Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/sPUwlAiGxF-gtF55f-kHxUAtTvI.roa
File: sPUwlAiGxF-gtF55f-kHxUAtTvI.roa (raw, json)
Hash identifier: 1yu66ZzwLqmEbYcF2+25C8MHkQtDvFawrAsT4I6ATC8=
Subject key identifier: B0:F5:30:94:08:86:C4:5F:A0:B4:5E:79:7F:E9:07:C5:40:2D:4E:F2
Certificate issuer: /CN=4456c14cd8724f9a909627b94e006cf69d12307b
Certificate serial: 018DE99F9D4E05033FFD695D14932AFD7F00
Authority key identifier: 44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/sPUwlAiGxF-gtF55f-kHxUAtTvI.roa
Signing time: Tue 27 Feb 2024 08:12:48 +0000
ROA not before: Tue 27 Feb 2024 08:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 185.36.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:9f:9d:4e:05:03:3f:fd:69:5d:14:93:2a:fd:7f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4456c14cd8724f9a909627b94e006cf69d12307b
Validity
Not Before: Feb 27 08:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0f530940886c45fa0b45e797fe907c5402d4ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:af:13:6c:f2:14:ac:25:89:fa:76:be:aa:9d:
4d:4c:1a:ac:81:82:a0:31:fb:36:0d:b5:32:45:ff:
ec:09:db:0d:d5:f6:21:a8:cb:00:41:b7:d2:02:58:
f6:4b:5a:6d:2d:a3:92:fb:2c:79:bb:69:4a:0b:6f:
71:cc:52:f2:b6:74:00:ad:8f:f1:ab:42:39:2d:d9:
88:6a:8a:0c:62:30:9f:19:c3:5f:6f:4b:ee:89:cf:
df:6a:42:21:be:b5:84:cd:ec:78:50:67:34:c3:73:
fe:ff:e0:1e:9d:44:dd:bd:b8:fd:f5:58:0d:50:c8:
52:e4:50:f5:39:87:91:51:f0:68:1c:8b:2c:bb:c4:
09:5e:b4:0a:1a:6f:d3:73:19:4f:b0:3e:11:95:96:
8c:47:c3:3c:8f:9a:bc:7c:0d:c2:e6:24:a7:51:cc:
96:5a:94:54:e0:f7:51:9b:81:98:36:14:a4:ce:8a:
e3:45:27:51:2f:3b:0e:8c:48:bd:22:dd:b8:ba:7a:
72:1f:b2:26:50:e8:24:8d:9f:78:e1:07:50:a0:f0:
d7:bf:e4:a1:fe:d6:40:42:ae:cb:77:93:73:9b:26:
b0:cf:66:dc:17:54:63:b1:23:eb:2f:a3:9d:f4:55:
a3:ea:b1:34:3a:23:cf:d4:3f:77:8c:f2:f4:df:16:
bf:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F5:30:94:08:86:C4:5F:A0:B4:5E:79:7F:E9:07:C5:40:2D:4E:F2
X509v3 Authority Key Identifier:
keyid:44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/sPUwlAiGxF-gtF55f-kHxUAtTvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.126.0/24
Signature Algorithm: sha256WithRSAEncryption
05:80:17:d4:9f:ec:a4:ab:58:2d:e2:41:78:88:c6:e9:fe:f5:
f1:81:ff:74:c6:c3:8d:6b:70:eb:f1:8e:34:e6:00:a4:ef:b6:
bf:03:e8:a5:04:4f:3d:00:70:8c:d5:27:ae:36:1a:ae:e9:29:
4e:89:ee:a5:75:11:de:40:be:9e:27:6c:f0:b8:f0:f3:e9:b0:
86:da:60:c5:ca:4b:bd:33:69:e3:e9:6f:64:6f:a6:29:32:de:
b2:39:c1:5b:e9:a2:a7:2e:22:4b:fa:34:d9:4d:47:8c:c0:94:
25:80:75:bf:c5:16:c2:38:92:2b:e0:82:09:5d:16:f0:3c:06:
01:ea:2c:35:2a:5c:87:91:22:73:b5:81:d5:ea:af:52:35:24:
63:f1:98:37:02:3a:5c:b8:93:09:f0:5e:c0:d2:9c:fc:77:3b:
4f:ae:64:40:49:22:aa:04:c2:ab:bf:1e:93:b6:42:2f:32:bb:
d3:d0:16:ec:d4:36:40:36:82:ed:6f:c6:6c:87:b6:cb:f2:97:
34:94:30:ac:8e:9d:fb:09:38:b0:dd:2a:d9:a5:91:ca:83:f7:
21:b0:ed:73:47:82:ac:cf:f2:6c:3c:a5:a2:28:d6:6b:47:80:
14:5d:16:c4:ee:e7:08:99:76:30:63:52:9b:56:6e:b8:fa:d3:
32:8b:3f:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3pn51OBQM//WldFJMq/X8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTZjMTRjZDg3MjRmOWE5MDk2MjdiOTRlMDA2Y2Y2OWQx
MjMwN2IwHhcNMjQwMjI3MDgxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY1MzA5NDA4ODZjNDVmYTBiNDVlNzk3ZmU5MDdjNTQwMmQ0ZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh68TbPIUrCWJ+na+qp1NTBqsgYKg
Mfs2DbUyRf/sCdsN1fYhqMsAQbfSAlj2S1ptLaOS+yx5u2lKC29xzFLytnQArY/x
q0I5LdmIaooMYjCfGcNfb0vuic/fakIhvrWEzex4UGc0w3P+/+AenUTdvbj99VgN
UMhS5FD1OYeRUfBoHIssu8QJXrQKGm/TcxlPsD4RlZaMR8M8j5q8fA3C5iSnUcyW
WpRU4PdRm4GYNhSkzorjRSdRLzsOjEi9It24unpyH7ImUOgkjZ944QdQoPDXv+Sh
/tZAQq7Ld5Nzmyawz2bcF1RjsSPrL6Od9FWj6rE0OiPP1D93jPL03xa/0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLD1MJQIhsRfoLReeX/pB8VALU7yMB8GA1UdIwQY
MBaAFERWwUzYck+akJYnuU4AbPadEjB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYt
NWI4NzgyNWMwN2VlLzEvc1BVd2xBaUd4Ri1ndEY1NWYta0h4VUF0VHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYtNWI4NzgyNWMwN2Vl
LzEvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSR+MA0G
CSqGSIb3DQEBCwUAA4IBAQAFgBfUn+ykq1gt4kF4iMbp/vXxgf90xsONa3Dr8Y40
5gCk77a/A+ilBE89AHCM1SeuNhqu6SlOie6ldRHeQL6eJ2zwuPDz6bCG2mDFyku9
M2nj6W9kb6YpMt6yOcFb6aKnLiJL+jTZTUeMwJQlgHW/xRbCOJIr4IIJXRbwPAYB
6iw1KlyHkSJztYHV6q9SNSRj8Zg3AjpcuJMJ8F7A0pz8dztPrmRASSKqBMKrvx6T
tkIvMrvT0Bbs1DZANoLtb8Zsh7bL8pc0lDCsjp37CTiw3SrZpZHKg/chsO1zR4Ks
z/JsPKWiKNZrR4AUXRbE7ucImXYwY1KbVm64+tMyiz9X
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:29 2025 by rpki-client