Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/39604e-9748-4c7d-ad5d-563d47a7ab61/1/J4p5KYeBmYnUJnPFiLvKBLg4UiY.roa
File: J4p5KYeBmYnUJnPFiLvKBLg4UiY.roa (raw, json)
Hash identifier: K/f7Ft8fuMic4JoRkA4JUkvwp/FaLXmkfiJBAjDsOl8=
Subject key identifier: 27:8A:79:29:87:81:99:89:D4:26:73:C5:88:BB:CA:04:B8:38:52:26
Certificate issuer: /CN=e3e7717765e4bcc7191b25d1a4e66d388c9c53d9
Certificate serial: 018CC26D87A7D43B4C639F28D2B54FA4D563
Authority key identifier: E3:E7:71:77:65:E4:BC:C7:19:1B:25:D1:A4:E6:6D:38:8C:9C:53:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4-dxd2XkvMcZGyXRpOZtOIycU9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/39604e-9748-4c7d-ad5d-563d47a7ab61/1/J4p5KYeBmYnUJnPFiLvKBLg4UiY.roa
Signing time: Mon 01 Jan 2024 00:30:07 +0000
ROA not before: Mon 01 Jan 2024 00:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207552
IP address blocks: 185.170.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:87:a7:d4:3b:4c:63:9f:28:d2:b5:4f:a4:d5:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3e7717765e4bcc7191b25d1a4e66d388c9c53d9
Validity
Not Before: Jan 1 00:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=278a792987819989d42673c588bbca04b8385226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:00:8b:96:1c:ab:d9:46:49:e1:30:6a:da:66:
c8:6c:0d:3d:90:48:1f:cd:8e:a6:4e:cd:b8:c3:82:
29:8a:98:15:5e:72:07:4d:12:ee:3a:83:75:8f:2e:
98:ab:00:d3:12:d4:2c:8c:8b:33:61:57:c7:78:f3:
82:c4:d0:96:ff:5f:ee:bd:88:18:90:e1:67:25:71:
05:59:ed:64:67:f0:1f:87:db:11:65:12:3a:5b:6e:
65:c0:41:e9:bc:54:1b:1b:0f:a5:2f:3f:82:96:8b:
11:ea:40:17:16:43:88:ad:15:5b:b3:fa:55:c1:bd:
39:5a:4c:d9:6a:dc:ee:13:c5:13:c8:94:65:fb:fe:
5b:24:a0:11:f2:05:c9:c3:96:75:91:95:28:4e:60:
29:96:4a:17:4e:28:4b:a5:dd:ce:fc:74:43:e2:b9:
c7:1d:89:95:bc:d2:62:26:8e:91:83:a9:06:ef:68:
66:55:15:6d:a8:a5:33:69:f1:d8:9b:ba:ee:88:fc:
63:45:e1:79:1f:8c:bf:b5:4a:5b:8d:ff:89:a2:52:
4e:31:7f:7f:da:1c:5a:29:76:60:64:e3:a1:e6:19:
c5:99:8e:30:9a:c9:6a:18:ba:46:73:e4:14:4b:45:
af:53:9d:20:ab:ed:84:d7:3e:67:8a:e1:86:22:65:
5f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8A:79:29:87:81:99:89:D4:26:73:C5:88:BB:CA:04:B8:38:52:26
X509v3 Authority Key Identifier:
keyid:E3:E7:71:77:65:E4:BC:C7:19:1B:25:D1:A4:E6:6D:38:8C:9C:53:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4-dxd2XkvMcZGyXRpOZtOIycU9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/39604e-9748-4c7d-ad5d-563d47a7ab61/1/J4p5KYeBmYnUJnPFiLvKBLg4UiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/39604e-9748-4c7d-ad5d-563d47a7ab61/1/4-dxd2XkvMcZGyXRpOZtOIycU9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.146.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:bf:4a:0b:79:33:90:d1:be:87:2d:10:97:56:52:1e:6b:a0:
dd:44:79:9b:ed:9f:63:f5:9a:c0:4f:40:26:ba:3c:eb:c2:13:
54:5f:e7:61:72:a2:cf:02:fa:71:a0:4b:3a:21:c4:6a:f7:18:
fe:a0:b9:5f:53:ac:a1:e4:36:10:5c:a0:19:6f:9e:32:cc:14:
1d:49:f5:60:d0:c6:46:13:aa:c0:6f:9d:77:d5:8c:e1:24:4d:
75:c9:2e:04:27:61:28:b6:d6:0a:95:6b:9a:7a:e7:9e:07:b7:
b3:bd:d5:6c:06:07:55:57:fb:11:64:ad:42:75:41:61:1c:86:
c1:3e:a0:dd:88:60:e7:a1:c6:18:7e:7a:2e:63:3b:ce:dd:5d:
8f:89:e3:57:32:11:28:e7:7b:b0:fb:76:34:24:19:f6:5d:95:
93:f0:ee:c8:1e:54:f4:18:a6:1c:b5:61:34:06:d9:47:a5:e9:
f4:52:d5:81:69:f1:c2:57:f7:bb:03:de:61:99:eb:00:c8:2d:
b7:0d:6c:f3:d4:a6:33:0f:a4:f2:c5:a2:17:2f:de:91:59:f9:
7a:9f:a3:e8:8b:41:07:31:f4:fa:35:08:82:2f:97:06:d4:cc:
43:78:0b:00:0c:26:3d:65:ce:99:33:23:41:a4:aa:26:25:75:
41:3f:b1:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbYen1DtMY58o0rVPpNVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZTc3MTc3NjVlNGJjYzcxOTFiMjVkMWE0ZTY2ZDM4OGM5
YzUzZDkwHhcNMjQwMTAxMDAzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzhhNzkyOTg3ODE5OTg5ZDQyNjczYzU4OGJiY2EwNGI4Mzg1MjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgCLlhyr2UZJ4TBq2mbIbA09kEgf
zY6mTs24w4IpipgVXnIHTRLuOoN1jy6YqwDTEtQsjIszYVfHePOCxNCW/1/uvYgY
kOFnJXEFWe1kZ/Afh9sRZRI6W25lwEHpvFQbGw+lLz+ClosR6kAXFkOIrRVbs/pV
wb05WkzZatzuE8UTyJRl+/5bJKAR8gXJw5Z1kZUoTmAplkoXTihLpd3O/HRD4rnH
HYmVvNJiJo6Rg6kG72hmVRVtqKUzafHYm7ruiPxjReF5H4y/tUpbjf+JolJOMX9/
2hxaKXZgZOOh5hnFmY4wmslqGLpGc+QUS0WvU50gq+2E1z5niuGGImVfQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCeKeSmHgZmJ1CZzxYi7ygS4OFImMB8GA1UdIwQY
MBaAFOPncXdl5LzHGRsl0aTmbTiMnFPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNC1keGQyWGt2TWNaR3lYUnBPWnRPSXljVTlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8zOTYwNGUtOTc0OC00YzdkLWFkNWQt
NTYzZDQ3YTdhYjYxLzEvSjRwNUtZZUJtWW5VSm5QRmlMdktCTGc0VWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8zOTYwNGUtOTc0OC00YzdkLWFkNWQtNTYzZDQ3YTdhYjYx
LzEvNC1keGQyWGt2TWNaR3lYUnBPWnRPSXljVTlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaqSMA0G
CSqGSIb3DQEBCwUAA4IBAQBuv0oLeTOQ0b6HLRCXVlIea6DdRHmb7Z9j9ZrAT0Am
ujzrwhNUX+dhcqLPAvpxoEs6IcRq9xj+oLlfU6yh5DYQXKAZb54yzBQdSfVg0MZG
E6rAb5131YzhJE11yS4EJ2EottYKlWuaeueeB7ezvdVsBgdVV/sRZK1CdUFhHIbB
PqDdiGDnocYYfnouYzvO3V2PieNXMhEo53uw+3Y0JBn2XZWT8O7IHlT0GKYctWE0
BtlHpen0UtWBafHCV/e7A95hmesAyC23DWzz1KYzD6TyxaIXL96RWfl6n6Poi0EH
MfT6NQiCL5cG1MxDeAsADCY9Zc6ZMyNBpKomJXVBP7EQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:33:17 2025 by rpki-client