Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/hIu1cG30UYryUhG67vyJx6azZyQ.roa
File: hIu1cG30UYryUhG67vyJx6azZyQ.roa (raw, json)
Hash identifier: J1I+0CmbHrYCPOqYyMjehsxyN7/CuNKY2c+GuCwB+08=
Subject key identifier: 84:8B:B5:70:6D:F4:51:8A:F2:52:11:BA:EE:FC:89:C7:A6:B3:67:24
Certificate issuer: /CN=0830bc34b8f4fcbc2bf523bbdbe9a044a2445fbe
Certificate serial: 018CCA2B9CE7D929DEF2BDF2117FE57AB2DF
Authority key identifier: 08:30:BC:34:B8:F4:FC:BC:2B:F5:23:BB:DB:E9:A0:44:A2:44:5F:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDC8NLj0_Lwr9SO72-mgRKJEX74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/hIu1cG30UYryUhG67vyJx6azZyQ.roa
Signing time: Tue 02 Jan 2024 12:35:05 +0000
ROA not before: Tue 02 Jan 2024 12:35:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32787
IP address blocks: 185.48.80.0/22 maxlen: 24
5.154.244.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 07:52:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:9c:e7:d9:29:de:f2:bd:f2:11:7f:e5:7a:b2:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0830bc34b8f4fcbc2bf523bbdbe9a044a2445fbe
Validity
Not Before: Jan 2 12:35:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=848bb5706df4518af25211baeefc89c7a6b36724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:71:51:c5:89:1f:3e:53:28:de:7c:99:04:1f:
ce:d9:66:30:db:78:fb:3d:22:6c:01:21:b2:08:8d:
b4:ec:0a:e6:91:0e:9b:79:e8:73:82:e1:ee:b4:60:
29:f6:d4:a9:c1:a4:70:62:b7:c4:dc:e3:44:b2:84:
17:64:7f:e7:a5:04:c5:80:58:36:8d:67:be:10:6e:
50:a8:c5:dd:fe:f2:24:57:0f:8c:f3:01:6b:50:d7:
1d:6a:b3:df:9d:df:25:45:0b:df:84:bb:d8:fe:0e:
e2:4c:07:e1:f2:1d:19:6d:2b:e0:df:f0:86:ac:b6:
35:17:e6:f1:44:e0:6e:f2:ef:b4:ba:47:43:15:25:
fd:f0:9c:87:28:72:dc:93:dd:3c:13:56:a9:ab:80:
fb:5a:6b:c3:a8:a0:61:d6:79:8b:ab:c9:06:39:61:
62:d0:8d:98:49:63:a1:52:d8:99:7d:57:b7:58:e1:
e2:1c:f5:1e:dd:7c:ed:53:79:3d:56:fe:f3:55:72:
72:75:97:3a:09:8c:53:ed:52:b2:f0:ea:2d:40:d2:
d1:6a:60:fc:d4:51:a1:e7:b4:9e:53:77:40:30:24:
c7:21:6f:70:54:bd:2b:6a:b0:2b:e4:63:35:9c:40:
3b:ad:5e:ef:df:da:84:44:bc:18:50:34:f8:94:db:
ad:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:8B:B5:70:6D:F4:51:8A:F2:52:11:BA:EE:FC:89:C7:A6:B3:67:24
X509v3 Authority Key Identifier:
keyid:08:30:BC:34:B8:F4:FC:BC:2B:F5:23:BB:DB:E9:A0:44:A2:44:5F:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDC8NLj0_Lwr9SO72-mgRKJEX74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/hIu1cG30UYryUhG67vyJx6azZyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/CDC8NLj0_Lwr9SO72-mgRKJEX74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.244.0/22
185.48.80.0/22
Signature Algorithm: sha256WithRSAEncryption
12:ad:c1:bc:9f:96:b2:eb:5c:6c:ea:a7:2e:40:60:e8:7c:bf:
36:8c:82:8c:ec:1f:17:c9:fb:18:b1:63:3f:98:5f:ec:40:54:
55:18:57:0c:90:fa:b1:c3:d8:65:ba:9a:b4:4a:f4:1a:48:62:
76:72:df:6c:35:12:0d:e6:a9:75:19:8f:03:51:00:02:cd:03:
7b:55:63:e1:11:72:52:bc:12:01:3b:81:6b:6d:42:50:c9:df:
68:27:cd:1d:96:26:e6:6d:3d:b9:f0:42:68:05:6e:39:c7:e9:
5d:2f:25:11:53:51:7b:46:26:68:66:20:93:13:b1:cc:a9:00:
20:91:9e:31:d3:37:96:5f:d8:7a:57:5b:c8:64:25:09:42:51:
5e:64:3a:ca:6f:b8:09:bf:40:42:76:77:8c:11:98:2b:79:48:
49:87:18:95:61:f6:ff:bc:54:c6:01:ab:a8:af:85:ff:23:db:
d6:9f:a5:c1:78:ad:47:c9:5b:59:bb:a3:42:f1:88:d3:de:b5:
71:a6:c0:27:ff:34:61:cf:45:73:c7:2c:ca:d7:05:7b:3a:a3:
f1:5e:45:2e:80:10:2e:37:99:73:2b:10:c2:db:2c:3e:01:04:
72:d6:79:78:f8:ef:66:e4:d7:a1:27:ea:f3:ed:74:3d:1c:b4:
57:22:54:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK5zn2Sne8r3yEX/lerLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MzBiYzM0YjhmNGZjYmMyYmY1MjNiYmRiZTlhMDQ0YTI0
NDVmYmUwHhcNMjQwMTAyMTIzNTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDhiYjU3MDZkZjQ1MThhZjI1MjExYmFlZWZjODljN2E2YjM2NzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXFRxYkfPlMo3nyZBB/O2WYw23j7
PSJsASGyCI207ArmkQ6beehzguHutGAp9tSpwaRwYrfE3ONEsoQXZH/npQTFgFg2
jWe+EG5QqMXd/vIkVw+M8wFrUNcdarPfnd8lRQvfhLvY/g7iTAfh8h0ZbSvg3/CG
rLY1F+bxROBu8u+0ukdDFSX98JyHKHLck908E1apq4D7WmvDqKBh1nmLq8kGOWFi
0I2YSWOhUtiZfVe3WOHiHPUe3XztU3k9Vv7zVXJydZc6CYxT7VKy8OotQNLRamD8
1FGh57SeU3dAMCTHIW9wVL0rarAr5GM1nEA7rV7v39qERLwYUDT4lNut1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFISLtXBt9FGK8lIRuu78icems2ckMB8GA1UdIwQY
MBaAFAgwvDS49Py8K/Uju9vpoESiRF++MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0RDOE5MajBfTHdyOVNPNzItbWdSS0pFWDc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zZmEzNmQtOGZhZi00YmRjLWFkOWUt
MDEzYzFmMDFlZGI5LzEvaEl1MWNHMzBVWXJ5VWhHNjd2eUp4NmF6WnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zZmEzNmQtOGZhZi00YmRjLWFkOWUtMDEzYzFmMDFlZGI5
LzEvQ0RDOE5MajBfTHdyOVNPNzItbWdSS0pFWDc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBZr0AwQC
uTBQMA0GCSqGSIb3DQEBCwUAA4IBAQASrcG8n5ay61xs6qcuQGDofL82jIKM7B8X
yfsYsWM/mF/sQFRVGFcMkPqxw9hlupq0SvQaSGJ2ct9sNRIN5ql1GY8DUQACzQN7
VWPhEXJSvBIBO4FrbUJQyd9oJ80dlibmbT258EJoBW45x+ldLyURU1F7RiZoZiCT
E7HMqQAgkZ4x0zeWX9h6V1vIZCUJQlFeZDrKb7gJv0BCdneMEZgreUhJhxiVYfb/
vFTGAauor4X/I9vWn6XBeK1HyVtZu6NC8YjT3rVxpsAn/zRhz0VzxyzK1wV7OqPx
XkUugBAuN5lzKxDC2yw+AQRy1nl4+O9m5NehJ+rz7XQ9HLRXIlT4
-----END CERTIFICATE-----
Generated at Wed Oct 16 09:53:48 2024 by rpki-client on console-fra.rpki-client.org