Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/c27307-1fdd-421b-bbfd-e2831cd7fcc8/1/0me8_LpMkZOycKcXCcIQ_HCDaWo.roa
File: 0me8_LpMkZOycKcXCcIQ_HCDaWo.roa (raw, json)
Hash identifier: gGouDUsK8qN5z3zRX2i6tyY8o/2dTPLFvDWqVosuEeg=
Subject key identifier: D2:67:BC:FC:BA:4C:91:93:B2:70:A7:17:09:C2:10:FC:70:83:69:6A
Certificate issuer: /CN=4157fd83e08e0f31e79514677c098811ef6906d7
Certificate serial: 0190EE0B1F6F7772EB335F889F19BC66C8F1
Authority key identifier: 41:57:FD:83:E0:8E:0F:31:E7:95:14:67:7C:09:88:11:EF:69:06:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QVf9g-CODzHnlRRnfAmIEe9pBtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/c27307-1fdd-421b-bbfd-e2831cd7fcc8/1/0me8_LpMkZOycKcXCcIQ_HCDaWo.roa
Signing time: Fri 26 Jul 2024 07:57:04 +0000
ROA not before: Fri 26 Jul 2024 07:57:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200573
IP address blocks: 185.239.40.0/24 maxlen: 32
185.239.41.0/24 maxlen: 32
185.239.42.0/24 maxlen: 32
185.239.43.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ee:0b:1f:6f:77:72:eb:33:5f:88:9f:19:bc:66:c8:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4157fd83e08e0f31e79514677c098811ef6906d7
Validity
Not Before: Jul 26 07:57:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d267bcfcba4c9193b270a71709c210fc7083696a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:87:fd:34:f8:05:14:1a:b0:40:ab:b7:d7:c4:
c7:21:31:57:a0:7b:63:c7:9d:bd:7b:8c:df:fd:de:
ea:10:7a:8b:f3:53:c9:57:51:ca:14:80:2f:7f:e9:
54:11:3e:c7:1e:5e:cd:23:87:d5:f9:3c:66:9f:83:
94:43:81:8a:20:b7:db:58:4f:83:ed:de:13:48:3c:
02:0b:31:00:2a:c3:08:c6:f6:2c:c2:f1:c3:5a:e3:
9b:49:27:db:a5:8e:a6:96:0b:b1:59:ff:e9:d3:3b:
7a:50:34:d6:8f:3b:6d:c4:56:e3:14:a5:e2:bb:a7:
f8:83:c6:e8:a4:b2:78:a2:d7:01:7d:bb:8f:8a:87:
bc:bb:55:28:6e:ef:df:6f:b9:37:41:a8:fe:1a:bc:
7d:05:7c:12:c9:91:eb:cb:a6:e5:9c:82:ce:78:f6:
a4:d1:a6:9a:dd:5a:8d:6b:93:87:f8:37:30:c1:0c:
1f:41:f5:b1:a7:da:32:18:e5:7c:89:76:cb:3d:ae:
c6:33:ce:2b:7b:29:02:bb:e5:37:ed:c2:53:8e:f4:
42:5a:dd:b9:39:cc:18:a0:70:38:44:a7:fa:48:89:
6f:e1:a4:4a:a0:a1:5e:53:26:53:12:c6:11:07:64:
2c:d7:5a:bb:e8:3e:7c:54:e1:5b:15:22:3f:9c:bd:
91:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:67:BC:FC:BA:4C:91:93:B2:70:A7:17:09:C2:10:FC:70:83:69:6A
X509v3 Authority Key Identifier:
keyid:41:57:FD:83:E0:8E:0F:31:E7:95:14:67:7C:09:88:11:EF:69:06:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QVf9g-CODzHnlRRnfAmIEe9pBtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c27307-1fdd-421b-bbfd-e2831cd7fcc8/1/0me8_LpMkZOycKcXCcIQ_HCDaWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c27307-1fdd-421b-bbfd-e2831cd7fcc8/1/QVf9g-CODzHnlRRnfAmIEe9pBtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.40.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:cc:21:e3:03:e3:d0:a2:ad:d5:a5:e0:e5:cd:99:ca:d1:fc:
b1:15:ba:26:68:23:1f:58:7c:43:95:59:23:21:3e:f3:48:ae:
fb:46:ee:6d:53:48:23:72:54:ac:13:83:ef:70:4d:38:57:90:
93:f7:92:0d:d9:a6:4c:3f:f0:76:7b:0b:c8:23:07:49:42:97:
45:de:ee:3d:73:ba:25:d9:3d:af:ce:41:9f:e8:02:b9:de:f6:
5d:3f:50:ac:71:c3:1f:51:05:70:8c:05:0e:92:df:ac:2f:6a:
1b:39:b3:41:ba:9c:46:f9:0c:40:12:a9:ff:6e:95:61:b2:94:
f8:8c:38:9f:36:ce:21:50:f3:f1:a9:fb:f9:83:b0:79:bb:c3:
2f:c5:2a:ed:89:45:a5:be:a2:98:90:ab:88:ea:6f:48:09:cf:
ce:53:2e:a5:a4:59:2d:53:c2:7a:a4:df:94:96:c4:15:ca:26:
54:cd:ea:a2:b0:d0:4a:30:4f:ed:19:d7:e8:1c:97:26:3b:5f:
1f:54:cd:50:69:71:bf:de:13:16:23:12:1d:f0:09:73:0e:6f:
f7:5e:2b:75:18:6a:75:93:c6:7c:04:40:e1:a8:e1:8b:4a:b6:
83:c0:27:45:34:ce:21:ea:64:24:48:92:0c:2c:1c:5b:85:6b:
d9:a8:13:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDuCx9vd3LrM1+Inxm8ZsjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNTdmZDgzZTA4ZTBmMzFlNzk1MTQ2NzdjMDk4ODExZWY2
OTA2ZDcwHhcNMjQwNzI2MDc1NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjY3YmNmY2JhNGM5MTkzYjI3MGE3MTcwOWMyMTBmYzcwODM2OTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIf9NPgFFBqwQKu318THITFXoHtj
x529e4zf/d7qEHqL81PJV1HKFIAvf+lUET7HHl7NI4fV+Txmn4OUQ4GKILfbWE+D
7d4TSDwCCzEAKsMIxvYswvHDWuObSSfbpY6mlguxWf/p0zt6UDTWjzttxFbjFKXi
u6f4g8bopLJ4otcBfbuPioe8u1Uobu/fb7k3Qaj+Grx9BXwSyZHry6blnILOePak
0aaa3VqNa5OH+DcwwQwfQfWxp9oyGOV8iXbLPa7GM84reykCu+U37cJTjvRCWt25
OcwYoHA4RKf6SIlv4aRKoKFeUyZTEsYRB2Qs11q76D58VOFbFSI/nL2RDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJnvPy6TJGTsnCnFwnCEPxwg2lqMB8GA1UdIwQY
MBaAFEFX/YPgjg8x55UUZ3wJiBHvaQbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVZmOWctQ09EekhubFJSbmZBbUlFZTlwQnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jMjczMDctMWZkZC00MjFiLWJiZmQt
ZTI4MzFjZDdmY2M4LzEvMG1lOF9McE1rWk95Y0tjWENjSVFfSENEYVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9jMjczMDctMWZkZC00MjFiLWJiZmQtZTI4MzFjZDdmY2M4
LzEvUVZmOWctQ09EekhubFJSbmZBbUlFZTlwQnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue8oMA0G
CSqGSIb3DQEBCwUAA4IBAQA8zCHjA+PQoq3VpeDlzZnK0fyxFbomaCMfWHxDlVkj
IT7zSK77Ru5tU0gjclSsE4PvcE04V5CT95IN2aZMP/B2ewvIIwdJQpdF3u49c7ol
2T2vzkGf6AK53vZdP1CsccMfUQVwjAUOkt+sL2obObNBupxG+QxAEqn/bpVhspT4
jDifNs4hUPPxqfv5g7B5u8MvxSrtiUWlvqKYkKuI6m9ICc/OUy6lpFktU8J6pN+U
lsQVyiZUzeqisNBKME/tGdfoHJcmO18fVM1QaXG/3hMWIxId8AlzDm/3Xit1GGp1
k8Z8BEDhqOGLSraDwCdFNM4h6mQkSJIMLBxbhWvZqBMt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:46 2025 by rpki-client