Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/9EEr-sJi5IvpB35j3VZbXCEVYgg.roa
File: 9EEr-sJi5IvpB35j3VZbXCEVYgg.roa (raw, json)
Hash identifier: 1wLDacAwR0nv0PF7FedSNvXPZR88znBrtEfb/eSTAC4=
Subject key identifier: F4:41:2B:FA:C2:62:E4:8B:E9:07:7E:63:DD:56:5B:5C:21:15:62:08
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 018D27BCA784EB16C56AEA1DDE6F41A1C617
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/9EEr-sJi5IvpB35j3VZbXCEVYgg.roa
Signing time: Sat 20 Jan 2024 16:38:11 +0000
ROA not before: Sat 20 Jan 2024 16:38:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60540
IP address blocks: 185.155.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jan 2024 13:58:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:27:bc:a7:84:eb:16:c5:6a:ea:1d:de:6f:41:a1:c6:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Jan 20 16:38:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4412bfac262e48be9077e63dd565b5c21156208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:08:51:48:21:4d:12:46:a5:a5:12:e3:1c:dc:
3b:78:fd:e6:9d:43:51:37:0e:b4:62:29:c2:01:89:
4e:e5:5d:a2:af:57:11:52:44:73:d0:b3:b0:2d:be:
02:0a:a1:9e:e5:13:10:4c:b9:d6:ce:a2:9c:68:cf:
8d:6d:33:4f:02:0b:12:3c:ef:4e:ab:1e:fe:39:db:
a4:71:17:35:a3:ee:71:29:f7:fc:5b:af:28:d6:a1:
94:bf:a6:91:46:5d:65:37:bb:79:dc:c8:27:3f:e8:
d7:8d:b3:cf:8c:52:dd:d2:3a:ae:1d:46:7d:be:b1:
c2:b9:d5:10:3e:0d:00:26:8f:22:d6:4e:cf:05:6d:
f6:f5:ba:78:bf:bd:05:aa:20:b8:0b:fa:9c:73:2f:
4e:0f:00:5e:86:57:18:25:89:f9:eb:16:3e:5b:3b:
77:94:87:42:07:4e:e8:93:e8:8c:c7:5f:74:02:bc:
b3:0c:f9:71:1b:eb:1b:7f:49:c0:8d:3d:2a:74:24:
85:b8:25:2d:12:e6:5a:1c:cf:0b:d3:6b:64:7e:b5:
b4:07:7c:4f:36:0f:29:ef:ad:91:23:94:56:73:3c:
9f:87:ae:10:94:7b:db:d0:c0:12:a0:e5:a1:40:1d:
7c:65:c9:e9:3a:d0:17:9e:ab:ce:b0:d8:1b:76:ad:
98:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:41:2B:FA:C2:62:E4:8B:E9:07:7E:63:DD:56:5B:5C:21:15:62:08
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/9EEr-sJi5IvpB35j3VZbXCEVYgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.158.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:01:d7:e0:65:db:0e:ca:30:e9:0a:89:55:b3:58:5a:fb:06:
77:21:ea:7d:42:81:cf:bc:85:6c:3a:25:92:fc:c5:49:a8:ce:
73:9c:fc:3c:11:70:a4:84:01:56:5d:60:05:12:03:55:8f:fa:
2c:b5:b7:ca:56:0c:01:89:3e:79:ef:e8:ea:39:f9:fe:2c:cb:
c3:61:88:06:70:47:b2:7b:98:fa:31:ad:fa:ae:d7:32:21:3f:
32:a6:9c:b4:48:6e:54:6f:f7:52:3b:09:f9:11:13:43:e0:eb:
ab:d4:60:9c:76:6e:5c:2a:6c:5f:65:d5:89:c5:7b:bc:1d:1f:
70:33:af:84:c3:f7:fe:f9:48:90:94:de:57:71:7f:65:54:ce:
4c:cb:9d:05:fc:b9:9f:c9:76:d7:f7:33:fd:8f:0b:e6:f6:39:
cc:18:ec:ca:8d:04:75:8a:10:40:66:d7:9c:10:8d:48:28:aa:
d0:99:16:b3:af:71:72:5d:11:b1:8b:cd:46:4a:21:53:f8:4a:
9c:14:23:7a:48:cf:73:ef:04:47:97:6f:b3:6d:b9:18:fc:e1:
73:b9:03:e5:7a:ce:9d:b6:a4:11:e4:41:96:b7:14:8b:9d:6c:
05:ca:1c:e9:ba:33:94:10:fd:6a:df:65:30:3b:a2:c2:28:7f:
73:f7:b3:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0nvKeE6xbFauod3m9BocYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjQwMTIwMTYzODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDQxMmJmYWMyNjJlNDhiZTkwNzdlNjNkZDU2NWI1YzIxMTU2MjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAhRSCFNEkalpRLjHNw7eP3mnUNR
Nw60YinCAYlO5V2ir1cRUkRz0LOwLb4CCqGe5RMQTLnWzqKcaM+NbTNPAgsSPO9O
qx7+OdukcRc1o+5xKff8W68o1qGUv6aRRl1lN7t53MgnP+jXjbPPjFLd0jquHUZ9
vrHCudUQPg0AJo8i1k7PBW329bp4v70FqiC4C/qccy9ODwBehlcYJYn56xY+Wzt3
lIdCB07ok+iMx190AryzDPlxG+sbf0nAjT0qdCSFuCUtEuZaHM8L02tkfrW0B3xP
Ng8p762RI5RWczyfh64QlHvb0MASoOWhQB18ZcnpOtAXnqvOsNgbdq2Y/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPRBK/rCYuSL6Qd+Y91WW1whFWIIMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvOUVFci1zSmk1SXZwQjM1ajNWWmJYQ0VWWWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZueMA0G
CSqGSIb3DQEBCwUAA4IBAQA+AdfgZdsOyjDpColVs1ha+wZ3Iep9QoHPvIVsOiWS
/MVJqM5znPw8EXCkhAFWXWAFEgNVj/ostbfKVgwBiT557+jqOfn+LMvDYYgGcEey
e5j6Ma36rtcyIT8yppy0SG5Ub/dSOwn5ERND4Our1GCcdm5cKmxfZdWJxXu8HR9w
M6+Ew/f++UiQlN5XcX9lVM5My50F/LmfyXbX9zP9jwvm9jnMGOzKjQR1ihBAZtec
EI1IKKrQmRazr3FyXRGxi81GSiFT+EqcFCN6SM9z7wRHl2+zbbkY/OFzuQPles6d
tqQR5EGWtxSLnWwFyhzpujOUEP1q32UwO6LCKH9z97Mm
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:04 2025 by rpki-client