Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/KGEFxF8k6EUVLvtPraenlbnU3ys.roa
File: KGEFxF8k6EUVLvtPraenlbnU3ys.roa (raw, json)
Hash identifier: 4dulNe7SJa607dcjJFn9nBXIOJWiS3TO0YaX8MCVxHo=
Subject key identifier: 28:61:05:C4:5F:24:E8:45:15:2E:FB:4F:AD:A7:A7:95:B9:D4:DF:2B
Certificate issuer: /CN=46efb53f266e11e6ed5a13eb3e97f4b9601dd6e0
Certificate serial: 018CC94E512C5A2204EF1A61C78E4F5E4A62
Authority key identifier: 46:EF:B5:3F:26:6E:11:E6:ED:5A:13:EB:3E:97:F4:B9:60:1D:D6:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ru-1PyZuEebtWhPrPpf0uWAd1uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/KGEFxF8k6EUVLvtPraenlbnU3ys.roa
Signing time: Tue 02 Jan 2024 08:33:22 +0000
ROA not before: Tue 02 Jan 2024 08:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4755
IP address blocks: 185.156.186.0/24 maxlen: 24
185.156.184.0/24 maxlen: 24
185.156.185.0/24 maxlen: 24
185.156.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:51:2c:5a:22:04:ef:1a:61:c7:8e:4f:5e:4a:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46efb53f266e11e6ed5a13eb3e97f4b9601dd6e0
Validity
Not Before: Jan 2 08:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=286105c45f24e845152efb4fada7a795b9d4df2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a1:e5:cc:a6:ce:7b:dc:cb:11:82:75:8f:db:
d0:b2:1d:e4:2d:ee:1a:3d:62:a4:90:dd:89:15:48:
20:be:ba:9c:b5:b5:92:53:fb:81:7c:b5:4c:79:71:
f3:e8:56:f8:68:30:cc:63:70:19:99:e3:75:ad:b0:
75:4a:36:c0:ba:68:41:13:74:a9:d8:3d:43:e7:5d:
f7:43:1d:9f:24:c7:9c:32:72:88:00:8d:d1:3e:21:
f7:ca:40:f4:d5:8d:86:67:73:07:6c:27:0b:b8:bf:
58:c9:18:27:48:2d:fc:9f:bc:ca:8e:fb:76:a9:7b:
71:08:d8:fe:35:33:b8:63:84:b7:1e:9a:c9:cb:58:
37:57:18:55:e8:18:e7:32:a6:e6:75:93:f6:3e:74:
4a:9c:4a:61:98:a4:c5:46:58:9b:a5:1b:05:e7:72:
3a:dc:86:7d:e6:49:3d:11:4e:97:16:36:11:cc:47:
3b:4e:f3:a5:e4:e3:77:43:fc:82:1c:b6:25:e0:38:
a2:bd:b5:28:fa:25:fd:14:43:4d:6a:50:90:9f:63:
e9:1b:2c:40:63:f8:62:af:c2:a8:30:33:24:e5:91:
57:2c:a3:20:6c:4a:65:dd:eb:e6:0d:6d:9d:98:c9:
35:89:e5:16:c6:5a:a6:e3:30:40:fb:1f:22:d9:26:
24:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:61:05:C4:5F:24:E8:45:15:2E:FB:4F:AD:A7:A7:95:B9:D4:DF:2B
X509v3 Authority Key Identifier:
keyid:46:EF:B5:3F:26:6E:11:E6:ED:5A:13:EB:3E:97:F4:B9:60:1D:D6:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ru-1PyZuEebtWhPrPpf0uWAd1uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/KGEFxF8k6EUVLvtPraenlbnU3ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/Ru-1PyZuEebtWhPrPpf0uWAd1uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.184.0/22
Signature Algorithm: sha256WithRSAEncryption
74:ad:b5:52:b3:b8:d5:7b:18:8c:d0:af:af:37:ca:fc:90:01:
c2:be:f4:c9:b3:59:40:2c:6b:11:d7:4a:f8:bd:ce:82:34:2f:
e6:c6:67:e7:c3:ef:31:2b:4d:a3:1b:80:15:36:2a:20:24:fc:
72:ce:c2:48:20:c5:34:97:08:d8:89:14:8c:c0:c3:b4:f6:3b:
24:15:a4:37:0b:fe:df:53:80:fa:be:a0:c7:90:cd:dd:71:14:
bd:bc:e6:8b:a5:d3:82:fd:55:7b:68:5f:d3:ff:92:2e:66:ae:
22:ee:8c:9d:94:ee:f3:da:d0:89:5b:e3:81:82:ed:8b:d2:9c:
57:4b:5b:c3:f3:b9:e0:4f:ec:07:14:7d:48:9a:f9:9d:60:c2:
48:d6:5a:c4:5f:5a:6b:a7:2f:64:3c:54:ca:d0:e3:dd:c3:44:
42:1e:bb:d1:39:98:d4:49:8e:83:44:08:f4:b1:5e:b3:a3:99:
b9:7b:7b:e8:b2:f4:7f:06:96:01:cc:4a:83:b1:c4:99:17:f7:
f2:55:3d:ba:bc:b3:32:95:d1:66:e3:67:60:a9:f4:cd:5f:f9:
9c:85:a6:3f:12:bd:05:17:46:ce:fe:ff:7f:4d:df:af:4f:4d:
50:24:16:ec:e5:90:07:78:1f:94:e4:39:0d:a7:42:1a:be:78:
5a:4b:15:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTlEsWiIE7xphx45PXkpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZWZiNTNmMjY2ZTExZTZlZDVhMTNlYjNlOTdmNGI5NjAx
ZGQ2ZTAwHhcNMjQwMTAyMDgzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODYxMDVjNDVmMjRlODQ1MTUyZWZiNGZhZGE3YTc5NWI5ZDRkZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaHlzKbOe9zLEYJ1j9vQsh3kLe4a
PWKkkN2JFUggvrqctbWSU/uBfLVMeXHz6Fb4aDDMY3AZmeN1rbB1SjbAumhBE3Sp
2D1D5133Qx2fJMecMnKIAI3RPiH3ykD01Y2GZ3MHbCcLuL9YyRgnSC38n7zKjvt2
qXtxCNj+NTO4Y4S3HprJy1g3VxhV6BjnMqbmdZP2PnRKnEphmKTFRlibpRsF53I6
3IZ95kk9EU6XFjYRzEc7TvOl5ON3Q/yCHLYl4DiivbUo+iX9FENNalCQn2PpGyxA
Y/hir8KoMDMk5ZFXLKMgbEpl3evmDW2dmMk1ieUWxlqm4zBA+x8i2SYk3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChhBcRfJOhFFS77T62np5W51N8rMB8GA1UdIwQY
MBaAFEbvtT8mbhHm7VoT6z6X9LlgHdbgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnUtMVB5WnVFZWJ0V2hQclBwZjB1V0FkMXVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny83YmZiMTEtYmUyNi00YzRlLTljMzUt
ZDdjNjcwODQxNGZhLzEvS0dFRnhGOGs2RVVWTHZ0UHJhZW5sYm5VM3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny83YmZiMTEtYmUyNi00YzRlLTljMzUtZDdjNjcwODQxNGZh
LzEvUnUtMVB5WnVFZWJ0V2hQclBwZjB1V0FkMXVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZy4MA0G
CSqGSIb3DQEBCwUAA4IBAQB0rbVSs7jVexiM0K+vN8r8kAHCvvTJs1lALGsR10r4
vc6CNC/mxmfnw+8xK02jG4AVNiogJPxyzsJIIMU0lwjYiRSMwMO09jskFaQ3C/7f
U4D6vqDHkM3dcRS9vOaLpdOC/VV7aF/T/5IuZq4i7oydlO7z2tCJW+OBgu2L0pxX
S1vD87ngT+wHFH1ImvmdYMJI1lrEX1prpy9kPFTK0OPdw0RCHrvROZjUSY6DRAj0
sV6zo5m5e3vosvR/BpYBzEqDscSZF/fyVT26vLMyldFm42dgqfTNX/mchaY/Er0F
F0bO/v9/Td+vT01QJBbs5ZAHeB+U5DkNp0IavnhaSxU5
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:28:26 2025 by rpki-client