Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/7d5607-0a8a-4447-8651-c6349db9499b/1/hEo9zbmVQrkrCNyARQdMAH5m9iE.roa
File: hEo9zbmVQrkrCNyARQdMAH5m9iE.roa (raw, json)
Hash identifier: vJ3YKyFMz2BZuQLNVyICL3CJ5n7CJCDSsWSMCQ6XYwo=
Subject key identifier: 84:4A:3D:CD:B9:95:42:B9:2B:08:DC:80:45:07:4C:00:7E:66:F6:21
Certificate issuer: /CN=db8d08edc4393a8671296f8eacbbecf94d76562a
Certificate serial: 018CC7951C05ABE196652324163DA50E4024
Authority key identifier: DB:8D:08:ED:C4:39:3A:86:71:29:6F:8E:AC:BB:EC:F9:4D:76:56:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/240I7cQ5OoZxKW-OrLvs-U12Vio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/7d5607-0a8a-4447-8651-c6349db9499b/1/hEo9zbmVQrkrCNyARQdMAH5m9iE.roa
Signing time: Tue 02 Jan 2024 00:31:27 +0000
ROA not before: Tue 02 Jan 2024 00:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212338
IP address blocks: 185.213.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:1c:05:ab:e1:96:65:23:24:16:3d:a5:0e:40:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db8d08edc4393a8671296f8eacbbecf94d76562a
Validity
Not Before: Jan 2 00:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=844a3dcdb99542b92b08dc8045074c007e66f621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:69:f6:78:9e:bc:4b:6d:5b:9c:58:f0:80:b8:
2d:c4:eb:d3:84:6f:c6:37:d1:f7:3d:e0:22:56:00:
31:ea:f8:26:b3:a6:10:68:7d:52:19:16:a8:b2:26:
7a:58:9c:ad:93:eb:cd:4e:e5:8e:9d:c3:f4:10:b6:
8e:e1:36:7c:ec:60:d5:e1:27:02:cc:b1:d9:ee:bb:
d3:f9:72:eb:08:35:1c:5b:56:fd:fa:cc:a5:ac:29:
92:3c:ff:ea:3f:01:25:e9:5b:62:90:a7:f4:1d:49:
f8:6f:14:6b:ff:5a:97:38:d3:44:a2:7c:e8:01:57:
f3:8f:4a:42:99:e8:3b:ac:7a:39:1f:2b:52:5e:60:
7c:54:58:95:8c:b4:cc:89:a3:31:59:09:23:72:da:
d5:ad:2a:48:e9:0e:0e:6d:b7:3c:a2:8c:6a:03:93:
48:2c:e7:ad:5a:fe:a1:f1:24:eb:3a:85:8f:85:43:
63:eb:90:fc:62:d6:02:93:68:a5:f7:61:dc:1d:e9:
5e:1e:97:1a:d6:95:65:89:ec:ac:7b:26:12:8f:fe:
f5:e3:39:ae:99:1e:e7:93:44:68:f9:84:e0:34:84:
7a:70:93:04:0b:59:44:d2:0d:72:43:95:9b:a9:63:
f9:16:07:3b:1d:35:66:8b:51:ca:aa:f9:ac:9d:e2:
1b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:4A:3D:CD:B9:95:42:B9:2B:08:DC:80:45:07:4C:00:7E:66:F6:21
X509v3 Authority Key Identifier:
keyid:DB:8D:08:ED:C4:39:3A:86:71:29:6F:8E:AC:BB:EC:F9:4D:76:56:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/240I7cQ5OoZxKW-OrLvs-U12Vio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7d5607-0a8a-4447-8651-c6349db9499b/1/hEo9zbmVQrkrCNyARQdMAH5m9iE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7d5607-0a8a-4447-8651-c6349db9499b/1/240I7cQ5OoZxKW-OrLvs-U12Vio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.47.0/24
Signature Algorithm: sha256WithRSAEncryption
77:5a:4c:a9:fd:13:bb:7e:8c:e2:ab:b4:74:d3:b7:2c:bb:03:
ec:99:a1:5b:9d:03:15:d5:4f:db:88:54:c2:a5:96:5d:bb:bc:
bd:59:dc:91:00:dc:17:0b:fd:52:b6:96:98:37:e4:f2:89:96:
92:b6:7a:4f:db:99:ef:24:fe:0d:44:d1:c9:16:6a:28:00:0d:
2e:d9:c3:63:10:12:81:e5:03:38:52:d7:11:bf:63:36:0f:cf:
f0:06:00:fe:fb:b6:67:77:d8:24:ec:e7:4b:ff:ca:6a:e5:48:
2e:92:9c:ad:88:df:0a:73:ad:50:dd:ca:d0:19:84:8d:07:e7:
d7:20:57:a2:f3:8c:ff:4e:65:c7:ce:14:f4:b2:bf:8d:5c:ce:
32:54:15:8f:9a:7c:80:3d:02:df:bf:9e:f8:ba:d3:67:36:31:
f9:85:73:05:a8:59:57:17:d7:d9:f8:68:b4:de:40:f1:1f:e7:
cd:bb:77:27:fc:58:25:9b:aa:be:60:59:00:d1:c1:5d:43:76:
75:cd:87:19:27:23:4e:ad:ad:cd:88:ca:ab:bc:6b:11:07:4c:
bd:8c:7a:6d:9b:2d:94:1c:31:42:28:eb:a2:21:a0:d6:b3:13:
91:a0:d3:be:19:80:97:15:09:4a:1a:6d:20:0f:03:6d:9c:f9:
13:30:28:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlRwFq+GWZSMkFj2lDkAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGQwOGVkYzQzOTNhODY3MTI5NmY4ZWFjYmJlY2Y5NGQ3
NjU2MmEwHhcNMjQwMTAyMDAzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDRhM2RjZGI5OTU0MmI5MmIwOGRjODA0NTA3NGMwMDdlNjZmNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWn2eJ68S21bnFjwgLgtxOvThG/G
N9H3PeAiVgAx6vgms6YQaH1SGRaosiZ6WJytk+vNTuWOncP0ELaO4TZ87GDV4ScC
zLHZ7rvT+XLrCDUcW1b9+sylrCmSPP/qPwEl6VtikKf0HUn4bxRr/1qXONNEonzo
AVfzj0pCmeg7rHo5HytSXmB8VFiVjLTMiaMxWQkjctrVrSpI6Q4Obbc8ooxqA5NI
LOetWv6h8STrOoWPhUNj65D8YtYCk2il92HcHeleHpca1pVlieyseyYSj/714zmu
mR7nk0Ro+YTgNIR6cJMEC1lE0g1yQ5WbqWP5Fgc7HTVmi1HKqvmsneIbZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRKPc25lUK5KwjcgEUHTAB+ZvYhMB8GA1UdIwQY
MBaAFNuNCO3EOTqGcSlvjqy77PlNdlYqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQwSTdjUTVPb1p4S1ctT3JMdnMtVTEyVmlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy83ZDU2MDctMGE4YS00NDQ3LTg2NTEt
YzYzNDlkYjk0OTliLzEvaEVvOXpibVZRcmtyQ055QVJRZE1BSDVtOWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy83ZDU2MDctMGE4YS00NDQ3LTg2NTEtYzYzNDlkYjk0OTli
LzEvMjQwSTdjUTVPb1p4S1ctT3JMdnMtVTEyVmlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudUvMA0G
CSqGSIb3DQEBCwUAA4IBAQB3Wkyp/RO7foziq7R007csuwPsmaFbnQMV1U/biFTC
pZZdu7y9WdyRANwXC/1StpaYN+TyiZaStnpP25nvJP4NRNHJFmooAA0u2cNjEBKB
5QM4UtcRv2M2D8/wBgD++7Znd9gk7OdL/8pq5UgukpytiN8Kc61Q3crQGYSNB+fX
IFei84z/TmXHzhT0sr+NXM4yVBWPmnyAPQLfv574utNnNjH5hXMFqFlXF9fZ+Gi0
3kDxH+fNu3cn/Fglm6q+YFkA0cFdQ3Z1zYcZJyNOra3NiMqrvGsRB0y9jHptmy2U
HDFCKOuiIaDWsxORoNO+GYCXFQlKGm0gDwNtnPkTMCgK
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:43:23 2025 by rpki-client