Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/PdJp1aTmSJE-rLNY32-ozShsgfs.roa
File: PdJp1aTmSJE-rLNY32-ozShsgfs.roa (raw, json)
Hash identifier: mqGXENXqKuyQNZkt3Wc5fPvhQEUqZ9n6903WVjk0vvU=
Subject key identifier: 3D:D2:69:D5:A4:E6:48:91:3E:AC:B3:58:DF:6F:A8:CD:28:6C:81:FB
Certificate issuer: /CN=435e41960d590e99804e90b9af0365584c712c72
Certificate serial: 018CC94CB11857F960E7C7F98799A34C775B
Authority key identifier: 43:5E:41:96:0D:59:0E:99:80:4E:90:B9:AF:03:65:58:4C:71:2C:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q15Blg1ZDpmATpC5rwNlWExxLHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/PdJp1aTmSJE-rLNY32-ozShsgfs.roa
Signing time: Tue 02 Jan 2024 08:31:35 +0000
ROA not before: Tue 02 Jan 2024 08:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204686
IP address blocks: 185.196.150.0/24 maxlen: 24
185.196.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 04:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:b1:18:57:f9:60:e7:c7:f9:87:99:a3:4c:77:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435e41960d590e99804e90b9af0365584c712c72
Validity
Not Before: Jan 2 08:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dd269d5a4e648913eacb358df6fa8cd286c81fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b3:f7:f5:56:73:b5:de:a9:47:64:fc:ac:56:
6c:80:d9:af:52:99:28:98:fe:bc:0c:84:70:c8:ed:
17:eb:ef:e5:cb:88:82:cc:58:85:29:7f:f6:5f:75:
27:fa:67:7e:15:fc:cf:b1:45:3f:3f:68:8e:a0:0b:
bf:b2:52:a0:53:b6:b3:db:5c:05:d7:47:67:07:3b:
bb:c0:9f:f9:24:0d:f8:ab:70:08:dd:78:25:69:c8:
4a:e2:80:99:43:c1:9d:36:ed:c0:5c:94:0d:98:6f:
fa:c4:b9:32:44:11:b0:5d:5f:a1:6e:3c:c8:83:6e:
b7:9a:ed:70:ad:65:da:9c:83:1d:5f:93:04:96:60:
fe:2f:b9:c0:d1:bb:64:10:d8:58:b1:de:fb:5b:57:
af:9d:d5:59:85:85:50:83:ab:4c:03:3a:ff:fc:84:
7c:03:b1:84:f1:80:fe:5e:5a:d1:5c:a4:30:2a:0b:
35:98:b1:66:31:73:bc:d3:76:55:56:e7:af:11:b1:
bd:2c:54:3d:80:31:24:a4:1b:57:7a:ec:05:0f:ba:
98:9e:e1:8e:9e:e7:94:cc:47:10:27:cc:5a:1d:f0:
25:97:2b:78:c9:7f:f4:21:90:a4:a4:3a:99:23:98:
79:06:7d:41:6d:54:5f:9a:c1:91:da:e0:a1:18:bb:
5e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D2:69:D5:A4:E6:48:91:3E:AC:B3:58:DF:6F:A8:CD:28:6C:81:FB
X509v3 Authority Key Identifier:
keyid:43:5E:41:96:0D:59:0E:99:80:4E:90:B9:AF:03:65:58:4C:71:2C:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q15Blg1ZDpmATpC5rwNlWExxLHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/PdJp1aTmSJE-rLNY32-ozShsgfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/Q15Blg1ZDpmATpC5rwNlWExxLHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.149.0-185.196.150.255
Signature Algorithm: sha256WithRSAEncryption
23:83:40:46:bf:fa:4f:21:53:1b:18:7f:61:f0:f7:4e:41:8c:
b7:dc:f9:62:03:b3:6e:f0:16:86:32:db:fd:59:e3:65:9a:cb:
c8:db:b5:fd:c4:dd:a4:3b:2d:3e:b2:57:69:8d:60:e6:02:0f:
e8:88:e4:5a:ac:8f:d6:15:b9:ed:84:0a:6b:d3:df:eb:21:5f:
67:7f:47:21:b0:d1:37:be:19:bb:65:1c:bf:a8:85:fc:34:fe:
a2:fc:85:5c:a3:a7:e1:63:a9:7f:38:e7:e5:38:f8:da:86:f1:
9c:59:70:4f:9c:eb:b7:39:c4:32:02:c3:2a:17:0b:62:4f:47:
24:a0:d1:f9:51:d0:9d:34:a1:a4:3f:48:51:84:6a:68:78:bf:
51:f2:d5:ee:8f:0a:ae:77:a9:09:9a:bb:d4:08:db:17:9f:a8:
52:c7:a8:f1:b2:f6:b9:ee:cf:31:41:07:79:e9:d4:42:84:be:
71:4f:e1:01:ec:74:e6:f2:e8:24:de:3e:e3:e7:97:bb:bf:a2:
7b:af:fb:0d:ce:9e:98:17:17:73:b8:fa:eb:c7:ad:61:d0:0c:
bc:59:a1:57:04:9c:51:6c:e1:6a:f2:86:e5:51:07:e5:2b:87:
76:57:68:90:1f:06:d0:79:8b:ca:c5:17:8b:34:9a:36:43:1f:
76:41:77:d7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJTLEYV/lg58f5h5mjTHdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNWU0MTk2MGQ1OTBlOTk4MDRlOTBiOWFmMDM2NTU4NGM3
MTJjNzIwHhcNMjQwMTAyMDgzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGQyNjlkNWE0ZTY0ODkxM2VhY2IzNThkZjZmYThjZDI4NmM4MWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubP39VZztd6pR2T8rFZsgNmvUpko
mP68DIRwyO0X6+/ly4iCzFiFKX/2X3Un+md+FfzPsUU/P2iOoAu/slKgU7az21wF
10dnBzu7wJ/5JA34q3AI3XglachK4oCZQ8GdNu3AXJQNmG/6xLkyRBGwXV+hbjzI
g263mu1wrWXanIMdX5MElmD+L7nA0btkENhYsd77W1evndVZhYVQg6tMAzr//IR8
A7GE8YD+XlrRXKQwKgs1mLFmMXO803ZVVuevEbG9LFQ9gDEkpBtXeuwFD7qYnuGO
nueUzEcQJ8xaHfAllyt4yX/0IZCkpDqZI5h5Bn1BbVRfmsGR2uChGLteAQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFD3SadWk5kiRPqyzWN9vqM0obIH7MB8GA1UdIwQY
MBaAFENeQZYNWQ6ZgE6Qua8DZVhMcSxyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTE1QmxnMVpEcG1BVHBDNXJ3TmxXRXh4TEhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83ZTJmMjgtNWNhZS00ZTZmLWE1ZjAt
MDFiYjVmZDUzNGY1LzEvUGRKcDFhVG1TSkUtckxOWTMyLW96U2hzZ2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83ZTJmMjgtNWNhZS00ZTZmLWE1ZjAtMDFiYjVmZDUzNGY1
LzEvUTE1QmxnMVpEcG1BVHBDNXJ3TmxXRXh4TEhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5xJUD
BAC5xJYwDQYJKoZIhvcNAQELBQADggEBACODQEa/+k8hUxsYf2Hw905BjLfc+WID
s27wFoYy2/1Z42Way8jbtf3E3aQ7LT6yV2mNYOYCD+iI5Fqsj9YVue2ECmvT3+sh
X2d/RyGw0Te+GbtlHL+ohfw0/qL8hVyjp+FjqX845+U4+NqG8ZxZcE+c67c5xDIC
wyoXC2JPRySg0flR0J00oaQ/SFGEamh4v1Hy1e6PCq53qQmau9QI2xefqFLHqPGy
9rnuzzFBB3np1EKEvnFP4QHsdOby6CTePuPnl7u/onuv+w3OnpgXF3O4+uvHrWHQ
DLxZoVcEnFFs4WryhuVRB+Urh3ZXaJAfBtB5i8rFF4s0mjZDH3ZBd9c=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:07 2025 by rpki-client