Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/28d5a7-48f1-4414-a853-d86b4caed11d/1/i5TJmpCgcwEIK-2STzLppvHczOg.roa
File: i5TJmpCgcwEIK-2STzLppvHczOg.roa (raw, json)
Hash identifier: a+s1/5y9/qXzZ7947OUjocn0y5pb+XkYafSpl5gKnlQ=
Subject key identifier: 8B:94:C9:9A:90:A0:73:01:08:2B:ED:92:4F:32:E9:A6:F1:DC:CC:E8
Certificate issuer: /CN=25a879d628fe5ec8a761c4748679993f9c69f8b4
Certificate serial: 018CC56F064498BB50FEB90A4313618F01B5
Authority key identifier: 25:A8:79:D6:28:FE:5E:C8:A7:61:C4:74:86:79:99:3F:9C:69:F8:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jah51ij-XsinYcR0hnmZP5xp-LQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/28d5a7-48f1-4414-a853-d86b4caed11d/1/i5TJmpCgcwEIK-2STzLppvHczOg.roa
Signing time: Mon 01 Jan 2024 14:30:36 +0000
ROA not before: Mon 01 Jan 2024 14:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8437
IP address blocks: 185.245.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:06:44:98:bb:50:fe:b9:0a:43:13:61:8f:01:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25a879d628fe5ec8a761c4748679993f9c69f8b4
Validity
Not Before: Jan 1 14:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b94c99a90a07301082bed924f32e9a6f1dccce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:90:bb:56:39:8a:f0:14:a6:c1:f8:bb:c3:54:
8a:84:6b:35:c4:bf:73:6a:b1:ba:60:c7:ca:bd:74:
05:c2:26:49:0b:1a:94:37:0b:28:38:68:dc:7d:52:
91:01:23:29:e4:b1:42:46:54:32:1f:b7:4c:a6:35:
8d:11:7a:b0:83:c4:56:59:9b:ef:d4:62:68:67:73:
60:98:7b:7b:b6:f8:98:92:dd:d7:69:0d:0f:03:42:
5b:da:5b:83:45:01:37:d3:b8:c3:7b:b8:d0:bc:89:
19:aa:c0:79:97:c7:58:f9:a1:93:e6:9f:f8:b5:94:
1b:0c:5a:4e:5c:fa:1b:56:92:04:3f:c3:40:af:1d:
e4:28:d6:10:ef:b3:b9:84:5b:4b:a0:59:da:01:61:
b1:11:53:78:5d:e0:cc:fe:97:76:2c:50:c5:d9:5e:
e9:35:db:8f:1b:29:26:6e:f4:ac:d4:b6:c5:8e:91:
77:a5:05:99:eb:29:cd:cc:36:56:4e:05:30:77:60:
bb:f6:55:07:bb:84:96:44:4a:e1:60:8c:e7:25:14:
85:54:a2:51:7b:63:a4:f9:5b:33:85:81:28:f1:ab:
c9:07:3d:7f:32:54:5b:f2:bb:19:75:b9:3b:58:26:
7a:7d:b9:0a:d5:55:a8:fe:5b:a7:1d:3a:dd:7d:3e:
85:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:94:C9:9A:90:A0:73:01:08:2B:ED:92:4F:32:E9:A6:F1:DC:CC:E8
X509v3 Authority Key Identifier:
keyid:25:A8:79:D6:28:FE:5E:C8:A7:61:C4:74:86:79:99:3F:9C:69:F8:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jah51ij-XsinYcR0hnmZP5xp-LQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/28d5a7-48f1-4414-a853-d86b4caed11d/1/i5TJmpCgcwEIK-2STzLppvHczOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/28d5a7-48f1-4414-a853-d86b4caed11d/1/Jah51ij-XsinYcR0hnmZP5xp-LQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.65.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:e4:fb:d4:1e:c1:0c:6c:4f:aa:ca:43:b1:ba:f3:a0:c1:90:
e0:a5:87:58:b7:a7:f8:57:7f:c1:13:46:9d:c3:d6:53:aa:cc:
5c:0f:38:74:4a:e5:33:27:b5:e6:00:c4:e2:89:75:7d:80:9e:
02:ce:47:88:ab:db:fd:84:77:46:20:85:7f:b6:ec:7f:0c:55:
d7:43:cd:08:07:e0:48:f9:5d:93:17:81:ee:1f:2a:29:da:c3:
5e:42:7b:df:fb:c0:53:b6:b3:09:00:ac:9b:c6:58:02:66:be:
d7:09:38:1c:38:83:95:63:77:87:c3:84:95:db:17:30:74:09:
69:92:bb:66:a9:38:3f:fa:9f:44:65:d8:d5:d3:a5:72:a6:bc:
96:7e:53:7e:10:8f:55:65:2f:bb:c9:22:81:56:11:43:a4:50:
fc:ce:72:96:78:8b:23:39:72:7e:ca:07:c9:ac:11:b3:f9:5f:
a9:6f:d5:fa:95:03:b0:a1:e1:7f:ce:48:f7:54:c8:09:b7:d7:
b7:f2:42:81:3a:3b:d9:0a:23:ba:18:57:9e:a6:bf:90:6d:1e:
89:71:ab:02:93:2a:bc:3e:24:fd:9e:4b:86:fa:7f:0e:d6:83:
0f:6a:41:09:aa:4a:24:1b:05:67:2d:ab:8b:a6:47:36:78:59:
13:cf:5d:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbwZEmLtQ/rkKQxNhjwG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTg3OWQ2MjhmZTVlYzhhNzYxYzQ3NDg2Nzk5OTNmOWM2
OWY4YjQwHhcNMjQwMTAxMTQzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk0Yzk5YTkwYTA3MzAxMDgyYmVkOTI0ZjMyZTlhNmYxZGNjY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5C7VjmK8BSmwfi7w1SKhGs1xL9z
arG6YMfKvXQFwiZJCxqUNwsoOGjcfVKRASMp5LFCRlQyH7dMpjWNEXqwg8RWWZvv
1GJoZ3NgmHt7tviYkt3XaQ0PA0Jb2luDRQE307jDe7jQvIkZqsB5l8dY+aGT5p/4
tZQbDFpOXPobVpIEP8NArx3kKNYQ77O5hFtLoFnaAWGxEVN4XeDM/pd2LFDF2V7p
NduPGykmbvSs1LbFjpF3pQWZ6ynNzDZWTgUwd2C79lUHu4SWRErhYIznJRSFVKJR
e2Ok+VszhYEo8avJBz1/MlRb8rsZdbk7WCZ6fbkK1VWo/lunHTrdfT6F8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIuUyZqQoHMBCCvtkk8y6abx3MzoMB8GA1UdIwQY
MBaAFCWoedYo/l7Ip2HEdIZ5mT+cafi0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFoNTFpai1Yc2luWWNSMGhubVpQNXhwLUxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOGQ1YTctNDhmMS00NDE0LWE4NTMt
ZDg2YjRjYWVkMTFkLzEvaTVUSm1wQ2djd0VJSy0yU1R6THBwdkhjek9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOGQ1YTctNDhmMS00NDE0LWE4NTMtZDg2YjRjYWVkMTFk
LzEvSmFoNTFpai1Yc2luWWNSMGhubVpQNXhwLUxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufVBMA0G
CSqGSIb3DQEBCwUAA4IBAQC95PvUHsEMbE+qykOxuvOgwZDgpYdYt6f4V3/BE0ad
w9ZTqsxcDzh0SuUzJ7XmAMTiiXV9gJ4CzkeIq9v9hHdGIIV/tux/DFXXQ80IB+BI
+V2TF4HuHyop2sNeQnvf+8BTtrMJAKybxlgCZr7XCTgcOIOVY3eHw4SV2xcwdAlp
krtmqTg/+p9EZdjV06VypryWflN+EI9VZS+7ySKBVhFDpFD8znKWeIsjOXJ+ygfJ
rBGz+V+pb9X6lQOwoeF/zkj3VMgJt9e38kKBOjvZCiO6GFeepr+QbR6JcasCkyq8
PiT9nkuG+n8O1oMPakEJqkokGwVnLauLpkc2eFkTz12M
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:59 2025 by rpki-client