Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/Xx8dhhqLoyOsONJff7ACko0qlEI.roa
File: Xx8dhhqLoyOsONJff7ACko0qlEI.roa (raw, json)
Hash identifier: QQEwKuUsGbWiDqtDUzO3XpVMKH0nCRyvTLhpaov8Bio=
Subject key identifier: 5F:1F:1D:86:1A:8B:A3:23:AC:38:D2:5F:7F:B0:02:92:8D:2A:94:42
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018DB796FBA8D5E4986724AB3427239F4F76
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/Xx8dhhqLoyOsONJff7ACko0qlEI.roa
Signing time: Sat 17 Feb 2024 15:02:21 +0000
ROA not before: Sat 17 Feb 2024 15:02:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48014
IP address blocks: 185.187.154.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b7:96:fb:a8:d5:e4:98:67:24:ab:34:27:23:9f:4f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Feb 17 15:02:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f1f1d861a8ba323ac38d25f7fb002928d2a9442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:11:2b:ab:6a:8a:e0:b4:9e:86:43:0c:76:ce:
3d:50:89:7e:4b:b9:0a:b3:34:e1:df:13:98:c4:3b:
8b:ed:40:d0:24:d0:2c:1e:2d:87:8d:91:e1:f3:c6:
a2:94:11:e1:f8:7e:2a:00:20:2a:92:46:aa:cb:0f:
2a:c2:79:c9:29:b6:64:57:17:16:23:0a:cf:42:dc:
c2:ce:b4:35:3a:7e:a8:a1:96:58:34:e6:38:77:33:
63:7b:b0:52:f8:b2:b2:3b:45:e6:65:10:b1:74:d9:
2b:e3:b4:ad:70:e1:dc:d6:bf:f6:fd:2d:ec:8a:ab:
35:21:32:8d:bf:a4:35:97:53:2f:42:87:ba:d6:1b:
0a:d8:7d:fc:2d:df:99:f8:21:46:58:98:74:89:4d:
69:b3:6e:60:4f:87:17:41:29:e7:d3:7d:b3:be:43:
71:01:6c:55:06:71:15:df:36:2f:5c:b8:6f:08:b6:
1e:11:36:4a:2f:e3:e1:9d:89:03:d6:36:c1:2a:c8:
a9:37:03:6a:df:cb:20:04:2e:f9:3a:e5:44:1a:95:
35:d4:45:eb:a3:4b:89:e5:1d:57:09:30:b5:7e:dc:
20:ba:69:64:ca:21:29:db:c1:32:74:16:7b:a7:57:
5b:ab:6b:74:f4:a6:ff:d7:06:59:4d:76:d4:4d:2e:
b1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1F:1D:86:1A:8B:A3:23:AC:38:D2:5F:7F:B0:02:92:8D:2A:94:42
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/Xx8dhhqLoyOsONJff7ACko0qlEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.154.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:a3:c2:45:2e:b8:52:4b:8d:8e:e9:33:d3:be:a3:83:54:df:
e1:27:7a:03:01:0f:07:97:4c:05:41:61:db:c1:ab:1c:ef:e3:
a4:12:7d:a1:b8:6e:00:86:1c:94:3a:ea:c5:63:78:59:76:7d:
f8:47:21:98:3d:ed:93:10:22:72:f5:36:40:e3:b2:1a:dd:fe:
07:ae:36:70:05:33:5d:fd:c9:c6:c4:11:92:1a:ef:7a:63:05:
52:d7:99:23:00:c8:c6:b3:32:b0:f3:27:c7:d4:f0:27:f0:4b:
56:f5:16:ee:fb:dc:2d:04:0c:0f:9f:dd:9a:d4:84:54:b6:ee:
a8:b5:26:77:c8:64:dd:6e:a8:b9:7e:dc:9d:ea:a6:be:7c:13:
52:cb:1d:7a:ac:3a:8d:a9:15:fa:ec:d7:84:8c:3d:5d:ee:29:
31:6f:5a:ef:fb:14:bd:a0:b1:89:e2:0d:fd:0d:47:f5:b7:ec:
f7:5a:69:72:91:c1:b8:dd:23:b8:b3:f9:c8:ef:b9:c8:6d:9a:
6d:14:2a:54:d0:5b:36:99:36:55:13:d3:7b:71:b2:66:06:f5:
ee:59:f2:b6:c0:a2:1f:89:6a:b1:6e:15:1e:d4:28:99:60:52:
05:5d:20:eb:33:14:8e:1c:55:09:72:21:65:0d:dd:0d:00:2d:
d4:28:b3:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY23lvuo1eSYZySrNCcjn092MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjQwMjE3MTUwMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjFmMWQ4NjFhOGJhMzIzYWMzOGQyNWY3ZmIwMDI5MjhkMmE5NDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhErq2qK4LSehkMMds49UIl+S7kK
szTh3xOYxDuL7UDQJNAsHi2HjZHh88ailBHh+H4qACAqkkaqyw8qwnnJKbZkVxcW
IwrPQtzCzrQ1On6ooZZYNOY4dzNje7BS+LKyO0XmZRCxdNkr47StcOHc1r/2/S3s
iqs1ITKNv6Q1l1MvQoe61hsK2H38Ld+Z+CFGWJh0iU1ps25gT4cXQSnn032zvkNx
AWxVBnEV3zYvXLhvCLYeETZKL+PhnYkD1jbBKsipNwNq38sgBC75OuVEGpU11EXr
o0uJ5R1XCTC1ftwgumlkyiEp28EydBZ7p1dbq2t09Kb/1wZZTXbUTS6xpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8fHYYai6MjrDjSX3+wApKNKpRCMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvWHg4ZGhocUxveU9zT05KZmY3QUNrbzBxbEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubuaMA0G
CSqGSIb3DQEBCwUAA4IBAQBLo8JFLrhSS42O6TPTvqODVN/hJ3oDAQ8Hl0wFQWHb
wasc7+OkEn2huG4AhhyUOurFY3hZdn34RyGYPe2TECJy9TZA47Ia3f4HrjZwBTNd
/cnGxBGSGu96YwVS15kjAMjGszKw8yfH1PAn8EtW9Rbu+9wtBAwPn92a1IRUtu6o
tSZ3yGTdbqi5ftyd6qa+fBNSyx16rDqNqRX67NeEjD1d7ikxb1rv+xS9oLGJ4g39
DUf1t+z3WmlykcG43SO4s/nI77nIbZptFCpU0Fs2mTZVE9N7cbJmBvXuWfK2wKIf
iWqxbhUe1CiZYFIFXSDrMxSOHFUJciFlDd0NAC3UKLPj
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:33:31 2025 by rpki-client