Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/LmHF0zIXSlY5j5Px3mrPmwsXAvw.roa
File: LmHF0zIXSlY5j5Px3mrPmwsXAvw.roa (raw, json)
Hash identifier: 3F1eXa7OtjWqjVajl6/e9fcs9w6riGfl7OAxodeHHgY=
Subject key identifier: 2E:61:C5:D3:32:17:4A:56:39:8F:93:F1:DE:6A:CF:9B:0B:17:02:FC
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 018CC727758D2B71AF5356C2CCB47AC327B8
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/LmHF0zIXSlY5j5Px3mrPmwsXAvw.roa
Signing time: Mon 01 Jan 2024 22:31:41 +0000
ROA not before: Mon 01 Jan 2024 22:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209504
IP address blocks: 185.125.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:75:8d:2b:71:af:53:56:c2:cc:b4:7a:c3:27:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jan 1 22:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e61c5d332174a56398f93f1de6acf9b0b1702fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1e:55:6d:ac:8c:7c:5e:b1:4a:9e:a4:67:2c:
22:12:1d:de:fb:80:73:1f:bb:76:cb:a6:e9:04:3c:
c2:7c:f4:38:17:60:39:d8:06:9e:a1:10:f9:5b:bc:
2e:0f:51:d9:f8:8f:28:ed:b6:fb:73:4c:72:30:af:
0f:78:b5:42:3b:9f:8b:10:a3:38:ca:92:df:88:5d:
fb:60:ae:6d:fe:8c:63:eb:f4:5b:c7:cf:b5:de:72:
25:82:96:51:b3:ac:54:5c:c4:dc:bf:82:b3:02:84:
46:37:70:71:a3:cb:d1:f4:cd:42:7e:5f:5d:f7:be:
dc:62:1b:10:56:5b:53:9e:7a:06:46:fd:a2:37:a3:
a4:09:11:0c:84:bc:9b:fd:67:e3:59:a1:d3:61:8c:
09:bd:06:4a:0d:24:3d:4c:28:a0:97:c8:0a:a4:1e:
25:8a:ff:d0:42:e1:fa:fb:9d:33:6e:11:1a:ff:c0:
4e:54:a5:fb:84:3a:ec:28:f6:c6:3f:b2:66:8a:14:
e0:04:06:ce:29:fb:fe:7d:4e:50:ed:5e:45:7f:a5:
52:e4:56:73:53:1a:ef:ff:7c:6b:a4:3b:41:84:0c:
69:9e:51:13:5b:55:6a:28:6a:ab:cc:1a:a7:2f:2c:
4a:7b:20:49:63:aa:06:90:8b:a2:a9:97:97:01:81:
56:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:61:C5:D3:32:17:4A:56:39:8F:93:F1:DE:6A:CF:9B:0B:17:02:FC
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/LmHF0zIXSlY5j5Px3mrPmwsXAvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.90.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:39:8d:df:cd:8b:5c:6d:35:b7:f6:83:f3:8e:e8:3e:c4:b7:
6e:8a:ce:4e:87:13:a6:80:fd:67:73:d2:f5:93:63:ff:7a:de:
b8:20:2e:e6:08:33:f1:7c:56:a4:27:07:72:b9:bf:7e:7f:df:
f1:27:f8:b4:ef:30:66:d5:9e:93:2d:09:9c:85:fc:ff:bd:55:
34:ff:03:e4:20:e4:cc:d7:f8:85:8e:6d:91:21:ba:68:a7:91:
46:4e:5c:96:23:18:f5:04:45:54:1d:9f:e2:a3:c3:92:87:49:
aa:a1:71:4f:60:21:18:b2:ee:69:15:58:fe:56:68:e8:80:17:
d4:16:30:87:fe:f6:ff:d1:33:fc:c2:35:ed:1e:40:7f:39:b9:
ee:5e:2c:de:d2:8f:41:54:59:95:e8:da:c1:9f:46:0d:61:aa:
73:8c:ff:70:ac:21:c2:6c:0f:fb:37:f3:d2:d1:fb:5d:9a:9f:
ac:b5:f8:ae:9b:c6:0c:31:17:e9:b0:f7:61:ff:0e:94:62:c6:
75:e5:12:60:ee:0e:d4:4a:59:38:88:70:a0:27:98:8e:9f:ee:
36:bb:82:ca:ce:db:a6:46:40:70:4e:3a:51:a3:19:50:a7:44:
24:c1:d1:c7:77:11:8d:b8:6d:f8:c4:d0:96:eb:5d:dd:63:6f:
41:0a:13:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ3WNK3GvU1bCzLR6wye4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjQwMTAxMjIzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTYxYzVkMzMyMTc0YTU2Mzk4ZjkzZjFkZTZhY2Y5YjBiMTcwMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAih5VbayMfF6xSp6kZywiEh3e+4Bz
H7t2y6bpBDzCfPQ4F2A52AaeoRD5W7wuD1HZ+I8o7bb7c0xyMK8PeLVCO5+LEKM4
ypLfiF37YK5t/oxj6/Rbx8+13nIlgpZRs6xUXMTcv4KzAoRGN3Bxo8vR9M1Cfl9d
977cYhsQVltTnnoGRv2iN6OkCREMhLyb/WfjWaHTYYwJvQZKDSQ9TCigl8gKpB4l
iv/QQuH6+50zbhEa/8BOVKX7hDrsKPbGP7JmihTgBAbOKfv+fU5Q7V5Ff6VS5FZz
Uxrv/3xrpDtBhAxpnlETW1VqKGqrzBqnLyxKeyBJY6oGkIuiqZeXAYFWjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5hxdMyF0pWOY+T8d5qz5sLFwL8MB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvTG1IRjB6SVhTbFk1ajVQeDNtclBtd3NYQXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX1aMA0G
CSqGSIb3DQEBCwUAA4IBAQAMOY3fzYtcbTW39oPzjug+xLduis5OhxOmgP1nc9L1
k2P/et64IC7mCDPxfFakJwdyub9+f9/xJ/i07zBm1Z6TLQmchfz/vVU0/wPkIOTM
1/iFjm2RIbpop5FGTlyWIxj1BEVUHZ/io8OSh0mqoXFPYCEYsu5pFVj+VmjogBfU
FjCH/vb/0TP8wjXtHkB/ObnuXize0o9BVFmV6NrBn0YNYapzjP9wrCHCbA/7N/PS
0ftdmp+stfium8YMMRfpsPdh/w6UYsZ15RJg7g7USlk4iHCgJ5iOn+42u4LKztum
RkBwTjpRoxlQp0QkwdHHdxGNuG34xNCW613dY29BChNT
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:54:26 2025 by rpki-client