Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/1kXCmZ3T5wjald1xv2BIhebGIi4.roa
File: 1kXCmZ3T5wjald1xv2BIhebGIi4.roa (raw, json)
Hash identifier: VW3oWASa2FrcBonnSV/d3f0Nc4c+GA/Hf3gp7KUw2e0=
Subject key identifier: D6:45:C2:99:9D:D3:E7:08:DA:95:DD:71:BF:60:48:85:E6:C6:22:2E
Certificate issuer: /CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76
Certificate serial: 018CC348FCB4B082CCE24E633DF3D7ACBD9C
Authority key identifier: 46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/1kXCmZ3T5wjald1xv2BIhebGIi4.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201513
IP address blocks: 213.184.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fc:b4:b0:82:cc:e2:4e:63:3d:f3:d7:ac:bd:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d645c2999dd3e708da95dd71bf604885e6c6222e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c9:06:36:c2:7a:f5:a8:9f:18:9b:80:ae:1b:
26:05:77:c1:55:c4:a2:0d:01:ad:f8:f4:d9:43:17:
06:c8:3e:e6:a4:77:65:0d:60:86:47:96:aa:13:e9:
76:d7:33:b6:2c:cc:fb:cc:35:aa:4c:55:fb:53:5f:
1b:4c:c5:ef:1e:d3:78:39:78:31:27:62:a8:47:fe:
7d:ae:93:8a:4e:45:7f:81:3a:cc:f7:f7:73:2a:4d:
31:53:8e:cb:7e:6e:e3:50:35:fb:d7:70:34:6e:c8:
e5:41:19:4e:1b:01:5f:21:51:fa:97:c6:41:5c:3b:
16:8c:d0:28:30:38:a9:db:9e:e7:5a:45:2e:d3:80:
86:52:85:ec:e3:50:e1:5c:03:ca:72:ce:68:93:46:
d9:fd:47:63:31:8d:5c:a0:64:c4:48:0e:3b:e2:f8:
bf:af:ea:31:fd:0a:d1:2d:84:26:d3:2d:61:4e:85:
ae:6a:2d:33:c8:20:62:30:1a:4a:b5:6d:d2:c1:50:
b3:17:aa:ca:cf:79:a1:b4:bb:6d:ca:82:be:24:ed:
11:1b:c0:76:a3:d5:92:57:21:70:c7:97:8d:c1:92:
5e:d5:b1:b8:2e:57:be:29:5b:3f:22:c8:98:17:41:
55:32:ce:96:27:45:e9:10:61:4d:c5:20:b8:a4:e3:
0b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:45:C2:99:9D:D3:E7:08:DA:95:DD:71:BF:60:48:85:E6:C6:22:2E
X509v3 Authority Key Identifier:
keyid:46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/1kXCmZ3T5wjald1xv2BIhebGIi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.184.154.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:e9:e9:a6:d5:fe:7c:3d:28:57:40:53:97:32:8e:c6:b3:2f:
f8:6f:df:e2:2d:46:7e:57:2d:36:50:bf:e2:87:64:f7:2f:fb:
46:3f:65:d2:4e:46:c5:61:72:3e:ac:57:1f:84:cc:75:45:07:
58:d3:46:43:4d:99:b3:36:f9:32:9f:23:bc:e0:18:b2:d2:69:
75:63:93:0b:2f:ad:e4:d9:e9:79:bd:51:ca:ab:74:08:61:ed:
51:bc:ac:a1:e9:b2:0b:04:86:3d:74:bb:9d:f4:3a:ad:d2:d0:
65:ed:2e:c3:a0:d6:f9:3b:62:12:3e:84:e8:9f:36:51:87:36:
7b:12:47:10:7d:ce:65:ff:42:4b:95:68:82:9e:e9:24:0a:b6:
c4:6e:db:ff:01:49:17:70:fc:70:64:a3:cc:e1:36:2e:e3:b5:
68:c8:4a:5e:73:44:80:3d:96:45:a7:49:31:0f:1a:88:4d:39:
0a:62:06:6a:bb:4b:81:41:eb:ee:a2:96:1b:ac:6e:b8:73:e6:
f1:bc:50:a0:96:c6:8d:f5:f4:0f:3f:71:d7:0a:ae:b2:39:24:
e5:05:6c:c0:e0:ac:b2:ee:9c:03:9f:6e:58:36:c6:3e:c7:c2:
5e:ed:fe:2b:c2:64:53:1c:7f:23:30:b5:27:cf:5a:22:51:7e:
b0:63:e8:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSPy0sILM4k5jPfPXrL2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YmEzZjgwMDM5YjllNzg0Y2ZiMjRiZjJjN2RkYjI0ZTE5
MDBhNzYwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ1YzI5OTlkZDNlNzA4ZGE5NWRkNzFiZjYwNDg4NWU2YzYyMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8kGNsJ69aifGJuArhsmBXfBVcSi
DQGt+PTZQxcGyD7mpHdlDWCGR5aqE+l21zO2LMz7zDWqTFX7U18bTMXvHtN4OXgx
J2KoR/59rpOKTkV/gTrM9/dzKk0xU47Lfm7jUDX713A0bsjlQRlOGwFfIVH6l8ZB
XDsWjNAoMDip257nWkUu04CGUoXs41DhXAPKcs5ok0bZ/UdjMY1coGTESA474vi/
r+ox/QrRLYQm0y1hToWuai0zyCBiMBpKtW3SwVCzF6rKz3mhtLttyoK+JO0RG8B2
o9WSVyFwx5eNwZJe1bG4Lle+KVs/IsiYF0FVMs6WJ0XpEGFNxSC4pOMLzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZFwpmd0+cI2pXdcb9gSIXmxiIuMB8GA1UdIwQY
MBaAFEa6P4ADm554TPskvyx92yThkAp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWIt
ODlhY2UzODIyMGZiLzEvMWtYQ21aM1Q1d2phbGQxeHYyQkloZWJHSWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWItODlhY2UzODIyMGZi
LzEvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1biaMA0G
CSqGSIb3DQEBCwUAA4IBAQCO6emm1f58PShXQFOXMo7Gsy/4b9/iLUZ+Vy02UL/i
h2T3L/tGP2XSTkbFYXI+rFcfhMx1RQdY00ZDTZmzNvkynyO84Biy0ml1Y5MLL63k
2el5vVHKq3QIYe1RvKyh6bILBIY9dLud9Dqt0tBl7S7DoNb5O2ISPoTonzZRhzZ7
EkcQfc5l/0JLlWiCnukkCrbEbtv/AUkXcPxwZKPM4TYu47VoyEpec0SAPZZFp0kx
DxqITTkKYgZqu0uBQevuopYbrG64c+bxvFCglsaN9fQPP3HXCq6yOSTlBWzA4Kyy
7pwDn25YNsY+x8Je7f4rwmRTHH8jMLUnz1oiUX6wY+iF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:23 2025 by rpki-client