Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/d2_cV0Hs3e4I6WtVS_UL2e7DjjE.roa
File: d2_cV0Hs3e4I6WtVS_UL2e7DjjE.roa (raw, json)
Hash identifier: n3zYUOF22aV3QNPiAuEhTbzdu1SpHD7geoXVGdBDv9Q=
Subject key identifier: 77:6F:DC:57:41:EC:DD:EE:08:E9:6B:55:4B:F5:0B:D9:EE:C3:8E:31
Certificate issuer: /CN=bc63a36d5c80651a89a76906c9e3402fb34568da
Certificate serial: 01917945CC32BCA1F6BF000B60CA3BCE553D
Authority key identifier: BC:63:A3:6D:5C:80:65:1A:89:A7:69:06:C9:E3:40:2F:B3:45:68:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vGOjbVyAZRqJp2kGyeNAL7NFaNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/d2_cV0Hs3e4I6WtVS_UL2e7DjjE.roa
Signing time: Thu 22 Aug 2024 08:48:22 +0000
ROA not before: Thu 22 Aug 2024 08:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32787
IP address blocks: 185.145.100.0/24 maxlen: 24
185.145.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:79:45:cc:32:bc:a1:f6:bf:00:0b:60:ca:3b:ce:55:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc63a36d5c80651a89a76906c9e3402fb34568da
Validity
Not Before: Aug 22 08:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=776fdc5741ecddee08e96b554bf50bd9eec38e31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5b:68:f3:e6:0b:a9:76:c6:60:4f:89:c8:d7:
66:4a:e5:f1:35:15:87:ea:ad:09:93:f2:d6:ee:31:
cb:96:d7:5a:91:ae:37:ea:59:22:8d:06:62:84:57:
84:3c:9d:0a:59:b3:29:59:5a:90:06:41:11:6d:db:
82:e5:36:f2:cb:b4:25:e9:f9:a4:eb:a7:18:d8:bb:
6b:9d:a8:2d:16:ae:ac:ac:62:37:d5:a3:e7:f8:27:
96:59:41:5b:6c:ab:af:b3:85:d2:1b:16:0b:77:28:
c8:12:1b:1b:24:a2:df:1a:15:33:d7:bb:54:b5:59:
7a:7d:7a:74:83:8b:35:1c:53:90:ca:67:02:37:f6:
78:36:54:6b:62:af:d2:f1:17:d1:42:16:10:1a:7f:
a4:8f:a0:a0:a4:7b:85:bb:6d:3b:d4:86:bf:57:13:
1e:b6:bb:00:54:4d:6c:f0:f9:af:32:0b:ce:96:d8:
fa:19:7c:2a:e6:75:3a:53:07:03:47:a4:98:b9:c9:
b5:9b:c7:9d:8c:ba:e2:14:16:30:d4:78:70:a4:12:
91:c2:6f:e7:6e:b5:4f:b4:62:e6:62:68:93:1f:80:
9b:c5:75:4f:75:74:59:78:dd:b7:f1:e9:31:28:9d:
6d:f0:e8:98:d5:63:be:9a:bc:6f:84:d3:8a:f9:70:
7c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:6F:DC:57:41:EC:DD:EE:08:E9:6B:55:4B:F5:0B:D9:EE:C3:8E:31
X509v3 Authority Key Identifier:
keyid:BC:63:A3:6D:5C:80:65:1A:89:A7:69:06:C9:E3:40:2F:B3:45:68:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vGOjbVyAZRqJp2kGyeNAL7NFaNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/d2_cV0Hs3e4I6WtVS_UL2e7DjjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/vGOjbVyAZRqJp2kGyeNAL7NFaNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.100.0/23
Signature Algorithm: sha256WithRSAEncryption
83:47:51:2d:ee:40:a5:6c:3f:ac:70:63:16:89:6e:66:a7:12:
fc:59:01:32:92:05:ab:63:3a:03:a0:20:fa:6c:a7:e2:bc:71:
d7:1a:ff:d7:28:de:37:fd:7b:86:d0:c1:5a:00:0b:a3:7e:f8:
06:fe:d6:3a:d7:e9:35:fc:2f:76:6f:ac:00:99:8f:77:c3:2e:
8d:db:c3:d7:e0:a4:fb:0a:2a:f4:38:44:cc:ed:d6:16:14:13:
41:cc:3f:53:04:8f:02:6b:0d:c3:28:52:5d:0b:6b:52:16:b7:
1b:90:09:79:31:55:e5:81:01:26:e4:bf:1d:a7:dc:7d:09:33:
37:4d:61:6e:37:8d:e9:9d:a0:07:7f:c9:17:c2:9d:01:35:f9:
e4:ad:c4:0d:dd:86:4b:40:b7:a7:b4:78:df:d6:34:3a:c9:42:
e0:2a:b1:fe:01:ea:9b:aa:a6:37:3c:5e:0c:b4:1d:68:0b:ea:
87:e9:a8:e8:9e:16:7f:30:c7:df:91:65:3b:7b:4b:3a:d9:93:
c1:5a:a2:4b:61:70:c7:43:f8:80:ef:fc:f3:7c:25:45:2c:70:
8e:10:21:ef:9f:98:1c:12:0c:24:bf:20:89:2b:30:ea:12:2c:
7a:1a:06:e0:cf:24:2d:3a:e9:f9:74:45:16:fa:30:3c:b4:7e:
c9:38:c3:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZF5RcwyvKH2vwALYMo7zlU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNjNhMzZkNWM4MDY1MWE4OWE3NjkwNmM5ZTM0MDJmYjM0
NTY4ZGEwHhcNMjQwODIyMDg0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzZmZGM1NzQxZWNkZGVlMDhlOTZiNTU0YmY1MGJkOWVlYzM4ZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklto8+YLqXbGYE+JyNdmSuXxNRWH
6q0Jk/LW7jHLltdaka436lkijQZihFeEPJ0KWbMpWVqQBkERbduC5Tbyy7Ql6fmk
66cY2LtrnagtFq6srGI31aPn+CeWWUFbbKuvs4XSGxYLdyjIEhsbJKLfGhUz17tU
tVl6fXp0g4s1HFOQymcCN/Z4NlRrYq/S8RfRQhYQGn+kj6CgpHuFu2071Ia/VxMe
trsAVE1s8PmvMgvOltj6GXwq5nU6UwcDR6SYucm1m8edjLriFBYw1HhwpBKRwm/n
brVPtGLmYmiTH4CbxXVPdXRZeN238ekxKJ1t8OiY1WO+mrxvhNOK+XB83QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdv3FdB7N3uCOlrVUv1C9nuw44xMB8GA1UdIwQY
MBaAFLxjo21cgGUaiadpBsnjQC+zRWjaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkdPamJWeUFaUnFKcDJrR3llTkFMN05GYU5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jM2FiNjktNzE2Mi00MjIyLWFhMjAt
NGUzYjIwZWMxNmEzLzEvZDJfY1YwSHMzZTRJNld0VlNfVUwyZTdEampFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jM2FiNjktNzE2Mi00MjIyLWFhMjAtNGUzYjIwZWMxNmEz
LzEvdkdPamJWeUFaUnFKcDJrR3llTkFMN05GYU5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZFkMA0G
CSqGSIb3DQEBCwUAA4IBAQCDR1Et7kClbD+scGMWiW5mpxL8WQEykgWrYzoDoCD6
bKfivHHXGv/XKN43/XuG0MFaAAujfvgG/tY61+k1/C92b6wAmY93wy6N28PX4KT7
Cir0OETM7dYWFBNBzD9TBI8Caw3DKFJdC2tSFrcbkAl5MVXlgQEm5L8dp9x9CTM3
TWFuN43pnaAHf8kXwp0BNfnkrcQN3YZLQLentHjf1jQ6yULgKrH+AeqbqqY3PF4M
tB1oC+qH6ajonhZ/MMffkWU7e0s62ZPBWqJLYXDHQ/iA7/zzfCVFLHCOECHvn5gc
EgwkvyCJKzDqEix6GgbgzyQtOun5dEUW+jA8tH7JOMOs
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:42:11 2025 by rpki-client