Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/jhC6hKPd-s08AREycpSAgNZfchc.roa
File: jhC6hKPd-s08AREycpSAgNZfchc.roa (raw, json)
Hash identifier: yLwNa6fTjDn4Pj+AuBBcyfsGV53bEDFHDdlZAij1HgU=
Subject key identifier: 8E:10:BA:84:A3:DD:FA:CD:3C:01:11:32:72:94:80:80:D6:5F:72:17
Certificate issuer: /CN=3e46fa1d779c196ceb28029106b4ef7d17553d2b
Certificate serial: 018CCA2BA470A11B3701F31ADDC9EF1A04E5
Authority key identifier: 3E:46:FA:1D:77:9C:19:6C:EB:28:02:91:06:B4:EF:7D:17:55:3D:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pkb6HXecGWzrKAKRBrTvfRdVPSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/jhC6hKPd-s08AREycpSAgNZfchc.roa
Signing time: Tue 02 Jan 2024 12:35:06 +0000
ROA not before: Tue 02 Jan 2024 12:35:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197451
IP address blocks: 185.135.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 11:38:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:a4:70:a1:1b:37:01:f3:1a:dd:c9:ef:1a:04:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e46fa1d779c196ceb28029106b4ef7d17553d2b
Validity
Not Before: Jan 2 12:35:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e10ba84a3ddfacd3c01113272948080d65f7217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:73:b3:33:24:09:ad:06:b9:61:bd:96:d7:6d:
7f:e6:8b:7c:0d:5a:e2:bf:45:52:af:f7:1a:b4:1d:
c9:2f:6d:42:60:da:68:af:ae:dd:4f:cb:42:31:2f:
47:db:6a:3a:0c:5a:d6:93:0e:28:5d:fc:05:7f:12:
59:db:b1:07:bb:ed:71:fe:87:f3:96:a4:06:88:b2:
d8:54:df:83:15:a3:dd:90:4e:36:97:f3:53:26:8c:
30:d6:72:bf:6c:cc:f0:d9:2b:b7:e2:3e:68:8b:ed:
89:dc:60:0c:8e:91:1e:56:61:dc:e2:0f:87:c8:8a:
b7:ba:64:71:21:89:c1:a8:b2:e4:25:65:77:e4:11:
77:c1:df:8e:34:47:2c:84:a8:c1:98:ab:e0:bf:2a:
19:b6:cf:56:57:70:a6:71:03:b2:91:13:a0:c0:7d:
5c:c2:80:6d:bc:34:2e:79:6f:7a:b0:b1:3c:02:cb:
61:a3:f9:14:d0:9b:6e:d5:53:a8:dd:45:d6:a0:ed:
22:3a:71:df:b5:84:ca:d2:eb:c6:de:37:df:6c:53:
d3:0e:0e:7c:96:72:f8:a3:93:2d:41:24:d9:73:e8:
ee:e6:2b:e5:26:2a:11:b0:84:a9:57:2f:d8:3e:cf:
af:2c:42:e4:52:73:6d:37:79:57:cb:f5:3e:e8:30:
51:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:10:BA:84:A3:DD:FA:CD:3C:01:11:32:72:94:80:80:D6:5F:72:17
X509v3 Authority Key Identifier:
keyid:3E:46:FA:1D:77:9C:19:6C:EB:28:02:91:06:B4:EF:7D:17:55:3D:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pkb6HXecGWzrKAKRBrTvfRdVPSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/jhC6hKPd-s08AREycpSAgNZfchc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/Pkb6HXecGWzrKAKRBrTvfRdVPSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.23.0/24
Signature Algorithm: sha256WithRSAEncryption
32:eb:b2:de:7e:44:cf:d7:e7:46:4a:e3:d2:c0:6f:b9:9c:2c:
be:02:84:dc:f7:a9:e2:91:dd:e7:fa:8f:ff:c1:e7:2a:17:5a:
20:14:a5:dc:2f:d0:85:d0:0a:8e:c2:85:82:11:d9:ab:d4:01:
cf:85:c7:46:8c:fc:fa:06:8c:c7:1c:07:52:0c:f4:bf:5a:0d:
63:31:86:5f:3c:86:dd:86:7d:f2:0d:ea:6d:f1:af:88:cf:a1:
b9:da:46:79:45:8c:2f:e3:67:ae:0e:be:e0:c5:7e:13:47:d3:
6f:de:f9:68:30:82:db:9b:c7:9d:02:d5:8c:99:ac:a4:26:12:
6c:79:a2:b7:33:da:f2:5c:f3:68:de:9f:b8:49:eb:7c:74:b3:
12:6f:c7:13:16:8d:2b:a9:15:4a:59:f6:da:ac:92:eb:92:66:
95:42:f3:05:08:7e:c1:8d:bf:63:2a:68:1b:d5:a1:a3:4f:91:
3f:34:e8:03:4b:f3:72:36:84:0c:31:ab:54:f4:9c:9f:eb:b3:
09:4d:3b:11:72:34:8e:ff:36:f4:bf:a3:da:c2:1b:84:55:b9:
82:2e:a0:d9:83:06:b3:cd:4c:c7:4a:ab:4b:fa:d7:d9:8b:17:
6d:f3:b5:06:50:37:b9:5e:09:11:b2:ad:69:44:49:6c:20:e8:
2e:62:2d:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK6RwoRs3AfMa3cnvGgTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDZmYTFkNzc5YzE5NmNlYjI4MDI5MTA2YjRlZjdkMTc1
NTNkMmIwHhcNMjQwMTAyMTIzNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTEwYmE4NGEzZGRmYWNkM2MwMTExMzI3Mjk0ODA4MGQ2NWY3MjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3OzMyQJrQa5Yb2W121/5ot8DVri
v0VSr/catB3JL21CYNpor67dT8tCMS9H22o6DFrWkw4oXfwFfxJZ27EHu+1x/ofz
lqQGiLLYVN+DFaPdkE42l/NTJoww1nK/bMzw2Su34j5oi+2J3GAMjpEeVmHc4g+H
yIq3umRxIYnBqLLkJWV35BF3wd+ONEcshKjBmKvgvyoZts9WV3CmcQOykROgwH1c
woBtvDQueW96sLE8Astho/kU0Jtu1VOo3UXWoO0iOnHftYTK0uvG3jffbFPTDg58
lnL4o5MtQSTZc+ju5ivlJioRsISpVy/YPs+vLELkUnNtN3lXy/U+6DBRPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4QuoSj3frNPAERMnKUgIDWX3IXMB8GA1UdIwQY
MBaAFD5G+h13nBls6ygCkQa0730XVT0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtiNkhYZWNHV3pyS0FLUkJyVHZmUmRWUFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8wM2NiMzEtNjJmMi00OGM3LTliN2Yt
MGNkMWQyODk2NWQxLzEvamhDNmhLUGQtczA4QVJFeWNwU0FnTlpmY2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8wM2NiMzEtNjJmMi00OGM3LTliN2YtMGNkMWQyODk2NWQx
LzEvUGtiNkhYZWNHV3pyS0FLUkJyVHZmUmRWUFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYcXMA0G
CSqGSIb3DQEBCwUAA4IBAQAy67LefkTP1+dGSuPSwG+5nCy+AoTc96nikd3n+o//
wecqF1ogFKXcL9CF0AqOwoWCEdmr1AHPhcdGjPz6BozHHAdSDPS/Wg1jMYZfPIbd
hn3yDept8a+Iz6G52kZ5RYwv42euDr7gxX4TR9Nv3vloMILbm8edAtWMmaykJhJs
eaK3M9ryXPNo3p+4Set8dLMSb8cTFo0rqRVKWfbarJLrkmaVQvMFCH7Bjb9jKmgb
1aGjT5E/NOgDS/NyNoQMMatU9Jyf67MJTTsRcjSO/zb0v6PawhuEVbmCLqDZgwaz
zUzHSqtL+tfZixdt87UGUDe5XgkRsq1pRElsIOguYi13
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:53 2025 by rpki-client