Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/Rl8YhxulkjbDp7JhYiTxhwUmA6I.roa
File: Rl8YhxulkjbDp7JhYiTxhwUmA6I.roa (raw, json)
Hash identifier: U6tWE+pXmQOF0u8mQlwq6IZGoIcojg4+tqcJPT0czoU=
Subject key identifier: 46:5F:18:87:1B:A5:92:36:C3:A7:B2:61:62:24:F1:87:05:26:03:A2
Certificate issuer: /CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Certificate serial: 018CC86F1226D5FB0E6378A12A31A75D4722
Authority key identifier: 9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/Rl8YhxulkjbDp7JhYiTxhwUmA6I.roa
Signing time: Tue 02 Jan 2024 04:29:31 +0000
ROA not before: Tue 02 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201942
IP address blocks: 217.67.164.0/22 maxlen: 22
217.67.172.0/22 maxlen: 24
217.67.168.0/21 maxlen: 21
185.159.40.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:12:26:d5:fb:0e:63:78:a1:2a:31:a7:5d:47:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Validity
Not Before: Jan 2 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=465f18871ba59236c3a7b2616224f187052603a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e1:04:53:c4:5e:18:18:a0:3e:fc:cb:90:7d:
1c:48:4e:22:04:f3:3f:22:26:c4:25:21:2e:1a:aa:
9b:67:9e:fd:ec:10:2d:b6:94:10:d6:60:5a:89:a2:
c9:7d:71:03:42:ea:61:a1:88:96:53:af:12:bf:45:
05:02:c5:e5:ab:aa:51:11:4a:ec:04:e6:34:47:a2:
75:90:3b:79:cc:f3:d9:99:b4:2e:56:bc:72:24:1d:
5e:f8:75:0d:22:8b:80:78:66:de:65:a0:07:b2:e3:
97:4d:81:e0:2c:39:3b:80:f0:8e:fa:cb:5a:0b:f3:
e2:9f:e4:24:d6:9d:19:12:a0:63:23:52:e2:e9:db:
d6:55:36:31:e7:b1:dc:ae:61:23:14:d6:c2:4b:f1:
1f:20:be:61:f4:9b:3f:d2:10:c5:09:be:ee:5b:b6:
fa:87:3c:ca:f8:93:62:d9:28:c6:c4:e2:e5:89:a1:
9f:69:23:12:28:c3:d0:eb:b2:ed:8f:a1:ad:4f:61:
68:e5:fe:63:f4:d9:a8:90:30:87:96:5c:81:9e:a3:
96:fc:2e:1e:9d:f2:47:0d:20:bb:b8:70:91:3e:73:
79:18:7a:8d:77:74:1b:b9:53:fb:e5:34:3c:ab:a5:
69:4e:a0:8a:06:91:61:93:0d:e8:d1:a8:59:f9:e5:
1c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:5F:18:87:1B:A5:92:36:C3:A7:B2:61:62:24:F1:87:05:26:03:A2
X509v3 Authority Key Identifier:
keyid:9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/Rl8YhxulkjbDp7JhYiTxhwUmA6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/nM47EZfQz5URVAVypY_TctzAdIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.40.0/22
217.67.164.0-217.67.175.255
Signature Algorithm: sha256WithRSAEncryption
7d:4f:34:8e:46:e5:61:7b:8f:47:62:bc:ff:c1:4f:03:db:ae:
d2:8c:91:c3:a8:09:7b:32:5b:5b:c4:a3:fb:a0:aa:f8:e1:74:
5f:e9:a2:c3:60:d8:ec:ab:22:79:1e:83:ae:0b:eb:d1:15:4b:
a7:f9:de:61:64:f6:9b:9e:a5:c7:f9:c7:dc:13:8a:b5:7c:9b:
77:f7:03:e5:a2:08:cc:11:cd:7f:f0:94:4f:30:c2:7a:20:58:
45:de:34:92:03:63:4e:8d:cb:46:a1:e0:32:30:63:12:5a:78:
a5:06:20:e4:2a:d8:41:f2:68:23:61:a0:60:97:f0:e0:fb:34:
9f:3a:6c:b3:c8:a6:f3:63:a5:49:ce:0e:7d:eb:7d:89:43:2f:
cb:63:d3:c2:b1:b5:fc:ef:8b:e2:bc:85:f0:fa:31:99:f6:39:
8b:3c:02:22:a8:f2:52:86:09:fd:70:b7:70:c5:4c:9d:7a:93:
c9:44:f4:b0:15:59:57:ff:e8:a7:02:23:fb:7e:90:26:52:c1:
18:e2:c8:a6:ad:3e:ac:b5:e3:75:c6:96:7a:4d:c0:c3:8a:53:
24:58:50:2f:62:70:f4:c4:7d:00:24:03:7c:29:28:73:1d:3f:
21:8d:fb:5f:a3:27:5e:6a:0f:b5:29:c4:86:81:24:8e:8a:54:
a3:d6:ac:3c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzIbxIm1fsOY3ihKjGnXUciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljY2UzYjExOTdkMGNmOTUxMTU0MDU3MmE1OGZkMzcyZGNj
MDc0ODkwHhcNMjQwMTAyMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjVmMTg4NzFiYTU5MjM2YzNhN2IyNjE2MjI0ZjE4NzA1MjYwM2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseEEU8ReGBigPvzLkH0cSE4iBPM/
IibEJSEuGqqbZ5797BAttpQQ1mBaiaLJfXEDQuphoYiWU68Sv0UFAsXlq6pREUrs
BOY0R6J1kDt5zPPZmbQuVrxyJB1e+HUNIouAeGbeZaAHsuOXTYHgLDk7gPCO+sta
C/Pin+Qk1p0ZEqBjI1Li6dvWVTYx57HcrmEjFNbCS/EfIL5h9Js/0hDFCb7uW7b6
hzzK+JNi2SjGxOLliaGfaSMSKMPQ67Ltj6GtT2Fo5f5j9NmokDCHllyBnqOW/C4e
nfJHDSC7uHCRPnN5GHqNd3QbuVP75TQ8q6VpTqCKBpFhkw3o0ahZ+eUc2QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEZfGIcbpZI2w6eyYWIk8YcFJgOiMB8GA1UdIwQY
MBaAFJzOOxGX0M+VEVQFcqWP03LcwHSJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgt
YTA0NWZmOGUyYWMwLzEvUmw4WWh4dWxramJEcDdKaFlpVHhod1VtQTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgtYTA0NWZmOGUyYWMw
LzEvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuZ8oMAwD
BALZQ6QDBATZQ6AwDQYJKoZIhvcNAQELBQADggEBAH1PNI5G5WF7j0divP/BTwPb
rtKMkcOoCXsyW1vEo/ugqvjhdF/posNg2OyrInkeg64L69EVS6f53mFk9puepcf5
x9wTirV8m3f3A+WiCMwRzX/wlE8wwnogWEXeNJIDY06Ny0ah4DIwYxJaeKUGIOQq
2EHyaCNhoGCX8OD7NJ86bLPIpvNjpUnODn3rfYlDL8tj08Kxtfzvi+K8hfD6MZn2
OYs8AiKo8lKGCf1wt3DFTJ16k8lE9LAVWVf/6KcCI/t+kCZSwRjiyKatPqy143XG
lnpNwMOKUyRYUC9icPTEfQAkA3wpKHMdPyGN+1+jJ15qD7UpxIaBJI6KVKPWrDw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:40:37 2025 by rpki-client