Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/AoHemrYgPhkoiZqxrp9JIwzN_Y4.roa
File: AoHemrYgPhkoiZqxrp9JIwzN_Y4.roa (raw, json)
Hash identifier: CKqOLrsyinQrltfikv6pChk+t9yin1mkIOhcXFa+iSc=
Subject key identifier: 02:81:DE:9A:B6:20:3E:19:28:89:9A:B1:AE:9F:49:23:0C:CD:FD:8E
Certificate issuer: /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Certificate serial: 0193F29892956A25593C313C261D23748D57
Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/AoHemrYgPhkoiZqxrp9JIwzN_Y4.roa
Signing time: Mon 23 Dec 2024 08:18:25 +0000
ROA not before: Mon 23 Dec 2024 08:18:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48693
IP address blocks: 185.248.168.0/24 maxlen: 24
185.248.169.0/24 maxlen: 24
185.248.170.0/24 maxlen: 24
185.248.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f2:98:92:95:6a:25:59:3c:31:3c:26:1d:23:74:8d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Validity
Not Before: Dec 23 08:18:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0281de9ab6203e1928899ab1ae9f49230ccdfd8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:22:b3:ec:3f:a2:db:81:4d:26:53:7c:7a:b6:
dc:54:42:41:a1:5e:df:b3:08:ce:01:24:5e:4a:02:
2c:84:b8:c5:00:29:a5:04:98:8e:ef:a3:80:c0:b2:
64:5b:75:08:23:a6:6c:69:63:35:3f:3b:68:5d:6c:
b0:f6:85:52:9c:8a:12:97:b4:36:a7:1e:02:92:95:
49:d8:6d:7c:0c:e1:c6:29:4b:85:5d:9f:a6:8e:c1:
8d:ca:81:a0:bb:80:8f:0b:ea:bc:b8:82:76:87:38:
78:ad:6b:ff:65:5f:0d:0b:cb:ea:b9:56:6c:f7:38:
e8:bb:6a:50:c8:a5:46:1e:1e:11:ad:8e:40:3b:b3:
45:dc:e3:87:83:db:1f:86:4c:a7:14:54:3d:ff:92:
9e:c7:0e:2c:df:19:c2:0b:5f:de:a7:00:37:69:6d:
f6:88:c1:b8:18:85:2e:18:03:6e:9b:f4:13:dd:22:
30:fc:09:17:59:35:35:ad:54:61:85:be:dc:56:db:
c1:7e:ca:32:8a:b4:33:e0:af:4d:29:b3:4d:b3:7a:
ce:f4:10:1c:50:24:95:5b:49:7a:86:e0:94:94:a8:
1b:cc:11:4e:3f:b9:28:af:03:db:92:75:49:79:11:
5b:9a:36:8f:bd:7a:cb:12:ce:ba:45:b6:8f:0b:ba:
54:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:81:DE:9A:B6:20:3E:19:28:89:9A:B1:AE:9F:49:23:0C:CD:FD:8E
X509v3 Authority Key Identifier:
keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/AoHemrYgPhkoiZqxrp9JIwzN_Y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.168.0/22
Signature Algorithm: sha256WithRSAEncryption
08:29:f4:06:5d:28:7b:2a:e7:00:52:c9:1e:9b:83:f7:24:42:
37:11:39:36:d8:61:95:52:0d:90:2e:86:bc:ff:11:9e:eb:85:
3a:f6:d3:d7:f2:2a:27:a7:5b:57:77:d4:36:00:e8:87:fb:cc:
c4:67:5c:8f:dd:86:e1:21:50:7c:28:df:b0:9e:b8:c4:1e:49:
e7:54:ea:20:cc:d2:1d:20:b3:ab:3b:40:a2:37:8d:8f:1f:f4:
ac:02:0d:a2:11:5d:bf:06:31:21:31:a6:33:cb:c0:8f:52:4d:
c1:1a:80:cb:ad:eb:a8:71:97:72:9a:be:53:a1:d4:03:97:29:
77:02:35:15:74:0d:2f:26:e4:2c:03:a9:9b:06:ac:9f:8b:7b:
9a:5e:6e:67:1b:c7:ba:04:7b:89:a7:48:3c:c1:f0:15:45:e5:
b8:d5:14:9d:55:dd:ee:21:e1:e0:51:10:af:32:52:9a:3a:e1:
1b:a8:e6:90:e8:f7:0f:cc:05:01:50:8e:11:a3:12:25:fb:b7:
79:19:e2:61:15:c0:29:cb:98:10:d2:32:d3:75:8d:5c:46:58:
c7:33:ea:38:8b:9d:04:9d:7d:3b:81:df:a9:39:cd:53:32:7f:
44:c1:70:28:aa:03:25:09:36:34:02:de:1e:cd:26:12:02:ec:
e1:30:22:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPymJKVaiVZPDE8Jh0jdI1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4
ODE3ZmMwHhcNMjQxMjIzMDgxODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjgxZGU5YWI2MjAzZTE5Mjg4OTlhYjFhZTlmNDkyMzBjY2RmZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiKz7D+i24FNJlN8erbcVEJBoV7f
swjOASReSgIshLjFACmlBJiO76OAwLJkW3UII6ZsaWM1PztoXWyw9oVSnIoSl7Q2
px4CkpVJ2G18DOHGKUuFXZ+mjsGNyoGgu4CPC+q8uIJ2hzh4rWv/ZV8NC8vquVZs
9zjou2pQyKVGHh4RrY5AO7NF3OOHg9sfhkynFFQ9/5Kexw4s3xnCC1/epwA3aW32
iMG4GIUuGANum/QT3SIw/AkXWTU1rVRhhb7cVtvBfsoyirQz4K9NKbNNs3rO9BAc
UCSVW0l6huCUlKgbzBFOP7korwPbknVJeRFbmjaPvXrLEs66RbaPC7pUWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKB3pq2ID4ZKImasa6fSSMMzf2OMB8GA1UdIwQY
MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt
NDZiOTQ5MDkyY2JlLzEvQW9IZW1yWWdQaGtvaVpxeHJwOUpJd3pOX1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl
LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufioMA0G
CSqGSIb3DQEBCwUAA4IBAQAIKfQGXSh7KucAUskem4P3JEI3ETk22GGVUg2QLoa8
/xGe64U69tPX8ionp1tXd9Q2AOiH+8zEZ1yP3YbhIVB8KN+wnrjEHknnVOogzNId
ILOrO0CiN42PH/SsAg2iEV2/BjEhMaYzy8CPUk3BGoDLreuocZdymr5TodQDlyl3
AjUVdA0vJuQsA6mbBqyfi3uaXm5nG8e6BHuJp0g8wfAVReW41RSdVd3uIeHgURCv
MlKaOuEbqOaQ6PcPzAUBUI4RoxIl+7d5GeJhFcApy5gQ0jLTdY1cRljHM+o4i50E
nX07gd+pOc1TMn9EwXAoqgMlCTY0At4ezSYSAuzhMCLi
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:26:19 2025 by rpki-client