Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/aEF4QqmH6mEr_OfxlyMWQyqpzCs.roa
File: aEF4QqmH6mEr_OfxlyMWQyqpzCs.roa (raw, json)
Hash identifier: 1JD4pO8+tDSALQOhJOQpSPkswatYwNcQkC1zpWr216I=
Subject key identifier: 68:41:78:42:A9:87:EA:61:2B:FC:E7:F1:97:23:16:43:2A:A9:CC:2B
Certificate issuer: /CN=ac0cd1a338ebf5c7952eb9a1f0060549f9340ad6
Certificate serial: 018CC50011197B96057700E142C8BE20D379
Authority key identifier: AC:0C:D1:A3:38:EB:F5:C7:95:2E:B9:A1:F0:06:05:49:F9:34:0A:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rAzRozjr9ceVLrmh8AYFSfk0CtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/aEF4QqmH6mEr_OfxlyMWQyqpzCs.roa
Signing time: Mon 01 Jan 2024 12:29:25 +0000
ROA not before: Mon 01 Jan 2024 12:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60688
IP address blocks: 185.27.196.0/23 maxlen: 23
185.27.198.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 19 Jun 2024 09:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:11:19:7b:96:05:77:00:e1:42:c8:be:20:d3:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac0cd1a338ebf5c7952eb9a1f0060549f9340ad6
Validity
Not Before: Jan 1 12:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68417842a987ea612bfce7f1972316432aa9cc2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:57:6a:aa:85:6c:3e:c3:3a:26:60:b1:15:ab:
32:12:78:ec:8f:93:20:22:89:7e:81:1c:81:ad:c7:
82:d7:a4:50:b3:78:58:d0:90:37:16:3d:39:f5:7b:
4c:99:14:2d:99:88:d2:3b:8a:0f:ce:f0:f6:3e:e3:
12:33:39:4e:f3:70:80:8b:5b:91:8c:20:ec:7a:fb:
5d:34:30:9d:78:8c:ee:22:71:fa:58:1c:2d:6f:a5:
48:68:62:ca:15:de:33:a4:d1:bf:e5:5d:91:c1:9f:
83:86:e3:95:7c:e5:9d:42:ce:37:c3:21:19:d9:80:
b2:18:47:51:83:17:0d:d9:dd:af:f5:61:98:54:19:
a8:83:ba:4a:1a:33:de:c2:bc:c3:50:55:a9:30:53:
b3:eb:3b:4b:72:83:b8:44:f6:fb:5b:bb:db:f4:fb:
4e:fe:92:23:50:be:75:96:af:eb:c9:eb:d4:a1:57:
0a:88:40:b6:6e:2f:b0:16:ad:dc:8c:ba:72:65:6e:
06:72:74:c6:00:15:8d:fc:a5:a5:83:07:f8:b3:e8:
dd:f4:ea:7d:48:c1:12:a4:98:87:74:4f:21:4d:40:
cb:aa:92:30:7f:cd:0d:9a:ad:72:77:b3:98:72:8b:
07:ad:ea:5e:23:30:6d:77:ff:74:e7:9d:46:37:e4:
00:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:41:78:42:A9:87:EA:61:2B:FC:E7:F1:97:23:16:43:2A:A9:CC:2B
X509v3 Authority Key Identifier:
keyid:AC:0C:D1:A3:38:EB:F5:C7:95:2E:B9:A1:F0:06:05:49:F9:34:0A:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAzRozjr9ceVLrmh8AYFSfk0CtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/aEF4QqmH6mEr_OfxlyMWQyqpzCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/rAzRozjr9ceVLrmh8AYFSfk0CtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.196.0/22
Signature Algorithm: sha256WithRSAEncryption
62:a9:75:9d:10:02:20:3b:75:c5:d6:16:ba:ba:9d:11:9f:a9:
c1:4c:29:e5:c1:1e:ea:ed:81:ba:ff:ee:33:ed:ff:aa:8b:24:
6e:f1:59:01:99:ce:95:76:81:2e:d6:8c:0d:23:bc:63:3b:f1:
36:b4:12:63:2b:3a:11:a4:83:cb:23:15:cd:16:7f:40:97:dc:
26:22:ca:1a:8d:c7:60:0a:4c:27:b3:7a:34:1f:e2:b7:b2:83:
2d:e7:8b:c2:a4:19:1b:31:89:ce:30:cc:53:29:b7:5a:9c:69:
03:91:4d:78:7b:69:a2:46:8c:12:1a:63:06:f5:05:b2:08:e1:
18:86:42:b3:f9:81:fc:c4:3a:e2:4f:d2:d6:39:bf:35:45:39:
fc:81:3e:67:a8:3e:db:4e:24:46:06:4c:dc:66:aa:aa:17:c8:
a9:92:b9:65:fb:37:68:82:82:eb:f3:fa:54:1a:7c:17:96:a7:
98:44:7b:bf:ce:fa:3b:08:48:db:85:e2:6a:dd:55:8d:2c:ad:
b7:3d:45:16:41:b8:43:76:42:c9:31:16:6c:7c:e8:72:a9:27:
bd:d2:98:cc:8c:94:f6:5d:40:b4:c3:e5:e6:de:ad:29:8b:9c:
8e:f8:95:35:ca:2c:fb:3d:73:85:0e:5c:65:5c:94:95:42:8f:
54:aa:cc:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFABEZe5YFdwDhQsi+INN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMGNkMWEzMzhlYmY1Yzc5NTJlYjlhMWYwMDYwNTQ5Zjkz
NDBhZDYwHhcNMjQwMTAxMTIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQxNzg0MmE5ODdlYTYxMmJmY2U3ZjE5NzIzMTY0MzJhYTljYzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1dqqoVsPsM6JmCxFasyEnjsj5Mg
Iol+gRyBrceC16RQs3hY0JA3Fj059XtMmRQtmYjSO4oPzvD2PuMSMzlO83CAi1uR
jCDsevtdNDCdeIzuInH6WBwtb6VIaGLKFd4zpNG/5V2RwZ+DhuOVfOWdQs43wyEZ
2YCyGEdRgxcN2d2v9WGYVBmog7pKGjPewrzDUFWpMFOz6ztLcoO4RPb7W7vb9PtO
/pIjUL51lq/ryevUoVcKiEC2bi+wFq3cjLpyZW4GcnTGABWN/KWlgwf4s+jd9Op9
SMESpJiHdE8hTUDLqpIwf80Nmq1yd7OYcosHrepeIzBtd/90551GN+QAmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhBeEKph+phK/zn8ZcjFkMqqcwrMB8GA1UdIwQY
MBaAFKwM0aM46/XHlS65ofAGBUn5NArWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckF6Um96anI5Y2VWTHJtaDhBWUZTZmswQ3RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wYzVlYzEtOWMzZC00MTYyLTk4MDQt
YTMzNTE4YmRkOGZlLzEvYUVGNFFxbUg2bUVyX09meGx5TVdReXFwekNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wYzVlYzEtOWMzZC00MTYyLTk4MDQtYTMzNTE4YmRkOGZl
LzEvckF6Um96anI5Y2VWTHJtaDhBWUZTZmswQ3RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRvEMA0G
CSqGSIb3DQEBCwUAA4IBAQBiqXWdEAIgO3XF1ha6up0Rn6nBTCnlwR7q7YG6/+4z
7f+qiyRu8VkBmc6VdoEu1owNI7xjO/E2tBJjKzoRpIPLIxXNFn9Al9wmIsoajcdg
Ckwns3o0H+K3soMt54vCpBkbMYnOMMxTKbdanGkDkU14e2miRowSGmMG9QWyCOEY
hkKz+YH8xDriT9LWOb81RTn8gT5nqD7bTiRGBkzcZqqqF8ipkrll+zdogoLr8/pU
GnwXlqeYRHu/zvo7CEjbheJq3VWNLK23PUUWQbhDdkLJMRZsfOhyqSe90pjMjJT2
XUC0w+Xm3q0pi5yO+JU1yiz7PXOFDlxlXJSVQo9Uqszk
-----END CERTIFICATE-----
Generated at Tue May 6 02:38:42 2025 by rpki-client