Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/iHfdWIC1bcXcl2GnTj1AJ74FIjQ.roa
File: iHfdWIC1bcXcl2GnTj1AJ74FIjQ.roa (raw, json)
Hash identifier: 4FKVhJoTNagp4PJf93DCWcVlL501Gs5fmwUZ9kg1VwI=
Subject key identifier: 88:77:DD:58:80:B5:6D:C5:DC:97:61:A7:4E:3D:40:27:BE:05:22:34
Certificate issuer: /CN=e7739db90c1ce98431df348a1376e53ac6e0523c
Certificate serial: 018CC6B8DFED2BD180A1099B128FBCC8A009
Authority key identifier: E7:73:9D:B9:0C:1C:E9:84:31:DF:34:8A:13:76:E5:3A:C6:E0:52:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/53OduQwc6YQx3zSKE3blOsbgUjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/iHfdWIC1bcXcl2GnTj1AJ74FIjQ.roa
Signing time: Mon 01 Jan 2024 20:30:53 +0000
ROA not before: Mon 01 Jan 2024 20:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203257
IP address blocks: 185.140.192.0/24 maxlen: 24
185.140.195.0/24 maxlen: 24
185.140.193.0/24 maxlen: 24
185.140.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:df:ed:2b:d1:80:a1:09:9b:12:8f:bc:c8:a0:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7739db90c1ce98431df348a1376e53ac6e0523c
Validity
Not Before: Jan 1 20:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8877dd5880b56dc5dc9761a74e3d4027be052234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b1:cb:41:d7:53:5d:71:58:40:07:9f:bb:3d:
eb:6e:0c:22:26:78:18:9e:41:08:dd:af:43:3a:68:
28:9a:e4:ea:79:a1:29:3c:a8:42:1a:96:f3:a7:05:
a6:32:a7:b3:a3:97:83:c4:b5:93:76:8b:b2:ab:80:
2b:36:cb:c3:ff:dd:e3:88:37:78:bc:54:b1:bf:6e:
af:56:fe:8d:cf:93:f0:91:fe:4d:82:bf:a3:68:bd:
bd:e3:ae:24:9c:76:2a:3a:30:8b:9f:6a:de:06:55:
15:4e:59:ab:17:eb:f3:88:8b:b4:bb:97:66:d1:8d:
b8:56:a6:1e:fa:96:a3:69:2e:e3:84:ce:8d:15:a2:
91:39:8b:53:ef:9a:03:30:9a:70:20:f0:f8:de:92:
34:48:97:5a:a7:42:4b:77:96:ad:fc:f8:f6:e9:02:
6a:4e:b0:0a:ab:40:6c:3e:86:07:a3:18:88:c5:cd:
d8:ed:d0:c1:b3:dc:7d:6e:87:81:c0:22:58:c1:31:
82:41:cd:9c:1e:c3:2b:64:09:35:70:44:81:fc:c9:
07:8b:a3:12:f9:43:85:ba:30:05:f4:20:80:a2:42:
bf:74:00:df:6f:de:33:8e:ae:76:e2:e3:3d:e9:54:
71:6e:aa:5d:f9:ac:24:78:24:4a:c5:d4:6d:0b:8b:
70:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:77:DD:58:80:B5:6D:C5:DC:97:61:A7:4E:3D:40:27:BE:05:22:34
X509v3 Authority Key Identifier:
keyid:E7:73:9D:B9:0C:1C:E9:84:31:DF:34:8A:13:76:E5:3A:C6:E0:52:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/53OduQwc6YQx3zSKE3blOsbgUjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/iHfdWIC1bcXcl2GnTj1AJ74FIjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/53OduQwc6YQx3zSKE3blOsbgUjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.192.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:67:ee:c7:a9:af:69:e1:52:24:23:cf:48:1b:2f:4c:12:c5:
b3:64:e3:da:8a:72:23:d5:5f:72:96:96:d5:2b:2b:2f:3a:48:
17:fe:a6:49:f2:81:18:24:69:da:00:ad:74:12:a6:64:a1:4f:
63:d7:28:2f:a8:20:21:bc:60:b7:92:83:76:14:da:e2:8b:8a:
45:9d:f5:91:5a:02:9b:12:4e:8c:10:7c:c6:98:8e:eb:51:d2:
78:3e:f4:0e:7a:a9:7f:b7:dd:7b:d3:0a:7b:e6:97:ed:c8:ff:
20:f8:5b:33:84:66:b5:01:77:76:0d:ba:9b:a9:e3:41:2f:0f:
0e:09:2a:ac:35:f0:d6:8c:19:ca:9a:5c:d0:90:92:2d:37:45:
60:61:5c:3c:ae:07:fb:80:9f:93:fd:b8:08:9f:e7:ff:83:89:
56:0a:02:2e:c7:4d:ac:22:60:86:9e:29:0c:68:d1:98:bc:f8:
97:d6:83:a3:9d:51:76:41:ef:1c:9a:0b:74:bd:69:e5:6f:31:
c2:23:dc:4d:26:11:0b:ba:bb:00:08:f8:60:09:6a:33:94:35:
b0:44:32:4e:8a:10:23:d3:4a:87:fb:4d:87:1d:18:95:21:d7:
3a:0a:2a:88:ea:95:e4:27:bc:98:01:32:77:b2:80:03:ad:ae:
3e:5d:db:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuN/tK9GAoQmbEo+8yKAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NzM5ZGI5MGMxY2U5ODQzMWRmMzQ4YTEzNzZlNTNhYzZl
MDUyM2MwHhcNMjQwMTAxMjAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODc3ZGQ1ODgwYjU2ZGM1ZGM5NzYxYTc0ZTNkNDAyN2JlMDUyMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrHLQddTXXFYQAefuz3rbgwiJngY
nkEI3a9DOmgomuTqeaEpPKhCGpbzpwWmMqezo5eDxLWTdouyq4ArNsvD/93jiDd4
vFSxv26vVv6Nz5Pwkf5Ngr+jaL29464knHYqOjCLn2reBlUVTlmrF+vziIu0u5dm
0Y24VqYe+pajaS7jhM6NFaKROYtT75oDMJpwIPD43pI0SJdap0JLd5at/Pj26QJq
TrAKq0BsPoYHoxiIxc3Y7dDBs9x9boeBwCJYwTGCQc2cHsMrZAk1cESB/MkHi6MS
+UOFujAF9CCAokK/dADfb94zjq524uM96VRxbqpd+awkeCRKxdRtC4twFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIh33ViAtW3F3Jdhp049QCe+BSI0MB8GA1UdIwQY
MBaAFOdznbkMHOmEMd80ihN25TrG4FI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTNPZHVRd2M2WVF4M3pTS0UzYmxPc2JnVWp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC81NDcwMzQtMzk1Yy00M2YwLWEzNGMt
MTk0MjhmOTJjMWNjLzEvaUhmZFdJQzFiY1hjbDJHblRqMUFKNzRGSWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC81NDcwMzQtMzk1Yy00M2YwLWEzNGMtMTk0MjhmOTJjMWNj
LzEvNTNPZHVRd2M2WVF4M3pTS0UzYmxPc2JnVWp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYzAMA0G
CSqGSIb3DQEBCwUAA4IBAQAtZ+7Hqa9p4VIkI89IGy9MEsWzZOPainIj1V9ylpbV
KysvOkgX/qZJ8oEYJGnaAK10EqZkoU9j1ygvqCAhvGC3koN2FNrii4pFnfWRWgKb
Ek6MEHzGmI7rUdJ4PvQOeql/t9170wp75pftyP8g+FszhGa1AXd2DbqbqeNBLw8O
CSqsNfDWjBnKmlzQkJItN0VgYVw8rgf7gJ+T/bgIn+f/g4lWCgIux02sImCGnikM
aNGYvPiX1oOjnVF2Qe8cmgt0vWnlbzHCI9xNJhELursACPhgCWozlDWwRDJOihAj
00qH+02HHRiVIdc6CiqI6pXkJ7yYATJ3soADra4+Xdsp
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:57 2025 by rpki-client