Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/b8b7e4-f4cd-4e06-b81c-c5caa7faed7d/1/iv2s8WEzF4OdrtgA6OGlGLFqwD8.roa
File: iv2s8WEzF4OdrtgA6OGlGLFqwD8.roa (raw, json)
Hash identifier: OpMhpVAe800K94ivksoidqKJFqv633cKrZC2UUnzLKY=
Subject key identifier: 8A:FD:AC:F1:61:33:17:83:9D:AE:D8:00:E8:E1:A5:18:B1:6A:C0:3F
Certificate issuer: /CN=a0251774d6d874976390a0561b766d4125efe6ec
Certificate serial: 0185723A14330D6805812A818BD0CC52FBD2
Authority key identifier: A0:25:17:74:D6:D8:74:97:63:90:A0:56:1B:76:6D:41:25:EF:E6:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCUXdNbYdJdjkKBWG3ZtQSXv5uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/b8b7e4-f4cd-4e06-b81c-c5caa7faed7d/1/iv2s8WEzF4OdrtgA6OGlGLFqwD8.roa
Signing time: Mon 02 Jan 2023 11:24:46 +0000
ROA not before: Mon 02 Jan 2023 11:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60363
IP address blocks: 185.225.152.0/24 maxlen: 24
185.225.153.0/24 maxlen: 24
2a0d:e400::/32 maxlen: 56
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:14:33:0d:68:05:81:2a:81:8b:d0:cc:52:fb:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0251774d6d874976390a0561b766d4125efe6ec
Validity
Not Before: Jan 2 11:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8afdacf1613317839daed800e8e1a518b16ac03f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:56:55:61:9b:ff:fe:b8:19:18:61:02:b5:0e:
90:0e:49:a3:41:15:55:f1:b3:3f:5a:2f:8e:f7:68:
66:3a:49:b0:28:d3:d9:bc:23:0c:58:3b:3a:4f:6f:
d1:ac:37:67:3a:d1:36:0c:0a:40:e8:36:05:f8:23:
be:cd:e1:53:be:4c:86:46:af:38:c9:fe:6b:6a:ed:
2c:73:11:df:a1:9f:bb:43:a1:1e:ce:60:0e:0b:bc:
db:63:47:5a:a0:01:83:92:54:cd:fd:b6:89:71:b7:
ab:27:42:92:b2:e0:81:c9:20:20:7a:bb:c9:41:16:
8e:24:22:e0:1d:18:45:53:50:4c:ee:9b:7c:66:f5:
6d:bb:cc:24:55:7f:58:b1:54:fa:1a:79:0a:36:59:
6b:b0:69:7a:6b:35:d6:84:71:fd:d1:1f:2c:47:5a:
85:23:a6:19:4d:93:2d:4b:49:01:f9:ec:8d:37:82:
f9:9b:91:a2:3e:95:60:4e:ca:08:ea:5f:e6:73:ca:
5d:04:71:0f:a0:7f:55:11:77:62:78:01:29:04:94:
a4:41:bc:e3:a2:00:9a:82:89:ac:d7:03:6f:e9:ea:
19:29:ef:f7:44:5a:ed:ac:ed:b5:18:59:27:da:ae:
b8:d0:b5:50:4f:44:aa:a2:49:7c:f9:e7:17:73:6c:
22:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:FD:AC:F1:61:33:17:83:9D:AE:D8:00:E8:E1:A5:18:B1:6A:C0:3F
X509v3 Authority Key Identifier:
keyid:A0:25:17:74:D6:D8:74:97:63:90:A0:56:1B:76:6D:41:25:EF:E6:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUXdNbYdJdjkKBWG3ZtQSXv5uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b8b7e4-f4cd-4e06-b81c-c5caa7faed7d/1/iv2s8WEzF4OdrtgA6OGlGLFqwD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b8b7e4-f4cd-4e06-b81c-c5caa7faed7d/1/oCUXdNbYdJdjkKBWG3ZtQSXv5uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.152.0/23
IPv6:
2a0d:e400::/32
Signature Algorithm: sha256WithRSAEncryption
99:08:07:cf:5d:2a:08:26:a3:4c:98:f8:cf:62:8e:8c:a8:74:
08:8f:6a:83:1c:d2:1e:f5:79:b3:73:e0:db:86:b9:55:33:c4:
5c:fc:38:ee:fe:85:72:7c:83:fb:9a:db:dd:88:f7:4d:94:1f:
bb:1e:33:39:68:e6:f3:b5:1b:0e:32:9e:ae:dd:59:98:08:77:
b0:37:e0:60:e9:af:cd:b5:d6:41:6a:ff:c4:2a:8a:48:33:3b:
b1:e8:22:97:31:90:07:70:d4:a0:6a:1f:df:4f:da:69:74:e9:
5c:52:8b:b5:41:50:ca:e6:42:48:52:7a:a4:3b:da:02:3f:a1:
a7:08:93:5c:df:5f:0c:71:a1:38:4b:91:fe:19:57:e3:35:af:
12:a9:f2:7b:2b:b5:3e:bb:ab:89:b3:20:72:90:9b:98:d9:a2:
6e:29:4c:45:a6:fc:41:e1:df:ec:80:2e:6e:53:1f:49:a3:b8:
e1:be:ce:2d:b2:dc:32:b2:fc:52:61:89:4b:2b:7e:0d:76:95:
40:29:21:52:f4:fe:24:e6:6a:bb:56:cb:7c:05:23:78:ce:8b:
60:51:f9:dc:de:ab:b1:04:aa:17:2a:21:62:d0:0f:fd:21:13:
0c:00:68:fe:17:b6:46:07:69:b1:5a:35:a8:9b:67:44:67:f9:
b8:75:76:a3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyOhQzDWgFgSqBi9DMUvvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjUxNzc0ZDZkODc0OTc2MzkwYTA1NjFiNzY2ZDQxMjVl
ZmU2ZWMwHhcNMjMwMTAyMTEyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWZkYWNmMTYxMzMxNzgzOWRhZWQ4MDBlOGUxYTUxOGIxNmFjMDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVZVYZv//rgZGGECtQ6QDkmjQRVV
8bM/Wi+O92hmOkmwKNPZvCMMWDs6T2/RrDdnOtE2DApA6DYF+CO+zeFTvkyGRq84
yf5rau0scxHfoZ+7Q6EezmAOC7zbY0daoAGDklTN/baJcberJ0KSsuCBySAgervJ
QRaOJCLgHRhFU1BM7pt8ZvVtu8wkVX9YsVT6GnkKNllrsGl6azXWhHH90R8sR1qF
I6YZTZMtS0kB+eyNN4L5m5GiPpVgTsoI6l/mc8pdBHEPoH9VEXdieAEpBJSkQbzj
ogCagoms1wNv6eoZKe/3RFrtrO21GFkn2q640LVQT0Sqokl8+ecXc2wi6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIr9rPFhMxeDna7YAOjhpRixasA/MB8GA1UdIwQY
MBaAFKAlF3TW2HSXY5CgVht2bUEl7+bsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NVWGROYllkSmRqa0tCV0czWnRRU1h2NXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9iOGI3ZTQtZjRjZC00ZTA2LWI4MWMt
YzVjYWE3ZmFlZDdkLzEvaXYyczhXRXpGNE9kcnRnQTZPR2xHTEZxd0Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9iOGI3ZTQtZjRjZC00ZTA2LWI4MWMtYzVjYWE3ZmFlZDdk
LzEvb0NVWGROYllkSmRqa0tCV0czWnRRU1h2NXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBueGYMA0E
AgACMAcDBQAqDeQAMA0GCSqGSIb3DQEBCwUAA4IBAQCZCAfPXSoIJqNMmPjPYo6M
qHQIj2qDHNIe9Xmzc+DbhrlVM8Rc/Dju/oVyfIP7mtvdiPdNlB+7HjM5aObztRsO
Mp6u3VmYCHewN+Bg6a/NtdZBav/EKopIMzux6CKXMZAHcNSgah/fT9ppdOlcUou1
QVDK5kJIUnqkO9oCP6GnCJNc318McaE4S5H+GVfjNa8SqfJ7K7U+u6uJsyBykJuY
2aJuKUxFpvxB4d/sgC5uUx9Jo7jhvs4tstwysvxSYYlLK34NdpVAKSFS9P4k5mq7
Vst8BSN4zotgUfnc3quxBKoXKiFi0A/9IRMMAGj+F7ZGB2mxWjWom2dEZ/m4dXaj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:48 2024 by rpki-client on console-fra.rpki-client.org