Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/fKat8HZKzDU8p17QhuFr-MX0h7A.roa
File: fKat8HZKzDU8p17QhuFr-MX0h7A.roa (raw, json)
Hash identifier: u98JmjbLvByHVb7YRU/4/+MYUkwjMSfYHppj3o/z+uA=
Subject key identifier: 7C:A6:AD:F0:76:4A:CC:35:3C:A7:5E:D0:86:E1:6B:F8:C5:F4:87:B0
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B7290F95296C4612B16DD7F4BDF3BE
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/fKat8HZKzDU8p17QhuFr-MX0h7A.roa
Signing time: Mon 01 Jan 2024 06:30:09 +0000
ROA not before: Mon 01 Jan 2024 06:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2300
IP address blocks: 81.52.185.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:29:0f:95:29:6c:46:12:b1:6d:d7:f4:bd:f3:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ca6adf0764acc353ca75ed086e16bf8c5f487b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f8:79:65:b7:f0:cf:b0:68:a9:1c:b9:20:ef:
42:81:c5:16:f8:11:08:f1:3b:e2:f1:06:3a:4c:9d:
93:1d:78:13:e5:79:83:02:c5:5a:23:e2:26:59:ab:
6f:1f:a0:95:7c:cc:e5:1a:8e:68:0f:72:b7:51:c6:
6b:d6:d2:22:12:80:16:9e:be:85:58:49:6e:ce:91:
52:a3:f2:8e:92:f1:f2:15:56:22:e4:2a:52:36:bc:
7f:1d:e8:ff:c7:9b:cd:01:7a:6f:1b:d5:bb:6b:57:
2c:cc:42:1b:48:1a:37:4c:79:03:f1:76:d4:1e:16:
b7:c4:53:3f:d9:bd:a8:ef:2b:94:df:c9:85:69:44:
af:14:41:91:7c:31:99:e7:ce:db:d9:61:73:c7:94:
2a:8a:20:a5:e6:0a:fa:14:b4:29:54:9c:87:9c:60:
96:e2:76:ca:f3:ac:8e:ce:da:0f:ac:31:9f:d8:28:
ec:90:b8:c9:bf:df:eb:be:d8:99:0d:1a:24:3d:23:
97:6e:dd:40:1c:eb:62:21:77:64:e2:79:a3:86:c8:
17:29:25:de:98:49:85:bc:35:89:35:59:2e:ed:20:
d4:ec:50:f9:e1:fb:09:9d:e7:ce:16:50:d4:24:34:
c0:28:bc:6b:6c:35:29:e7:a9:7e:04:c8:4c:f5:13:
09:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A6:AD:F0:76:4A:CC:35:3C:A7:5E:D0:86:E1:6B:F8:C5:F4:87:B0
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/fKat8HZKzDU8p17QhuFr-MX0h7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.52.185.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:9b:ed:3d:ea:aa:07:7b:4d:d6:3b:1f:87:e8:df:d8:d4:d4:
8e:74:41:bb:26:6f:8e:a5:06:8d:73:a6:85:ad:8e:89:1f:aa:
47:f0:5e:ad:dd:4c:81:d7:c2:01:87:4f:f5:3c:ad:3c:f2:a7:
95:33:a8:23:d0:30:22:b4:aa:2a:fd:d9:44:06:3e:8f:f1:84:
c3:3f:49:3c:b3:cf:79:2d:07:0b:df:05:76:15:b6:b8:15:c9:
98:3d:4d:96:8c:c8:53:f9:74:0a:a5:8e:5f:cd:42:cf:5a:1b:
36:17:8d:70:5a:bb:43:f8:10:99:3d:4f:b7:f1:dd:ba:11:54:
bc:9b:5f:df:6a:c2:c4:08:3c:4b:f9:3f:18:f5:a8:5c:77:53:
59:66:7a:a6:f7:29:04:13:52:ac:d2:bc:a3:67:ae:88:9f:48:
5e:68:4d:78:be:4a:63:fc:68:34:31:2e:22:54:83:37:6b:fb:
98:42:4b:8d:22:c7:f0:85:39:cf:6e:6b:97:77:41:21:8a:ca:
90:11:79:7a:12:e3:00:12:7d:31:be:72:28:ee:87:42:86:0e:
3a:81:d8:14:38:40:bd:a3:be:e5:30:7d:fd:26:ae:7c:a6:78:
a1:d3:65:fd:c1:05:67:cc:81:f5:58:6e:80:6d:af:b2:d4:83:
87:c4:24:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtykPlSlsRhKxbdf0vfO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2E2YWRmMDc2NGFjYzM1M2NhNzVlZDA4NmUxNmJmOGM1ZjQ4N2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPh5Zbfwz7BoqRy5IO9CgcUW+BEI
8Tvi8QY6TJ2THXgT5XmDAsVaI+ImWatvH6CVfMzlGo5oD3K3UcZr1tIiEoAWnr6F
WEluzpFSo/KOkvHyFVYi5CpSNrx/Hej/x5vNAXpvG9W7a1cszEIbSBo3THkD8XbU
Hha3xFM/2b2o7yuU38mFaUSvFEGRfDGZ587b2WFzx5QqiiCl5gr6FLQpVJyHnGCW
4nbK86yOztoPrDGf2CjskLjJv9/rvtiZDRokPSOXbt1AHOtiIXdk4nmjhsgXKSXe
mEmFvDWJNVku7SDU7FD54fsJnefOFlDUJDTAKLxrbDUp56l+BMhM9RMJrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHymrfB2Ssw1PKde0Ibha/jF9IewMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvZkthdDhIWkt6RFU4cDE3UWh1RnItTVgwaDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUTS5MA0G
CSqGSIb3DQEBCwUAA4IBAQA8m+096qoHe03WOx+H6N/Y1NSOdEG7Jm+OpQaNc6aF
rY6JH6pH8F6t3UyB18IBh0/1PK088qeVM6gj0DAitKoq/dlEBj6P8YTDP0k8s895
LQcL3wV2Fba4FcmYPU2WjMhT+XQKpY5fzULPWhs2F41wWrtD+BCZPU+38d26EVS8
m1/fasLECDxL+T8Y9ahcd1NZZnqm9ykEE1Ks0ryjZ66In0heaE14vkpj/Gg0MS4i
VIM3a/uYQkuNIsfwhTnPbmuXd0EhisqQEXl6EuMAEn0xvnIo7odChg46gdgUOEC9
o77lMH39Jq58pnih02X9wQVnzIH1WG6Aba+y1IOHxCRw
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:45:52 2025 by rpki-client