Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/4KTTkzSoO-CaxO8M7QDK3wJpHno.roa
File: 4KTTkzSoO-CaxO8M7QDK3wJpHno.roa (raw, json)
Hash identifier: u8iHEPGOOgZB0+ln6TiCBVl4YRt1b6Z2WaQNga7FFm0=
Subject key identifier: E0:A4:D3:93:34:A8:3B:E0:9A:C4:EF:0C:ED:00:CA:DF:02:69:1E:7A
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 0193BB0191DE3A54C8EDACDA632FCB415452
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/4KTTkzSoO-CaxO8M7QDK3wJpHno.roa
Signing time: Thu 12 Dec 2024 13:14:22 +0000
ROA not before: Thu 12 Dec 2024 13:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 185.10.120.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bb:01:91:de:3a:54:c8:ed:ac:da:63:2f:cb:41:54:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Dec 12 13:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0a4d39334a83be09ac4ef0ced00cadf02691e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:25:c1:08:0c:8a:5f:66:95:a6:e2:46:02:58:
47:27:68:51:9f:2d:92:c3:33:d4:28:0f:61:70:8b:
4d:e8:c9:c1:2a:d2:f0:8e:f3:5f:70:c8:e9:66:81:
54:ec:ba:dd:1f:0b:2b:ac:45:9f:93:9b:3e:9e:6b:
45:33:71:3b:e8:a6:f2:cb:17:ff:65:e0:c7:f2:1b:
ac:96:23:8d:0e:cb:01:3d:3f:fc:d8:a8:64:7d:88:
a0:04:ac:81:b8:da:cf:60:bd:8c:8a:66:5f:03:d6:
f2:e7:07:26:e3:ba:d9:a3:ea:5d:b9:fd:43:ce:63:
ba:11:8c:57:cb:df:b8:40:27:05:d3:bc:29:99:80:
6a:d5:17:a2:49:a7:b8:2e:fa:80:48:5e:65:60:9b:
32:a5:81:5c:9d:7d:6f:a0:7c:00:71:bb:39:c7:d4:
33:1b:28:c4:13:d0:06:f6:d8:22:c7:f5:95:a6:f5:
31:8e:11:36:59:5f:97:9b:12:79:7f:4a:0f:ab:bc:
b7:1d:11:25:b8:96:b8:a4:c8:f1:c1:6a:d9:fa:96:
80:4d:22:38:4a:81:5e:fe:0c:dc:a9:4d:52:90:5e:
72:7a:6f:59:21:48:c6:36:a5:aa:e4:5e:89:59:ab:
6e:cd:44:7f:41:e5:f3:cc:e7:c0:aa:dc:ad:27:74:
ad:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A4:D3:93:34:A8:3B:E0:9A:C4:EF:0C:ED:00:CA:DF:02:69:1E:7A
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/4KTTkzSoO-CaxO8M7QDK3wJpHno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.120.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:34:e9:92:3e:8b:09:ab:fe:30:ac:49:ef:08:6b:5a:8a:11:
d2:db:95:73:87:b2:fe:32:46:ca:e6:02:ea:d0:dc:4b:7b:f1:
26:4c:14:c0:cd:0e:15:c0:2a:03:dc:fd:f1:61:f0:8d:4e:18:
88:47:6c:b9:07:09:19:0b:bb:7f:26:ae:c6:d0:4a:af:37:b1:
1f:d0:d8:a3:ab:5a:f9:f1:0a:7c:43:ef:28:90:c8:7b:17:e5:
1e:22:b0:44:89:46:2c:b5:8a:f1:39:7f:52:bb:21:e9:aa:e8:
5e:29:75:2f:9c:bc:f7:3f:89:b4:e1:ad:40:84:60:da:4f:8d:
26:84:65:59:e0:fb:8d:9a:6d:17:4b:8f:a1:f8:d6:ea:12:fd:
53:36:10:3e:ff:42:a6:57:da:07:c4:c0:46:34:50:a5:c9:fe:
83:11:bd:bd:2d:be:90:e2:2a:6a:cb:73:b3:82:ed:82:f4:dd:
59:68:da:8d:41:cb:95:e2:c1:a3:81:bb:aa:71:68:c1:bd:1e:
46:ab:4f:2b:69:48:dd:a2:54:f9:bd:c0:01:b7:fd:81:ea:13:
84:6f:2f:bb:17:7d:d4:b9:ca:a8:b7:81:11:2a:2d:73:02:49:
b7:a3:2a:39:a8:e8:26:81:e4:68:7a:29:3b:b6:2c:b9:fd:88:
17:77:68:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO7AZHeOlTI7azaYy/LQVRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjQxMjEyMTMxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGE0ZDM5MzM0YTgzYmUwOWFjNGVmMGNlZDAwY2FkZjAyNjkxZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyXBCAyKX2aVpuJGAlhHJ2hRny2S
wzPUKA9hcItN6MnBKtLwjvNfcMjpZoFU7LrdHwsrrEWfk5s+nmtFM3E76Kbyyxf/
ZeDH8husliONDssBPT/82KhkfYigBKyBuNrPYL2MimZfA9by5wcm47rZo+pduf1D
zmO6EYxXy9+4QCcF07wpmYBq1ReiSae4LvqASF5lYJsypYFcnX1voHwAcbs5x9Qz
GyjEE9AG9tgix/WVpvUxjhE2WV+XmxJ5f0oPq7y3HREluJa4pMjxwWrZ+paATSI4
SoFe/gzcqU1SkF5yem9ZIUjGNqWq5F6JWatuzUR/QeXzzOfAqtytJ3StEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOCk05M0qDvgmsTvDO0Ayt8CaR56MB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEvNEtUVGt6U29PLUNheE84TTdRREszd0pwSG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQp4MA0G
CSqGSIb3DQEBCwUAA4IBAQC1NOmSPosJq/4wrEnvCGtaihHS25Vzh7L+MkbK5gLq
0NxLe/EmTBTAzQ4VwCoD3P3xYfCNThiIR2y5BwkZC7t/Jq7G0EqvN7Ef0Nijq1r5
8Qp8Q+8okMh7F+UeIrBEiUYstYrxOX9SuyHpquheKXUvnLz3P4m04a1AhGDaT40m
hGVZ4PuNmm0XS4+h+NbqEv1TNhA+/0KmV9oHxMBGNFClyf6DEb29Lb6Q4ipqy3Oz
gu2C9N1ZaNqNQcuV4sGjgbuqcWjBvR5Gq08raUjdolT5vcABt/2B6hOEby+7F33U
ucqot4ERKi1zAkm3oyo5qOgmgeRoeik7tiy5/YgXd2iQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:54:53 2025 by rpki-client