Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/IdoUafkhaf2ym3Hw_4dR9i_hpbw.roa
File: IdoUafkhaf2ym3Hw_4dR9i_hpbw.roa (raw, json)
Hash identifier: uR/QyuSQVrzk6AX0J3/1oHUllGBC9Zi0jxI061ilovo=
Subject key identifier: 21:DA:14:69:F9:21:69:FD:B2:9B:71:F0:FF:87:51:F6:2F:E1:A5:BC
Certificate issuer: /CN=5ab2ba9abf81d6cf8033cdcdebc8df8f7e22c28c
Certificate serial: 0193F540CDA87DB25440C8E30C010D2504FF
Authority key identifier: 5A:B2:BA:9A:BF:81:D6:CF:80:33:CD:CD:EB:C8:DF:8F:7E:22:C2:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/IdoUafkhaf2ym3Hw_4dR9i_hpbw.roa
Signing time: Mon 23 Dec 2024 20:41:24 +0000
ROA not before: Mon 23 Dec 2024 20:41:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213857
IP address blocks: 185.228.200.0/22 maxlen: 23
Validation: Failed, certificate revoked on Mon 30 Dec 2024 18:53:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f5:40:cd:a8:7d:b2:54:40:c8:e3:0c:01:0d:25:04:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ab2ba9abf81d6cf8033cdcdebc8df8f7e22c28c
Validity
Not Before: Dec 23 20:41:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21da1469f92169fdb29b71f0ff8751f62fe1a5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f2:e7:4c:d2:15:87:b4:3e:4e:76:66:e3:ba:
45:f4:64:a4:f7:d9:eb:63:9e:67:18:88:71:d9:6e:
c9:98:99:3c:9b:52:10:05:d7:85:30:db:b7:a9:aa:
d4:c6:9c:0f:0a:38:f2:4a:3c:25:59:46:e3:f6:7e:
b6:d8:ba:4f:1c:82:b7:a1:04:11:cc:b3:06:77:ae:
54:e8:23:31:39:e0:b4:57:4c:ea:aa:ac:28:93:29:
1c:c5:c9:11:e9:47:7f:47:e0:65:0b:a6:6d:3b:45:
ec:31:36:28:2e:79:43:1d:37:84:89:00:ba:71:70:
ff:98:9f:63:08:d5:44:cd:ed:de:c5:0e:e8:cd:ba:
86:52:b3:da:c7:50:75:56:79:47:c9:d2:4c:d6:3b:
9a:f3:e8:ca:d8:21:b6:39:e2:d9:2a:3e:a5:27:24:
55:9d:f1:9d:7b:b8:b0:8f:18:53:a2:5e:cc:18:3a:
c7:26:3d:01:b1:33:eb:23:d4:06:65:6f:0b:e4:b6:
1c:4c:40:e9:77:2b:b7:55:01:e8:8e:dd:8e:ec:ec:
b5:f5:27:2b:3e:cf:37:44:f4:ac:5a:52:0a:28:be:
69:54:31:a1:b1:bd:17:f6:c7:b7:ac:10:3d:8f:60:
6c:c7:b2:da:1a:92:39:f7:71:41:1d:e5:4b:df:b0:
24:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DA:14:69:F9:21:69:FD:B2:9B:71:F0:FF:87:51:F6:2F:E1:A5:BC
X509v3 Authority Key Identifier:
keyid:5A:B2:BA:9A:BF:81:D6:CF:80:33:CD:CD:EB:C8:DF:8F:7E:22:C2:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/IdoUafkhaf2ym3Hw_4dR9i_hpbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/WrK6mr-B1s-AM83N68jfj34iwow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.200.0/22
Signature Algorithm: sha256WithRSAEncryption
37:55:f5:a2:e2:ea:d6:65:51:83:5c:f7:c1:d0:6a:15:01:5c:
a7:d8:04:60:e9:ba:25:2c:63:8c:92:cd:e5:57:d7:50:85:ca:
9d:16:d4:e6:dd:71:b7:0b:eb:6f:c9:14:29:22:ea:9f:7c:c5:
5c:0f:c8:89:1b:5d:be:a1:30:c5:66:45:af:46:50:95:2e:e9:
b5:e6:9e:e7:26:a3:28:83:fe:35:9e:4c:96:2a:fc:c5:60:af:
56:97:c4:c1:db:30:b5:14:2a:1f:30:e0:3a:f7:f0:db:5c:20:
b6:67:23:c9:cb:48:63:c1:f1:ac:f6:4e:81:8e:05:90:ef:d2:
89:39:3f:80:60:fb:98:ad:e7:b5:c4:92:8c:bd:86:4a:82:87:
9b:08:b1:8f:aa:5d:82:c6:3d:19:21:19:4a:e1:8b:23:7d:02:
25:18:6a:19:c7:c9:88:a4:63:18:a5:90:b2:f4:95:af:53:3a:
d4:07:5f:65:bf:37:25:dd:65:1d:61:ac:2e:66:64:34:81:92:
6a:2e:d6:58:e4:72:b0:10:cd:0d:ef:13:14:9c:cf:9a:78:a6:
f8:be:95:39:01:d4:3e:fe:d9:a7:22:ee:10:ad:ca:93:ba:b3:
1c:ae:1e:fd:a8:04:7e:0c:94:57:d4:2b:4a:56:69:07:1e:62:
dc:b9:5e:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP1QM2ofbJUQMjjDAENJQT/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjJiYTlhYmY4MWQ2Y2Y4MDMzY2RjZGViYzhkZjhmN2Uy
MmMyOGMwHhcNMjQxMjIzMjA0MTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWRhMTQ2OWY5MjE2OWZkYjI5YjcxZjBmZjg3NTFmNjJmZTFhNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPLnTNIVh7Q+TnZm47pF9GSk99nr
Y55nGIhx2W7JmJk8m1IQBdeFMNu3qarUxpwPCjjySjwlWUbj9n622LpPHIK3oQQR
zLMGd65U6CMxOeC0V0zqqqwokykcxckR6Ud/R+BlC6ZtO0XsMTYoLnlDHTeEiQC6
cXD/mJ9jCNVEze3exQ7ozbqGUrPax1B1VnlHydJM1jua8+jK2CG2OeLZKj6lJyRV
nfGde7iwjxhTol7MGDrHJj0BsTPrI9QGZW8L5LYcTEDpdyu3VQHojt2O7Oy19Scr
Ps83RPSsWlIKKL5pVDGhsb0X9se3rBA9j2Bsx7LaGpI593FBHeVL37AkiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHaFGn5IWn9sptx8P+HUfYv4aW8MB8GA1UdIwQY
MBaAFFqyupq/gdbPgDPNzevI349+IsKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JLNm1yLUIxcy1BTTgzTjY4amZqMzRpd293LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hNjA4YzUtNDk2ZC00OTllLWFmNDEt
NmRmYmJkZTUyZGVhLzEvSWRvVWFma2hhZjJ5bTNId180ZFI5aV9ocGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hNjA4YzUtNDk2ZC00OTllLWFmNDEtNmRmYmJkZTUyZGVh
LzEvV3JLNm1yLUIxcy1BTTgzTjY4amZqMzRpd293LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueTIMA0G
CSqGSIb3DQEBCwUAA4IBAQA3VfWi4urWZVGDXPfB0GoVAVyn2ARg6bolLGOMks3l
V9dQhcqdFtTm3XG3C+tvyRQpIuqffMVcD8iJG12+oTDFZkWvRlCVLum15p7nJqMo
g/41nkyWKvzFYK9Wl8TB2zC1FCofMOA69/DbXCC2ZyPJy0hjwfGs9k6BjgWQ79KJ
OT+AYPuYree1xJKMvYZKgoebCLGPql2Cxj0ZIRlK4YsjfQIlGGoZx8mIpGMYpZCy
9JWvUzrUB19lvzcl3WUdYawuZmQ0gZJqLtZY5HKwEM0N7xMUnM+aeKb4vpU5AdQ+
/tmnIu4QrcqTurMcrh79qAR+DJRX1CtKVmkHHmLcuV6u
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:45:04 2025 by rpki-client