Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/_eWL9EcHoXjq3RUaCZG_01JoKpE.roa
File: _eWL9EcHoXjq3RUaCZG_01JoKpE.roa (raw, json)
Hash identifier: nsIUqUjAdQ+B3ehtcpkv8eROWaj9rvLuP/ziLf9C838=
Subject key identifier: FD:E5:8B:F4:47:07:A1:78:EA:DD:15:1A:09:91:BF:D3:52:68:2A:91
Certificate issuer: /CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Certificate serial: 01902ACE310CDC78100B5E36648EB99DFB6F
Authority key identifier: A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/_eWL9EcHoXjq3RUaCZG_01JoKpE.roa
Signing time: Tue 18 Jun 2024 10:04:34 +0000
ROA not before: Tue 18 Jun 2024 10:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 185.189.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jun 2024 12:08:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:ce:31:0c:dc:78:10:0b:5e:36:64:8e:b9:9d:fb:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Validity
Not Before: Jun 18 10:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fde58bf44707a178eadd151a0991bfd352682a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:64:46:2d:44:4a:86:01:44:bc:ec:a5:e8:d0:
a4:4e:aa:a6:d7:3d:91:d2:f7:13:14:63:03:0b:55:
1d:6b:79:d8:66:75:a2:eb:dd:ee:e1:94:f1:4d:04:
ce:d1:b6:5f:03:8f:2e:b0:a2:29:23:29:48:2e:2e:
53:ec:99:87:60:db:d3:b0:70:18:65:62:ea:a8:f0:
50:ad:8e:3e:fb:5b:67:7c:b2:79:ac:6b:29:a5:a3:
b9:94:d7:e0:a3:fb:05:e4:fd:cc:51:c2:49:3a:ce:
b3:e0:92:5c:bd:48:45:d5:10:18:30:34:c3:39:5f:
7c:1b:22:60:f3:bf:5c:41:00:a5:29:c4:6d:db:2c:
cb:58:34:77:85:dd:50:1a:6f:8e:58:bc:a9:74:22:
cc:48:f4:40:21:06:79:18:9e:7c:de:ae:b8:6d:8a:
73:d0:6b:59:36:c8:32:28:d2:fa:10:04:d0:92:08:
c4:ce:0b:14:43:1b:ec:67:2a:2f:f5:a4:a5:ff:80:
3f:8f:ad:ed:23:a9:49:3c:c7:fc:df:db:5d:9a:26:
da:59:f4:2a:01:59:93:ab:c8:41:b9:3b:2e:7f:c4:
c5:78:cb:c5:e1:2a:9a:0c:02:89:5b:3b:cd:26:31:
fa:25:a2:b4:9f:46:c8:09:49:49:1f:0b:e8:30:f2:
b4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E5:8B:F4:47:07:A1:78:EA:DD:15:1A:09:91:BF:D3:52:68:2A:91
X509v3 Authority Key Identifier:
keyid:A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/_eWL9EcHoXjq3RUaCZG_01JoKpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.172.0/24
Signature Algorithm: sha256WithRSAEncryption
68:fa:bc:75:28:ea:c3:1b:d6:81:6e:56:b6:c8:05:95:20:4f:
80:77:cd:16:7e:9f:37:d5:3a:81:2a:bb:9e:54:65:1a:93:ec:
51:62:ab:25:88:c6:d5:07:0e:3e:b4:aa:3b:f7:fc:f3:b6:3d:
9a:f0:90:b2:a6:d5:ba:fa:ad:f0:d0:9c:12:2f:ab:d0:24:fe:
e4:79:92:91:1f:01:01:b8:21:e6:c6:46:2f:89:05:f2:0d:9d:
3c:9c:29:da:78:39:29:37:f1:8d:96:f8:48:d3:73:97:9b:67:
11:b1:3c:6c:b9:31:f4:0c:c2:23:16:3a:93:ec:51:26:69:88:
96:05:ac:bd:4a:99:e4:09:09:57:81:b5:62:9d:37:4a:58:02:
46:75:14:05:bf:5f:27:21:e0:80:9c:b6:48:fd:56:10:7f:c2:
24:41:4b:53:5b:d2:ba:fe:4e:3d:16:20:72:b3:87:42:07:11:
b4:8b:f7:8d:65:e6:e0:8c:57:a7:d4:71:11:59:ef:b8:5b:e3:
07:d1:24:9b:ef:e1:d7:7d:c2:44:2e:20:7a:bb:ae:29:b4:ac:
2c:26:4c:eb:62:d3:06:c8:59:ec:72:dd:88:53:75:27:77:18:
5b:e8:e3:ff:ee:c1:29:77:56:fb:eb:c4:51:b0:1a:e3:cc:44:
9b:ca:0a:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZAqzjEM3HgQC142ZI65nftvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MTAzNTZkYzBhNTIxODk1Y2U2MWY4NTQ5NWUwNmRhZjdh
MTJiM2IwHhcNMjQwNjE4MTAwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGU1OGJmNDQ3MDdhMTc4ZWFkZDE1MWEwOTkxYmZkMzUyNjgyYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWRGLURKhgFEvOyl6NCkTqqm1z2R
0vcTFGMDC1Uda3nYZnWi693u4ZTxTQTO0bZfA48usKIpIylILi5T7JmHYNvTsHAY
ZWLqqPBQrY4++1tnfLJ5rGsppaO5lNfgo/sF5P3MUcJJOs6z4JJcvUhF1RAYMDTD
OV98GyJg879cQQClKcRt2yzLWDR3hd1QGm+OWLypdCLMSPRAIQZ5GJ583q64bYpz
0GtZNsgyKNL6EATQkgjEzgsUQxvsZyov9aSl/4A/j63tI6lJPMf839tdmibaWfQq
AVmTq8hBuTsuf8TFeMvF4SqaDAKJWzvNJjH6JaK0n0bICUlJHwvoMPK07wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3li/RHB6F46t0VGgmRv9NSaCqRMB8GA1UdIwQY
MBaAFKUQNW3ApSGJXOYfhUleBtr3oSs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYt
MDExODJmODQwNzg5LzEvX2VXTDlFY0hvWGpxM1JVYUNaR18wMUpvS3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYtMDExODJmODQwNzg5
LzEvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub2sMA0G
CSqGSIb3DQEBCwUAA4IBAQBo+rx1KOrDG9aBbla2yAWVIE+Ad80Wfp831TqBKrue
VGUak+xRYqsliMbVBw4+tKo79/zztj2a8JCyptW6+q3w0JwSL6vQJP7keZKRHwEB
uCHmxkYviQXyDZ08nCnaeDkpN/GNlvhI03OXm2cRsTxsuTH0DMIjFjqT7FEmaYiW
Bay9SpnkCQlXgbVinTdKWAJGdRQFv18nIeCAnLZI/VYQf8IkQUtTW9K6/k49FiBy
s4dCBxG0i/eNZebgjFen1HERWe+4W+MH0SSb7+HXfcJELiB6u64ptKwsJkzrYtMG
yFnsct2IU3Undxhb6OP/7sEpd1b768RRsBrjzESbygqU
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:45 2025 by rpki-client