Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/FHDLI9bYbXNNEX1xPBsLptloCmQ.roa
File: FHDLI9bYbXNNEX1xPBsLptloCmQ.roa (raw, json)
Hash identifier: dUgxIYtDxdIs2KAx8ay48gmhZsqwqDo5fBVtBRGq/3A=
Subject key identifier: 14:70:CB:23:D6:D8:6D:73:4D:11:7D:71:3C:1B:0B:A6:D9:68:0A:64
Certificate issuer: /CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Certificate serial: 019426D95D17DC4366CB8AEF68769A922081
Authority key identifier: AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/FHDLI9bYbXNNEX1xPBsLptloCmQ.roa
Signing time: Thu 02 Jan 2025 11:49:26 +0000
ROA not before: Thu 02 Jan 2025 11:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215783
IP address blocks: 185.141.152.0/22 maxlen: 22
185.141.155.0/24 maxlen: 24
2a07:2440::/29 maxlen: 29
2a07:2440:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 18 Feb 2025 12:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:5d:17:dc:43:66:cb:8a:ef:68:76:9a:92:20:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Validity
Not Before: Jan 2 11:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1470cb23d6d86d734d117d713c1b0ba6d9680a64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:26:bb:da:b2:e4:c1:30:d8:b8:de:27:1e:3e:
7f:84:ef:3c:2e:de:a3:d2:7c:64:de:ab:f4:09:86:
1c:b6:4a:1b:bd:c6:b8:aa:07:52:2a:cd:7b:ec:11:
4a:eb:31:16:fa:c7:da:5b:62:7a:05:8d:26:27:c7:
51:0e:10:7f:fb:32:58:96:d2:7a:61:f2:88:0d:d8:
c0:d6:24:d0:10:a2:7d:d4:31:4f:2d:3d:5e:35:49:
43:bd:9a:37:05:31:67:c5:b1:73:eb:25:1e:4f:a0:
0e:b4:bf:84:31:76:e5:c7:d2:d2:64:b6:8c:9f:c3:
9b:63:96:c8:ba:2a:99:de:3e:76:8f:4f:11:55:90:
9e:85:67:9f:90:de:6b:01:2f:3d:24:ec:28:b1:23:
d5:14:6a:5d:92:80:f2:cc:d9:6e:78:a7:c4:83:af:
5c:c1:28:70:ef:93:15:ad:87:0b:3e:82:83:03:74:
e6:02:7a:8d:1b:08:f3:42:be:00:19:54:52:7e:01:
64:f7:33:e8:c7:42:6d:1c:70:52:6f:76:25:d4:fa:
4f:73:14:59:ef:63:b7:74:a5:da:01:ee:05:e4:15:
d4:e4:b1:d4:59:0f:d1:f5:0d:92:28:c0:3d:59:98:
67:0d:73:8d:1c:50:48:ad:c8:0f:dc:a0:73:4e:c2:
98:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:70:CB:23:D6:D8:6D:73:4D:11:7D:71:3C:1B:0B:A6:D9:68:0A:64
X509v3 Authority Key Identifier:
keyid:AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/FHDLI9bYbXNNEX1xPBsLptloCmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.152.0/22
IPv6:
2a07:2440::/29
Signature Algorithm: sha256WithRSAEncryption
1f:fd:dc:c6:b7:10:2c:89:3e:15:a1:03:bd:de:59:aa:45:e6:
d1:69:df:7d:5c:9c:11:c9:3d:3e:57:16:4b:62:f4:93:c8:ed:
de:fb:57:da:0d:ff:01:61:4d:c2:31:4f:d2:aa:a5:fd:1b:4e:
3c:91:72:d3:c2:95:7f:93:09:91:f6:b5:67:0f:06:a7:fd:2a:
40:b4:e1:d9:ba:da:83:64:a5:8a:8a:a3:4d:fd:3c:86:ea:96:
06:0d:67:42:13:a4:ad:56:c7:ba:c8:19:d7:a9:bc:57:af:56:
67:b0:9d:3a:d1:e0:34:78:14:db:a4:70:4f:fa:78:6e:f5:4b:
77:ce:cc:52:81:9a:10:1a:f4:ef:fd:dd:4c:d4:c5:94:22:45:
cb:8a:27:11:32:8d:55:2f:0f:d2:3d:fe:b3:99:68:85:1b:e8:
28:3a:f3:fb:2a:d4:12:fc:5d:54:d0:83:bc:ee:fa:25:62:fb:
90:99:d6:70:66:d3:bb:d6:7b:85:b4:bf:a6:28:42:6c:8e:ee:
8d:56:01:0f:50:74:a9:b2:9c:2b:70:f3:32:e8:b8:23:ab:16:
5b:28:a9:9e:0d:c4:5e:f2:d7:d3:ac:1a:7d:83:9a:8b:7e:11:
93:69:c1:76:23:9f:24:58:88:d4:2e:cf:6d:06:ca:02:aa:a1:
4d:06:7c:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2V0X3ENmy4rvaHaakiCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWFhYjEzNDI3YWQ4YzAwNzJhZTA4ZDliYjgwYWJjMTlk
M2Y5ODQwHhcNMjUwMTAyMTE0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDcwY2IyM2Q2ZDg2ZDczNGQxMTdkNzEzYzFiMGJhNmQ5NjgwYTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ya72rLkwTDYuN4nHj5/hO88Lt6j
0nxk3qv0CYYctkobvca4qgdSKs177BFK6zEW+sfaW2J6BY0mJ8dRDhB/+zJYltJ6
YfKIDdjA1iTQEKJ91DFPLT1eNUlDvZo3BTFnxbFz6yUeT6AOtL+EMXblx9LSZLaM
n8ObY5bIuiqZ3j52j08RVZCehWefkN5rAS89JOwosSPVFGpdkoDyzNlueKfEg69c
wShw75MVrYcLPoKDA3TmAnqNGwjzQr4AGVRSfgFk9zPox0JtHHBSb3Yl1PpPcxRZ
72O3dKXaAe4F5BXU5LHUWQ/R9Q2SKMA9WZhnDXONHFBIrcgP3KBzTsKYzQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBRwyyPW2G1zTRF9cTwbC6bZaApkMB8GA1UdIwQY
MBaAFKuaqxNCetjAByrgjZu4CrwZ0/mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmIt
MzkyNjAzMTljN2JkLzEvRkhETEk5YlliWE5ORVgxeFBCc0xwdGxvQ21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmItMzkyNjAzMTljN2Jk
LzEvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY2YMA0E
AgACMAcDBQMqByRAMA0GCSqGSIb3DQEBCwUAA4IBAQAf/dzGtxAsiT4VoQO93lmq
RebRad99XJwRyT0+VxZLYvSTyO3e+1faDf8BYU3CMU/SqqX9G048kXLTwpV/kwmR
9rVnDwan/SpAtOHZutqDZKWKiqNN/TyG6pYGDWdCE6StVse6yBnXqbxXr1ZnsJ06
0eA0eBTbpHBP+nhu9Ut3zsxSgZoQGvTv/d1M1MWUIkXLiicRMo1VLw/SPf6zmWiF
G+goOvP7KtQS/F1U0IO87volYvuQmdZwZtO71nuFtL+mKEJsju6NVgEPUHSpspwr
cPMy6LgjqxZbKKmeDcRe8tfTrBp9g5qLfhGTacF2I58kWIjULs9tBsoCqqFNBnwr
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:29:36 2025 by rpki-client