Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/jANGiQXGKY79pvOGupxOsyqXH0I.roa
File: jANGiQXGKY79pvOGupxOsyqXH0I.roa (raw, json)
Hash identifier: b5obgDO9h9H77ioODOhQziewh1CwfmfOk99pJtP+T1Y=
Subject key identifier: 8C:03:46:89:05:C6:29:8E:FD:A6:F3:86:BA:9C:4E:B3:2A:97:1F:42
Certificate issuer: /CN=123c3de61011de07101e14dc0727395171cb03ab
Certificate serial: 018CC801250B3FDDDF60833D83733216DBF3
Authority key identifier: 12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/jANGiQXGKY79pvOGupxOsyqXH0I.roa
Signing time: Tue 02 Jan 2024 02:29:27 +0000
ROA not before: Tue 02 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203811
IP address blocks: 185.122.252.0/24 maxlen: 24
185.122.253.0/24 maxlen: 24
185.122.255.0/24 maxlen: 24
185.122.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 17:06:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:25:0b:3f:dd:df:60:83:3d:83:73:32:16:db:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123c3de61011de07101e14dc0727395171cb03ab
Validity
Not Before: Jan 2 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c03468905c6298efda6f386ba9c4eb32a971f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fd:c2:39:83:05:ad:0a:0f:be:66:bc:79:00:
54:2f:1a:61:9d:f2:a0:17:fc:0c:31:73:56:8d:cc:
2b:0f:78:cd:00:b2:16:de:28:03:7b:84:e8:38:c5:
45:8c:bf:f1:d7:0f:93:79:96:88:b2:66:0c:44:0a:
aa:9d:20:29:d8:e7:20:2c:e4:a8:03:7d:ef:e1:7e:
4d:a6:2a:5c:a8:75:aa:88:02:72:0b:13:03:d5:1f:
2a:a4:42:de:f2:2c:38:8d:4e:e5:21:1a:82:87:93:
94:62:b6:db:e1:e4:11:f0:83:c6:26:01:57:74:ff:
b9:c3:65:83:cd:52:d6:be:e9:8b:27:d5:06:eb:f1:
e7:1b:9c:75:b6:ea:38:4b:b2:f3:2d:ba:1d:fc:ae:
31:0c:6b:e2:fb:05:64:c5:85:00:dc:99:3c:95:dc:
48:a7:d9:8b:6e:c1:41:21:77:09:29:a3:aa:12:e8:
79:62:5a:5d:35:50:32:97:a8:b1:bb:e5:f5:e2:45:
c2:cb:6f:8d:e0:8d:da:a7:8e:14:fc:98:77:a5:e9:
fb:4f:48:2b:72:c8:5a:d7:4f:a7:fe:4e:44:79:21:
14:a0:2a:30:ea:d6:e4:c2:62:04:e5:31:87:f3:ce:
88:41:00:64:ba:29:72:ec:16:14:4d:1c:c9:09:65:
b8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:03:46:89:05:C6:29:8E:FD:A6:F3:86:BA:9C:4E:B3:2A:97:1F:42
X509v3 Authority Key Identifier:
keyid:12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/jANGiQXGKY79pvOGupxOsyqXH0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.252.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:36:5c:18:17:d5:e1:46:09:db:fd:78:9d:1f:8d:62:6a:83:
02:1c:62:8a:51:d9:84:3b:ac:fb:ee:93:c6:3d:02:83:87:71:
b7:e4:04:2f:e2:35:6f:98:d1:ed:b2:fb:bd:70:f3:59:f0:64:
4d:33:38:13:e2:ae:7f:3a:18:bf:0f:03:a7:73:f1:0a:ec:e2:
18:a4:df:29:81:d9:bb:cf:40:0e:22:51:b2:f8:ea:5b:5f:4e:
11:b4:e1:c0:ed:3f:d1:04:21:6f:08:67:2f:95:6b:8a:01:05:
1e:c3:16:c4:9d:fe:18:88:e9:b5:bb:1e:98:3a:84:57:c4:39:
71:12:8d:c8:3f:8f:c8:34:d7:db:52:db:7d:ae:24:9f:ef:d2:
a1:ba:89:f5:32:7c:ec:8b:8c:c1:43:56:4c:d9:7f:96:dc:32:
a1:7d:bb:3a:7d:a4:4d:74:92:14:a2:be:1f:f3:d7:bd:ea:0c:
27:f0:26:85:36:05:d8:11:57:c1:3f:78:44:ad:17:3e:8c:5b:
8f:d8:f0:f0:70:cf:8c:ef:1c:a6:21:eb:f9:86:78:46:5e:7c:
dd:19:c4:e0:fc:79:1d:04:fe:f9:09:b5:21:f7:e6:20:eb:55:
d8:6e:0f:13:bd:14:02:f2:c9:31:95:5f:fc:02:b4:b5:fc:b3:
c2:49:7b:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIASULP93fYIM9g3MyFtvzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2MzZGU2MTAxMWRlMDcxMDFlMTRkYzA3MjczOTUxNzFj
YjAzYWIwHhcNMjQwMTAyMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzAzNDY4OTA1YzYyOThlZmRhNmYzODZiYTljNGViMzJhOTcxZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/3COYMFrQoPvma8eQBULxphnfKg
F/wMMXNWjcwrD3jNALIW3igDe4ToOMVFjL/x1w+TeZaIsmYMRAqqnSAp2OcgLOSo
A33v4X5NpipcqHWqiAJyCxMD1R8qpELe8iw4jU7lIRqCh5OUYrbb4eQR8IPGJgFX
dP+5w2WDzVLWvumLJ9UG6/HnG5x1tuo4S7LzLbod/K4xDGvi+wVkxYUA3Jk8ldxI
p9mLbsFBIXcJKaOqEuh5YlpdNVAyl6ixu+X14kXCy2+N4I3ap44U/Jh3pen7T0gr
csha10+n/k5EeSEUoCow6tbkwmIE5TGH886IQQBkuily7BYUTRzJCWW4XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwDRokFximO/abzhrqcTrMqlx9CMB8GA1UdIwQY
MBaAFBI8PeYQEd4HEB4U3AcnOVFxywOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUt
YjUwNGM5YWU5YmJjLzEvakFOR2lRWEdLWTc5cHZPR3VweE9zeXFYSDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUtYjUwNGM5YWU5YmJj
LzEvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXr8MA0G
CSqGSIb3DQEBCwUAA4IBAQAaNlwYF9XhRgnb/XidH41iaoMCHGKKUdmEO6z77pPG
PQKDh3G35AQv4jVvmNHtsvu9cPNZ8GRNMzgT4q5/Ohi/DwOnc/EK7OIYpN8pgdm7
z0AOIlGy+OpbX04RtOHA7T/RBCFvCGcvlWuKAQUewxbEnf4YiOm1ux6YOoRXxDlx
Eo3IP4/INNfbUtt9riSf79Khuon1Mnzsi4zBQ1ZM2X+W3DKhfbs6faRNdJIUor4f
89e96gwn8CaFNgXYEVfBP3hErRc+jFuP2PDwcM+M7xymIev5hnhGXnzdGcTg/Hkd
BP75CbUh9+Yg61XYbg8TvRQC8skxlV/8ArS1/LPCSXtw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:24 2025 by rpki-client