Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/1w3n9ZVb_Fv5mHDAxyi72eHwqnw.roa
File: 1w3n9ZVb_Fv5mHDAxyi72eHwqnw.roa (raw, json)
Hash identifier: W5B3S1dMOHTWpto06OQfsvG2KE57vBbZit/AeDL4eZ4=
Subject key identifier: D7:0D:E7:F5:95:5B:FC:5B:F9:98:70:C0:C7:28:BB:D9:E1:F0:AA:7C
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 018CCA99257A8CDE942C0F52A8A68867B919
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/1w3n9ZVb_Fv5mHDAxyi72eHwqnw.roa
Signing time: Tue 02 Jan 2024 14:34:43 +0000
ROA not before: Tue 02 Jan 2024 14:34:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204870
IP address blocks: 185.174.154.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:25:7a:8c:de:94:2c:0f:52:a8:a6:88:67:b9:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Jan 2 14:34:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d70de7f5955bfc5bf99870c0c728bbd9e1f0aa7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6a:9b:e3:5e:5c:2a:24:db:e5:d9:a3:50:2d:
49:53:0d:09:84:3b:78:a8:70:19:dd:21:74:3d:03:
7c:31:50:a8:f5:67:c8:af:3f:e0:24:97:d5:c3:87:
13:c1:3d:d7:16:ae:d3:ca:3e:e8:45:80:78:80:a3:
90:91:51:d9:41:02:66:4d:f3:57:12:7a:9e:51:a7:
c6:ca:ad:e1:60:06:bf:0e:d5:d2:41:35:5e:f7:af:
7a:ca:4f:1e:f8:56:7d:c8:a1:0e:ed:c5:5b:d8:19:
f3:a0:ed:f3:95:e8:2d:ef:a8:68:ed:46:8f:00:29:
ee:8c:d9:ef:2d:43:ad:29:34:7a:a7:ce:95:42:fd:
3a:b1:7b:61:e0:f8:52:a2:a1:78:e7:ee:77:74:b3:
d4:cb:a3:51:ba:b3:45:f4:1f:16:ae:1c:75:a1:45:
fa:33:e7:b5:22:59:30:3b:39:37:7c:5f:8d:00:27:
ea:85:cf:e5:71:72:5c:2f:5e:cb:b1:d5:fd:50:60:
b2:54:18:70:0b:ae:f5:fb:be:ab:58:89:e2:de:19:
b2:7c:d0:8f:f2:43:90:85:97:54:dc:e0:83:36:67:
a9:a2:76:e8:02:b4:3e:ee:4a:ad:65:9f:ba:17:d9:
a3:bc:66:d6:ce:cb:f4:86:31:e8:91:68:15:62:1e:
3f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:0D:E7:F5:95:5B:FC:5B:F9:98:70:C0:C7:28:BB:D9:E1:F0:AA:7C
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/1w3n9ZVb_Fv5mHDAxyi72eHwqnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.154.0/23
Signature Algorithm: sha256WithRSAEncryption
71:d9:45:bc:86:83:1d:3a:ce:16:9a:ed:58:6b:cc:89:12:e9:
6e:f0:6d:a6:c7:bc:6d:f5:d2:b4:09:18:d0:94:3f:69:50:e2:
25:85:10:fc:84:8b:87:bd:17:50:a7:be:7f:9d:81:e7:ca:ba:
26:8f:a9:ec:4c:d3:3a:ba:15:ca:26:48:39:cf:bb:d6:0d:f5:
18:bf:00:9a:c4:5b:91:f2:5c:fd:5b:da:ca:f9:ed:84:c0:2b:
a6:80:0a:b3:cb:7a:04:62:39:e6:a8:81:f7:9c:54:37:9e:83:
d8:90:11:15:98:8c:1e:eb:0f:9b:ce:a1:0e:12:c0:c7:01:96:
b9:70:3d:27:64:bf:d6:7b:2c:fd:28:aa:16:05:7e:14:35:fa:
78:12:99:4b:e7:b7:5f:27:63:ea:d9:6c:62:1d:f0:0c:18:9b:
e9:12:3a:fd:b3:fd:fd:88:f8:9f:94:3c:8a:a5:d4:8e:f4:83:
fa:54:a3:d1:2d:fc:3d:c3:6f:48:84:c5:ae:37:67:0c:ed:7e:
b7:52:b0:8a:85:46:a0:36:01:f4:cb:31:cd:8f:c1:5a:66:8a:
ed:5a:a8:c2:bc:f2:f3:f5:6b:a4:ca:eb:95:bd:88:2a:58:29:
60:83:b1:1b:20:60:2a:67:89:79:34:a8:57:b1:b8:e3:b8:27:
a2:cc:71:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmSV6jN6ULA9SqKaIZ7kZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZThmNTZiYzFmNTAxMDI5MTY4MWJjMmQ4YzAyZjlhY2Jm
NzE0YTAwHhcNMjQwMTAyMTQzNDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzBkZTdmNTk1NWJmYzViZjk5ODcwYzBjNzI4YmJkOWUxZjBhYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmqb415cKiTb5dmjUC1JUw0JhDt4
qHAZ3SF0PQN8MVCo9WfIrz/gJJfVw4cTwT3XFq7Tyj7oRYB4gKOQkVHZQQJmTfNX
EnqeUafGyq3hYAa/DtXSQTVe9696yk8e+FZ9yKEO7cVb2BnzoO3zlegt76ho7UaP
ACnujNnvLUOtKTR6p86VQv06sXth4PhSoqF45+53dLPUy6NRurNF9B8Wrhx1oUX6
M+e1IlkwOzk3fF+NACfqhc/lcXJcL17LsdX9UGCyVBhwC671+76rWIni3hmyfNCP
8kOQhZdU3OCDNmeponboArQ+7kqtZZ+6F9mjvGbWzsv0hjHokWgVYh4/lwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNcN5/WVW/xb+ZhwwMcou9nh8Kp8MB8GA1UdIwQY
MBaAFOLo9WvB9QECkWgbwtjAL5rL9xSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTct
NDQ3ZWRjNGY5YWY2LzEvMXczbjlaVmJfRnY1bUhEQXh5aTcyZUh3cW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTctNDQ3ZWRjNGY5YWY2
LzEvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBua6aMA0G
CSqGSIb3DQEBCwUAA4IBAQBx2UW8hoMdOs4Wmu1Ya8yJEulu8G2mx7xt9dK0CRjQ
lD9pUOIlhRD8hIuHvRdQp75/nYHnyromj6nsTNM6uhXKJkg5z7vWDfUYvwCaxFuR
8lz9W9rK+e2EwCumgAqzy3oEYjnmqIH3nFQ3noPYkBEVmIwe6w+bzqEOEsDHAZa5
cD0nZL/Weyz9KKoWBX4UNfp4EplL57dfJ2Pq2WxiHfAMGJvpEjr9s/39iPiflDyK
pdSO9IP6VKPRLfw9w29IhMWuN2cM7X63UrCKhUagNgH0yzHNj8FaZortWqjCvPLz
9WukyuuVvYgqWClgg7EbIGAqZ4l5NKhXsbjjuCeizHFk
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:54 2025 by rpki-client