Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8e4e68-bd2a-4dc2-aae6-a0560ac82ba7/1/N6FbEhrmlwrPH0a-lL0_2pklkCs.roa
File: N6FbEhrmlwrPH0a-lL0_2pklkCs.roa (raw, json)
Hash identifier: 9Jb307uMw7xAEOullrKFrMlSAqQ1S6RUYWgoKFYGXFU=
Subject key identifier: 37:A1:5B:12:1A:E6:97:0A:CF:1F:46:BE:94:BD:3F:DA:99:25:90:2B
Certificate issuer: /CN=1c6c48cccce321ec18702957b396381a1f1a0410
Certificate serial: 018CC6B7E8237C1927B5FC13ED2F1869C2F9
Authority key identifier: 1C:6C:48:CC:CC:E3:21:EC:18:70:29:57:B3:96:38:1A:1F:1A:04:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HGxIzMzjIewYcClXs5Y4Gh8aBBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8e4e68-bd2a-4dc2-aae6-a0560ac82ba7/1/N6FbEhrmlwrPH0a-lL0_2pklkCs.roa
Signing time: Mon 01 Jan 2024 20:29:50 +0000
ROA not before: Mon 01 Jan 2024 20:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198826
IP address blocks: 185.253.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:e8:23:7c:19:27:b5:fc:13:ed:2f:18:69:c2:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c6c48cccce321ec18702957b396381a1f1a0410
Validity
Not Before: Jan 1 20:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37a15b121ae6970acf1f46be94bd3fda9925902b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d7:2b:7c:9d:b9:97:07:44:82:8f:b0:af:fb:
5a:42:b8:b1:00:3e:16:ad:07:08:92:55:91:e2:a9:
45:04:67:1a:4d:c0:19:29:48:ee:0c:33:78:d9:89:
a4:e0:fd:fc:fd:b5:cc:97:6e:65:86:31:71:07:e5:
32:ca:4e:18:2c:e5:d1:25:3e:f1:b0:8d:ef:17:5e:
4d:ec:7a:8d:54:d8:34:a3:00:bd:c4:b8:72:fa:0d:
63:91:4d:a5:0c:d4:43:38:77:aa:42:9d:e4:d5:80:
c6:0d:04:c1:7a:88:48:6c:34:27:b9:f6:85:11:7f:
15:00:b3:4c:15:f7:c6:b0:7a:ea:98:eb:49:bc:cc:
c1:ad:37:eb:48:0e:0c:c4:bf:0d:b8:cc:89:b7:14:
e1:a1:a0:8a:1e:a1:66:1a:38:23:2c:6f:6f:f7:e0:
a1:9d:cf:fa:14:7d:40:70:3b:34:0b:78:b7:f8:d5:
e8:0a:ac:15:80:73:d5:27:a7:3e:76:1a:34:bd:55:
86:8b:72:42:08:f8:a8:22:f0:41:09:20:80:a8:0d:
ef:d5:f4:32:3e:34:de:03:cc:a0:65:5f:dc:7a:c8:
4a:6a:4d:ea:9a:b7:a4:2f:03:3a:2c:42:db:e0:e2:
fa:a7:31:e2:e7:ca:12:55:ef:d9:53:15:4d:60:9c:
47:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A1:5B:12:1A:E6:97:0A:CF:1F:46:BE:94:BD:3F:DA:99:25:90:2B
X509v3 Authority Key Identifier:
keyid:1C:6C:48:CC:CC:E3:21:EC:18:70:29:57:B3:96:38:1A:1F:1A:04:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGxIzMzjIewYcClXs5Y4Gh8aBBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8e4e68-bd2a-4dc2-aae6-a0560ac82ba7/1/N6FbEhrmlwrPH0a-lL0_2pklkCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8e4e68-bd2a-4dc2-aae6-a0560ac82ba7/1/HGxIzMzjIewYcClXs5Y4Gh8aBBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.138.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:ed:61:7c:a7:59:39:d4:50:89:ad:0e:3b:b6:1e:b1:bd:04:
32:74:26:53:46:0d:25:40:92:af:d5:d5:68:33:7a:da:ae:4d:
b5:54:53:5c:50:27:8f:68:46:d9:81:3c:5f:a7:ad:17:d9:c0:
98:be:7f:28:2b:b9:c9:d4:60:19:1e:2b:92:2d:7a:35:4d:64:
d9:9e:95:92:cc:4f:c4:f0:a1:6e:29:2e:6a:b3:d5:dc:b7:cf:
87:b1:39:29:0f:ef:d5:e7:64:4c:30:13:20:ad:bc:46:c6:de:
a2:87:89:c1:fd:8b:79:99:ec:fd:3e:d7:ed:9a:af:9e:67:de:
fc:42:4c:d8:45:64:56:ce:d5:d9:10:8e:19:0d:79:b0:5c:c2:
32:95:0b:0e:fc:ae:db:b3:a5:0e:3d:f8:dd:19:4b:1e:87:bf:
63:74:87:49:86:95:31:c5:e8:0d:1b:c8:98:02:72:70:0e:69:
2e:eb:8f:74:2c:61:10:82:ff:66:58:d0:2a:88:8b:58:e5:bf:
3c:34:26:1a:48:01:ca:f5:a8:c1:c1:a4:46:f3:11:a0:92:21:
4b:60:50:74:e5:7b:da:80:02:74:ed:d9:04:6c:2f:ad:76:31:
dd:d8:80:3a:75:a6:ad:2f:3f:53:e8:8f:84:f8:37:b3:ca:48:
93:30:f1:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt+gjfBkntfwT7S8YacL5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNmM0OGNjY2NlMzIxZWMxODcwMjk1N2IzOTYzODFhMWYx
YTA0MTAwHhcNMjQwMTAxMjAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2ExNWIxMjFhZTY5NzBhY2YxZjQ2YmU5NGJkM2ZkYTk5MjU5MDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9crfJ25lwdEgo+wr/taQrixAD4W
rQcIklWR4qlFBGcaTcAZKUjuDDN42Ymk4P38/bXMl25lhjFxB+Uyyk4YLOXRJT7x
sI3vF15N7HqNVNg0owC9xLhy+g1jkU2lDNRDOHeqQp3k1YDGDQTBeohIbDQnufaF
EX8VALNMFffGsHrqmOtJvMzBrTfrSA4MxL8NuMyJtxThoaCKHqFmGjgjLG9v9+Ch
nc/6FH1AcDs0C3i3+NXoCqwVgHPVJ6c+dho0vVWGi3JCCPioIvBBCSCAqA3v1fQy
PjTeA8ygZV/ceshKak3qmrekLwM6LELb4OL6pzHi58oSVe/ZUxVNYJxHlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDehWxIa5pcKzx9GvpS9P9qZJZArMB8GA1UdIwQY
MBaAFBxsSMzM4yHsGHApV7OWOBofGgQQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEd4SXpNempJZXdZY0NsWHM1WTRHaDhhQkJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84ZTRlNjgtYmQyYS00ZGMyLWFhZTYt
YTA1NjBhYzgyYmE3LzEvTjZGYkVocm1sd3JQSDBhLWxMMF8ycGtsa0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84ZTRlNjgtYmQyYS00ZGMyLWFhZTYtYTA1NjBhYzgyYmE3
LzEvSEd4SXpNempJZXdZY0NsWHM1WTRHaDhhQkJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf2KMA0G
CSqGSIb3DQEBCwUAA4IBAQDL7WF8p1k51FCJrQ47th6xvQQydCZTRg0lQJKv1dVo
M3rark21VFNcUCePaEbZgTxfp60X2cCYvn8oK7nJ1GAZHiuSLXo1TWTZnpWSzE/E
8KFuKS5qs9Xct8+HsTkpD+/V52RMMBMgrbxGxt6ih4nB/Yt5mez9Ptftmq+eZ978
QkzYRWRWztXZEI4ZDXmwXMIylQsO/K7bs6UOPfjdGUseh79jdIdJhpUxxegNG8iY
AnJwDmku6490LGEQgv9mWNAqiItY5b88NCYaSAHK9ajBwaRG8xGgkiFLYFB05Xva
gAJ07dkEbC+tdjHd2IA6daatLz9T6I+E+DezykiTMPHt
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:20 2025 by rpki-client