Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/A3oY1qxwebYPiSD7R8FrqolS1YI.roa
File: A3oY1qxwebYPiSD7R8FrqolS1YI.roa (raw, json)
Hash identifier: IfLT3yHQe3W00vrFw/wpSPb3HFg0dYSflp8PZK34X7A=
Subject key identifier: 03:7A:18:D6:AC:70:79:B6:0F:89:20:FB:47:C1:6B:AA:89:52:D5:82
Certificate issuer: /CN=123c3de61011de07101e14dc0727395171cb03ab
Certificate serial: 01926243E199E7955FE5B68FD3612ABBA821
Authority key identifier: 12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/A3oY1qxwebYPiSD7R8FrqolS1YI.roa
Signing time: Sun 06 Oct 2024 14:37:48 +0000
ROA not before: Sun 06 Oct 2024 14:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203811
IP address blocks: 185.122.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 20:51:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:62:43:e1:99:e7:95:5f:e5:b6:8f:d3:61:2a:bb:a8:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123c3de61011de07101e14dc0727395171cb03ab
Validity
Not Before: Oct 6 14:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=037a18d6ac7079b60f8920fb47c16baa8952d582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0b:df:46:48:f6:f0:2b:ff:1e:54:e4:5b:de:
11:73:f8:8f:15:e2:22:c3:2b:40:2a:71:cb:c1:15:
eb:1f:1e:fe:c1:fa:39:cd:d1:fb:79:3f:ab:9a:5c:
8b:22:1e:42:2a:66:56:d4:59:b6:94:6e:e5:5e:05:
aa:6b:13:c4:81:de:f1:8e:eb:54:53:8f:90:57:ae:
ba:e4:fc:d3:a8:1b:94:14:0c:12:37:b0:72:e2:0b:
38:de:2e:ba:39:b6:22:47:83:ed:87:8f:c6:09:17:
7d:bd:9c:91:8f:d6:af:2a:26:4e:c2:92:16:c1:9c:
42:d8:60:6b:e1:7b:c2:2c:33:b6:4e:4a:07:b0:83:
03:d4:80:19:c9:8e:1e:dc:a6:39:2e:4f:ef:b5:b3:
72:1f:45:f5:30:3c:a0:36:98:d7:88:d6:3a:a0:3e:
d1:e5:b5:53:7f:4b:92:5a:4d:92:49:fe:01:3d:35:
2e:0f:ef:38:93:f6:c9:11:a8:29:f5:49:0f:fb:4c:
07:e5:eb:c8:7f:66:31:38:a4:af:e1:64:98:b3:9b:
92:4e:bc:a1:57:20:28:04:32:cd:9b:88:d5:17:a7:
ca:43:b4:03:5a:2a:47:ec:03:e1:c9:08:d3:b8:e6:
1a:83:34:0a:7c:16:7b:a0:e9:d2:4a:12:61:4c:7f:
57:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7A:18:D6:AC:70:79:B6:0F:89:20:FB:47:C1:6B:AA:89:52:D5:82
X509v3 Authority Key Identifier:
keyid:12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/A3oY1qxwebYPiSD7R8FrqolS1YI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.252.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ae:82:28:61:2a:68:3f:28:7e:6e:ff:0a:82:b4:44:7d:6f:
2a:9b:a5:b0:55:a0:05:e2:d9:24:6f:55:52:bd:f2:6a:40:9c:
8c:64:a9:10:20:ac:05:66:1a:47:05:68:af:26:95:30:f1:1f:
6d:01:d9:65:e7:8f:49:82:bd:bf:a9:4e:a8:7e:0d:47:41:1b:
84:95:94:b8:62:27:9c:aa:ed:05:68:b1:04:37:fe:09:5a:1a:
f9:02:41:75:e3:a5:19:09:8f:4a:38:1e:45:47:61:5c:96:94:
9b:85:53:ac:d6:a2:fc:29:bc:7c:aa:9e:77:e9:9f:28:e0:e6:
d3:8b:d0:5d:1c:3d:cf:c7:1b:a2:1f:99:ba:26:35:e6:ea:21:
8b:bb:68:1f:0e:88:c8:b5:98:1e:43:34:92:81:06:82:32:2b:
ad:e1:50:81:62:8c:d9:8a:1d:69:a6:65:22:62:a6:3f:0d:e7:
23:ec:3b:ac:15:c6:11:96:61:b8:f0:b0:d3:e6:c5:bf:65:29:
57:7d:f1:ce:1f:fc:9b:50:d1:f9:ce:dd:43:88:ec:dc:2f:f9:
b1:39:7b:3e:e1:54:e6:64:b1:69:bf:07:f1:90:61:00:58:ca:
52:e5:c9:3a:43:50:70:f8:8e:18:b0:32:b5:84:f7:72:51:c8:
ff:bc:80:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJiQ+GZ55Vf5baP02Equ6ghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2MzZGU2MTAxMWRlMDcxMDFlMTRkYzA3MjczOTUxNzFj
YjAzYWIwHhcNMjQxMDA2MTQzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzdhMThkNmFjNzA3OWI2MGY4OTIwZmI0N2MxNmJhYTg5NTJkNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQvfRkj28Cv/HlTkW94Rc/iPFeIi
wytAKnHLwRXrHx7+wfo5zdH7eT+rmlyLIh5CKmZW1Fm2lG7lXgWqaxPEgd7xjutU
U4+QV6665PzTqBuUFAwSN7By4gs43i66ObYiR4Pth4/GCRd9vZyRj9avKiZOwpIW
wZxC2GBr4XvCLDO2TkoHsIMD1IAZyY4e3KY5Lk/vtbNyH0X1MDygNpjXiNY6oD7R
5bVTf0uSWk2SSf4BPTUuD+84k/bJEagp9UkP+0wH5evIf2YxOKSv4WSYs5uSTryh
VyAoBDLNm4jVF6fKQ7QDWipH7APhyQjTuOYagzQKfBZ7oOnSShJhTH9XzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAN6GNascHm2D4kg+0fBa6qJUtWCMB8GA1UdIwQY
MBaAFBI8PeYQEd4HEB4U3AcnOVFxywOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUt
YjUwNGM5YWU5YmJjLzEvQTNvWTFxeHdlYllQaVNEN1I4RnJxb2xTMVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUtYjUwNGM5YWU5YmJj
LzEvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXr8MA0G
CSqGSIb3DQEBCwUAA4IBAQBaroIoYSpoPyh+bv8KgrREfW8qm6WwVaAF4tkkb1VS
vfJqQJyMZKkQIKwFZhpHBWivJpUw8R9tAdll549Jgr2/qU6ofg1HQRuElZS4Yiec
qu0FaLEEN/4JWhr5AkF146UZCY9KOB5FR2FclpSbhVOs1qL8Kbx8qp536Z8o4ObT
i9BdHD3PxxuiH5m6JjXm6iGLu2gfDojItZgeQzSSgQaCMiut4VCBYozZih1ppmUi
YqY/Decj7DusFcYRlmG48LDT5sW/ZSlXffHOH/ybUNH5zt1DiOzcL/mxOXs+4VTm
ZLFpvwfxkGEAWMpS5ck6Q1Bw+I4YsDK1hPdyUcj/vIAx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:42 2025 by rpki-client