Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/CNh5wrj3ok4m1mH0k8-JVfQ2g6w.roa
File: CNh5wrj3ok4m1mH0k8-JVfQ2g6w.roa (raw, json)
Hash identifier: LlnpXbCBGIVkqWqLoOzFauoqC3vwq/wMerRRjSnw3Js=
Subject key identifier: 08:D8:79:C2:B8:F7:A2:4E:26:D6:61:F4:93:CF:89:55:F4:36:83:AC
Certificate issuer: /CN=ed64691c31892cc991ad4e9a9671147759e417ab
Certificate serial: 018CC86F39A8630FBEE8E2B8C017891B1690
Authority key identifier: ED:64:69:1C:31:89:2C:C9:91:AD:4E:9A:96:71:14:77:59:E4:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7WRpHDGJLMmRrU6alnEUd1nkF6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/CNh5wrj3ok4m1mH0k8-JVfQ2g6w.roa
Signing time: Tue 02 Jan 2024 04:29:41 +0000
ROA not before: Tue 02 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47264
IP address blocks: 185.75.240.0/24 maxlen: 24
2a05:5500::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:39:a8:63:0f:be:e8:e2:b8:c0:17:89:1b:16:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed64691c31892cc991ad4e9a9671147759e417ab
Validity
Not Before: Jan 2 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08d879c2b8f7a24e26d661f493cf8955f43683ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:00:fb:60:37:c8:06:18:5e:74:6e:31:e9:b4:
af:0c:e5:9d:ca:2c:00:93:77:f1:6f:cd:96:29:bb:
aa:43:0d:52:3a:25:8a:b1:5c:29:a5:d1:40:3a:e5:
18:47:bb:60:cb:f5:51:b0:84:a9:85:2f:b7:a9:e8:
49:06:85:c3:47:e3:68:1a:4d:de:0f:de:83:7f:f6:
1a:76:71:7a:64:35:24:43:2f:8a:b0:e1:92:5b:91:
b3:72:f4:d1:8e:42:97:49:c1:05:d1:37:fd:e6:82:
6a:81:7d:38:f6:14:ee:51:4f:e6:44:ab:cb:c6:ff:
d2:66:fb:ca:de:52:95:95:1a:16:42:c6:e5:16:43:
0e:ad:0d:2c:b3:4d:df:2d:9e:52:dd:33:4b:06:2c:
bf:04:44:e9:8f:34:49:9e:9f:1b:4c:40:1e:b7:a1:
fd:65:dc:61:a4:97:6f:a4:ae:e9:0f:6c:98:e5:ad:
e7:05:a0:a3:0c:1d:1b:b4:15:45:0c:6c:de:f8:dc:
66:ac:3a:92:fa:62:fb:8f:23:6b:c7:a8:85:6b:d7:
84:8b:0d:49:9d:6d:a7:05:83:c7:bf:be:38:35:00:
e9:b5:3a:40:f4:0b:3d:19:1d:16:1b:6b:0d:26:d8:
e7:79:f0:9d:bc:bb:60:ba:a9:0d:c9:41:20:5c:c2:
98:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D8:79:C2:B8:F7:A2:4E:26:D6:61:F4:93:CF:89:55:F4:36:83:AC
X509v3 Authority Key Identifier:
keyid:ED:64:69:1C:31:89:2C:C9:91:AD:4E:9A:96:71:14:77:59:E4:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WRpHDGJLMmRrU6alnEUd1nkF6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/CNh5wrj3ok4m1mH0k8-JVfQ2g6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/7WRpHDGJLMmRrU6alnEUd1nkF6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.240.0/24
IPv6:
2a05:5500::/32
Signature Algorithm: sha256WithRSAEncryption
01:d3:e1:32:68:5f:c5:cf:01:72:72:ea:1d:d9:e3:0c:69:a1:
c5:4f:e4:eb:e8:9e:1c:cc:d6:f6:a3:19:99:31:4d:e9:c4:d6:
e0:89:2c:9c:de:db:7b:f6:ff:fe:87:56:c1:7e:93:13:89:95:
4c:fb:82:17:06:76:28:d4:85:62:8c:3c:cb:20:3a:0c:16:d2:
61:13:10:49:dc:0a:99:1d:d2:da:2d:74:51:b8:ea:08:f2:d5:
f3:1c:fa:cd:1a:c1:4e:58:7b:0a:47:06:f3:a6:de:fc:df:81:
a5:3e:22:cf:65:77:25:92:d9:e5:c1:28:0c:79:70:90:9f:4a:
e3:24:c1:5e:14:4d:cb:6d:cf:c4:35:3f:2f:d9:d6:81:98:0c:
3e:80:a9:af:42:ef:17:bb:f2:d9:71:af:1b:4c:33:c1:b4:50:
6b:fd:e6:a9:55:28:5c:a9:d4:9e:92:e5:06:16:cf:d1:f7:b5:
da:49:ee:fb:41:27:c3:e6:a9:df:c3:b6:7a:6c:e7:e1:60:28:
0d:a4:bb:69:0b:68:eb:aa:ea:b2:85:d5:dd:29:ce:63:b4:98:
06:a1:c4:a5:27:89:b8:56:7d:3b:93:a9:35:4d:29:61:fa:41:
50:e5:ff:c0:69:af:78:f0:e3:30:1a:fa:74:9e:8c:58:bd:e9:
a1:53:2e:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIbzmoYw++6OK4wBeJGxaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjQ2OTFjMzE4OTJjYzk5MWFkNGU5YTk2NzExNDc3NTll
NDE3YWIwHhcNMjQwMTAyMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ4NzljMmI4ZjdhMjRlMjZkNjYxZjQ5M2NmODk1NWY0MzY4M2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogD7YDfIBhhedG4x6bSvDOWdyiwA
k3fxb82WKbuqQw1SOiWKsVwppdFAOuUYR7tgy/VRsISphS+3qehJBoXDR+NoGk3e
D96Df/YadnF6ZDUkQy+KsOGSW5GzcvTRjkKXScEF0Tf95oJqgX049hTuUU/mRKvL
xv/SZvvK3lKVlRoWQsblFkMOrQ0ss03fLZ5S3TNLBiy/BETpjzRJnp8bTEAet6H9
ZdxhpJdvpK7pD2yY5a3nBaCjDB0btBVFDGze+NxmrDqS+mL7jyNrx6iFa9eEiw1J
nW2nBYPHv744NQDptTpA9As9GR0WG2sNJtjnefCdvLtguqkNyUEgXMKYpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAjYecK496JOJtZh9JPPiVX0NoOsMB8GA1UdIwQY
MBaAFO1kaRwxiSzJka1OmpZxFHdZ5BerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dScEhER0pMTW1SclU2YWxuRVVkMW5rRjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9mNjdkMDktODkyMy00MTUyLTk1ZjIt
N2M3ZGIyMTIzMGEzLzEvQ05oNXdyajNvazRtMW1IMGs4LUpWZlEyZzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9mNjdkMDktODkyMy00MTUyLTk1ZjItN2M3ZGIyMTIzMGEz
LzEvN1dScEhER0pMTW1SclU2YWxuRVVkMW5rRjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUvwMA0E
AgACMAcDBQAqBVUAMA0GCSqGSIb3DQEBCwUAA4IBAQAB0+EyaF/FzwFycuod2eMM
aaHFT+Tr6J4czNb2oxmZMU3pxNbgiSyc3tt79v/+h1bBfpMTiZVM+4IXBnYo1IVi
jDzLIDoMFtJhExBJ3AqZHdLaLXRRuOoI8tXzHPrNGsFOWHsKRwbzpt7834GlPiLP
ZXclktnlwSgMeXCQn0rjJMFeFE3Lbc/ENT8v2daBmAw+gKmvQu8Xu/LZca8bTDPB
tFBr/eapVShcqdSekuUGFs/R97XaSe77QSfD5qnfw7Z6bOfhYCgNpLtpC2jrquqy
hdXdKc5jtJgGocSlJ4m4Vn07k6k1TSlh+kFQ5f/Aaa948OMwGvp0noxYvemhUy5X
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:33:26 2025 by rpki-client