Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/84548d-3f3b-46b9-836c-38a3924776e9/1/CKsfcdwikmR3iZ0oZtl13ph3Q5w.roa
File: CKsfcdwikmR3iZ0oZtl13ph3Q5w.roa (raw, json)
Hash identifier: HmGHWdKefc3u1sbHxvesdlb0FZX5R7h8tM5H3J3lFHo=
Subject key identifier: 08:AB:1F:71:DC:22:92:64:77:89:9D:28:66:D9:75:DE:98:77:43:9C
Certificate issuer: /CN=509c63c6d756bb2acd3f1ad92ac415da857e6c98
Certificate serial: 018CC86F18C9F82C88C5252FAA81B411CB37
Authority key identifier: 50:9C:63:C6:D7:56:BB:2A:CD:3F:1A:D9:2A:C4:15:DA:85:7E:6C:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJxjxtdWuyrNPxrZKsQV2oV-bJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/84548d-3f3b-46b9-836c-38a3924776e9/1/CKsfcdwikmR3iZ0oZtl13ph3Q5w.roa
Signing time: Tue 02 Jan 2024 04:29:33 +0000
ROA not before: Tue 02 Jan 2024 04:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51862
IP address blocks: 185.122.180.0/24 maxlen: 24
185.122.180.0/22 maxlen: 22
185.122.182.0/24 maxlen: 24
185.122.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 12:45:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:18:c9:f8:2c:88:c5:25:2f:aa:81:b4:11:cb:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=509c63c6d756bb2acd3f1ad92ac415da857e6c98
Validity
Not Before: Jan 2 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08ab1f71dc22926477899d2866d975de9877439c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4b:80:70:ba:5a:eb:d5:bc:86:4f:02:94:94:
66:c1:19:61:a4:e2:61:5c:a3:ee:87:1b:21:9c:a9:
45:cb:71:c9:96:ac:d1:93:85:52:89:fe:a9:bb:22:
58:b4:a7:a3:c4:df:3a:16:a2:31:c7:ae:6a:f0:22:
26:43:f4:59:71:ac:73:53:cf:ad:39:bf:ff:b7:d2:
cb:ea:62:7c:c8:31:27:a1:bd:ae:51:1e:b5:fd:24:
85:39:61:d7:68:d3:18:9d:6c:4d:35:3d:b7:92:a7:
b7:2e:cb:53:51:9a:7f:41:58:f9:40:65:d8:48:cd:
73:96:a1:48:17:b8:41:66:1b:1b:c0:00:03:d5:9e:
41:03:7f:89:ff:f8:b5:ef:2c:57:cd:07:fd:86:51:
b0:18:34:47:ee:45:02:5b:c6:4c:33:c8:1e:0e:ef:
8c:69:d6:c8:14:d9:a1:f9:51:c2:de:98:b5:d5:97:
f1:ef:c4:7c:c8:ac:9d:fc:92:4e:78:cf:0f:17:62:
ac:c0:d1:a7:4b:9f:13:7b:c6:14:23:32:6d:43:28:
98:af:9f:90:9e:58:23:f9:ea:a2:9f:81:01:45:af:
9e:ae:a7:b4:07:ac:99:f3:c8:5e:59:94:d5:6a:12:
61:e4:a7:05:d4:1c:4a:50:49:1b:40:54:9c:5d:2d:
9f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:AB:1F:71:DC:22:92:64:77:89:9D:28:66:D9:75:DE:98:77:43:9C
X509v3 Authority Key Identifier:
keyid:50:9C:63:C6:D7:56:BB:2A:CD:3F:1A:D9:2A:C4:15:DA:85:7E:6C:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJxjxtdWuyrNPxrZKsQV2oV-bJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/84548d-3f3b-46b9-836c-38a3924776e9/1/CKsfcdwikmR3iZ0oZtl13ph3Q5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/84548d-3f3b-46b9-836c-38a3924776e9/1/UJxjxtdWuyrNPxrZKsQV2oV-bJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.180.0/22
Signature Algorithm: sha256WithRSAEncryption
53:63:fa:96:cd:f9:50:87:de:ca:a0:80:5a:9a:48:fa:69:17:
7b:cc:6a:e5:fc:42:92:de:c6:00:e3:e6:a8:66:14:3f:3d:3c:
42:9c:0b:b6:20:50:26:ff:42:fe:7b:db:ad:b5:48:96:54:88:
77:c8:81:1f:5e:ee:be:db:3f:fb:d0:2a:b0:56:31:8b:50:f9:
89:bc:46:95:e0:2e:92:9a:71:27:1b:a3:cb:4c:64:3f:dc:83:
69:3f:15:a5:ff:23:30:fe:8e:88:c2:42:0a:df:07:4e:22:3e:
81:3a:e8:f3:74:12:bd:8f:47:84:f4:d0:f7:77:20:e6:d5:34:
65:35:ba:c3:43:1f:48:b0:54:af:33:44:e4:43:5c:26:33:0d:
63:0f:53:5c:b5:1e:b0:d9:98:cc:3d:8b:6a:4c:bc:47:b8:cd:
93:8c:20:0b:5c:6a:34:04:c0:71:f2:f3:1c:8d:75:f4:6d:69:
1b:5d:d1:0c:e3:79:e7:05:cb:65:97:f0:de:c5:ab:1a:d0:5d:
b1:69:48:90:fa:22:be:65:6e:07:8e:e9:22:cc:8e:8a:09:18:
5d:0e:8f:50:8e:6e:31:f4:23:51:4d:8b:66:3a:97:65:b1:79:
00:45:ef:08:b7:df:59:12:63:66:71:97:73:fd:e5:ad:23:d2:
10:c9:31:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbxjJ+CyIxSUvqoG0Ecs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOWM2M2M2ZDc1NmJiMmFjZDNmMWFkOTJhYzQxNWRhODU3
ZTZjOTgwHhcNMjQwMTAyMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGFiMWY3MWRjMjI5MjY0Nzc4OTlkMjg2NmQ5NzVkZTk4Nzc0MzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0uAcLpa69W8hk8ClJRmwRlhpOJh
XKPuhxshnKlFy3HJlqzRk4VSif6puyJYtKejxN86FqIxx65q8CImQ/RZcaxzU8+t
Ob//t9LL6mJ8yDEnob2uUR61/SSFOWHXaNMYnWxNNT23kqe3LstTUZp/QVj5QGXY
SM1zlqFIF7hBZhsbwAAD1Z5BA3+J//i17yxXzQf9hlGwGDRH7kUCW8ZMM8geDu+M
adbIFNmh+VHC3pi11Zfx78R8yKyd/JJOeM8PF2KswNGnS58Te8YUIzJtQyiYr5+Q
nlgj+eqin4EBRa+erqe0B6yZ88heWZTVahJh5KcF1BxKUEkbQFScXS2fjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAirH3HcIpJkd4mdKGbZdd6Yd0OcMB8GA1UdIwQY
MBaAFFCcY8bXVrsqzT8a2SrEFdqFfmyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUp4anh0ZFd1eXJOUHhyWktzUVYyb1YtYkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84NDU0OGQtM2YzYi00NmI5LTgzNmMt
MzhhMzkyNDc3NmU5LzEvQ0tzZmNkd2lrbVIzaVowb1p0bDEzcGgzUTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84NDU0OGQtM2YzYi00NmI5LTgzNmMtMzhhMzkyNDc3NmU5
LzEvVUp4anh0ZFd1eXJOUHhyWktzUVYyb1YtYkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXq0MA0G
CSqGSIb3DQEBCwUAA4IBAQBTY/qWzflQh97KoIBamkj6aRd7zGrl/EKS3sYA4+ao
ZhQ/PTxCnAu2IFAm/0L+e9uttUiWVIh3yIEfXu6+2z/70CqwVjGLUPmJvEaV4C6S
mnEnG6PLTGQ/3INpPxWl/yMw/o6IwkIK3wdOIj6BOujzdBK9j0eE9ND3dyDm1TRl
NbrDQx9IsFSvM0TkQ1wmMw1jD1NctR6w2ZjMPYtqTLxHuM2TjCALXGo0BMBx8vMc
jXX0bWkbXdEM43nnBctll/Dexasa0F2xaUiQ+iK+ZW4HjukizI6KCRhdDo9Qjm4x
9CNRTYtmOpdlsXkARe8It99ZEmNmcZdz/eWtI9IQyTGD
-----END CERTIFICATE-----
Generated at Mon Feb 19 15:21:41 2024 by rpki-client on console-fra.rpki-client.org