Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7bd2e3-f3c5-4955-b9a1-34a1237f1670/1/ki4HGWBWDo7PIsB8RvLgajH3-I4.roa
File: ki4HGWBWDo7PIsB8RvLgajH3-I4.roa (raw, json)
Hash identifier: px+7e02tqNcnOP95IeM8RN4SCNBjsw/DlkR1oMGw40I=
Subject key identifier: 92:2E:07:19:60:56:0E:8E:CF:22:C0:7C:46:F2:E0:6A:31:F7:F8:8E
Certificate issuer: /CN=dc6baa601236ab9bea29f807a66920ed5656a196
Certificate serial: 018CC26D1CBEC51000E1A50BD9737CD9F2E3
Authority key identifier: DC:6B:AA:60:12:36:AB:9B:EA:29:F8:07:A6:69:20:ED:56:56:A1:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3GuqYBI2q5vqKfgHpmkg7VZWoZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7bd2e3-f3c5-4955-b9a1-34a1237f1670/1/ki4HGWBWDo7PIsB8RvLgajH3-I4.roa
Signing time: Mon 01 Jan 2024 00:29:39 +0000
ROA not before: Mon 01 Jan 2024 00:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51580
IP address blocks: 185.180.182.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1c:be:c5:10:00:e1:a5:0b:d9:73:7c:d9:f2:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6baa601236ab9bea29f807a66920ed5656a196
Validity
Not Before: Jan 1 00:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=922e071960560e8ecf22c07c46f2e06a31f7f88e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ca:13:7d:b4:cb:17:3e:f4:62:65:20:cd:83:
37:59:33:56:38:2c:9d:c9:a2:75:e8:d7:c1:ff:66:
06:4e:85:a5:c0:26:65:46:1c:bf:f7:13:85:b6:ba:
2a:de:f5:27:61:ee:dd:aa:40:5f:3d:28:7c:e3:20:
4a:66:96:95:a9:7d:b1:a8:10:d1:a0:2b:9f:01:3b:
a4:15:ec:66:a8:1f:f7:5e:03:51:7c:78:21:67:3b:
57:f3:a2:8c:02:b7:22:94:ae:90:5c:14:e3:49:4e:
8c:83:53:27:60:f1:0d:1b:b0:f1:d3:41:29:9d:c4:
a9:a4:d8:ff:b4:1e:a8:5b:a7:fe:ac:7d:bf:06:d0:
d2:94:15:03:80:e0:a1:ef:fe:4d:c0:41:64:d2:f1:
70:ca:01:37:cb:57:8a:4e:c1:7b:3c:93:cd:a3:2f:
14:b3:44:80:43:1e:84:c6:c4:63:5e:77:a8:b2:28:
ce:35:e1:b5:b0:4d:1a:77:a1:0a:87:47:8c:87:e3:
a1:bf:c0:1c:b1:a0:54:55:b4:cf:32:c4:ec:df:66:
7f:e0:4e:31:bf:0a:d9:c9:06:93:05:2f:e1:56:64:
54:a6:3f:43:1d:33:62:ba:61:a1:a1:6f:1f:97:60:
f2:38:b3:c0:d5:44:37:3e:6c:f9:58:20:68:d4:89:
c8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:2E:07:19:60:56:0E:8E:CF:22:C0:7C:46:F2:E0:6A:31:F7:F8:8E
X509v3 Authority Key Identifier:
keyid:DC:6B:AA:60:12:36:AB:9B:EA:29:F8:07:A6:69:20:ED:56:56:A1:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3GuqYBI2q5vqKfgHpmkg7VZWoZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7bd2e3-f3c5-4955-b9a1-34a1237f1670/1/ki4HGWBWDo7PIsB8RvLgajH3-I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7bd2e3-f3c5-4955-b9a1-34a1237f1670/1/3GuqYBI2q5vqKfgHpmkg7VZWoZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.182.0/23
Signature Algorithm: sha256WithRSAEncryption
87:7f:a0:6c:c0:3b:50:08:bb:f4:c8:8a:d6:cc:da:5b:3f:41:
97:1d:fe:7c:15:5a:fe:e0:99:4f:64:e0:44:74:39:72:db:78:
bd:10:64:4e:d2:d9:ac:a7:b0:7a:7f:c1:c1:ba:7c:42:e4:a6:
24:2d:40:71:22:e6:db:16:7a:40:61:bf:1f:dc:c4:23:c4:79:
fa:b6:32:21:d1:db:a5:bc:73:a1:dd:d7:17:bf:e5:1e:0f:63:
a0:00:d0:d1:d7:27:4a:e8:e2:01:61:04:a4:4f:fa:a3:48:4b:
a9:df:e5:43:42:8b:5d:cc:7b:19:dd:ee:a7:f6:7f:b3:ba:0c:
aa:7f:2f:16:64:cc:e8:7b:05:54:d2:f2:a0:33:6b:03:67:26:
1f:e6:18:99:92:16:9b:d2:9a:da:8d:35:6f:36:b2:af:75:4a:
85:06:15:3e:f7:d8:6a:1b:bc:76:5b:29:c9:07:d8:06:f2:ec:
10:0c:87:64:2b:33:4e:93:f1:cd:5c:9a:2a:2f:db:78:d0:a2:
73:84:b1:7a:24:f7:1c:ef:84:18:8d:17:dd:0f:1d:1a:e5:73:
54:0e:9d:83:87:53:2a:69:0d:ed:7f:af:ac:5a:d2:f3:81:29:
dd:90:5e:0d:7f:61:14:4e:77:e5:43:a0:3f:45:ad:7b:5e:a0:
13:f7:e4:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbRy+xRAA4aUL2XN82fLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNmJhYTYwMTIzNmFiOWJlYTI5ZjgwN2E2NjkyMGVkNTY1
NmExOTYwHhcNMjQwMTAxMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjJlMDcxOTYwNTYwZThlY2YyMmMwN2M0NmYyZTA2YTMxZjdmODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusoTfbTLFz70YmUgzYM3WTNWOCyd
yaJ16NfB/2YGToWlwCZlRhy/9xOFtroq3vUnYe7dqkBfPSh84yBKZpaVqX2xqBDR
oCufATukFexmqB/3XgNRfHghZztX86KMArcilK6QXBTjSU6Mg1MnYPENG7Dx00Ep
ncSppNj/tB6oW6f+rH2/BtDSlBUDgOCh7/5NwEFk0vFwygE3y1eKTsF7PJPNoy8U
s0SAQx6ExsRjXneosijONeG1sE0ad6EKh0eMh+Ohv8AcsaBUVbTPMsTs32Z/4E4x
vwrZyQaTBS/hVmRUpj9DHTNiumGhoW8fl2DyOLPA1UQ3Pmz5WCBo1InIlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIuBxlgVg6OzyLAfEby4Gox9/iOMB8GA1UdIwQY
MBaAFNxrqmASNqub6in4B6ZpIO1WVqGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0d1cVlCSTJxNXZxS2ZnSHBta2c3VlpXb1pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83YmQyZTMtZjNjNS00OTU1LWI5YTEt
MzRhMTIzN2YxNjcwLzEva2k0SEdXQldEbzdQSXNCOFJ2TGdhakgzLUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83YmQyZTMtZjNjNS00OTU1LWI5YTEtMzRhMTIzN2YxNjcw
LzEvM0d1cVlCSTJxNXZxS2ZnSHBta2c3VlpXb1pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBubS2MA0G
CSqGSIb3DQEBCwUAA4IBAQCHf6BswDtQCLv0yIrWzNpbP0GXHf58FVr+4JlPZOBE
dDly23i9EGRO0tmsp7B6f8HBunxC5KYkLUBxIubbFnpAYb8f3MQjxHn6tjIh0dul
vHOh3dcXv+UeD2OgANDR1ydK6OIBYQSkT/qjSEup3+VDQotdzHsZ3e6n9n+zugyq
fy8WZMzoewVU0vKgM2sDZyYf5hiZkhab0prajTVvNrKvdUqFBhU+99hqG7x2WynJ
B9gG8uwQDIdkKzNOk/HNXJoqL9t40KJzhLF6JPcc74QYjRfdDx0a5XNUDp2Dh1Mq
aQ3tf6+sWtLzgSndkF4Nf2EUTnflQ6A/Ra17XqAT9+TS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:05 2025 by rpki-client