Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/c6d092-cc60-4a51-b010-0a6e6dfbd2e3/1/3jb1prjx1ESxTtDvDb9RaMkM7fw.roa
File: 3jb1prjx1ESxTtDvDb9RaMkM7fw.roa (raw, json)
Hash identifier: 8aH/ryXPsHf73O/jaQZT3yt02D+cmxSPvql4Htp7jDk=
Subject key identifier: DE:36:F5:A6:B8:F1:D4:44:B1:4E:D0:EF:0D:BF:51:68:C9:0C:ED:FC
Certificate issuer: /CN=454bf58119cfe99f1749bcd9bd124702ba9cb713
Certificate serial: 018E56F426697A87193EEACBE187525BB7CC
Authority key identifier: 45:4B:F5:81:19:CF:E9:9F:17:49:BC:D9:BD:12:47:02:BA:9C:B7:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RUv1gRnP6Z8XSbzZvRJHArqctxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/c6d092-cc60-4a51-b010-0a6e6dfbd2e3/1/3jb1prjx1ESxTtDvDb9RaMkM7fw.roa
Signing time: Tue 19 Mar 2024 13:43:44 +0000
ROA not before: Tue 19 Mar 2024 13:43:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201863
IP address blocks: 185.225.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 08:45:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:f4:26:69:7a:87:19:3e:ea:cb:e1:87:52:5b:b7:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=454bf58119cfe99f1749bcd9bd124702ba9cb713
Validity
Not Before: Mar 19 13:43:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de36f5a6b8f1d444b14ed0ef0dbf5168c90cedfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e8:84:33:41:7d:d8:59:dc:81:3e:97:74:1b:
fa:c9:71:75:65:da:3c:fa:f5:54:7b:ad:8f:40:88:
f8:76:09:3a:1f:e3:fb:9f:b8:71:bd:a1:b9:de:93:
dc:b8:29:11:a5:3b:52:41:73:89:5e:5d:15:73:31:
55:d3:a6:bb:c0:6e:85:1c:04:7a:e7:78:3a:43:41:
41:92:81:43:6d:19:f1:2b:ec:7b:d2:2b:ec:c9:39:
07:93:48:e6:51:c1:67:99:ac:95:c5:98:75:8c:e9:
b9:74:a1:b3:0a:ad:f0:53:91:f9:4f:1f:26:2c:0b:
86:de:39:60:8d:87:6e:dd:46:64:9b:bf:a6:b3:08:
64:fb:d9:35:d6:4b:a9:0a:1d:c5:c4:8c:45:57:31:
65:c8:08:d9:18:14:37:98:96:2d:80:8f:97:49:32:
15:2e:3c:08:e7:61:6c:c2:c3:04:90:47:2b:12:74:
87:61:13:d8:38:ec:93:a7:ee:ef:d5:b8:35:2a:82:
83:1c:74:6b:dd:1c:68:f6:26:55:0d:02:65:ec:37:
6a:af:77:e0:7a:c0:eb:f5:3d:47:40:45:46:00:21:
03:19:4a:6f:ca:04:49:2b:e1:68:3b:97:5f:57:61:
6a:9a:dc:72:1d:55:6d:67:d5:e6:d8:a9:4e:2b:c2:
16:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:36:F5:A6:B8:F1:D4:44:B1:4E:D0:EF:0D:BF:51:68:C9:0C:ED:FC
X509v3 Authority Key Identifier:
keyid:45:4B:F5:81:19:CF:E9:9F:17:49:BC:D9:BD:12:47:02:BA:9C:B7:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUv1gRnP6Z8XSbzZvRJHArqctxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c6d092-cc60-4a51-b010-0a6e6dfbd2e3/1/3jb1prjx1ESxTtDvDb9RaMkM7fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c6d092-cc60-4a51-b010-0a6e6dfbd2e3/1/RUv1gRnP6Z8XSbzZvRJHArqctxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.167.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ae:f7:15:62:49:fc:65:5f:82:de:d8:30:ce:98:e0:f8:c9:
b4:f9:81:e4:79:17:f3:8d:c2:00:c2:fc:12:e1:0c:fa:d3:9b:
29:4c:81:e9:0d:52:c1:6c:c3:fe:bf:83:56:0d:a7:35:44:d5:
85:4a:3f:dd:47:8b:b1:b3:17:aa:27:23:6f:83:27:f1:79:a5:
86:7d:19:07:60:e2:1d:c9:d9:a2:03:74:df:9b:fc:ba:fc:2e:
f6:26:de:a0:d2:99:7f:6e:ea:b5:4f:30:57:aa:af:82:b1:53:
de:84:7b:b2:be:df:49:05:ae:b6:78:f8:44:a5:79:61:54:e3:
ce:95:9b:2d:fd:c3:07:1d:83:3e:d7:ac:4a:62:1d:37:53:fc:
7e:5e:3b:fd:9b:05:76:ab:4d:66:44:70:d2:d2:ca:d0:66:24:
6c:0e:2f:fd:9b:a6:6c:ed:8c:cb:30:62:96:c8:6c:8a:7f:9f:
cb:8e:fa:7e:b2:5e:44:d7:0f:6f:9f:c5:09:49:a2:53:b8:61:
9c:8a:e8:92:43:59:b1:bc:8e:01:a2:b5:85:f2:f8:bd:42:27:
98:7c:ef:46:f3:04:78:a2:e3:ff:61:91:8c:74:7d:17:1b:95:
05:21:23:63:d8:ca:df:7e:aa:4f:c9:b7:2a:71:a6:98:e0:6a:
d0:c1:db:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5W9CZpeocZPurL4YdSW7fMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NGJmNTgxMTljZmU5OWYxNzQ5YmNkOWJkMTI0NzAyYmE5
Y2I3MTMwHhcNMjQwMzE5MTM0MzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTM2ZjVhNmI4ZjFkNDQ0YjE0ZWQwZWYwZGJmNTE2OGM5MGNlZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuiEM0F92FncgT6XdBv6yXF1Zdo8
+vVUe62PQIj4dgk6H+P7n7hxvaG53pPcuCkRpTtSQXOJXl0VczFV06a7wG6FHAR6
53g6Q0FBkoFDbRnxK+x70ivsyTkHk0jmUcFnmayVxZh1jOm5dKGzCq3wU5H5Tx8m
LAuG3jlgjYdu3UZkm7+mswhk+9k11kupCh3FxIxFVzFlyAjZGBQ3mJYtgI+XSTIV
LjwI52FswsMEkEcrEnSHYRPYOOyTp+7v1bg1KoKDHHRr3Rxo9iZVDQJl7Ddqr3fg
esDr9T1HQEVGACEDGUpvygRJK+FoO5dfV2FqmtxyHVVtZ9Xm2KlOK8IWuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN429aa48dREsU7Q7w2/UWjJDO38MB8GA1UdIwQY
MBaAFEVL9YEZz+mfF0m82b0SRwK6nLcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlV2MWdSblA2WjhYU2J6WnZSSkhBcnFjdHhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jNmQwOTItY2M2MC00YTUxLWIwMTAt
MGE2ZTZkZmJkMmUzLzEvM2piMXByangxRVN4VHREdkRiOVJhTWtNN2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9jNmQwOTItY2M2MC00YTUxLWIwMTAtMGE2ZTZkZmJkMmUz
LzEvUlV2MWdSblA2WjhYU2J6WnZSSkhBcnFjdHhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueGnMA0G
CSqGSIb3DQEBCwUAA4IBAQAqrvcVYkn8ZV+C3tgwzpjg+Mm0+YHkeRfzjcIAwvwS
4Qz605spTIHpDVLBbMP+v4NWDac1RNWFSj/dR4uxsxeqJyNvgyfxeaWGfRkHYOId
ydmiA3Tfm/y6/C72Jt6g0pl/buq1TzBXqq+CsVPehHuyvt9JBa62ePhEpXlhVOPO
lZst/cMHHYM+16xKYh03U/x+Xjv9mwV2q01mRHDS0srQZiRsDi/9m6Zs7YzLMGKW
yGyKf5/Ljvp+sl5E1w9vn8UJSaJTuGGciuiSQ1mxvI4BorWF8vi9QieYfO9G8wR4
ouP/YZGMdH0XG5UFISNj2MrffqpPybcqcaaY4GrQwdvY
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:56 2025 by rpki-client