Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/HCpWtvLkfn_y6pj_xSOZF2kW0ks.roa
File: HCpWtvLkfn_y6pj_xSOZF2kW0ks.roa (raw, json)
Hash identifier: 479vH63oz5how3Y6BeGaX2SAAamkpWlwQa9d8cl1uNo=
Subject key identifier: 1C:2A:56:B6:F2:E4:7E:7F:F2:EA:98:FF:C5:23:99:17:69:16:D2:4B
Certificate issuer: /CN=3144e609e361913e3c3b0a78d7486aa45b562401
Certificate serial: 018CCA2B92F8C53F3C4BB4FDD7F51A7242FA
Authority key identifier: 31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/HCpWtvLkfn_y6pj_xSOZF2kW0ks.roa
Signing time: Tue 02 Jan 2024 12:35:02 +0000
ROA not before: Tue 02 Jan 2024 12:35:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25319
IP address blocks: 89.32.224.0/20 maxlen: 24
89.32.226.0/24 maxlen: 24
185.108.181.0/24 maxlen: 24
185.108.180.0/24 maxlen: 24
185.108.180.0/22 maxlen: 24
185.108.182.0/24 maxlen: 24
185.108.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:92:f8:c5:3f:3c:4b:b4:fd:d7:f5:1a:72:42:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3144e609e361913e3c3b0a78d7486aa45b562401
Validity
Not Before: Jan 2 12:35:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c2a56b6f2e47e7ff2ea98ffc52399176916d24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:11:01:8e:b9:3f:a1:37:f6:96:10:f7:44:5f:
ab:56:9d:44:7c:93:43:e8:c7:6b:b9:80:54:b7:95:
15:b8:a2:05:05:70:14:ef:8f:59:d5:0c:bd:83:03:
d8:54:e0:be:4e:09:64:d0:a2:d0:ba:f7:f6:15:b4:
76:f6:e7:d4:17:e5:c5:06:4e:b3:70:a5:57:16:0f:
39:e6:e6:f8:eb:b4:9b:69:07:00:0b:60:19:f1:df:
67:5e:23:f7:43:be:03:e4:36:2e:10:0b:dd:5e:df:
4b:0d:54:fe:c0:92:41:04:ef:c5:97:95:db:01:c8:
1f:2b:d3:cd:40:d3:25:7f:3d:b3:66:8c:9c:b9:89:
ce:d4:ec:e9:cd:cb:91:40:67:cc:f6:b8:a6:b8:38:
b2:3e:70:b8:da:e0:7b:41:2e:f9:7d:af:4c:81:ae:
17:ac:da:94:ab:aa:81:73:02:ce:e8:65:dd:c6:2d:
c3:50:1a:54:61:f0:64:0a:38:db:6b:34:4d:1e:20:
f8:ff:4c:d6:8b:da:db:fd:79:e2:dd:9e:2c:64:36:
60:18:2d:20:2e:38:2b:10:79:65:29:ed:96:8f:19:
97:e6:7e:23:bb:f1:7e:94:dd:f3:44:bf:e4:38:2e:
a8:99:18:62:89:81:13:3a:f3:f9:b3:4e:bb:4c:3d:
b2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2A:56:B6:F2:E4:7E:7F:F2:EA:98:FF:C5:23:99:17:69:16:D2:4B
X509v3 Authority Key Identifier:
keyid:31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/HCpWtvLkfn_y6pj_xSOZF2kW0ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.224.0/20
185.108.180.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:3c:ef:cb:24:03:76:91:3e:e3:90:55:ba:ab:95:ca:0f:24:
06:70:9c:23:e5:16:17:47:e0:85:46:1a:d9:f8:1b:77:eb:46:
8e:f5:1c:67:61:fc:39:a0:7f:c4:29:11:cd:9d:3f:8f:a9:af:
46:52:14:b5:cc:ff:ce:ea:fb:8c:fa:f8:db:a0:2c:0d:98:79:
45:02:69:ad:53:7d:b1:a9:be:ef:d3:b3:0d:36:09:e4:da:66:
36:40:a0:1c:34:ad:b4:99:9c:16:9a:4a:fe:d9:e8:e7:34:70:
ad:ea:56:70:da:b3:6c:a8:32:16:22:ba:87:83:f1:c3:84:d8:
15:b8:dc:b1:4b:4b:11:8c:f3:2d:53:5a:a2:f6:06:e5:93:1d:
0d:2c:96:cc:c8:a8:7f:f5:4b:cc:1c:b2:a9:3f:ed:d1:45:8a:
23:7a:67:5b:de:c0:20:7f:7a:8d:2d:9b:ca:9c:9d:ae:c1:13:
ec:a4:fa:0d:28:ad:17:30:7b:45:0f:d8:0c:24:73:a3:dd:8a:
e9:8c:52:04:33:a0:06:67:e9:dd:38:18:08:5e:72:6a:2e:e7:
08:b0:30:39:00:b9:53:2d:b8:54:02:9f:ca:46:bd:bd:0e:08:
c2:ad:34:f4:bc:8e:41:ad:28:62:6a:87:80:6c:27:e0:a9:f0:
95:a3:ba:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK5L4xT88S7T91/UackL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNDRlNjA5ZTM2MTkxM2UzYzNiMGE3OGQ3NDg2YWE0NWI1
NjI0MDEwHhcNMjQwMTAyMTIzNTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzJhNTZiNmYyZTQ3ZTdmZjJlYTk4ZmZjNTIzOTkxNzY5MTZkMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohEBjrk/oTf2lhD3RF+rVp1EfJND
6MdruYBUt5UVuKIFBXAU749Z1Qy9gwPYVOC+Tglk0KLQuvf2FbR29ufUF+XFBk6z
cKVXFg855ub467SbaQcAC2AZ8d9nXiP3Q74D5DYuEAvdXt9LDVT+wJJBBO/Fl5Xb
AcgfK9PNQNMlfz2zZoycuYnO1OzpzcuRQGfM9rimuDiyPnC42uB7QS75fa9Mga4X
rNqUq6qBcwLO6GXdxi3DUBpUYfBkCjjbazRNHiD4/0zWi9rb/Xni3Z4sZDZgGC0g
LjgrEHllKe2WjxmX5n4ju/F+lN3zRL/kOC6omRhiiYETOvP5s067TD2ygQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBwqVrby5H5/8uqY/8UjmRdpFtJLMB8GA1UdIwQY
MBaAFDFE5gnjYZE+PDsKeNdIaqRbViQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYt
Nzc1ODg4YTg3MTk0LzEvSENwV3R2TGtmbl95NnBqX3hTT1pGMmtXMGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYtNzc1ODg4YTg3MTk0
LzEvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWSDgAwQC
uWy0MA0GCSqGSIb3DQEBCwUAA4IBAQBrPO/LJAN2kT7jkFW6q5XKDyQGcJwj5RYX
R+CFRhrZ+Bt360aO9RxnYfw5oH/EKRHNnT+Pqa9GUhS1zP/O6vuM+vjboCwNmHlF
AmmtU32xqb7v07MNNgnk2mY2QKAcNK20mZwWmkr+2ejnNHCt6lZw2rNsqDIWIrqH
g/HDhNgVuNyxS0sRjPMtU1qi9gblkx0NLJbMyKh/9UvMHLKpP+3RRYojemdb3sAg
f3qNLZvKnJ2uwRPspPoNKK0XMHtFD9gMJHOj3YrpjFIEM6AGZ+ndOBgIXnJqLucI
sDA5ALlTLbhUAp/KRr29DgjCrTT0vI5BrShiaoeAbCfgqfCVo7rY
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:51:52 2025 by rpki-client