Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0eeb2f-1aa0-4762-b4e8-b59c2ac951cb/1/kppqT3O0hSmSUIimztiUt8rTF6o.roa
File: kppqT3O0hSmSUIimztiUt8rTF6o.roa (raw, json)
Hash identifier: 0trH53DUUX4v1PXd+hDC+ZNDWjVL0s8/ZdSHmfGiqpQ=
Subject key identifier: 92:9A:6A:4F:73:B4:85:29:92:50:88:A6:CE:D8:94:B7:CA:D3:17:AA
Certificate issuer: /CN=d1d78826e1717ec993eb64dd1187876b065e8f58
Certificate serial: 018CC42552DEBE6A8221757853BC5D369F50
Authority key identifier: D1:D7:88:26:E1:71:7E:C9:93:EB:64:DD:11:87:87:6B:06:5E:8F:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0deIJuFxfsmT62TdEYeHawZej1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/0eeb2f-1aa0-4762-b4e8-b59c2ac951cb/1/kppqT3O0hSmSUIimztiUt8rTF6o.roa
Signing time: Mon 01 Jan 2024 08:30:29 +0000
ROA not before: Mon 01 Jan 2024 08:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51415
IP address blocks: 185.195.204.0/23 maxlen: 23
185.195.206.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:52:de:be:6a:82:21:75:78:53:bc:5d:36:9f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1d78826e1717ec993eb64dd1187876b065e8f58
Validity
Not Before: Jan 1 08:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=929a6a4f73b48529925088a6ced894b7cad317aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:86:d8:d2:bb:cc:eb:b2:3b:af:21:54:cb:56:
ed:37:66:5c:05:00:6c:e2:34:8c:06:70:b9:46:14:
b0:e1:89:d0:8c:af:08:71:e5:97:b3:d9:02:84:eb:
08:4a:18:68:27:24:ec:ca:97:15:89:a7:cc:31:49:
b7:55:83:00:e4:68:49:f2:88:1e:07:ee:21:a3:e2:
9a:68:64:7e:54:ff:10:9a:a4:8e:26:34:57:14:7a:
eb:45:76:f8:64:f5:df:a1:02:76:f8:c8:14:b5:b9:
65:d8:34:90:2c:c9:d7:16:8f:b5:ed:d6:59:d0:02:
1c:2f:d9:97:dc:38:ae:5f:86:23:18:ac:ee:4d:09:
1d:12:82:89:3e:bf:f4:9a:f6:20:13:01:ca:6f:61:
8a:f9:6b:28:58:a3:bc:a6:5c:c6:b0:db:dc:b4:4d:
fa:2f:f1:97:b3:ed:62:83:f0:4a:04:63:98:4c:85:
d0:e8:30:5d:e6:f3:b2:f2:bd:29:ed:0c:43:74:63:
64:9c:b1:ff:88:6a:7a:eb:11:0b:9b:bf:15:d5:4d:
76:54:54:64:e2:cd:a4:2c:3a:2c:e8:42:da:fe:c6:
ac:44:9b:4f:db:24:5e:88:22:07:74:20:11:aa:56:
58:5f:09:59:52:a3:85:bc:b4:35:6c:a2:a1:60:d3:
a7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9A:6A:4F:73:B4:85:29:92:50:88:A6:CE:D8:94:B7:CA:D3:17:AA
X509v3 Authority Key Identifier:
keyid:D1:D7:88:26:E1:71:7E:C9:93:EB:64:DD:11:87:87:6B:06:5E:8F:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0deIJuFxfsmT62TdEYeHawZej1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0eeb2f-1aa0-4762-b4e8-b59c2ac951cb/1/kppqT3O0hSmSUIimztiUt8rTF6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0eeb2f-1aa0-4762-b4e8-b59c2ac951cb/1/0deIJuFxfsmT62TdEYeHawZej1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.204.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:5b:97:54:56:af:0f:42:47:94:e0:c3:e5:be:dd:c0:90:9e:
fb:28:64:e1:95:75:87:09:9c:b5:98:ed:e3:b0:cf:69:33:b9:
4e:9f:03:e6:5a:cb:86:32:64:b9:35:06:80:e7:b7:45:14:36:
d7:fa:fb:5e:8a:03:64:f5:0e:dc:32:94:a5:fb:96:7d:64:14:
a8:90:8c:a1:bf:0f:6c:f4:a2:3c:53:27:b6:94:91:22:4f:d5:
e2:0d:80:b3:2d:34:7d:c5:26:5d:b4:71:6d:1c:ce:7d:8a:26:
ef:29:83:50:b5:a6:02:ca:93:ff:8f:14:9b:f4:20:1f:6c:35:
66:6b:2b:79:e0:d7:7e:ed:0a:e3:f6:d8:68:bb:e3:ed:78:50:
c5:52:77:92:ad:f3:ed:eb:90:70:fc:7f:39:b4:c5:fb:0b:cc:
8e:91:f5:bb:f3:bf:99:3b:1c:4a:76:07:c0:8f:49:cc:a0:59:
2d:94:35:fd:0f:64:2d:0d:24:b9:68:75:c8:30:a7:0b:46:bf:
8e:45:7f:3d:8c:85:e4:32:a2:49:09:a1:a1:3b:a3:ff:68:5c:
38:6c:70:98:e3:13:45:e6:a6:0f:1a:bb:89:e8:75:b1:f8:6f:
67:ee:b4:be:18:38:f2:6a:e0:db:50:19:d4:c6:a1:d5:23:3e:
80:e5:44:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJVLevmqCIXV4U7xdNp9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZDc4ODI2ZTE3MTdlYzk5M2ViNjRkZDExODc4NzZiMDY1
ZThmNTgwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjlhNmE0ZjczYjQ4NTI5OTI1MDg4YTZjZWQ4OTRiN2NhZDMxN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4bY0rvM67I7ryFUy1btN2ZcBQBs
4jSMBnC5RhSw4YnQjK8IceWXs9kChOsIShhoJyTsypcViafMMUm3VYMA5GhJ8oge
B+4ho+KaaGR+VP8QmqSOJjRXFHrrRXb4ZPXfoQJ2+MgUtbll2DSQLMnXFo+17dZZ
0AIcL9mX3DiuX4YjGKzuTQkdEoKJPr/0mvYgEwHKb2GK+WsoWKO8plzGsNvctE36
L/GXs+1ig/BKBGOYTIXQ6DBd5vOy8r0p7QxDdGNknLH/iGp66xELm78V1U12VFRk
4s2kLDos6ELa/sasRJtP2yReiCIHdCARqlZYXwlZUqOFvLQ1bKKhYNOn9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJKaak9ztIUpklCIps7YlLfK0xeqMB8GA1UdIwQY
MBaAFNHXiCbhcX7Jk+tk3RGHh2sGXo9YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGRlSUp1Rnhmc21UNjJUZEVZZUhhd1plajFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wZWViMmYtMWFhMC00NzYyLWI0ZTgt
YjU5YzJhYzk1MWNiLzEva3BwcVQzTzBoU21TVUlpbXp0aVV0OHJURjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wZWViMmYtMWFhMC00NzYyLWI0ZTgtYjU5YzJhYzk1MWNi
LzEvMGRlSUp1Rnhmc21UNjJUZEVZZUhhd1plajFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucPMMA0G
CSqGSIb3DQEBCwUAA4IBAQCPW5dUVq8PQkeU4MPlvt3AkJ77KGThlXWHCZy1mO3j
sM9pM7lOnwPmWsuGMmS5NQaA57dFFDbX+vteigNk9Q7cMpSl+5Z9ZBSokIyhvw9s
9KI8Uye2lJEiT9XiDYCzLTR9xSZdtHFtHM59iibvKYNQtaYCypP/jxSb9CAfbDVm
ayt54Nd+7Qrj9thou+PteFDFUneSrfPt65Bw/H85tMX7C8yOkfW787+ZOxxKdgfA
j0nMoFktlDX9D2QtDSS5aHXIMKcLRr+ORX89jIXkMqJJCaGhO6P/aFw4bHCY4xNF
5qYPGruJ6HWx+G9n7rS+GDjyauDbUBnUxqHVIz6A5UQG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:22 2025 by rpki-client