Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/4hAmVbPmPaYQKiHQzAx5vrr1wuQ.roa
File: 4hAmVbPmPaYQKiHQzAx5vrr1wuQ.roa (raw, json)
Hash identifier: svJoUrr9KzJ5cRzvNBjj7rnHyQ32c6jsSNzAH4D9P/M=
Subject key identifier: E2:10:26:55:B3:E6:3D:A6:10:2A:21:D0:CC:0C:79:BE:BA:F5:C2:E4
Certificate issuer: /CN=ff6b3361a1a2a00dbce319019827febb715bd044
Certificate serial: 018CC424D7FF1ACBCC605BEBF6E65A96C4AA
Authority key identifier: FF:6B:33:61:A1:A2:A0:0D:BC:E3:19:01:98:27:FE:BB:71:5B:D0:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/4hAmVbPmPaYQKiHQzAx5vrr1wuQ.roa
Signing time: Mon 01 Jan 2024 08:29:58 +0000
ROA not before: Mon 01 Jan 2024 08:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206663
IP address blocks: 185.167.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:d7:ff:1a:cb:cc:60:5b:eb:f6:e6:5a:96:c4:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff6b3361a1a2a00dbce319019827febb715bd044
Validity
Not Before: Jan 1 08:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2102655b3e63da6102a21d0cc0c79bebaf5c2e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:00:dc:e7:7e:a6:03:54:26:f1:93:e5:9d:d0:
99:3e:0a:8d:48:c0:82:95:e1:e1:db:a8:56:09:c9:
8d:b7:37:d4:e9:15:1d:4c:bd:27:b1:37:1e:83:02:
fc:30:50:f8:c8:ee:39:f3:90:63:e9:a8:c0:65:a3:
42:a9:80:fd:8e:cb:00:3a:60:49:2b:b1:4b:ff:f9:
34:8c:e1:6d:52:c9:0f:9c:cd:29:ba:b5:f1:e3:e8:
e0:39:8e:7a:64:23:2e:0b:eb:db:9a:40:3f:04:ac:
fc:e6:c9:0f:58:d2:ee:b3:17:37:c2:bd:b5:79:24:
4b:0c:bc:60:1a:8e:21:37:58:c5:40:08:e8:22:20:
49:0b:40:d6:ac:cd:1c:4c:9a:de:ee:6e:0e:d0:f7:
95:32:bb:da:13:ce:9a:8f:a1:1b:ab:ca:30:12:0b:
0c:69:0e:21:7f:40:51:ff:37:87:ae:4d:b0:2e:c3:
20:29:0f:17:9e:73:78:97:a5:d2:e0:45:5c:08:37:
82:d2:0e:b6:19:88:77:4e:b4:90:ee:47:81:79:70:
d3:c0:f4:26:ff:ed:60:05:2d:f3:48:c2:fc:cb:27:
a2:76:ba:50:51:e8:b0:bf:cf:f3:6f:d7:a1:5a:af:
ba:93:40:69:53:0e:e6:e7:b5:61:34:d5:77:e7:32:
b2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:10:26:55:B3:E6:3D:A6:10:2A:21:D0:CC:0C:79:BE:BA:F5:C2:E4
X509v3 Authority Key Identifier:
keyid:FF:6B:33:61:A1:A2:A0:0D:BC:E3:19:01:98:27:FE:BB:71:5B:D0:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/4hAmVbPmPaYQKiHQzAx5vrr1wuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.180.0/24
Signature Algorithm: sha256WithRSAEncryption
64:5f:20:ed:e6:99:82:0e:53:a3:ed:3b:52:e2:9f:b1:38:a7:
d2:a8:dd:ff:73:56:9c:a2:47:92:2c:b9:c9:53:f2:8b:f7:c7:
2a:3c:49:55:72:29:2c:20:fe:b4:dc:af:f7:62:56:15:ed:66:
ec:7b:8f:d9:1c:12:e9:f4:bf:cb:f4:35:a1:11:75:88:79:30:
e7:69:27:2a:da:53:57:0c:8d:a5:5e:85:b0:75:50:83:2f:5a:
87:a2:2a:5e:93:a2:7c:d5:26:4c:b6:61:94:91:0b:af:a0:cb:
20:a3:9c:30:1d:e3:c5:b4:d8:43:4b:99:04:54:72:76:d9:4d:
ef:e1:92:ae:64:8e:23:31:33:c4:07:ee:19:e0:bb:9f:ad:60:
f7:ef:a6:ab:28:fd:f2:4e:40:8b:4c:95:2a:da:05:8d:ac:a8:
f7:71:96:b1:eb:75:64:b2:b3:d2:99:0b:92:4d:64:17:8d:ba:
35:f4:d6:c3:47:e2:a9:8e:80:f5:67:2b:56:ee:99:4f:c1:0c:
ae:09:2c:7d:2f:15:5a:29:f3:7b:74:4e:3b:b1:c8:7a:24:21:
ae:04:59:ad:16:42:6a:cb:8e:cf:6d:75:1e:19:e1:e0:f6:70:
15:82:6f:98:30:3c:f0:11:4a:81:34:4a:db:7c:99:e8:b1:62:
c3:c5:fc:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJNf/GsvMYFvr9uZalsSqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNmIzMzYxYTFhMmEwMGRiY2UzMTkwMTk4MjdmZWJiNzE1
YmQwNDQwHhcNMjQwMTAxMDgyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjEwMjY1NWIzZTYzZGE2MTAyYTIxZDBjYzBjNzliZWJhZjVjMmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgADc536mA1Qm8ZPlndCZPgqNSMCC
leHh26hWCcmNtzfU6RUdTL0nsTcegwL8MFD4yO4585Bj6ajAZaNCqYD9jssAOmBJ
K7FL//k0jOFtUskPnM0purXx4+jgOY56ZCMuC+vbmkA/BKz85skPWNLusxc3wr21
eSRLDLxgGo4hN1jFQAjoIiBJC0DWrM0cTJre7m4O0PeVMrvaE86aj6Ebq8owEgsM
aQ4hf0BR/zeHrk2wLsMgKQ8XnnN4l6XS4EVcCDeC0g62GYh3TrSQ7keBeXDTwPQm
/+1gBS3zSML8yyeidrpQUeiwv8/zb9ehWq+6k0BpUw7m57VhNNV35zKyeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOIQJlWz5j2mECoh0MwMeb669cLkMB8GA1UdIwQY
MBaAFP9rM2GhoqANvOMZAZgn/rtxW9BEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS85NmY5YTAtODc0Ni00YjMyLTgzZWUt
ZjYyMzIwOTUxYTM2LzEvNGhBbVZiUG1QYVlRS2lIUXpBeDV2cnIxd3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS85NmY5YTAtODc0Ni00YjMyLTgzZWUtZjYyMzIwOTUxYTM2
LzEvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuae0MA0G
CSqGSIb3DQEBCwUAA4IBAQBkXyDt5pmCDlOj7TtS4p+xOKfSqN3/c1acokeSLLnJ
U/KL98cqPElVciksIP603K/3YlYV7Wbse4/ZHBLp9L/L9DWhEXWIeTDnaScq2lNX
DI2lXoWwdVCDL1qHoipek6J81SZMtmGUkQuvoMsgo5wwHePFtNhDS5kEVHJ22U3v
4ZKuZI4jMTPEB+4Z4LufrWD376arKP3yTkCLTJUq2gWNrKj3cZax63VksrPSmQuS
TWQXjbo19NbDR+KpjoD1ZytW7plPwQyuCSx9LxVaKfN7dE47sch6JCGuBFmtFkJq
y47PbXUeGeHg9nAVgm+YMDzwEUqBNErbfJnosWLDxfws
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:42 2025 by rpki-client