Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/Idn3_EDO0X1LFeHzzCZTAoaw0eo.roa
File: Idn3_EDO0X1LFeHzzCZTAoaw0eo.roa (raw, json)
Hash identifier: o4WwTrbKLp8MOz2fDgH9A5I8mTul0/cZuBYAYG+tJjY=
Subject key identifier: 21:D9:F7:FC:40:CE:D1:7D:4B:15:E1:F3:CC:26:53:02:86:B0:D1:EA
Certificate issuer: /CN=b48f41afdc609568fb2338fdb20b2d0c422b723b
Certificate serial: 018CC26D6BA98D6ABDC0F30B7EE451A8AD94
Authority key identifier: B4:8F:41:AF:DC:60:95:68:FB:23:38:FD:B2:0B:2D:0C:42:2B:72:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tI9Br9xglWj7Izj9sgstDEIrcjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/Idn3_EDO0X1LFeHzzCZTAoaw0eo.roa
Signing time: Mon 01 Jan 2024 00:30:00 +0000
ROA not before: Mon 01 Jan 2024 00:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 185.90.152.0/23 maxlen: 23
2a05:e100::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Jun 2024 13:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6b:a9:8d:6a:bd:c0:f3:0b:7e:e4:51:a8:ad:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b48f41afdc609568fb2338fdb20b2d0c422b723b
Validity
Not Before: Jan 1 00:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21d9f7fc40ced17d4b15e1f3cc26530286b0d1ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:40:e0:ef:2f:47:4e:46:6f:2b:d1:08:2f:c5:
2c:72:71:bb:f7:60:67:a4:df:7c:db:de:4a:a5:20:
c7:d4:ce:11:9a:a6:ef:b1:50:c9:fb:94:73:2c:00:
15:3e:e7:77:d6:05:95:bb:b4:78:f8:59:d7:0e:63:
a8:b3:86:d3:61:89:77:3d:07:d3:48:8e:d9:1b:82:
19:8d:d6:b0:c4:55:1e:f8:8b:f1:a8:94:55:84:fd:
04:dd:af:d9:90:69:25:44:ad:f9:78:8c:81:b5:c0:
0c:3f:b0:63:77:d4:2c:14:ae:5e:09:2a:03:9f:6f:
99:02:32:b3:c0:3c:8c:e3:f8:ea:5f:28:c4:2a:c5:
62:b0:d1:48:3b:58:8f:32:91:4a:aa:e5:e2:62:af:
72:95:d7:17:85:dd:b6:9b:d1:4a:bc:ba:0e:f5:45:
be:97:52:83:e5:67:27:61:f3:41:69:76:da:3a:86:
90:2e:77:b7:b9:d6:f8:5a:6e:c5:4a:3d:95:8a:21:
9d:24:9a:64:3f:5c:4e:6a:06:a9:2b:38:d7:d0:fe:
91:a8:a2:5b:64:4e:bf:d6:5a:ca:a9:2f:22:1c:18:
f8:b5:84:f9:ee:a7:a2:ab:6f:99:4e:7c:b4:c6:b0:
32:16:f1:5f:e6:df:a0:1e:3f:1d:b6:42:74:5c:b5:
e2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D9:F7:FC:40:CE:D1:7D:4B:15:E1:F3:CC:26:53:02:86:B0:D1:EA
X509v3 Authority Key Identifier:
keyid:B4:8F:41:AF:DC:60:95:68:FB:23:38:FD:B2:0B:2D:0C:42:2B:72:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tI9Br9xglWj7Izj9sgstDEIrcjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/Idn3_EDO0X1LFeHzzCZTAoaw0eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/tI9Br9xglWj7Izj9sgstDEIrcjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.152.0/23
IPv6:
2a05:e100::/48
Signature Algorithm: sha256WithRSAEncryption
8f:76:4d:b9:33:92:b1:61:08:76:62:95:4a:9e:70:b1:48:36:
6b:ec:f0:b0:bb:6b:b4:78:ac:50:49:57:83:5b:8f:67:d6:f1:
b1:ad:f0:1d:e3:d2:d0:b8:bb:a9:12:8e:a9:7d:25:e5:ee:fa:
5e:9e:3b:94:c9:62:db:29:23:cb:03:10:01:bd:99:39:10:9e:
9a:45:5e:90:c9:50:32:19:0f:bb:40:0f:7b:ad:b4:29:7a:0c:
62:1d:4a:55:8e:60:54:ee:59:f0:98:26:3f:67:5d:92:78:86:
f0:20:18:00:2d:7b:2d:29:b3:67:5e:f7:69:18:e3:65:63:04:
60:63:b4:41:36:bd:96:fd:b1:ec:47:e1:71:01:d8:03:23:a6:
f5:2a:af:93:d4:10:db:04:a9:8a:46:3c:e2:f2:2f:db:c2:b0:
34:9e:e6:1d:1a:d5:4d:75:90:65:c9:99:3e:40:58:f6:f8:da:
a2:67:bf:55:ca:dc:45:f6:8f:85:13:27:05:93:30:ac:d8:2c:
85:89:15:19:cd:88:d9:3f:fc:8c:ab:05:8a:c9:71:7d:3e:41:
2d:37:35:8b:72:92:b4:ab:ab:84:33:e4:27:26:e2:02:1b:09:
45:d1:45:a9:1c:89:e7:8a:c1:44:1c:99:8a:92:8e:81:20:ea:
6d:09:ea:ee
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbWupjWq9wPMLfuRRqK2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OGY0MWFmZGM2MDk1NjhmYjIzMzhmZGIyMGIyZDBjNDIy
YjcyM2IwHhcNMjQwMTAxMDAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQ5ZjdmYzQwY2VkMTdkNGIxNWUxZjNjYzI2NTMwMjg2YjBkMWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0Dg7y9HTkZvK9EIL8UscnG792Bn
pN98295KpSDH1M4RmqbvsVDJ+5RzLAAVPud31gWVu7R4+FnXDmOos4bTYYl3PQfT
SI7ZG4IZjdawxFUe+IvxqJRVhP0E3a/ZkGklRK35eIyBtcAMP7Bjd9QsFK5eCSoD
n2+ZAjKzwDyM4/jqXyjEKsVisNFIO1iPMpFKquXiYq9yldcXhd22m9FKvLoO9UW+
l1KD5WcnYfNBaXbaOoaQLne3udb4Wm7FSj2ViiGdJJpkP1xOagapKzjX0P6RqKJb
ZE6/1lrKqS8iHBj4tYT57qeiq2+ZTny0xrAyFvFf5t+gHj8dtkJ0XLXiwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCHZ9/xAztF9SxXh88wmUwKGsNHqMB8GA1UdIwQY
MBaAFLSPQa/cYJVo+yM4/bILLQxCK3I7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEk5QnI5eGdsV2o3SXpqOXNnc3RERUlyY2pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80ODU3NjktNTgzNS00N2Y0LWE5ZmYt
OGVjNjhlNzg4NmUyLzEvSWRuM19FRE8wWDFMRmVIenpDWlRBb2F3MGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80ODU3NjktNTgzNS00N2Y0LWE5ZmYtOGVjNjhlNzg4NmUy
LzEvdEk5QnI5eGdsV2o3SXpqOXNnc3RERUlyY2pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuVqYMA8E
AgACMAkDBwAqBeEAAAAwDQYJKoZIhvcNAQELBQADggEBAI92TbkzkrFhCHZilUqe
cLFINmvs8LC7a7R4rFBJV4Nbj2fW8bGt8B3j0tC4u6kSjql9JeXu+l6eO5TJYtsp
I8sDEAG9mTkQnppFXpDJUDIZD7tAD3uttCl6DGIdSlWOYFTuWfCYJj9nXZJ4hvAg
GAAtey0ps2de92kY42VjBGBjtEE2vZb9sexH4XEB2AMjpvUqr5PUENsEqYpGPOLy
L9vCsDSe5h0a1U11kGXJmT5AWPb42qJnv1XK3EX2j4UTJwWTMKzYLIWJFRnNiNk/
/IyrBYrJcX0+QS03NYtykrSrq4Qz5Ccm4gIbCUXRRakcieeKwUQcmYqSjoEg6m0J
6u4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:58 2025 by rpki-client