Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/ab2389-8d36-43fe-af42-9a3841967181/1/UsFu_huS1Sr0j5HEjrdt_dMK-3E.roa
File: UsFu_huS1Sr0j5HEjrdt_dMK-3E.roa (raw, json)
Hash identifier: tIQlDrKnOxIRKHV+O0gMb0sC3/ng+tCf9R3CWM459vY=
Subject key identifier: 52:C1:6E:FE:1B:92:D5:2A:F4:8F:91:C4:8E:B7:6D:FD:D3:0A:FB:71
Certificate issuer: /CN=473163527e83542dce693b16d0aedcd126d3319a
Certificate serial: 018CC56ED433403AA0494C54726B56C79F97
Authority key identifier: 47:31:63:52:7E:83:54:2D:CE:69:3B:16:D0:AE:DC:D1:26:D3:31:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RzFjUn6DVC3OaTsW0K7c0SbTMZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/ab2389-8d36-43fe-af42-9a3841967181/1/UsFu_huS1Sr0j5HEjrdt_dMK-3E.roa
Signing time: Mon 01 Jan 2024 14:30:24 +0000
ROA not before: Mon 01 Jan 2024 14:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201152
IP address blocks: 185.55.248.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 04 Sep 2024 09:23:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d4:33:40:3a:a0:49:4c:54:72:6b:56:c7:9f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=473163527e83542dce693b16d0aedcd126d3319a
Validity
Not Before: Jan 1 14:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52c16efe1b92d52af48f91c48eb76dfdd30afb71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b1:3d:8e:88:b2:01:f7:6b:7f:65:1a:00:14:
5b:27:62:c2:38:ef:1c:87:fa:3b:90:3a:16:e8:93:
cd:11:aa:4d:54:3b:0c:41:26:20:f4:bd:d0:ad:47:
fb:e8:ac:49:ca:17:74:70:46:91:e9:ef:1d:a9:26:
b2:42:63:8d:84:a0:bf:05:7a:fb:29:20:ba:a7:78:
4a:94:6f:4d:b7:90:2a:90:92:d5:80:f8:e7:c8:5b:
01:3d:94:a2:4c:54:fc:9c:78:ab:60:b0:cc:22:15:
11:61:68:cf:67:ad:8c:d2:98:18:da:12:3b:4f:31:
32:2c:6f:b7:96:5a:2e:65:d1:76:cc:bb:27:e8:6c:
22:7e:1c:69:dc:83:2c:08:13:0e:a6:b8:3b:d6:1e:
b5:d4:bc:14:1d:1a:de:92:de:40:d8:36:12:55:5e:
af:d6:bb:5b:7d:de:04:66:f2:61:ad:48:b0:1f:5a:
88:4d:73:a9:ad:97:c2:18:fc:24:1b:71:bf:1b:8a:
10:4c:c6:5b:da:4b:39:b0:65:77:ab:54:ba:a1:e3:
ec:99:dd:90:c2:f2:b0:42:2c:29:61:42:2e:18:ec:
dc:1a:41:b3:b8:87:9d:00:e9:6b:9e:50:97:ff:be:
5e:6f:cb:80:29:98:ab:4e:0f:37:dd:6c:b5:be:6b:
c4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C1:6E:FE:1B:92:D5:2A:F4:8F:91:C4:8E:B7:6D:FD:D3:0A:FB:71
X509v3 Authority Key Identifier:
keyid:47:31:63:52:7E:83:54:2D:CE:69:3B:16:D0:AE:DC:D1:26:D3:31:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzFjUn6DVC3OaTsW0K7c0SbTMZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/ab2389-8d36-43fe-af42-9a3841967181/1/UsFu_huS1Sr0j5HEjrdt_dMK-3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/ab2389-8d36-43fe-af42-9a3841967181/1/RzFjUn6DVC3OaTsW0K7c0SbTMZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.248.0/22
Signature Algorithm: sha256WithRSAEncryption
45:3f:aa:c6:e4:f2:03:5e:7b:bc:80:96:88:87:1e:b8:a1:59:
c2:5b:9c:7d:fb:61:f5:b7:7d:32:ea:e4:2c:f5:37:c2:cb:77:
61:a9:3d:cc:b8:8a:3c:11:8f:82:f4:2e:6d:11:02:1c:7c:b4:
df:5e:da:03:2a:26:5a:1b:7c:ee:b0:30:10:26:87:bc:c1:58:
17:11:62:97:80:de:b1:25:cd:32:bc:2a:44:ea:15:3c:1b:ee:
8b:ab:21:80:d1:94:66:c1:68:3f:eb:01:e2:37:85:53:20:e3:
68:41:7d:8a:23:28:54:6d:21:52:97:60:ca:dd:6c:24:71:72:
f5:24:49:f6:bb:e7:25:34:e2:fa:e2:18:7d:33:da:2b:6e:a6:
ed:4d:28:ac:ed:65:80:49:3a:c2:49:5c:14:9c:9f:0c:6d:42:
a9:7b:21:57:c9:35:30:2d:5a:5e:bb:a1:31:1d:33:05:2d:7c:
66:5d:cd:eb:c5:48:3f:40:e3:63:3a:66:02:63:85:0b:44:25:
a2:c7:e8:c3:4d:3e:e6:8d:d2:35:94:0f:eb:66:90:1d:30:a1:
a7:ad:ba:63:f9:34:26:9c:70:f3:78:3d:21:d3:28:87:ff:dc:
c2:67:c3:67:6f:f2:f2:66:53:fa:e8:a5:b5:b5:3d:dc:eb:38:
92:a6:cf:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbtQzQDqgSUxUcmtWx5+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MzE2MzUyN2U4MzU0MmRjZTY5M2IxNmQwYWVkY2QxMjZk
MzMxOWEwHhcNMjQwMTAxMTQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmMxNmVmZTFiOTJkNTJhZjQ4ZjkxYzQ4ZWI3NmRmZGQzMGFmYjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLE9joiyAfdrf2UaABRbJ2LCOO8c
h/o7kDoW6JPNEapNVDsMQSYg9L3QrUf76KxJyhd0cEaR6e8dqSayQmONhKC/BXr7
KSC6p3hKlG9Nt5AqkJLVgPjnyFsBPZSiTFT8nHirYLDMIhURYWjPZ62M0pgY2hI7
TzEyLG+3llouZdF2zLsn6Gwifhxp3IMsCBMOprg71h611LwUHRrekt5A2DYSVV6v
1rtbfd4EZvJhrUiwH1qITXOprZfCGPwkG3G/G4oQTMZb2ks5sGV3q1S6oePsmd2Q
wvKwQiwpYUIuGOzcGkGzuIedAOlrnlCX/75eb8uAKZirTg833Wy1vmvEmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFLBbv4bktUq9I+RxI63bf3TCvtxMB8GA1UdIwQY
MBaAFEcxY1J+g1Qtzmk7FtCu3NEm0zGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpGalVuNkRWQzNPYVRzVzBLN2MwU2JUTVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9hYjIzODktOGQzNi00M2ZlLWFmNDIt
OWEzODQxOTY3MTgxLzEvVXNGdV9odVMxU3IwajVIRWpyZHRfZE1LLTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9hYjIzODktOGQzNi00M2ZlLWFmNDItOWEzODQxOTY3MTgx
LzEvUnpGalVuNkRWQzNPYVRzVzBLN2MwU2JUTVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTf4MA0G
CSqGSIb3DQEBCwUAA4IBAQBFP6rG5PIDXnu8gJaIhx64oVnCW5x9+2H1t30y6uQs
9TfCy3dhqT3MuIo8EY+C9C5tEQIcfLTfXtoDKiZaG3zusDAQJoe8wVgXEWKXgN6x
Jc0yvCpE6hU8G+6LqyGA0ZRmwWg/6wHiN4VTIONoQX2KIyhUbSFSl2DK3WwkcXL1
JEn2u+clNOL64hh9M9orbqbtTSis7WWASTrCSVwUnJ8MbUKpeyFXyTUwLVpeu6Ex
HTMFLXxmXc3rxUg/QONjOmYCY4ULRCWix+jDTT7mjdI1lA/rZpAdMKGnrbpj+TQm
nHDzeD0h0yiH/9zCZ8Nnb/LyZlP66KW1tT3c6ziSps/s
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:23:08 2025 by rpki-client