Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/h1yEoXCy9oy8XrVM1g9oVTAv2pY.roa
File: h1yEoXCy9oy8XrVM1g9oVTAv2pY.roa (raw, json)
Hash identifier: DumnoXBNQSOrrOxO6+4/bxpC7ePZou+Euj/s17HDjpg=
Subject key identifier: 87:5C:84:A1:70:B2:F6:8C:BC:5E:B5:4C:D6:0F:68:55:30:2F:DA:96
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0191FE7E7FCB04A8634EF7C489304E8F2704
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/h1yEoXCy9oy8XrVM1g9oVTAv2pY.roa
Signing time: Tue 17 Sep 2024 05:39:48 +0000
ROA not before: Tue 17 Sep 2024 05:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 185.34.160.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Sep 2024 08:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fe:7e:7f:cb:04:a8:63:4e:f7:c4:89:30:4e:8f:27:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 17 05:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=875c84a170b2f68cbc5eb54cd60f6855302fda96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:41:cb:b6:f7:c9:7c:de:25:37:9b:dd:ea:7c:
bd:fb:30:61:07:83:91:cb:61:ae:73:28:0a:0f:a8:
f1:ec:96:79:ab:03:8a:38:20:48:45:25:fd:db:98:
f5:bf:54:c8:fa:4b:5e:0d:62:39:0f:d8:24:65:e3:
60:54:26:e5:eb:74:b6:e3:d1:77:98:96:dd:bd:10:
eb:08:98:a7:ea:f3:4c:d0:a0:fa:27:2c:1d:b8:a9:
0c:3e:d3:67:8d:de:88:ae:56:83:12:7c:f7:87:f3:
d9:e9:54:e7:9d:72:48:90:18:77:0b:d4:73:0b:5c:
b3:06:3a:99:d9:a2:c1:9c:d2:98:22:3c:5e:98:ec:
50:d7:63:3c:84:7d:26:ba:a2:9b:e9:1b:2f:47:52:
7b:6a:ae:55:8a:26:90:e4:3f:59:2b:e3:52:7b:ea:
92:49:39:97:a9:f3:ff:aa:ca:90:77:45:b4:5b:e8:
90:59:f6:4e:ba:8f:5c:a9:81:9c:3d:05:0a:c6:cb:
87:53:12:6d:c1:69:e1:73:84:16:eb:23:9a:04:b4:
da:de:9b:51:b1:cd:12:04:09:9a:d3:87:7d:c0:45:
85:ae:f5:33:cd:d3:3b:ec:02:c3:a1:d0:40:4b:a6:
68:44:76:0e:fc:5a:c7:ee:9c:26:65:2c:c3:04:66:
f1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5C:84:A1:70:B2:F6:8C:BC:5E:B5:4C:D6:0F:68:55:30:2F:DA:96
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/h1yEoXCy9oy8XrVM1g9oVTAv2pY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
71:ed:2d:24:79:ff:ad:46:ab:1e:e5:4e:ed:46:80:41:43:72:
3d:d1:a3:64:ef:b0:ce:ff:5a:8e:fc:54:ab:40:1f:87:a5:ec:
d4:d9:4a:19:fe:66:4f:26:07:1e:c9:89:79:b8:df:0d:a2:d8:
49:49:2b:3a:9a:52:3b:d8:85:9b:ad:12:5c:92:cb:34:d1:6c:
e4:10:b7:70:77:a1:4d:9a:ea:15:a7:67:77:07:a6:26:f7:a6:
13:ea:aa:22:db:33:03:f1:3a:30:7e:58:89:b0:a9:24:ab:be:
0f:b7:81:80:40:22:27:69:0e:ec:6f:33:60:38:91:aa:16:a7:
55:74:c5:b9:f1:57:8c:1e:74:4c:23:92:6d:17:17:b8:2f:96:
6d:e2:f8:f1:69:2f:e7:19:7a:ec:ec:60:0c:8e:f9:8d:5d:35:
67:a1:1d:35:96:97:07:76:e5:38:ca:39:5a:8b:dc:93:f0:04:
3c:47:5f:45:ba:35:29:43:f6:ed:c4:9b:2a:39:7c:51:1d:a1:
c6:94:54:82:e1:09:de:52:84:e5:ac:f4:1b:52:da:b8:9a:ed:
c5:3e:51:a8:f3:5f:06:b5:a4:f4:04:25:bc:67:e6:58:19:dc:
bf:2e:a7:7d:2f:40:86:05:7f:48:78:20:f0:84:5a:98:a1:f2:
85:b7:9e:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZH+fn/LBKhjTvfEiTBOjycEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwOTE3MDUzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzVjODRhMTcwYjJmNjhjYmM1ZWI1NGNkNjBmNjg1NTMwMmZkYTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EHLtvfJfN4lN5vd6ny9+zBhB4OR
y2GucygKD6jx7JZ5qwOKOCBIRSX925j1v1TI+kteDWI5D9gkZeNgVCbl63S249F3
mJbdvRDrCJin6vNM0KD6JywduKkMPtNnjd6IrlaDEnz3h/PZ6VTnnXJIkBh3C9Rz
C1yzBjqZ2aLBnNKYIjxemOxQ12M8hH0muqKb6RsvR1J7aq5ViiaQ5D9ZK+NSe+qS
STmXqfP/qsqQd0W0W+iQWfZOuo9cqYGcPQUKxsuHUxJtwWnhc4QW6yOaBLTa3ptR
sc0SBAma04d9wEWFrvUzzdM77ALDodBAS6ZoRHYO/FrH7pwmZSzDBGbx3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdchKFwsvaMvF61TNYPaFUwL9qWMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvaDF5RW9YQ3k5b3k4WHJWTTFnOW9WVEF2MnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSKgMA0G
CSqGSIb3DQEBCwUAA4IBAQBx7S0kef+tRqse5U7tRoBBQ3I90aNk77DO/1qO/FSr
QB+HpezU2UoZ/mZPJgceyYl5uN8NothJSSs6mlI72IWbrRJckss00WzkELdwd6FN
muoVp2d3B6Ym96YT6qoi2zMD8TowfliJsKkkq74Pt4GAQCInaQ7sbzNgOJGqFqdV
dMW58VeMHnRMI5JtFxe4L5Zt4vjxaS/nGXrs7GAMjvmNXTVnoR01lpcHduU4yjla
i9yT8AQ8R19FujUpQ/btxJsqOXxRHaHGlFSC4QneUoTlrPQbUtq4mu3FPlGo818G
taT0BCW8Z+ZYGdy/Lqd9L0CGBX9IeCDwhFqYofKFt554
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:17 2025 by rpki-client