Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/e425de-236e-4a34-b41a-42481a62123c/1/aEJQq8mpzlFt35B-BD_QJo9THGc.roa
File: aEJQq8mpzlFt35B-BD_QJo9THGc.roa (raw, json)
Hash identifier: BMCkTjd9fapdoPIqEbGYKz2qhU1rWaB5GhnFoKSKO6w=
Subject key identifier: 68:42:50:AB:C9:A9:CE:51:6D:DF:90:7E:04:3F:D0:26:8F:53:1C:67
Certificate issuer: /CN=b8c8f23d0c48c62e18e28f560cc9159893d4e42f
Certificate serial: 018D9082EAC8437849EAA616F51A5E7DF18F
Authority key identifier: B8:C8:F2:3D:0C:48:C6:2E:18:E2:8F:56:0C:C9:15:98:93:D4:E4:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uMjyPQxIxi4Y4o9WDMkVmJPU5C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/e425de-236e-4a34-b41a-42481a62123c/1/aEJQq8mpzlFt35B-BD_QJo9THGc.roa
Signing time: Sat 10 Feb 2024 00:55:15 +0000
ROA not before: Sat 10 Feb 2024 00:55:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203148
IP address blocks: 185.130.148.0/22 maxlen: 22
185.130.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:90:82:ea:c8:43:78:49:ea:a6:16:f5:1a:5e:7d:f1:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8c8f23d0c48c62e18e28f560cc9159893d4e42f
Validity
Not Before: Feb 10 00:55:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=684250abc9a9ce516ddf907e043fd0268f531c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:57:e4:65:23:b1:49:f1:e6:20:83:32:fc:a1:
d1:2d:79:9b:71:87:b4:39:66:a6:32:63:39:be:0e:
c2:66:05:bf:33:79:7f:ed:fe:7d:1a:44:dc:c0:a2:
c7:71:94:bf:60:c0:4a:62:9e:26:b1:c9:98:4f:11:
70:23:dc:16:42:53:9a:56:c9:1e:ca:07:00:47:72:
b7:4f:9e:20:69:00:16:5a:ec:49:ae:5f:9c:b2:4e:
0e:0b:e6:7a:e5:5b:c0:02:4c:f0:77:d6:7e:64:3e:
b3:30:24:79:44:3a:d1:3d:cc:22:85:96:a5:8a:4e:
6e:00:3b:64:48:ea:b4:9e:b5:47:48:34:3b:28:1e:
1a:85:07:6c:37:f6:70:ee:1b:f3:08:a8:ea:30:bc:
bb:2b:ad:74:6f:15:bd:b7:9d:34:87:6b:b2:ea:4c:
79:65:06:b1:80:50:0d:86:da:93:e2:55:16:f7:e5:
58:cf:43:cb:64:b6:dd:fc:77:03:af:37:2d:ef:5a:
43:b5:1f:e9:e7:27:81:95:d2:53:fe:30:08:ee:fe:
e3:76:43:ab:2b:61:6d:cf:70:3b:e6:02:de:e2:70:
7a:ac:b6:cd:ab:aa:28:7c:a3:11:bd:7f:07:66:c8:
51:4a:a5:06:43:08:a7:f4:74:50:6d:de:c9:02:b2:
4b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:42:50:AB:C9:A9:CE:51:6D:DF:90:7E:04:3F:D0:26:8F:53:1C:67
X509v3 Authority Key Identifier:
keyid:B8:C8:F2:3D:0C:48:C6:2E:18:E2:8F:56:0C:C9:15:98:93:D4:E4:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uMjyPQxIxi4Y4o9WDMkVmJPU5C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e425de-236e-4a34-b41a-42481a62123c/1/aEJQq8mpzlFt35B-BD_QJo9THGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e425de-236e-4a34-b41a-42481a62123c/1/uMjyPQxIxi4Y4o9WDMkVmJPU5C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.148.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:e7:2b:7c:d2:a7:a2:5a:8a:28:ae:5e:78:96:e6:18:1a:a2:
a4:10:ff:9a:a4:a2:e6:f4:75:f4:5b:35:68:fc:a2:4d:01:61:
d8:d8:a0:f2:0b:57:a9:8c:4b:a8:ea:b1:b9:84:f0:25:7f:d0:
cf:39:a2:ca:47:5f:52:91:18:93:a1:e0:54:b7:c5:3e:7c:7f:
ae:1b:c5:da:ce:e8:14:8e:2e:ed:8b:d8:78:eb:63:f0:f0:67:
eb:23:cd:41:a0:92:d0:cc:ce:63:71:6b:31:6f:6d:6c:63:7d:
3d:38:5b:d4:a2:d9:18:27:9e:c3:9c:4e:0c:6a:51:0a:b2:7c:
0d:62:c4:be:f5:f7:c4:44:92:da:da:11:89:a7:40:f5:65:72:
23:30:53:84:12:ad:75:0c:da:25:15:99:64:e8:45:94:07:09:
90:f6:37:0e:0d:91:07:10:15:57:f3:17:11:3a:11:05:e6:51:
c5:1b:1f:62:13:3f:d7:17:3e:50:91:b6:c7:64:53:44:2c:4b:
55:de:a3:e6:87:0c:8c:bf:ea:c0:9f:c5:02:aa:fe:60:79:eb:
9a:12:bc:ec:8f:09:61:f4:9e:d0:6a:35:7e:ec:ec:c2:fc:d2:
07:d3:31:f3:d6:65:9d:42:1d:f0:23:47:a6:96:d5:00:ec:b3:
4b:2c:30:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2QgurIQ3hJ6qYW9RpeffGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4YzhmMjNkMGM0OGM2MmUxOGUyOGY1NjBjYzkxNTk4OTNk
NGU0MmYwHhcNMjQwMjEwMDA1NTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQyNTBhYmM5YTljZTUxNmRkZjkwN2UwNDNmZDAyNjhmNTMxYzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFfkZSOxSfHmIIMy/KHRLXmbcYe0
OWamMmM5vg7CZgW/M3l/7f59GkTcwKLHcZS/YMBKYp4mscmYTxFwI9wWQlOaVske
ygcAR3K3T54gaQAWWuxJrl+csk4OC+Z65VvAAkzwd9Z+ZD6zMCR5RDrRPcwihZal
ik5uADtkSOq0nrVHSDQ7KB4ahQdsN/Zw7hvzCKjqMLy7K610bxW9t500h2uy6kx5
ZQaxgFANhtqT4lUW9+VYz0PLZLbd/HcDrzct71pDtR/p5yeBldJT/jAI7v7jdkOr
K2Ftz3A75gLe4nB6rLbNq6oofKMRvX8HZshRSqUGQwin9HRQbd7JArJL7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhCUKvJqc5Rbd+QfgQ/0CaPUxxnMB8GA1UdIwQY
MBaAFLjI8j0MSMYuGOKPVgzJFZiT1OQvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU1qeVBReEl4aTRZNG85V0RNa1ZtSlBVNUM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lNDI1ZGUtMjM2ZS00YTM0LWI0MWEt
NDI0ODFhNjIxMjNjLzEvYUVKUXE4bXB6bEZ0MzVCLUJEX1FKbzlUSEdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lNDI1ZGUtMjM2ZS00YTM0LWI0MWEtNDI0ODFhNjIxMjNj
LzEvdU1qeVBReEl4aTRZNG85V0RNa1ZtSlBVNUM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYKUMA0G
CSqGSIb3DQEBCwUAA4IBAQBd5yt80qeiWooorl54luYYGqKkEP+apKLm9HX0WzVo
/KJNAWHY2KDyC1epjEuo6rG5hPAlf9DPOaLKR19SkRiToeBUt8U+fH+uG8XazugU
ji7ti9h462Pw8GfrI81BoJLQzM5jcWsxb21sY309OFvUotkYJ57DnE4MalEKsnwN
YsS+9ffERJLa2hGJp0D1ZXIjMFOEEq11DNolFZlk6EWUBwmQ9jcODZEHEBVX8xcR
OhEF5lHFGx9iEz/XFz5QkbbHZFNELEtV3qPmhwyMv+rAn8UCqv5geeuaErzsjwlh
9J7QajV+7OzC/NIH0zHz1mWdQh3wI0emltUA7LNLLDCr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:50 2025 by rpki-client