Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/c8efj3ycmEEYkA2nrxYYsYEFyhI.roa
File: c8efj3ycmEEYkA2nrxYYsYEFyhI.roa (raw, json)
Hash identifier: +rAfQZq6pJIInOLw1XauWz/DX7XQCOq7xpoDLf7gJo4=
Subject key identifier: 73:C7:9F:8F:7C:9C:98:41:18:90:0D:A7:AF:16:18:B1:81:05:CA:12
Certificate issuer: /CN=3cbdce45c4882c8a3a257110c6b1f0d49b182a9c
Certificate serial: 018DD554E923D7E89130E954C7DDDCF019B1
Authority key identifier: 3C:BD:CE:45:C4:88:2C:8A:3A:25:71:10:C6:B1:F0:D4:9B:18:2A:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PL3ORcSILIo6JXEQxrHw1JsYKpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/c8efj3ycmEEYkA2nrxYYsYEFyhI.roa
Signing time: Fri 23 Feb 2024 09:38:48 +0000
ROA not before: Fri 23 Feb 2024 09:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 185.154.189.0/24 maxlen: 24
2a12:dac0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d5:54:e9:23:d7:e8:91:30:e9:54:c7:dd:dc:f0:19:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cbdce45c4882c8a3a257110c6b1f0d49b182a9c
Validity
Not Before: Feb 23 09:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73c79f8f7c9c984118900da7af1618b18105ca12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b4:3c:4c:9c:51:68:18:69:ce:a4:d8:28:32:
47:f7:ff:41:e7:59:9a:54:e4:8b:d3:b0:44:1e:63:
2a:ae:53:9b:fa:88:91:09:55:c1:e6:d3:19:fc:ca:
30:db:14:6d:24:81:d8:5f:69:2b:99:72:ca:fb:f4:
10:f6:42:af:ce:a5:bd:70:c3:1d:c3:87:67:f0:3c:
ab:7d:bf:a2:57:09:55:27:0e:de:22:c8:42:8c:05:
72:60:8e:42:04:74:42:eb:c9:c3:bf:bb:3e:03:a3:
78:bb:33:ab:c9:6e:54:8b:33:a9:54:e0:bd:b0:63:
c5:8e:30:27:68:c6:f1:e1:cc:6f:b0:e1:12:43:84:
f1:ba:99:99:bc:14:0b:b5:36:d4:e7:be:62:90:da:
30:e0:23:0e:28:3d:bb:99:48:3a:c6:6b:30:55:c5:
ed:f3:f1:76:ee:3c:b5:70:74:ae:58:fa:cf:6d:73:
29:a7:82:91:e3:e7:81:fd:31:8e:39:c8:fb:05:92:
83:fa:13:4d:09:69:e4:39:64:b6:ab:13:f9:ec:78:
d1:d5:b7:6b:79:ab:7b:d6:45:c0:c9:28:23:6c:09:
d7:cf:da:63:46:1b:cb:0d:f1:e2:1a:0f:b1:17:fb:
c7:31:ca:e2:ae:9c:44:70:ec:13:f6:cc:fe:5f:fa:
00:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C7:9F:8F:7C:9C:98:41:18:90:0D:A7:AF:16:18:B1:81:05:CA:12
X509v3 Authority Key Identifier:
keyid:3C:BD:CE:45:C4:88:2C:8A:3A:25:71:10:C6:B1:F0:D4:9B:18:2A:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PL3ORcSILIo6JXEQxrHw1JsYKpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/c8efj3ycmEEYkA2nrxYYsYEFyhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/PL3ORcSILIo6JXEQxrHw1JsYKpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.189.0/24
IPv6:
2a12:dac0::/29
Signature Algorithm: sha256WithRSAEncryption
44:1b:f9:b4:34:35:4a:76:59:ac:bf:1d:5c:88:b0:3b:45:18:
30:85:66:ca:97:c8:7a:e5:30:08:cd:ea:0e:d4:22:4a:14:7a:
5f:17:f3:ae:34:9d:e2:89:77:1d:39:57:80:63:a7:e3:4e:66:
f2:d3:ae:98:07:d8:52:dd:cf:41:c1:b3:e5:a5:ef:3a:4d:c6:
9e:88:af:42:93:f3:6e:8f:a2:e4:f1:c7:18:2a:d3:8b:c7:29:
51:c6:25:5a:81:91:aa:50:62:4f:d3:0b:ea:4a:e8:c9:ec:c9:
be:ba:1f:fa:73:c1:19:2c:c5:43:7d:20:04:a9:8d:d2:b6:7e:
f8:63:e4:bf:91:fb:e1:1c:eb:9b:b0:ce:95:49:8b:fd:fe:4c:
d3:63:b0:01:27:60:17:22:40:c6:77:44:7b:9c:d6:7b:cd:35:
e5:d4:17:90:95:0b:58:59:3e:54:e7:c4:8a:e0:3d:cc:38:aa:
6b:07:3c:ba:00:20:04:02:27:51:79:68:23:b9:a2:1c:95:2e:
cc:5d:17:11:24:bf:1b:12:4e:0a:54:9a:81:55:0d:88:96:86:
f6:af:85:8d:69:c0:46:66:87:eb:46:58:d1:20:a0:0a:5a:85:
a9:61:37:65:8e:ed:9d:47:ee:04:9a:56:9f:c0:9f:3d:a1:60:
3f:ec:d8:40
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY3VVOkj1+iRMOlUx93c8BmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYmRjZTQ1YzQ4ODJjOGEzYTI1NzExMGM2YjFmMGQ0OWIx
ODJhOWMwHhcNMjQwMjIzMDkzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2M3OWY4ZjdjOWM5ODQxMTg5MDBkYTdhZjE2MThiMTgxMDVjYTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorQ8TJxRaBhpzqTYKDJH9/9B51ma
VOSL07BEHmMqrlOb+oiRCVXB5tMZ/Mow2xRtJIHYX2krmXLK+/QQ9kKvzqW9cMMd
w4dn8Dyrfb+iVwlVJw7eIshCjAVyYI5CBHRC68nDv7s+A6N4uzOryW5UizOpVOC9
sGPFjjAnaMbx4cxvsOESQ4TxupmZvBQLtTbU575ikNow4CMOKD27mUg6xmswVcXt
8/F27jy1cHSuWPrPbXMpp4KR4+eB/TGOOcj7BZKD+hNNCWnkOWS2qxP57HjR1bdr
eat71kXAySgjbAnXz9pjRhvLDfHiGg+xF/vHMcrirpxEcOwT9sz+X/oAHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHPHn498nJhBGJANp68WGLGBBcoSMB8GA1UdIwQY
MBaAFDy9zkXEiCyKOiVxEMax8NSbGCqcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEwzT1JjU0lMSW82SlhFUXhySHcxSnNZS3B3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8xYzk0NjktMTZmZS00ZTdiLTg4MjMt
NWRiNDM5YjRjY2VlLzEvYzhlZmozeWNtRUVZa0EybnJ4WVlzWUVGeWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8xYzk0NjktMTZmZS00ZTdiLTg4MjMtNWRiNDM5YjRjY2Vl
LzEvUEwzT1JjU0lMSW82SlhFUXhySHcxSnNZS3B3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZq9MA0E
AgACMAcDBQMqEtrAMA0GCSqGSIb3DQEBCwUAA4IBAQBEG/m0NDVKdlmsvx1ciLA7
RRgwhWbKl8h65TAIzeoO1CJKFHpfF/OuNJ3iiXcdOVeAY6fjTmby066YB9hS3c9B
wbPlpe86TcaeiK9Ck/Nuj6Lk8ccYKtOLxylRxiVagZGqUGJP0wvqSujJ7Mm+uh/6
c8EZLMVDfSAEqY3Stn74Y+S/kfvhHOubsM6VSYv9/kzTY7ABJ2AXIkDGd0R7nNZ7
zTXl1BeQlQtYWT5U58SK4D3MOKprBzy6ACAEAidReWgjuaIclS7MXRcRJL8bEk4K
VJqBVQ2Ilob2r4WNacBGZofrRljRIKAKWoWpYTdlju2dR+4EmlafwJ89oWA/7NhA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:27 2025 by rpki-client