Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/PsyICRBDiqO4FbUNqCSdtHaVQ5c.roa
File: PsyICRBDiqO4FbUNqCSdtHaVQ5c.roa (raw, json)
Hash identifier: xgx9b8BPGLwWRtNtXm1EQEsNmNBsmlYidKKQxh6/+d8=
Subject key identifier: 3E:CC:88:09:10:43:8A:A3:B8:15:B5:0D:A8:24:9D:B4:76:95:43:97
Certificate issuer: /CN=df798581e73704ee38c9be15e72370f176c60311
Certificate serial: 01926B1B10493332CEBBF7D08E1A88DD12E8
Authority key identifier: DF:79:85:81:E7:37:04:EE:38:C9:BE:15:E7:23:70:F1:76:C6:03:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33mFgec3BO44yb4V5yNw8XbGAxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/PsyICRBDiqO4FbUNqCSdtHaVQ5c.roa
Signing time: Tue 08 Oct 2024 07:49:48 +0000
ROA not before: Tue 08 Oct 2024 07:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24631
IP address blocks: 185.128.80.0/22 maxlen: 22
185.128.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 10:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:1b:10:49:33:32:ce:bb:f7:d0:8e:1a:88:dd:12:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df798581e73704ee38c9be15e72370f176c60311
Validity
Not Before: Oct 8 07:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ecc880910438aa3b815b50da8249db476954397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ab:63:2b:95:ca:05:db:76:0f:d0:00:38:8a:
2f:84:4d:9a:95:0e:da:c9:6a:ce:2e:af:04:95:6c:
58:f9:5a:47:55:c0:a6:3f:23:e4:e4:f4:33:96:5c:
59:1e:2b:94:4e:a8:bc:ee:2a:1b:85:21:14:4a:44:
49:d6:e7:9c:7c:e4:30:f6:8b:41:4c:8f:1c:8f:55:
cd:22:f2:10:0f:ad:76:46:1b:77:0e:a0:cc:f9:97:
d0:00:3b:75:e0:11:35:36:c4:2e:88:b9:fd:28:01:
ae:61:81:88:0a:ba:f8:d0:3c:b8:4a:11:5b:b3:37:
2a:e4:21:f4:f8:83:6a:a7:92:ce:cb:73:d5:65:d5:
2f:3a:9f:f7:66:ec:e1:4f:da:d6:c1:85:6f:31:f4:
64:5d:d3:4f:cb:ce:20:73:a3:0b:2c:90:38:b7:79:
8d:35:f4:d2:f2:3a:31:5e:c7:3b:65:1d:1f:64:39:
0e:92:70:f2:08:08:b5:80:78:9a:1a:60:78:6d:ca:
ea:70:ec:ee:70:31:e3:36:63:23:12:26:2c:6f:01:
af:32:07:54:49:b4:00:23:26:0b:2e:3c:42:d1:64:
1b:a8:95:0f:12:40:ea:8c:77:47:ca:c3:08:fe:24:
0e:f9:e9:64:9c:52:ba:37:c6:0e:be:2e:fa:82:2b:
2d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:CC:88:09:10:43:8A:A3:B8:15:B5:0D:A8:24:9D:B4:76:95:43:97
X509v3 Authority Key Identifier:
keyid:DF:79:85:81:E7:37:04:EE:38:C9:BE:15:E7:23:70:F1:76:C6:03:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33mFgec3BO44yb4V5yNw8XbGAxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/PsyICRBDiqO4FbUNqCSdtHaVQ5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/33mFgec3BO44yb4V5yNw8XbGAxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.80.0/22
Signature Algorithm: sha256WithRSAEncryption
70:3b:21:09:a3:e9:b5:3c:54:8d:4d:5e:31:d2:55:77:f9:4a:
20:b5:33:ba:16:32:38:93:6a:eb:9a:f9:6d:9e:a0:5f:77:7e:
47:55:fb:4d:c6:99:45:6e:36:cb:59:a0:0b:c8:7c:d6:30:01:
81:3b:51:8e:1c:19:fd:53:7e:21:10:32:0c:9c:22:d9:75:e6:
2a:7a:32:6d:b2:b3:fe:2b:7a:d9:aa:96:75:98:f0:6a:82:77:
4e:56:31:4e:99:f9:d1:45:40:85:0f:3d:0f:be:79:43:b0:4a:
ea:8f:75:c5:4c:45:db:ac:bb:c6:d3:67:4f:5b:1e:cd:b5:60:
bb:77:14:ce:0f:50:0c:ac:a3:f9:a1:72:0f:b6:f5:ae:e1:fb:
5f:f8:cf:ca:2a:b2:b3:73:69:9f:f7:02:b8:f1:2b:c7:6c:98:
93:01:42:90:78:b9:5b:93:54:27:98:bd:e1:48:26:42:ae:1c:
a6:20:4f:44:1f:70:5c:d0:3a:eb:b6:93:f1:26:86:9e:a4:98:
fc:71:cc:61:14:71:49:15:4a:6e:3a:fb:38:3d:33:b5:7e:cd:
2d:4f:f0:ff:11:ac:af:e2:60:39:4b:14:e7:d7:0b:86:95:9f:
1b:4e:c8:fb:a0:89:af:12:9b:89:1e:b6:74:5a:1a:4b:ae:59:
2e:da:9b:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJrGxBJMzLOu/fQjhqI3RLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNzk4NTgxZTczNzA0ZWUzOGM5YmUxNWU3MjM3MGYxNzZj
NjAzMTEwHhcNMjQxMDA4MDc0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWNjODgwOTEwNDM4YWEzYjgxNWI1MGRhODI0OWRiNDc2OTU0Mzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36tjK5XKBdt2D9AAOIovhE2alQ7a
yWrOLq8ElWxY+VpHVcCmPyPk5PQzllxZHiuUTqi87iobhSEUSkRJ1uecfOQw9otB
TI8cj1XNIvIQD612Rht3DqDM+ZfQADt14BE1NsQuiLn9KAGuYYGICrr40Dy4ShFb
szcq5CH0+INqp5LOy3PVZdUvOp/3ZuzhT9rWwYVvMfRkXdNPy84gc6MLLJA4t3mN
NfTS8joxXsc7ZR0fZDkOknDyCAi1gHiaGmB4bcrqcOzucDHjNmMjEiYsbwGvMgdU
SbQAIyYLLjxC0WQbqJUPEkDqjHdHysMI/iQO+elknFK6N8YOvi76gistlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD7MiAkQQ4qjuBW1DagknbR2lUOXMB8GA1UdIwQY
MBaAFN95hYHnNwTuOMm+FecjcPF2xgMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzNtRmdlYzNCTzQ0eWI0VjV5Tnc4WGJHQXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9hODAwN2ItMDhjZS00YWY0LWEzODMt
YzRhNTJkY2VlMjNkLzEvUHN5SUNSQkRpcU80RmJVTnFDU2R0SGFWUTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9hODAwN2ItMDhjZS00YWY0LWEzODMtYzRhNTJkY2VlMjNk
LzEvMzNtRmdlYzNCTzQ0eWI0VjV5Tnc4WGJHQXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYBQMA0G
CSqGSIb3DQEBCwUAA4IBAQBwOyEJo+m1PFSNTV4x0lV3+UogtTO6FjI4k2rrmvlt
nqBfd35HVftNxplFbjbLWaALyHzWMAGBO1GOHBn9U34hEDIMnCLZdeYqejJtsrP+
K3rZqpZ1mPBqgndOVjFOmfnRRUCFDz0PvnlDsErqj3XFTEXbrLvG02dPWx7NtWC7
dxTOD1AMrKP5oXIPtvWu4ftf+M/KKrKzc2mf9wK48SvHbJiTAUKQeLlbk1QnmL3h
SCZCrhymIE9EH3Bc0DrrtpPxJoaepJj8ccxhFHFJFUpuOvs4PTO1fs0tT/D/Eayv
4mA5SxTn1wuGlZ8bTsj7oImvEpuJHrZ0WhpLrlku2pvt
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:58:16 2025 by rpki-client