Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/sMSHQnk2JNxEHm8sjpMx-G2kK9M.roa
File: sMSHQnk2JNxEHm8sjpMx-G2kK9M.roa (raw, json)
Hash identifier: kwqlk6FinezJB904OSl+xjSqZxmsM6u4ZlOzD9FXK+s=
Subject key identifier: B0:C4:87:42:79:36:24:DC:44:1E:6F:2C:8E:93:31:F8:6D:A4:2B:D3
Certificate issuer: /CN=856f0c90073afb8ecde7e83409ceabdb93b41a4e
Certificate serial: 018CC86F33FC9A1A4284EC60A3D282D35F45
Authority key identifier: 85:6F:0C:90:07:3A:FB:8E:CD:E7:E8:34:09:CE:AB:DB:93:B4:1A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hW8MkAc6-47N5-g0Cc6r25O0Gk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/sMSHQnk2JNxEHm8sjpMx-G2kK9M.roa
Signing time: Tue 02 Jan 2024 04:29:40 +0000
ROA not before: Tue 02 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24940
IP address blocks: 185.110.95.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:33:fc:9a:1a:42:84:ec:60:a3:d2:82:d3:5f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=856f0c90073afb8ecde7e83409ceabdb93b41a4e
Validity
Not Before: Jan 2 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0c48742793624dc441e6f2c8e9331f86da42bd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:50:03:bf:74:95:9e:c9:4b:48:c8:f8:68:ed:
f9:b4:4b:ab:70:ce:ab:ed:ce:65:37:aa:6e:6c:3f:
11:07:8f:9c:38:ec:3c:31:47:02:16:71:12:8a:ad:
7f:b5:52:e4:ea:60:23:fb:13:20:cd:7f:2f:53:25:
13:04:69:f0:e9:70:5a:6e:6e:1f:3d:f1:2a:68:f3:
91:f4:89:df:77:0f:c5:b0:d5:7d:3c:b5:62:67:c4:
1d:eb:2e:03:dc:0b:ed:88:19:bd:2e:41:25:4f:77:
f2:71:b0:8d:27:c6:0c:7c:2c:9d:19:44:2f:33:eb:
99:35:ba:31:8a:c9:5d:bf:0e:10:08:9b:fb:5e:f8:
f3:4d:c5:36:05:c6:53:91:95:16:40:31:73:db:ab:
fe:6a:f4:90:20:89:ea:a1:83:a5:9a:84:e5:fb:75:
bf:41:12:ab:8d:b0:94:dc:85:e9:22:6a:6b:35:a0:
81:9a:68:99:e0:09:7b:1f:e6:d0:b3:13:8d:19:7f:
87:75:ec:40:1b:5d:c8:51:a1:3d:83:89:5e:21:96:
fc:b0:6b:ad:8d:72:21:fd:b3:d6:24:04:eb:0b:09:
b4:98:6a:f4:09:74:d8:cc:cf:cb:37:75:e8:53:07:
f8:96:aa:fc:7f:14:c9:85:37:a9:2e:8d:7a:5b:95:
fb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C4:87:42:79:36:24:DC:44:1E:6F:2C:8E:93:31:F8:6D:A4:2B:D3
X509v3 Authority Key Identifier:
keyid:85:6F:0C:90:07:3A:FB:8E:CD:E7:E8:34:09:CE:AB:DB:93:B4:1A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hW8MkAc6-47N5-g0Cc6r25O0Gk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/sMSHQnk2JNxEHm8sjpMx-G2kK9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/hW8MkAc6-47N5-g0Cc6r25O0Gk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.95.0/24
Signature Algorithm: sha256WithRSAEncryption
32:ab:bc:d9:63:b7:32:89:4d:5e:20:3c:8d:89:20:a9:81:08:
5b:0b:e9:9b:bd:39:97:ff:a2:7f:1b:8e:55:95:f4:61:41:4a:
14:b8:67:7f:3c:57:00:29:67:b4:95:6c:3f:2c:45:78:ce:ac:
2c:99:fe:95:f3:ec:b9:24:43:dd:5e:79:30:1a:60:52:33:db:
38:48:fb:34:31:7d:4b:0a:7d:da:c3:23:59:ea:60:66:e2:26:
62:f2:0d:b4:14:66:70:22:21:73:77:78:f5:65:4e:e9:51:44:
fb:8b:f1:80:15:bc:59:aa:61:97:95:e3:47:6f:4b:e5:be:42:
fe:35:be:08:c0:42:48:45:3e:35:80:95:ee:c2:85:94:7d:36:
15:c2:09:fb:aa:07:a3:09:fb:4f:62:6e:88:f4:9e:d9:6e:a5:
48:13:60:52:07:77:cc:78:7f:cf:f6:65:41:6e:c3:71:b4:06:
98:cd:98:1b:6b:45:4e:20:e3:24:13:df:34:94:62:1a:f7:6e:
f4:f5:0f:83:ac:e7:1e:6e:64:48:3e:5d:aa:ed:d6:0b:b2:d8:
41:4d:1a:40:c2:a8:09:10:94:da:9e:0c:53:3d:ba:d4:4a:83:
bf:3b:44:c3:ed:17:ab:f0:33:2d:b1:10:57:99:56:43:9a:a0:
43:26:9b:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbzP8mhpChOxgo9KC019FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NmYwYzkwMDczYWZiOGVjZGU3ZTgzNDA5Y2VhYmRiOTNi
NDFhNGUwHhcNMjQwMTAyMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGM0ODc0Mjc5MzYyNGRjNDQxZTZmMmM4ZTkzMzFmODZkYTQyYmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1ADv3SVnslLSMj4aO35tEurcM6r
7c5lN6pubD8RB4+cOOw8MUcCFnESiq1/tVLk6mAj+xMgzX8vUyUTBGnw6XBabm4f
PfEqaPOR9Infdw/FsNV9PLViZ8Qd6y4D3AvtiBm9LkElT3fycbCNJ8YMfCydGUQv
M+uZNboxisldvw4QCJv7XvjzTcU2BcZTkZUWQDFz26v+avSQIInqoYOlmoTl+3W/
QRKrjbCU3IXpImprNaCBmmiZ4Al7H+bQsxONGX+HdexAG13IUaE9g4leIZb8sGut
jXIh/bPWJATrCwm0mGr0CXTYzM/LN3XoUwf4lqr8fxTJhTepLo16W5X7TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLDEh0J5NiTcRB5vLI6TMfhtpCvTMB8GA1UdIwQY
MBaAFIVvDJAHOvuOzefoNAnOq9uTtBpOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFc4TWtBYzYtNDdONS1nMENjNnIyNU8wR2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8yMDQyNjgtNjA3OC00YjUzLTk0ZDIt
NDRmZGU5NmI4YWVjLzEvc01TSFFuazJKTnhFSG04c2pwTXgtRzJrSzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8yMDQyNjgtNjA3OC00YjUzLTk0ZDItNDRmZGU5NmI4YWVj
LzEvaFc4TWtBYzYtNDdONS1nMENjNnIyNU8wR2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuW5fMA0G
CSqGSIb3DQEBCwUAA4IBAQAyq7zZY7cyiU1eIDyNiSCpgQhbC+mbvTmX/6J/G45V
lfRhQUoUuGd/PFcAKWe0lWw/LEV4zqwsmf6V8+y5JEPdXnkwGmBSM9s4SPs0MX1L
Cn3awyNZ6mBm4iZi8g20FGZwIiFzd3j1ZU7pUUT7i/GAFbxZqmGXleNHb0vlvkL+
Nb4IwEJIRT41gJXuwoWUfTYVwgn7qgejCftPYm6I9J7ZbqVIE2BSB3fMeH/P9mVB
bsNxtAaYzZgba0VOIOMkE980lGIa92709Q+DrOcebmRIPl2q7dYLsthBTRpAwqgJ
EJTangxTPbrUSoO/O0TD7Rer8DMtsRBXmVZDmqBDJpuN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:27:48 2025 by rpki-client