Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/4ee19c-9462-4390-a42d-7eff8f1e91cd/1/4MZUNj1gLvesyFZQS8vpyOHBTNc.roa
File: 4MZUNj1gLvesyFZQS8vpyOHBTNc.roa (raw, json)
Hash identifier: +2De/oANzCEXzgS2t+59fXzlL7cCNq+3DavhBj/RN38=
Subject key identifier: E0:C6:54:36:3D:60:2E:F7:AC:C8:56:50:4B:CB:E9:C8:E1:C1:4C:D7
Certificate issuer: /CN=c104cd7df84c319d19af35b1104f173eba2c6dbd
Certificate serial: 018CC8026908D509EDBBD1EF96140FE601DC
Authority key identifier: C1:04:CD:7D:F8:4C:31:9D:19:AF:35:B1:10:4F:17:3E:BA:2C:6D:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQTNffhMMZ0ZrzWxEE8XProsbb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/4ee19c-9462-4390-a42d-7eff8f1e91cd/1/4MZUNj1gLvesyFZQS8vpyOHBTNc.roa
Signing time: Tue 02 Jan 2024 02:30:50 +0000
ROA not before: Tue 02 Jan 2024 02:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205368
IP address blocks: 185.215.52.0/22 maxlen: 22
185.215.52.0/24 maxlen: 24
185.215.55.0/24 maxlen: 24
185.215.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Aug 2024 08:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:69:08:d5:09:ed:bb:d1:ef:96:14:0f:e6:01:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c104cd7df84c319d19af35b1104f173eba2c6dbd
Validity
Not Before: Jan 2 02:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0c654363d602ef7acc856504bcbe9c8e1c14cd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:56:55:28:1d:f7:c6:1e:75:e0:0e:04:63:10:
5d:f4:cc:8c:9e:38:c7:0e:75:95:df:db:4c:1d:9a:
6f:b9:98:d8:c6:17:5b:b1:72:e9:90:ed:0d:61:c7:
b1:88:67:74:6c:b3:91:e5:74:ef:f6:6a:98:d1:da:
d4:4a:92:0a:06:21:26:b0:46:45:bf:10:13:9b:ff:
fd:59:32:22:ff:3b:e6:99:e8:aa:3e:7a:7c:45:8d:
a9:2f:0e:13:37:79:e9:5b:77:e1:bb:25:64:da:ad:
10:1b:b4:34:3d:71:7e:5c:bc:b8:51:27:47:99:09:
c3:5b:a9:53:6f:b7:17:b8:b5:22:6c:1b:18:8d:d1:
ab:de:e3:31:94:70:b2:a4:9c:72:2d:2a:9b:f2:bf:
85:b2:57:0e:f3:7e:a6:81:6d:fc:fb:f0:95:8e:22:
33:a0:f3:34:7e:3f:53:15:51:a4:7e:0f:56:af:30:
27:d1:2a:ba:36:90:0b:3c:53:84:9b:36:27:e8:c5:
73:67:65:65:0c:a9:b5:0b:ca:16:00:63:3f:f7:c8:
c3:0b:08:5d:50:b6:c9:63:26:ef:52:7c:0c:3c:45:
94:ce:c7:79:34:a4:60:ce:89:1a:48:b0:f6:3e:c2:
13:1b:07:72:2b:d8:38:7d:80:aa:bf:9e:de:de:8d:
d3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C6:54:36:3D:60:2E:F7:AC:C8:56:50:4B:CB:E9:C8:E1:C1:4C:D7
X509v3 Authority Key Identifier:
keyid:C1:04:CD:7D:F8:4C:31:9D:19:AF:35:B1:10:4F:17:3E:BA:2C:6D:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQTNffhMMZ0ZrzWxEE8XProsbb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/4ee19c-9462-4390-a42d-7eff8f1e91cd/1/4MZUNj1gLvesyFZQS8vpyOHBTNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/4ee19c-9462-4390-a42d-7eff8f1e91cd/1/wQTNffhMMZ0ZrzWxEE8XProsbb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.52.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:9d:21:b2:3d:78:5a:ca:e6:6d:38:72:29:fd:5f:83:3a:a8:
88:fa:07:12:2e:3e:a1:fe:c6:44:4d:30:d6:92:dc:d4:a4:1f:
99:90:6e:eb:17:cc:6a:62:ab:fe:70:23:49:ca:e8:0d:ce:b9:
95:60:2d:fd:04:57:30:63:91:cb:db:c1:9b:6f:78:e3:b8:ef:
9c:30:c2:7f:46:06:5d:9d:e3:29:92:65:e7:43:b2:84:11:7e:
0b:4a:f2:a4:2e:3b:ed:5c:a2:e5:7c:a0:24:de:cc:31:29:f6:
e4:ae:5f:0d:67:be:57:e1:64:db:67:2a:76:1f:c6:ce:6e:30:
06:b8:31:74:02:78:86:18:63:02:e1:c0:99:0d:65:71:91:9b:
b3:6e:93:85:a4:5b:11:72:64:2b:fe:e6:bc:37:f9:72:c5:10:
04:67:66:03:d9:1c:c8:be:3a:d6:e2:c8:fc:73:e7:d4:f8:d6:
b2:3b:0f:97:61:54:a9:df:ef:db:a8:ba:c3:fd:21:ce:cc:69:
cf:aa:c0:2f:77:d7:ba:bb:d6:70:94:e8:a3:be:6c:49:14:ba:
f6:a6:fc:c9:0d:74:06:8b:2b:52:b5:c9:df:69:31:fb:e2:ce:
77:a8:46:c0:b9:02:cc:99:0c:4f:0d:a8:0c:36:58:e5:b5:bb:
76:9e:b8:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAmkI1Qntu9HvlhQP5gHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDRjZDdkZjg0YzMxOWQxOWFmMzViMTEwNGYxNzNlYmEy
YzZkYmQwHhcNMjQwMTAyMDIzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGM2NTQzNjNkNjAyZWY3YWNjODU2NTA0YmNiZTljOGUxYzE0Y2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1ZVKB33xh514A4EYxBd9MyMnjjH
DnWV39tMHZpvuZjYxhdbsXLpkO0NYcexiGd0bLOR5XTv9mqY0drUSpIKBiEmsEZF
vxATm//9WTIi/zvmmeiqPnp8RY2pLw4TN3npW3fhuyVk2q0QG7Q0PXF+XLy4USdH
mQnDW6lTb7cXuLUibBsYjdGr3uMxlHCypJxyLSqb8r+FslcO836mgW38+/CVjiIz
oPM0fj9TFVGkfg9WrzAn0Sq6NpALPFOEmzYn6MVzZ2VlDKm1C8oWAGM/98jDCwhd
ULbJYybvUnwMPEWUzsd5NKRgzokaSLD2PsITGwdyK9g4fYCqv57e3o3TUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODGVDY9YC73rMhWUEvL6cjhwUzXMB8GA1UdIwQY
MBaAFMEEzX34TDGdGa81sRBPFz66LG29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FUTmZmaE1NWjBacnpXeEVFOFhQcm9zYmIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC80ZWUxOWMtOTQ2Mi00MzkwLWE0MmQt
N2VmZjhmMWU5MWNkLzEvNE1aVU5qMWdMdmVzeUZaUVM4dnB5T0hCVE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC80ZWUxOWMtOTQ2Mi00MzkwLWE0MmQtN2VmZjhmMWU5MWNk
LzEvd1FUTmZmaE1NWjBacnpXeEVFOFhQcm9zYmIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudc0MA0G
CSqGSIb3DQEBCwUAA4IBAQChnSGyPXhayuZtOHIp/V+DOqiI+gcSLj6h/sZETTDW
ktzUpB+ZkG7rF8xqYqv+cCNJyugNzrmVYC39BFcwY5HL28Gbb3jjuO+cMMJ/RgZd
neMpkmXnQ7KEEX4LSvKkLjvtXKLlfKAk3swxKfbkrl8NZ75X4WTbZyp2H8bObjAG
uDF0AniGGGMC4cCZDWVxkZuzbpOFpFsRcmQr/ua8N/lyxRAEZ2YD2RzIvjrW4sj8
c+fU+NayOw+XYVSp3+/bqLrD/SHOzGnPqsAvd9e6u9ZwlOijvmxJFLr2pvzJDXQG
iytStcnfaTH74s53qEbAuQLMmQxPDagMNljltbt2nrhT
-----END CERTIFICATE-----
Generated at Tue Aug 6 12:12:40 2024 by rpki-client on console-ams.rpki-client.org