Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/d62d22-82f2-4b20-bac4-601a725a00f5/1/q682HpU3ITXPBEvapX_xW2EziiE.roa
File: q682HpU3ITXPBEvapX_xW2EziiE.roa (raw, json)
Hash identifier: ATOVoLs+n/xATnraKQ6wB+aOgTH/a+qUJ2OWIvMARt4=
Subject key identifier: AB:AF:36:1E:95:37:21:35:CF:04:4B:DA:A5:7F:F1:5B:61:33:8A:21
Certificate issuer: /CN=e91f272b13c750143c7ec87e0c802aead8ac6e07
Certificate serial: 018CC94E30EC034C51E22CBEB4F5C23524DE
Authority key identifier: E9:1F:27:2B:13:C7:50:14:3C:7E:C8:7E:0C:80:2A:EA:D8:AC:6E:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6R8nKxPHUBQ8fsh-DIAq6tisbgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/d62d22-82f2-4b20-bac4-601a725a00f5/1/q682HpU3ITXPBEvapX_xW2EziiE.roa
Signing time: Tue 02 Jan 2024 08:33:13 +0000
ROA not before: Tue 02 Jan 2024 08:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206945
IP address blocks: 185.203.164.0/22 maxlen: 24
185.171.8.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:30:ec:03:4c:51:e2:2c:be:b4:f5:c2:35:24:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e91f272b13c750143c7ec87e0c802aead8ac6e07
Validity
Not Before: Jan 2 08:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abaf361e95372135cf044bdaa57ff15b61338a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3d:2d:ac:12:0d:b0:da:e8:62:93:ad:84:9f:
de:61:84:70:92:2c:ea:72:8d:bf:4c:cd:f0:7f:6b:
ae:12:bd:57:26:ae:6b:c1:d5:33:b9:4e:7f:09:79:
d8:62:6c:d8:d8:90:34:5b:3f:1e:e4:41:1e:26:b4:
a9:10:23:bc:dd:8a:06:42:48:16:ee:67:c4:ac:7a:
78:f1:50:e2:a7:d6:63:09:d3:49:7e:ed:ec:59:03:
db:73:de:2c:84:c9:ac:fb:03:44:b5:a9:1e:69:cf:
1f:c9:dc:21:05:55:f8:66:11:a5:1a:bc:d1:63:1e:
07:0d:a8:a1:fe:4b:c3:8d:ec:c3:6d:42:b9:1f:a6:
42:4d:92:7c:ac:da:47:39:a9:dc:3c:90:3e:af:f3:
5c:7e:2c:c0:58:0d:4d:a1:8e:30:cd:cd:bc:6e:4c:
df:62:a1:71:f8:b5:a5:d1:b3:47:ba:89:73:26:6f:
c9:77:5d:6b:48:d8:d0:d6:ce:06:9d:79:ae:b6:df:
25:aa:d8:6b:78:c8:cd:aa:d3:27:ae:b6:2d:e8:2d:
d9:54:3f:c0:13:89:90:49:a8:ec:e7:40:53:9d:63:
9e:a4:70:2e:46:ef:c6:32:e2:1c:0a:04:0f:b2:3e:
a1:1f:a1:66:f4:6f:8b:53:5c:f6:73:0a:d0:40:51:
aa:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AF:36:1E:95:37:21:35:CF:04:4B:DA:A5:7F:F1:5B:61:33:8A:21
X509v3 Authority Key Identifier:
keyid:E9:1F:27:2B:13:C7:50:14:3C:7E:C8:7E:0C:80:2A:EA:D8:AC:6E:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6R8nKxPHUBQ8fsh-DIAq6tisbgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d62d22-82f2-4b20-bac4-601a725a00f5/1/q682HpU3ITXPBEvapX_xW2EziiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d62d22-82f2-4b20-bac4-601a725a00f5/1/6R8nKxPHUBQ8fsh-DIAq6tisbgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.8.0/22
185.203.164.0/22
Signature Algorithm: sha256WithRSAEncryption
29:e5:82:f5:6f:73:8f:7d:83:68:6f:46:b7:c0:6f:31:e8:2b:
12:3d:3b:f0:61:e9:6f:0c:db:de:c9:6e:3b:58:44:15:57:e0:
60:17:9f:83:f1:cc:6f:ed:d5:2d:2a:a2:2c:4c:ce:c0:95:89:
b5:9c:fd:e6:77:81:f7:fb:42:d5:ac:69:71:97:06:db:39:d3:
f6:34:e4:ea:ef:da:c0:61:53:6b:6e:2b:68:2c:71:fe:2e:3b:
f1:73:99:b2:ad:18:77:90:52:29:ff:0c:b1:99:69:7c:4c:c1:
0a:1c:2d:e3:e6:98:2e:34:58:a5:0e:e6:a6:0c:0c:f1:0e:5c:
40:96:a4:9c:ef:1c:57:87:92:6c:0c:72:5e:f4:bf:1d:98:0b:
b9:12:5f:61:f8:42:81:ed:4b:6d:f5:aa:1e:ac:da:91:4a:45:
64:84:81:d3:2b:40:ce:00:f7:56:57:7d:75:63:b4:7f:78:78:
a2:d8:a1:91:c5:39:7b:09:cd:b6:84:5f:07:2e:5b:41:fe:7f:
02:80:3d:52:29:31:be:c3:cf:9e:6d:47:e4:29:6f:24:a9:5a:
bf:b5:df:24:2b:4d:2f:a4:28:1f:e2:14:ce:bb:2e:da:78:74:
bc:d6:be:75:5f:0d:a7:2a:49:29:07:e7:65:90:66:3c:4a:40:
59:23:11:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTjDsA0xR4iy+tPXCNSTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MWYyNzJiMTNjNzUwMTQzYzdlYzg3ZTBjODAyYWVhZDhh
YzZlMDcwHhcNMjQwMTAyMDgzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmFmMzYxZTk1MzcyMTM1Y2YwNDRiZGFhNTdmZjE1YjYxMzM4YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj0trBINsNroYpOthJ/eYYRwkizq
co2/TM3wf2uuEr1XJq5rwdUzuU5/CXnYYmzY2JA0Wz8e5EEeJrSpECO83YoGQkgW
7mfErHp48VDip9ZjCdNJfu3sWQPbc94shMms+wNEtakeac8fydwhBVX4ZhGlGrzR
Yx4HDaih/kvDjezDbUK5H6ZCTZJ8rNpHOancPJA+r/NcfizAWA1NoY4wzc28bkzf
YqFx+LWl0bNHuolzJm/Jd11rSNjQ1s4GnXmutt8lqthreMjNqtMnrrYt6C3ZVD/A
E4mQSajs50BTnWOepHAuRu/GMuIcCgQPsj6hH6Fm9G+LU1z2cwrQQFGq+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKuvNh6VNyE1zwRL2qV/8VthM4ohMB8GA1UdIwQY
MBaAFOkfJysTx1AUPH7IfgyAKurYrG4HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlI4bkt4UEhVQlE4ZnNoLURJQXE2dGlzYmdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9kNjJkMjItODJmMi00YjIwLWJhYzQt
NjAxYTcyNWEwMGY1LzEvcTY4MkhwVTNJVFhQQkV2YXBYX3hXMkV6aWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9kNjJkMjItODJmMi00YjIwLWJhYzQtNjAxYTcyNWEwMGY1
LzEvNlI4bkt4UEhVQlE4ZnNoLURJQXE2dGlzYmdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuasIAwQC
ucukMA0GCSqGSIb3DQEBCwUAA4IBAQAp5YL1b3OPfYNob0a3wG8x6CsSPTvwYelv
DNveyW47WEQVV+BgF5+D8cxv7dUtKqIsTM7AlYm1nP3md4H3+0LVrGlxlwbbOdP2
NOTq79rAYVNrbitoLHH+Ljvxc5myrRh3kFIp/wyxmWl8TMEKHC3j5pguNFilDuam
DAzxDlxAlqSc7xxXh5JsDHJe9L8dmAu5El9h+EKB7Utt9aoerNqRSkVkhIHTK0DO
APdWV311Y7R/eHii2KGRxTl7Cc22hF8HLltB/n8CgD1SKTG+w8+ebUfkKW8kqVq/
td8kK00vpCgf4hTOuy7aeHS81r51Xw2nKkkpB+dlkGY8SkBZIxFN
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:47:13 2025 by rpki-client