Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5539e4-d10d-49c5-bdce-eb7e9c0d3747/1/mjx9XEfiC-e03MNr8is5qfj4kR8.roa
File: mjx9XEfiC-e03MNr8is5qfj4kR8.roa (raw, json)
Hash identifier: TAPEURV1M95eJJznk7uheO9AsNQ9Jq6fhSj6q27VFEY=
Subject key identifier: 9A:3C:7D:5C:47:E2:0B:E7:B4:DC:C3:6B:F2:2B:39:A9:F8:F8:91:1F
Certificate issuer: /CN=d5d0bf1ad7fc369d8fbf43e62de97a4facfef6b5
Certificate serial: 018CC4252D3EFD9BFECFC7B02B98BC34F68C
Authority key identifier: D5:D0:BF:1A:D7:FC:36:9D:8F:BF:43:E6:2D:E9:7A:4F:AC:FE:F6:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1dC_Gtf8Np2Pv0PmLel6T6z-9rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5539e4-d10d-49c5-bdce-eb7e9c0d3747/1/mjx9XEfiC-e03MNr8is5qfj4kR8.roa
Signing time: Mon 01 Jan 2024 08:30:19 +0000
ROA not before: Mon 01 Jan 2024 08:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1257
IP address blocks: 185.118.160.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:2d:3e:fd:9b:fe:cf:c7:b0:2b:98:bc:34:f6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5d0bf1ad7fc369d8fbf43e62de97a4facfef6b5
Validity
Not Before: Jan 1 08:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a3c7d5c47e20be7b4dcc36bf22b39a9f8f8911f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:26:3e:7f:70:65:79:14:73:11:82:64:4f:ea:
4a:2f:dd:d6:81:a0:78:ee:27:e5:a5:bc:98:d6:c9:
a5:07:81:8c:2d:7f:d6:13:f7:fe:52:2b:41:8f:8a:
22:72:2b:3f:0b:7c:ad:a0:5c:1b:23:7e:c3:43:6f:
ec:cc:b9:62:d1:d4:ce:46:27:88:bd:8f:85:9d:1d:
1e:f7:69:ee:df:0b:ca:77:f6:38:fe:ff:35:08:40:
9f:d9:c2:98:56:4a:d1:65:73:2b:43:51:35:6e:0b:
34:8a:33:06:88:27:43:c5:03:16:64:39:63:be:e3:
52:e3:e4:84:20:92:14:a7:ef:9e:79:48:be:d4:38:
45:96:7a:1e:a4:ab:24:4a:93:50:bd:8b:14:94:d5:
47:a3:ba:ec:f7:9d:cc:e7:c1:d0:01:bf:19:0d:54:
9d:f0:b4:62:8c:ea:70:bb:cf:e2:a2:bd:73:e0:3e:
ac:0f:c4:0f:8b:69:ce:9c:dd:92:d3:f8:ea:e4:4f:
30:d5:c8:ab:12:06:77:de:d4:61:ec:c6:b9:7e:12:
6f:56:c9:0f:95:d5:ee:8c:5c:a8:b4:b3:cf:8f:99:
b3:4e:bd:d6:9b:c9:57:a4:0f:a0:6d:80:d4:25:00:
eb:42:f0:92:36:c1:cb:53:88:38:6e:76:ce:e9:bc:
5e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3C:7D:5C:47:E2:0B:E7:B4:DC:C3:6B:F2:2B:39:A9:F8:F8:91:1F
X509v3 Authority Key Identifier:
keyid:D5:D0:BF:1A:D7:FC:36:9D:8F:BF:43:E6:2D:E9:7A:4F:AC:FE:F6:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1dC_Gtf8Np2Pv0PmLel6T6z-9rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5539e4-d10d-49c5-bdce-eb7e9c0d3747/1/mjx9XEfiC-e03MNr8is5qfj4kR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5539e4-d10d-49c5-bdce-eb7e9c0d3747/1/1dC_Gtf8Np2Pv0PmLel6T6z-9rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.160.0/22
Signature Algorithm: sha256WithRSAEncryption
22:b2:bd:67:47:34:ca:de:3e:de:cb:52:d1:12:b5:64:22:9a:
09:6f:3c:88:6c:39:b4:60:7a:9b:35:6c:1e:03:a2:69:cc:9d:
f5:8d:47:8f:6c:7b:f1:02:5b:e8:0b:28:15:3f:f6:32:40:5c:
a6:48:a0:32:87:a9:b2:82:13:57:f3:48:97:d0:d0:06:5c:4e:
ec:f5:97:9a:d5:3f:4f:9e:1e:90:fa:89:83:e5:c1:cb:8b:a8:
1d:2f:71:02:7a:12:69:e3:fa:22:65:9a:65:95:57:3f:08:c1:
58:60:03:51:b5:01:51:71:eb:cc:ec:ae:7f:52:ca:9d:48:df:
6d:b0:b6:a7:c0:8b:62:e7:b9:d2:3e:82:ab:83:5f:72:81:26:
19:de:59:5c:8b:4b:9b:83:93:0e:7a:63:5c:5f:5c:b2:3a:14:
56:39:12:e2:c8:23:bb:9c:8b:c3:c2:84:82:05:90:71:6c:48:
15:2d:5f:f3:09:f5:fd:2e:4f:f6:c5:3a:b9:18:1c:bc:e9:d8:
3e:06:b2:fe:ab:3a:b7:fa:ea:75:fb:ab:8f:4d:24:0f:48:a3:
8c:5d:fb:4a:42:40:c9:36:5e:2f:f9:7b:66:46:30:94:14:08:
b4:04:ad:fc:8b:ac:c1:14:66:98:31:2b:f4:a5:7f:69:d6:e9:
6c:65:63:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJS0+/Zv+z8ewK5i8NPaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZDBiZjFhZDdmYzM2OWQ4ZmJmNDNlNjJkZTk3YTRmYWNm
ZWY2YjUwHhcNMjQwMTAxMDgzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTNjN2Q1YzQ3ZTIwYmU3YjRkY2MzNmJmMjJiMzlhOWY4Zjg5MTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iY+f3BleRRzEYJkT+pKL93WgaB4
7iflpbyY1smlB4GMLX/WE/f+UitBj4oicis/C3ytoFwbI37DQ2/szLli0dTORieI
vY+FnR0e92nu3wvKd/Y4/v81CECf2cKYVkrRZXMrQ1E1bgs0ijMGiCdDxQMWZDlj
vuNS4+SEIJIUp++eeUi+1DhFlnoepKskSpNQvYsUlNVHo7rs953M58HQAb8ZDVSd
8LRijOpwu8/ior1z4D6sD8QPi2nOnN2S0/jq5E8w1cirEgZ33tRh7Ma5fhJvVskP
ldXujFyotLPPj5mzTr3Wm8lXpA+gbYDUJQDrQvCSNsHLU4g4bnbO6bxeyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJo8fVxH4gvntNzDa/IrOan4+JEfMB8GA1UdIwQY
MBaAFNXQvxrX/Dadj79D5i3pek+s/va1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWRDX0d0ZjhOcDJQdjBQbUxlbDZUNnotOXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81NTM5ZTQtZDEwZC00OWM1LWJkY2Ut
ZWI3ZTljMGQzNzQ3LzEvbWp4OVhFZmlDLWUwM01OcjhpczVxZmo0a1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81NTM5ZTQtZDEwZC00OWM1LWJkY2UtZWI3ZTljMGQzNzQ3
LzEvMWRDX0d0ZjhOcDJQdjBQbUxlbDZUNnotOXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXagMA0G
CSqGSIb3DQEBCwUAA4IBAQAisr1nRzTK3j7ey1LRErVkIpoJbzyIbDm0YHqbNWwe
A6JpzJ31jUePbHvxAlvoCygVP/YyQFymSKAyh6myghNX80iX0NAGXE7s9Zea1T9P
nh6Q+omD5cHLi6gdL3ECehJp4/oiZZpllVc/CMFYYANRtQFRcevM7K5/UsqdSN9t
sLanwIti57nSPoKrg19ygSYZ3llci0ubg5MOemNcX1yyOhRWORLiyCO7nIvDwoSC
BZBxbEgVLV/zCfX9Lk/2xTq5GBy86dg+BrL+qzq3+up1+6uPTSQPSKOMXftKQkDJ
Nl4v+XtmRjCUFAi0BK38i6zBFGaYMSv0pX9p1ulsZWNf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:04 2025 by rpki-client