9:3f:bb:71:72:34:3a:f9:af:cf:eb:3d:65:56:f9:27:
19:36:56:09:ba:6e:5c:8f:c5:06:5d:66:b7:05:1c:d4:01:9f:
1d:dd:f0:06:e4:57:4c:a6:dd:8c:fc:ca:76:ba:37:c7:e9:2f:
98:6b:65:6e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbWzq2Kg2jl/qYCullHlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjRjNWE2MTk3ODU0OWIyNDgzODhmOWRmNDQ5ZDJhOTVl
MTBhMDcwHhcNMjQwMTAxMDAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzcwN2MxMTNmNDg3Mzg4ZGE0NWNkMGQwZWI5NmZmZWQ4NWEyYTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+Co9KFvvbdamiro9zDFPZsw8WFg
6NURE0Jq2cvwcgorLcgDEgrafYrFsRl9WB6ZKUT4v1xuIJEzg5E1nqN3SsaF26kP
B+4X/JL1Ur7gWQv3rr266Vp/2W/MFOlIvGB3FzSnbVFs2gYyiZElFiGjbqf7iNZ8
jg92OmcB8l34jxM3Bilf5bY8aixbKQYbl7RfAjDjly2aVC3DF+1yUt/E0etdwiJb
/C8A2KpMqDyI2kHsFbSAD9g4A/wKP5ysfidQe0m8nLvHKach6rpH0bkGMaVyFgCN
3ptOgiwZNENUWt9yGdSPJqEDm1RHvfznSiGwo7gDANYcgGgDzg/OIX4n0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFdwfBE/SHOI2kXNDQ65b/7YWiqIMB8GA1UdIwQY
MBaAFET0xaYZeFSbJIOI+d9EnSqV4QoHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBURnBobDRWSnNrZzRqNTMwU2RLcFhoQ2djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9lNWM4ZGYtNGVmOC00ZDkwLWE0OTAt
MzU4MDBlOWYxNzBlLzEvVjNCOEVUOUljNGphUmMwTkRybHZfdGhhS29nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9lNWM4ZGYtNGVmOC00ZDkwLWE0OTAtMzU4MDBlOWYxNzBl
LzEvUlBURnBobDRWSnNrZzRqNTMwU2RLcFhoQ2djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWmYMA0E
AgACMAcDBQMqBvHAMA0GCSqGSIb3DQEBCwUAA4IBAQAof3XolDC+lXMWP3zetOhW
gh2n5X1TFoMXiTQwEEh5G5K7XG2eckfOPhvOckrs84iUqFGYUdLNGqDMJMBHnNTX
nV/8JgJX++FyB5h3CTGD0iL0Aq6R7KAPhneKi7s2TJl57bd7nu6zidHTcAtsCp2A
fE7wLM5ZvBqFpnMHAtmODHKpGEf4vJ2q2UAlKxpSQVOyHKtacaLtEGAfhj5Eqm60
7cIhOdGSXJzCzpIHNgDwd9Eo8dw/Qw0hMIevoR1k4vJYsHojIY18a6k/u3FyNDr5
r8/rPWVW+ScZNlYJum5cj8UGXWa3BRzUAZ8d3fAG5FdMpt2M/Mp2ujfH6S+Ya2Vu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:59 2025 by rpki-client