Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/afJiV0pHLw8ubw1UzF_kbvO-CPg.roa
File: afJiV0pHLw8ubw1UzF_kbvO-CPg.roa (raw, json)
Hash identifier: WL2D5H4IZYLGAsUvoOyhjlrkOHGPbk8NiJVa3sCt8D8=
Subject key identifier: 69:F2:62:57:4A:47:2F:0F:2E:6F:0D:54:CC:5F:E4:6E:F3:BE:08:F8
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 018CC500E203D5A41F1C818002FFBCFA38D4
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/afJiV0pHLw8ubw1UzF_kbvO-CPg.roa
Signing time: Mon 01 Jan 2024 12:30:18 +0000
ROA not before: Mon 01 Jan 2024 12:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48760
IP address blocks: 185.84.136.0/22 maxlen: 24
195.62.12.0/23 maxlen: 24
2a07:1cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:e2:03:d5:a4:1f:1c:81:80:02:ff:bc:fa:38:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jan 1 12:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69f262574a472f0f2e6f0d54cc5fe46ef3be08f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cd:fe:ce:91:31:97:ba:79:0a:64:0a:fd:62:
81:07:9b:fb:c4:6f:8d:d9:5e:6a:c0:e7:fd:03:d7:
ac:5d:e5:44:86:6c:8a:4c:36:cb:7e:73:31:e3:98:
41:37:08:33:a2:02:ae:5f:5c:44:65:3c:b0:69:79:
a6:8c:d7:29:91:e3:f6:71:60:b8:31:4a:86:08:5f:
91:b9:f6:f8:8d:cc:0b:d1:a0:be:ba:2b:f5:24:b7:
d1:82:ae:fc:93:6b:f6:cb:9f:53:ff:a6:b1:78:56:
9e:17:b2:2a:a7:8d:a6:d4:c8:6e:79:0a:d6:fb:8d:
bc:8d:6d:24:ea:c7:70:37:b0:5a:d2:95:ac:67:d5:
0a:f4:1b:27:f7:94:73:b9:07:61:72:f4:5e:24:92:
3f:be:89:27:3f:15:2d:33:3e:d2:95:26:2e:fb:58:
6a:f6:e4:a9:11:7a:e1:0a:f0:dc:95:2a:65:e1:ae:
85:b5:6a:fe:b5:55:8a:94:3c:3a:86:fc:e0:14:9d:
01:d7:53:b1:c9:80:95:b3:af:2c:c8:38:14:54:47:
eb:04:fe:b2:15:52:73:ae:1a:3f:0a:c7:05:a5:89:
76:c9:50:63:aa:f3:6a:f5:ef:f3:3c:07:91:a0:43:
fe:c2:8b:cc:e8:ab:e2:5f:72:b5:9f:89:47:4e:7f:
fa:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F2:62:57:4A:47:2F:0F:2E:6F:0D:54:CC:5F:E4:6E:F3:BE:08:F8
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/afJiV0pHLw8ubw1UzF_kbvO-CPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.136.0/22
195.62.12.0/23
IPv6:
2a07:1cc0::/29
Signature Algorithm: sha256WithRSAEncryption
68:fa:89:b0:8c:92:5f:2e:8d:74:d0:f8:ef:72:7c:5a:36:56:
2b:e1:d8:f5:a1:21:d2:1c:25:41:a4:9b:ef:9d:88:66:1f:27:
1f:ea:18:b4:1d:43:b8:c4:6e:c5:ef:41:b5:6a:44:e1:9c:bc:
68:11:4a:e3:b7:bc:5e:43:2f:d5:eb:0c:44:3b:fb:43:26:ef:
47:e7:48:ec:13:de:92:37:69:5c:a8:96:a7:3b:fb:d3:63:c6:
08:92:38:40:30:ec:fb:56:5c:ec:e6:2a:6e:9e:4b:da:1b:f3:
93:84:11:01:fe:5a:c4:cb:8b:0f:15:81:f9:b0:a2:6d:c0:79:
ab:d2:4a:65:e4:17:97:b9:92:25:87:e8:cb:bf:32:a5:54:de:
3c:d9:f1:b2:ef:37:09:28:5f:b8:69:82:78:0f:79:72:11:39:
6b:4f:81:f4:ee:8d:ff:b9:67:97:88:12:b4:70:63:a9:a0:fb:
c8:30:87:30:a2:24:9f:37:ee:54:13:89:04:3b:cf:10:69:6d:
fa:e9:db:90:ba:1e:96:1d:81:64:36:cf:8b:be:f8:5f:91:fc:
83:98:16:62:5c:ac:e9:ac:f0:5d:9f:65:a8:ce:84:2b:b3:a5:
a4:35:37:c3:09:0f:d6:50:29:46:ee:05:d0:41:15:07:f3:c0:
b5:71:82:21
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFAOID1aQfHIGAAv+8+jjUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjQwMTAxMTIzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWYyNjI1NzRhNDcyZjBmMmU2ZjBkNTRjYzVmZTQ2ZWYzYmUwOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjM3+zpExl7p5CmQK/WKBB5v7xG+N
2V5qwOf9A9esXeVEhmyKTDbLfnMx45hBNwgzogKuX1xEZTywaXmmjNcpkeP2cWC4
MUqGCF+Rufb4jcwL0aC+uiv1JLfRgq78k2v2y59T/6axeFaeF7Iqp42m1MhueQrW
+428jW0k6sdwN7Ba0pWsZ9UK9Bsn95RzuQdhcvReJJI/voknPxUtMz7SlSYu+1hq
9uSpEXrhCvDclSpl4a6FtWr+tVWKlDw6hvzgFJ0B11OxyYCVs68syDgUVEfrBP6y
FVJzrho/CscFpYl2yVBjqvNq9e/zPAeRoEP+wovM6KviX3K1n4lHTn/6EwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGnyYldKRy8PLm8NVMxf5G7zvgj4MB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvYWZKaVYwcEhMdzh1YncxVXpGX2tidk8tQ1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVSIAwQB
wz4MMA0EAgACMAcDBQMqBxzAMA0GCSqGSIb3DQEBCwUAA4IBAQBo+omwjJJfLo10
0PjvcnxaNlYr4dj1oSHSHCVBpJvvnYhmHycf6hi0HUO4xG7F70G1akThnLxoEUrj
t7xeQy/V6wxEO/tDJu9H50jsE96SN2lcqJanO/vTY8YIkjhAMOz7Vlzs5ipunkva
G/OThBEB/lrEy4sPFYH5sKJtwHmr0kpl5BeXuZIlh+jLvzKlVN482fGy7zcJKF+4
aYJ4D3lyETlrT4H07o3/uWeXiBK0cGOpoPvIMIcwoiSfN+5UE4kEO88QaW366duQ
uh6WHYFkNs+LvvhfkfyDmBZiXKzprPBdn2WozoQrs6WkNTfDCQ/WUClG7gXQQRUH
88C1cYIh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:37 2025 by rpki-client