Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/r5cx95WXA9xDuxSR_YkIj5ePZb8.roa
File: r5cx95WXA9xDuxSR_YkIj5ePZb8.roa (raw, json)
Hash identifier: /ic4qXclhHEq20wpPnSvn+u4o5Abdl+t0OTx/jjIwn4=
Subject key identifier: AF:97:31:F7:95:97:03:DC:43:BB:14:91:FD:89:08:8F:97:8F:65:BF
Certificate issuer: /CN=b0a7252aa643d0dbc42da410e9c20f5703368cd8
Certificate serial: 018CC727282C83F78512F6C59BBCC7EDFC00
Authority key identifier: B0:A7:25:2A:A6:43:D0:DB:C4:2D:A4:10:E9:C2:0F:57:03:36:8C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sKclKqZD0NvELaQQ6cIPVwM2jNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/r5cx95WXA9xDuxSR_YkIj5ePZb8.roa
Signing time: Mon 01 Jan 2024 22:31:21 +0000
ROA not before: Mon 01 Jan 2024 22:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21067
IP address blocks: 185.110.148.0/22 maxlen: 24
2a06:5840::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:28:2c:83:f7:85:12:f6:c5:9b:bc:c7:ed:fc:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0a7252aa643d0dbc42da410e9c20f5703368cd8
Validity
Not Before: Jan 1 22:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af9731f7959703dc43bb1491fd89088f978f65bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:89:7f:23:87:a3:e2:68:0a:7f:29:05:50:0d:
fd:6d:9f:a2:97:a4:fe:92:51:c5:56:28:3c:a8:9d:
d6:06:6a:9a:7a:21:ed:bb:e9:d4:82:01:b9:b9:4c:
36:75:ac:6c:bc:06:b2:4a:ee:ea:15:37:e6:3a:a2:
c2:52:f9:99:48:b9:bc:1a:ca:e7:d9:c7:fd:66:f0:
5d:f8:66:30:98:7b:69:ec:bf:ff:c5:72:59:f7:26:
22:88:04:0d:e4:6c:94:5a:f4:cf:f9:5c:34:94:72:
af:24:d0:7d:ff:be:7e:fc:5b:07:5e:13:6d:1b:1b:
82:4e:e5:c1:c5:18:5f:b0:40:a8:7b:83:b7:81:c8:
f2:aa:5d:db:1a:bf:20:e6:55:d2:7b:c8:a3:56:04:
91:06:ba:35:b2:3c:36:e1:4a:e8:90:b2:35:60:5b:
ca:84:8c:b3:6c:b3:1a:60:29:3f:60:c4:b0:36:1a:
01:fd:a2:3f:12:7e:b2:dc:5f:da:7c:6c:be:03:c0:
f0:f8:10:8e:a7:3f:18:90:37:cd:e7:71:de:2f:97:
9f:5c:f5:77:3b:ea:4e:27:8d:a5:da:4b:5e:dd:d9:
59:0b:76:51:bb:f9:2d:19:84:a3:fc:20:46:5f:4b:
78:92:39:68:69:d5:16:81:5d:2a:07:0d:aa:24:ff:
0c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:97:31:F7:95:97:03:DC:43:BB:14:91:FD:89:08:8F:97:8F:65:BF
X509v3 Authority Key Identifier:
keyid:B0:A7:25:2A:A6:43:D0:DB:C4:2D:A4:10:E9:C2:0F:57:03:36:8C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sKclKqZD0NvELaQQ6cIPVwM2jNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/r5cx95WXA9xDuxSR_YkIj5ePZb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/sKclKqZD0NvELaQQ6cIPVwM2jNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.148.0/22
IPv6:
2a06:5840::/29
Signature Algorithm: sha256WithRSAEncryption
bc:d7:60:4a:37:bd:d5:ff:40:46:30:b4:9e:86:80:d2:0e:1a:
48:cb:a0:ec:3e:3a:03:ef:83:8c:4e:83:c9:c0:18:03:b8:fe:
99:52:f5:13:8a:1a:9e:46:5d:c5:47:9d:bd:fb:99:1e:ea:69:
07:42:eb:54:08:7f:78:64:4e:eb:17:3b:cd:d5:72:13:b9:53:
3a:c8:9c:b7:d4:3a:1a:8f:0a:11:43:a8:09:21:e5:1f:33:85:
59:5a:1b:6b:9a:2e:5b:b0:11:2b:56:d7:9e:ac:f5:c9:05:83:
d3:87:93:9b:10:57:28:cb:4b:fa:ea:b6:dc:b2:35:80:07:30:
80:aa:52:0f:81:b6:28:5e:3f:17:b5:e2:ce:94:0c:fe:de:52:
ad:5b:6d:b8:ca:0e:21:3e:f4:42:f8:a9:d1:ce:8c:42:c7:a5:
63:a2:9b:eb:73:84:66:33:d0:ed:ba:ce:88:77:e7:41:53:c8:
75:7e:6d:ef:63:60:89:da:c6:37:8e:44:3b:e0:64:19:4d:c5:
cd:81:1f:06:e6:e6:8f:5c:0d:c5:15:f8:cf:b8:ca:4b:a7:d6:
22:72:14:70:b6:fb:c3:da:43:0d:fe:d8:8f:2a:86:a7:8b:33:
84:d5:a6:06:73:11:34:47:3c:ba:90:93:7c:67:0f:f7:d3:2d:
b1:c9:e8:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJygsg/eFEvbFm7zH7fwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYTcyNTJhYTY0M2QwZGJjNDJkYTQxMGU5YzIwZjU3MDMz
NjhjZDgwHhcNMjQwMTAxMjIzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjk3MzFmNzk1OTcwM2RjNDNiYjE0OTFmZDg5MDg4Zjk3OGY2NWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4l/I4ej4mgKfykFUA39bZ+il6T+
klHFVig8qJ3WBmqaeiHtu+nUggG5uUw2daxsvAaySu7qFTfmOqLCUvmZSLm8Gsrn
2cf9ZvBd+GYwmHtp7L//xXJZ9yYiiAQN5GyUWvTP+Vw0lHKvJNB9/75+/FsHXhNt
GxuCTuXBxRhfsECoe4O3gcjyql3bGr8g5lXSe8ijVgSRBro1sjw24UrokLI1YFvK
hIyzbLMaYCk/YMSwNhoB/aI/En6y3F/afGy+A8Dw+BCOpz8YkDfN53HeL5efXPV3
O+pOJ42l2kte3dlZC3ZRu/ktGYSj/CBGX0t4kjloadUWgV0qBw2qJP8MIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK+XMfeVlwPcQ7sUkf2JCI+Xj2W/MB8GA1UdIwQY
MBaAFLCnJSqmQ9DbxC2kEOnCD1cDNozYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0tjbEtxWkQwTnZFTGFRUTZjSVBWd00yak5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lNGYzZWYtN2JmYy00MDU1LWI3OTgt
MDI4YTJiMGE1M2Q1LzEvcjVjeDk1V1hBOXhEdXhTUl9Za0lqNWVQWmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lNGYzZWYtN2JmYy00MDU1LWI3OTgtMDI4YTJiMGE1M2Q1
LzEvc0tjbEtxWkQwTnZFTGFRUTZjSVBWd00yak5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW6UMA0E
AgACMAcDBQMqBlhAMA0GCSqGSIb3DQEBCwUAA4IBAQC812BKN73V/0BGMLSehoDS
DhpIy6DsPjoD74OMToPJwBgDuP6ZUvUTihqeRl3FR529+5ke6mkHQutUCH94ZE7r
FzvN1XITuVM6yJy31DoajwoRQ6gJIeUfM4VZWhtrmi5bsBErVteerPXJBYPTh5Ob
EFcoy0v66rbcsjWABzCAqlIPgbYoXj8XteLOlAz+3lKtW224yg4hPvRC+KnRzoxC
x6Vjopvrc4RmM9Dtus6Id+dBU8h1fm3vY2CJ2sY3jkQ74GQZTcXNgR8G5uaPXA3F
FfjPuMpLp9YichRwtvvD2kMN/tiPKoanizOE1aYGcxE0Rzy6kJN8Zw/30y2xyejd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:31 2025 by rpki-client