Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/T5N2mMfVc1lkhPvs2S6zR7QOjRE.roa
File: T5N2mMfVc1lkhPvs2S6zR7QOjRE.roa (raw, json)
Hash identifier: jbQhSi1vsp8hi0XFp/sPTE7NjyVGxI5HucKFhBUw6GY=
Subject key identifier: 4F:93:76:98:C7:D5:73:59:64:84:FB:EC:D9:2E:B3:47:B4:0E:8D:11
Certificate issuer: /CN=ab87734368d88315f11b329386cc5ef2bb875858
Certificate serial: 018CC94E653693576A8BBB33B851F4B423C4
Authority key identifier: AB:87:73:43:68:D8:83:15:F1:1B:32:93:86:CC:5E:F2:BB:87:58:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4dzQ2jYgxXxGzKThsxe8ruHWFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/T5N2mMfVc1lkhPvs2S6zR7QOjRE.roa
Signing time: Tue 02 Jan 2024 08:33:27 +0000
ROA not before: Tue 02 Jan 2024 08:33:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198167
IP address blocks: 185.108.30.0/24 maxlen: 24
185.108.29.0/24 maxlen: 24
185.108.28.0/24 maxlen: 24
185.108.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:65:36:93:57:6a:8b:bb:33:b8:51:f4:b4:23:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab87734368d88315f11b329386cc5ef2bb875858
Validity
Not Before: Jan 2 08:33:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f937698c7d573596484fbecd92eb347b40e8d11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ad:0b:44:4c:66:ed:8f:2e:8f:f2:0a:c3:c0:
e5:93:78:4e:8f:fe:e4:bc:e8:72:b7:a5:b0:94:b7:
e1:99:dc:87:0d:2c:b5:af:39:98:4e:3f:0b:2b:95:
c3:9a:b1:c5:a1:e6:4e:03:c7:8e:6f:b4:0d:65:1f:
60:c1:62:95:e1:94:8b:3b:9d:a4:b3:ff:75:e1:fb:
9b:6d:4c:da:b1:f5:8c:f4:67:be:47:22:78:a3:84:
34:8c:1f:79:08:70:e3:fa:4f:6f:0c:28:dc:70:4b:
69:42:2d:bc:b5:bf:fd:9f:23:be:62:72:3e:26:b3:
d0:32:6e:16:9f:4b:c0:89:97:e3:64:f8:64:af:ab:
53:ca:ab:79:6c:f5:1f:fe:95:7f:30:a6:49:7f:ce:
02:bc:44:5d:50:46:a4:af:9d:cc:cf:12:5f:89:d5:
d6:aa:fe:5f:09:06:d5:f1:70:7c:57:46:67:58:1a:
19:eb:d0:97:66:38:be:c4:8a:e4:db:bd:f3:f5:14:
17:dd:f9:e4:82:39:79:a6:33:78:85:83:df:24:6c:
1b:ab:71:81:ce:98:38:fc:80:eb:7e:98:f5:80:41:
00:4b:8d:cf:10:1c:91:04:aa:4e:3f:ff:4b:46:1f:
9d:f0:f6:b3:44:13:13:72:25:07:02:d1:0a:68:cc:
1d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:93:76:98:C7:D5:73:59:64:84:FB:EC:D9:2E:B3:47:B4:0E:8D:11
X509v3 Authority Key Identifier:
keyid:AB:87:73:43:68:D8:83:15:F1:1B:32:93:86:CC:5E:F2:BB:87:58:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4dzQ2jYgxXxGzKThsxe8ruHWFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/T5N2mMfVc1lkhPvs2S6zR7QOjRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/562548-7b3d-40b3-9c05-18585ed94a98/1/q4dzQ2jYgxXxGzKThsxe8ruHWFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.28.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:0b:c8:e2:d0:dc:74:79:80:a6:e4:02:e2:53:87:e9:ab:00:
b5:5e:b8:82:06:c1:8b:67:07:46:d7:86:d0:e5:b2:22:cd:5b:
04:b5:c8:87:aa:48:26:cb:bd:48:e0:35:3f:81:e6:aa:12:0e:
88:25:56:12:b2:6a:f2:ac:e4:24:42:b3:80:b0:5e:a7:f7:d4:
2b:f0:cb:31:8f:98:31:db:11:80:f8:16:dd:57:ec:ab:08:3a:
82:d4:c7:71:88:51:b4:7a:21:57:fe:dc:54:b3:fc:48:f2:1b:
ef:db:c9:3a:31:b7:d4:95:03:36:08:44:19:43:4e:83:6c:15:
a2:84:76:5d:0d:b5:2a:f2:dd:f6:5b:72:2e:6e:65:36:62:a5:
89:61:27:ee:75:40:3e:f2:79:6d:cd:5e:aa:a9:ef:d2:46:7b:
c1:6f:27:31:7d:81:b3:db:e1:b2:a8:78:87:01:a6:43:f2:c6:
e8:dc:07:33:0a:00:9f:97:16:9a:4a:24:a0:1a:f8:5f:d7:da:
0f:77:2a:21:ca:0d:f1:2b:d7:55:43:c8:c0:4d:3a:51:0d:d8:
57:15:ff:4a:de:96:9d:86:57:21:39:0a:fa:14:4d:23:1f:4d:
c9:79:e8:d8:b3:a0:44:6f:fd:8d:24:6a:cc:b4:9a:ec:37:4a:
a6:de:49:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTmU2k1dqi7szuFH0tCPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODc3MzQzNjhkODgzMTVmMTFiMzI5Mzg2Y2M1ZWYyYmI4
NzU4NTgwHhcNMjQwMTAyMDgzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjkzNzY5OGM3ZDU3MzU5NjQ4NGZiZWNkOTJlYjM0N2I0MGU4ZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiK0LRExm7Y8uj/IKw8Dlk3hOj/7k
vOhyt6WwlLfhmdyHDSy1rzmYTj8LK5XDmrHFoeZOA8eOb7QNZR9gwWKV4ZSLO52k
s/914fubbUzasfWM9Ge+RyJ4o4Q0jB95CHDj+k9vDCjccEtpQi28tb/9nyO+YnI+
JrPQMm4Wn0vAiZfjZPhkr6tTyqt5bPUf/pV/MKZJf84CvERdUEakr53MzxJfidXW
qv5fCQbV8XB8V0ZnWBoZ69CXZji+xIrk273z9RQX3fnkgjl5pjN4hYPfJGwbq3GB
zpg4/IDrfpj1gEEAS43PEByRBKpOP/9LRh+d8PazRBMTciUHAtEKaMwdDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+TdpjH1XNZZIT77Nkus0e0Do0RMB8GA1UdIwQY
MBaAFKuHc0No2IMV8Rsyk4bMXvK7h1hYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRkelEyallneFh4R3pLVGhzeGU4cnVIV0ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81NjI1NDgtN2IzZC00MGIzLTljMDUt
MTg1ODVlZDk0YTk4LzEvVDVOMm1NZlZjMWxraFB2czJTNnpSN1FPalJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS81NjI1NDgtN2IzZC00MGIzLTljMDUtMTg1ODVlZDk0YTk4
LzEvcTRkelEyallneFh4R3pLVGhzeGU4cnVIV0ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWwcMA0G
CSqGSIb3DQEBCwUAA4IBAQBfC8ji0Nx0eYCm5ALiU4fpqwC1XriCBsGLZwdG14bQ
5bIizVsEtciHqkgmy71I4DU/geaqEg6IJVYSsmryrOQkQrOAsF6n99Qr8Msxj5gx
2xGA+BbdV+yrCDqC1MdxiFG0eiFX/txUs/xI8hvv28k6MbfUlQM2CEQZQ06DbBWi
hHZdDbUq8t32W3IubmU2YqWJYSfudUA+8nltzV6qqe/SRnvBbycxfYGz2+GyqHiH
AaZD8sbo3AczCgCflxaaSiSgGvhf19oPdyohyg3xK9dVQ8jATTpRDdhXFf9K3pad
hlchOQr6FE0jH03JeejYs6BEb/2NJGrMtJrsN0qm3knZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:16 2025 by rpki-client