Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/K068Bj6nUMoiYe3CxacNU7vLDTU.roa
File: K068Bj6nUMoiYe3CxacNU7vLDTU.roa (raw, json)
Hash identifier: UZPgKRB+n5N2iNqZy7jR6qNMCR+BmJcVhAI9nh7Es1I=
Subject key identifier: 2B:4E:BC:06:3E:A7:50:CA:22:61:ED:C2:C5:A7:0D:53:BB:CB:0D:35
Certificate issuer: /CN=411c4322082191c79e2d86db4e1bf9d0718e27e9
Certificate serial: 018CC500317279A8DFA31756E3A0AC84B51D
Authority key identifier: 41:1C:43:22:08:21:91:C7:9E:2D:86:DB:4E:1B:F9:D0:71:8E:27:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QRxDIgghkceeLYbbThv50HGOJ-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/K068Bj6nUMoiYe3CxacNU7vLDTU.roa
Signing time: Mon 01 Jan 2024 12:29:33 +0000
ROA not before: Mon 01 Jan 2024 12:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51055
IP address blocks: 185.156.244.0/22 maxlen: 22
92.243.72.0/23 maxlen: 23
64.38.104.0/22 maxlen: 22
2a03:5b00::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:31:72:79:a8:df:a3:17:56:e3:a0:ac:84:b5:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411c4322082191c79e2d86db4e1bf9d0718e27e9
Validity
Not Before: Jan 1 12:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b4ebc063ea750ca2261edc2c5a70d53bbcb0d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:32:67:fc:c9:f1:60:10:7a:b7:c5:07:9e:af:
81:52:fd:58:75:47:49:84:41:74:df:6a:d6:63:6d:
bb:dc:90:61:22:b4:f7:06:06:0e:e0:d3:98:d4:b9:
58:15:71:3d:75:d9:3a:8b:f8:68:a9:30:eb:d6:3f:
19:80:57:27:51:84:95:52:80:1f:b6:e5:55:93:03:
44:12:67:f7:60:00:61:93:c9:1c:d4:0e:61:7f:12:
f1:33:e1:77:63:83:94:43:17:d7:0a:2f:ad:cb:0b:
37:bf:5a:b9:98:ca:df:d8:ba:01:60:be:97:cd:8f:
3f:87:ee:b5:7e:bc:62:dd:d6:93:d5:75:f4:06:21:
95:b2:4b:5d:79:0f:00:30:97:e5:a4:87:43:e7:93:
21:29:4a:f2:19:54:6b:07:03:91:0a:3a:9c:8c:4e:
50:78:5c:f5:5c:6b:35:5f:3d:00:f1:26:b4:2d:59:
c5:68:38:20:8e:44:ea:c2:ec:c1:a9:20:52:fc:b9:
75:97:5d:60:ac:8b:29:4d:44:7c:d1:1d:32:7b:a5:
c0:18:a3:21:79:09:8a:af:43:64:6c:63:6a:31:40:
ef:96:68:1c:f4:b7:aa:92:af:32:e6:ef:59:4d:70:
20:e5:2c:5c:70:cf:2b:0e:2b:6b:d2:50:a1:b0:9a:
1e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4E:BC:06:3E:A7:50:CA:22:61:ED:C2:C5:A7:0D:53:BB:CB:0D:35
X509v3 Authority Key Identifier:
keyid:41:1C:43:22:08:21:91:C7:9E:2D:86:DB:4E:1B:F9:D0:71:8E:27:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QRxDIgghkceeLYbbThv50HGOJ-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/K068Bj6nUMoiYe3CxacNU7vLDTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/QRxDIgghkceeLYbbThv50HGOJ-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.38.104.0/22
92.243.72.0/23
185.156.244.0/22
IPv6:
2a03:5b00::/32
Signature Algorithm: sha256WithRSAEncryption
67:2c:5f:a0:62:53:02:16:64:e8:25:77:02:1e:c1:87:80:a8:
bf:78:a0:d9:0e:b0:ee:4d:d5:dd:88:89:e2:7e:47:e8:9f:1b:
c8:b5:60:47:f7:25:dc:48:cb:8a:ff:4b:30:f5:55:be:36:87:
ec:f3:bd:ef:95:9d:65:ff:ca:06:7f:1b:94:1c:f8:ca:2a:49:
57:52:db:55:bc:02:a4:86:5b:a5:e0:ca:27:43:c4:34:7b:f1:
a6:fd:75:bf:9e:b5:22:95:4b:96:0c:a0:1c:d9:98:32:10:67:
1b:bf:b7:6b:c1:ee:40:4f:56:34:38:8e:a8:2d:df:9e:24:86:
82:40:86:f3:bd:c0:56:72:01:08:bd:96:62:f0:7a:02:e4:b5:
7f:33:5d:fe:1e:df:b5:a0:04:db:5b:3e:a8:c6:f2:96:46:94:
92:19:2e:3f:b1:08:5b:52:d7:94:00:ec:39:e4:e0:7f:f6:d7:
a5:d3:c4:d2:f5:ad:a0:a7:34:04:d9:a7:a8:d2:02:38:7f:65:
6f:a6:75:70:04:3c:89:66:3d:a3:7e:66:2a:0b:5b:51:b7:d9:
ec:07:09:54:35:79:58:dd:8d:86:d7:54:15:19:42:b6:5d:ba:
20:ad:9b:be:6b:bf:c7:92:70:b1:a9:6a:d9:b3:21:57:6e:a2:
40:de:cc:31
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFADFyeajfoxdW46CshLUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWM0MzIyMDgyMTkxYzc5ZTJkODZkYjRlMWJmOWQwNzE4
ZTI3ZTkwHhcNMjQwMTAxMTIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjRlYmMwNjNlYTc1MGNhMjI2MWVkYzJjNWE3MGQ1M2JiY2IwZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjJn/MnxYBB6t8UHnq+BUv1YdUdJ
hEF032rWY2273JBhIrT3BgYO4NOY1LlYFXE9ddk6i/hoqTDr1j8ZgFcnUYSVUoAf
tuVVkwNEEmf3YABhk8kc1A5hfxLxM+F3Y4OUQxfXCi+tyws3v1q5mMrf2LoBYL6X
zY8/h+61frxi3daT1XX0BiGVsktdeQ8AMJflpIdD55MhKUryGVRrBwORCjqcjE5Q
eFz1XGs1Xz0A8Sa0LVnFaDggjkTqwuzBqSBS/Ll1l11grIspTUR80R0ye6XAGKMh
eQmKr0NkbGNqMUDvlmgc9Leqkq8y5u9ZTXAg5SxccM8rDitr0lChsJoewQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCtOvAY+p1DKImHtwsWnDVO7yw01MB8GA1UdIwQY
MBaAFEEcQyIIIZHHni2G204b+dBxjifpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVJ4RElnZ2hrY2VlTFliYlRodjUwSEdPSi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9hNzkzOGYtN2M5YS00M2M5LTk1ZjMt
ZjM4MTBiZDcwMzc2LzEvSzA2OEJqNm5VTW9pWWUzQ3hhY05VN3ZMRFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9hNzkzOGYtN2M5YS00M2M5LTk1ZjMtZjM4MTBiZDcwMzc2
LzEvUVJ4RElnZ2hrY2VlTFliYlRodjUwSEdPSi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCQCZoAwQB
XPNIAwQCuZz0MA0EAgACMAcDBQAqA1sAMA0GCSqGSIb3DQEBCwUAA4IBAQBnLF+g
YlMCFmToJXcCHsGHgKi/eKDZDrDuTdXdiInifkfonxvItWBH9yXcSMuK/0sw9VW+
Nofs873vlZ1l/8oGfxuUHPjKKklXUttVvAKkhlul4MonQ8Q0e/Gm/XW/nrUilUuW
DKAc2ZgyEGcbv7drwe5AT1Y0OI6oLd+eJIaCQIbzvcBWcgEIvZZi8HoC5LV/M13+
Ht+1oATbWz6oxvKWRpSSGS4/sQhbUteUAOw55OB/9tel08TS9a2gpzQE2aeo0gI4
f2VvpnVwBDyJZj2jfmYqC1tRt9nsBwlUNXlY3Y2G11QVGUK2XbogrZu+a7/HknCx
qWrZsyFXbqJA3swx
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:13 2025 by rpki-client