Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/KcZ5KvPQJwKERZVTZ---hUpk9jU.roa
File: KcZ5KvPQJwKERZVTZ---hUpk9jU.roa (raw, json)
Hash identifier: 5EqFIytwVbKkNt1jOIucWTD3axgMX3HNrJHzmLfmTbo=
Subject key identifier: 29:C6:79:2A:F3:D0:27:02:84:45:95:53:67:EF:BE:85:4A:64:F6:35
Certificate issuer: /CN=918ef823bb041ea3ac7c8936c750b6018137e2cd
Certificate serial: 018CCA2BC6A1EA52BB040543EA5ADB9E889C
Authority key identifier: 91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/KcZ5KvPQJwKERZVTZ---hUpk9jU.roa
Signing time: Tue 02 Jan 2024 12:35:15 +0000
ROA not before: Tue 02 Jan 2024 12:35:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6908
IP address blocks: 185.4.116.0/22 maxlen: 24
185.4.116.0/24 maxlen: 24
185.4.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:c6:a1:ea:52:bb:04:05:43:ea:5a:db:9e:88:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918ef823bb041ea3ac7c8936c750b6018137e2cd
Validity
Not Before: Jan 2 12:35:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29c6792af3d027028445955367efbe854a64f635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:54:a0:42:0f:55:42:4f:3d:dd:ef:6d:df:3d:
3a:94:97:94:53:36:5b:28:ce:5e:2d:f9:47:ce:1e:
a1:9d:f1:d3:46:2d:00:ab:8c:ab:9c:8a:83:bd:d3:
00:a9:80:9e:7c:09:c3:69:15:e7:63:9c:d7:f8:e9:
26:c5:58:06:e5:55:ff:16:c9:9d:8b:05:73:64:3f:
43:f7:03:c1:1b:7a:a1:1b:b2:18:51:1e:e3:54:56:
44:a7:6a:e7:f7:2b:c5:51:51:bb:a6:40:48:f8:f0:
f1:23:fe:cd:68:aa:c8:c4:d2:22:c8:50:05:ce:58:
ef:59:a7:81:3d:ab:6b:3d:da:2c:c8:93:9c:db:fc:
be:58:96:73:a2:69:f9:9e:b0:c4:98:bd:fa:09:8a:
92:8c:d5:d7:30:bc:7c:2f:4c:7a:74:52:a5:0a:e8:
34:6a:5e:f0:ce:4f:e5:bf:9a:9d:d1:09:0d:77:35:
05:18:53:53:98:c0:11:27:e5:73:1e:fb:df:1d:57:
a9:09:4e:5b:06:ce:90:7a:4e:dc:70:3f:5a:06:2a:
69:1b:1b:09:c8:66:ca:aa:0d:19:99:e4:5e:d6:98:
77:26:83:b7:53:ca:79:1f:35:de:d1:7e:6f:7d:3d:
84:d3:aa:83:bb:2d:08:ac:db:1a:f7:4b:a3:50:f2:
16:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C6:79:2A:F3:D0:27:02:84:45:95:53:67:EF:BE:85:4A:64:F6:35
X509v3 Authority Key Identifier:
keyid:91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/KcZ5KvPQJwKERZVTZ---hUpk9jU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.116.0/22
Signature Algorithm: sha256WithRSAEncryption
08:05:6d:47:62:c2:ee:4d:b7:2c:e1:d0:f0:47:41:a0:0d:aa:
90:c2:0b:89:22:a5:f7:65:01:f4:75:b8:57:a2:32:4e:aa:4f:
7b:a2:a9:c6:7b:52:39:5c:0a:aa:48:ec:d3:0f:fb:d9:d5:c8:
d8:96:a1:79:a2:c7:07:c7:03:cc:b1:09:8d:f2:7f:b6:fa:83:
91:48:4f:02:0c:c4:73:9b:e6:7e:da:39:ca:ce:61:ce:5f:e9:
86:8a:8d:ed:50:d3:ae:06:92:f3:1e:b0:9f:27:0e:38:97:e8:
7e:33:d2:ca:e9:6e:9f:bb:63:a8:ce:50:c1:82:a8:32:2e:6e:
67:56:4f:f8:bb:68:4e:12:23:53:48:a1:2c:26:04:98:0b:ee:
e7:a1:b2:69:cc:39:ff:e8:5a:08:a5:35:28:51:09:b2:3c:d3:
36:42:c6:dd:3f:21:6c:c6:36:52:e4:e1:a0:48:15:62:e3:7a:
13:11:89:3a:bf:fb:00:a6:2a:bc:a6:a5:3c:42:a6:55:d1:28:
6c:ee:12:80:f5:f5:2f:c7:bb:3d:54:c1:04:73:fd:dc:fb:6c:
77:98:ec:31:03:f6:da:a8:d1:71:f1:f6:15:3b:1f:89:93:2e:
ae:d3:04:5a:77:4c:b7:d1:da:2b:50:70:2b:5a:72:0a:1e:53:
19:ba:7b:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK8ah6lK7BAVD6lrbnoicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxOGVmODIzYmIwNDFlYTNhYzdjODkzNmM3NTBiNjAxODEz
N2UyY2QwHhcNMjQwMTAyMTIzNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWM2NzkyYWYzZDAyNzAyODQ0NTk1NTM2N2VmYmU4NTRhNjRmNjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVSgQg9VQk893e9t3z06lJeUUzZb
KM5eLflHzh6hnfHTRi0Aq4yrnIqDvdMAqYCefAnDaRXnY5zX+OkmxVgG5VX/Fsmd
iwVzZD9D9wPBG3qhG7IYUR7jVFZEp2rn9yvFUVG7pkBI+PDxI/7NaKrIxNIiyFAF
zljvWaeBPatrPdosyJOc2/y+WJZzomn5nrDEmL36CYqSjNXXMLx8L0x6dFKlCug0
al7wzk/lv5qd0QkNdzUFGFNTmMARJ+VzHvvfHVepCU5bBs6Qek7ccD9aBippGxsJ
yGbKqg0ZmeRe1ph3JoO3U8p5HzXe0X5vfT2E06qDuy0IrNsa90ujUPIW2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnGeSrz0CcChEWVU2fvvoVKZPY1MB8GA1UdIwQY
MBaAFJGO+CO7BB6jrHyJNsdQtgGBN+LNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMt
NjUyOTc1MWIyYjAxLzEvS2NaNUt2UFFKd0tFUlpWVFotLS1oVXBrOWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMtNjUyOTc1MWIyYjAx
LzEva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQR0MA0G
CSqGSIb3DQEBCwUAA4IBAQAIBW1HYsLuTbcs4dDwR0GgDaqQwguJIqX3ZQH0dbhX
ojJOqk97oqnGe1I5XAqqSOzTD/vZ1cjYlqF5oscHxwPMsQmN8n+2+oORSE8CDMRz
m+Z+2jnKzmHOX+mGio3tUNOuBpLzHrCfJw44l+h+M9LK6W6fu2OozlDBgqgyLm5n
Vk/4u2hOEiNTSKEsJgSYC+7nobJpzDn/6FoIpTUoUQmyPNM2QsbdPyFsxjZS5OGg
SBVi43oTEYk6v/sApiq8pqU8QqZV0Shs7hKA9fUvx7s9VMEEc/3c+2x3mOwxA/ba
qNFx8fYVOx+Jky6u0wRad0y30dorUHArWnIKHlMZunti
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:35:12 2025 by rpki-client