Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/IVCUQQcpJRCCpQUbKZYr56h8ZxI.roa
File: IVCUQQcpJRCCpQUbKZYr56h8ZxI.roa (raw, json)
Hash identifier: +7+26xT8oRjn4w+xoe6OWWlAlvqcePvRIDTS9CoHL/w=
Subject key identifier: 21:50:94:41:07:29:25:10:82:A5:05:1B:29:96:2B:E7:A8:7C:67:12
Certificate issuer: /CN=3144e609e361913e3c3b0a78d7486aa45b562401
Certificate serial: 018CCA2B94175F4DEC7FFC39EA79302E1FE2
Authority key identifier: 31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/IVCUQQcpJRCCpQUbKZYr56h8ZxI.roa
Signing time: Tue 02 Jan 2024 12:35:02 +0000
ROA not before: Tue 02 Jan 2024 12:35:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204838
IP address blocks: 185.108.38.0/24 maxlen: 24
185.108.38.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:94:17:5f:4d:ec:7f:fc:39:ea:79:30:2e:1f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3144e609e361913e3c3b0a78d7486aa45b562401
Validity
Not Before: Jan 2 12:35:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=215094410729251082a5051b29962be7a87c6712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e3:50:47:b4:8c:0e:ce:4c:6e:3e:ad:28:c3:
94:e9:e4:32:ab:53:83:52:b7:e0:67:5d:f0:34:6c:
79:c7:1f:b5:cb:9f:6c:fb:43:f8:90:45:9d:c4:3b:
6f:be:9a:d9:67:7b:f9:47:fa:6e:9d:61:66:92:29:
ea:46:01:37:1b:9e:e3:84:fe:33:fc:7f:08:4c:31:
83:07:ce:72:23:db:6f:15:56:17:71:f5:64:b6:d1:
db:7d:47:c4:b5:8a:5f:5c:f9:f0:50:9a:92:a0:47:
04:c3:71:00:98:a4:da:af:2e:50:2c:7b:6e:dd:1e:
eb:83:6d:cd:23:65:f4:1c:45:87:80:76:0d:b2:84:
c3:8d:bb:46:36:59:ae:d3:56:ea:a7:25:43:4e:26:
01:4f:d7:5b:20:8e:12:b0:95:b5:43:1a:81:a3:33:
00:51:f0:69:17:02:b8:65:77:85:87:c0:63:7e:12:
56:8f:4d:f2:0e:62:20:5f:08:26:b5:3e:28:9a:c0:
a5:b9:da:7c:c8:9f:49:de:d5:77:f3:75:81:52:8b:
da:6c:4d:f1:29:c0:cc:c0:47:a8:af:48:0f:45:8e:
25:68:7d:c5:69:64:01:64:44:13:fa:71:51:99:a7:
60:cc:2a:c4:d8:c3:ba:52:7a:47:48:03:95:73:74:
db:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:50:94:41:07:29:25:10:82:A5:05:1B:29:96:2B:E7:A8:7C:67:12
X509v3 Authority Key Identifier:
keyid:31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/IVCUQQcpJRCCpQUbKZYr56h8ZxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.38.0/23
Signature Algorithm: sha256WithRSAEncryption
11:2b:d4:e0:63:41:8b:20:96:ea:88:72:77:85:35:bd:a5:e2:
ef:c9:86:9e:88:d8:aa:bf:ac:4e:f6:b6:3e:0e:d1:57:f6:9d:
4d:4a:01:41:61:a5:ef:d5:9f:e3:f0:15:1c:4c:cb:70:6a:8f:
dd:1a:ca:33:72:58:9a:73:91:99:35:ff:c4:3c:98:b9:6f:5d:
ff:19:48:76:d6:9d:3b:be:0e:0f:b1:2a:5d:1e:13:2b:bc:01:
67:ae:68:20:4d:fe:28:58:b6:18:48:42:eb:a3:0b:15:43:ae:
14:e4:0a:3a:35:58:2e:6b:6b:d8:b2:8d:0b:89:67:ea:90:3f:
1f:9a:fe:4b:1d:4a:b2:30:91:56:df:a8:56:a5:41:8c:02:56:
d0:1a:71:f9:e7:32:09:ec:a1:50:3a:88:65:6a:85:c4:b6:25:
44:3a:55:c1:c2:c4:a2:e8:15:a4:86:b1:bb:d4:55:80:98:00:
7b:3e:b2:9f:55:1d:86:dc:94:17:1d:93:51:44:c7:a0:f0:81:
2c:32:62:76:3d:7d:7f:47:2e:e0:8c:3c:ae:ad:39:ea:72:c9:
eb:8c:2b:41:bc:e1:d8:06:07:1e:45:85:25:d4:f7:6c:76:a8:
a7:9a:1f:ed:be:bd:4c:89:67:ef:8f:13:81:25:3e:28:37:bf:
03:b6:63:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK5QXX03sf/w56nkwLh/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNDRlNjA5ZTM2MTkxM2UzYzNiMGE3OGQ3NDg2YWE0NWI1
NjI0MDEwHhcNMjQwMTAyMTIzNTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTUwOTQ0MTA3MjkyNTEwODJhNTA1MWIyOTk2MmJlN2E4N2M2NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhONQR7SMDs5Mbj6tKMOU6eQyq1OD
UrfgZ13wNGx5xx+1y59s+0P4kEWdxDtvvprZZ3v5R/punWFmkinqRgE3G57jhP4z
/H8ITDGDB85yI9tvFVYXcfVkttHbfUfEtYpfXPnwUJqSoEcEw3EAmKTary5QLHtu
3R7rg23NI2X0HEWHgHYNsoTDjbtGNlmu01bqpyVDTiYBT9dbII4SsJW1QxqBozMA
UfBpFwK4ZXeFh8BjfhJWj03yDmIgXwgmtT4omsCludp8yJ9J3tV383WBUovabE3x
KcDMwEeor0gPRY4laH3FaWQBZEQT+nFRmadgzCrE2MO6UnpHSAOVc3TbzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFQlEEHKSUQgqUFGymWK+eofGcSMB8GA1UdIwQY
MBaAFDFE5gnjYZE+PDsKeNdIaqRbViQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYt
Nzc1ODg4YTg3MTk0LzEvSVZDVVFRY3BKUkNDcFFVYktaWXI1Nmg4WnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYtNzc1ODg4YTg3MTk0
LzEvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWwmMA0G
CSqGSIb3DQEBCwUAA4IBAQARK9TgY0GLIJbqiHJ3hTW9peLvyYaeiNiqv6xO9rY+
DtFX9p1NSgFBYaXv1Z/j8BUcTMtwao/dGsozcliac5GZNf/EPJi5b13/GUh21p07
vg4PsSpdHhMrvAFnrmggTf4oWLYYSELrowsVQ64U5Ao6NVgua2vYso0LiWfqkD8f
mv5LHUqyMJFW36hWpUGMAlbQGnH55zIJ7KFQOohlaoXEtiVEOlXBwsSi6BWkhrG7
1FWAmAB7PrKfVR2G3JQXHZNRRMeg8IEsMmJ2PX1/Ry7gjDyurTnqcsnrjCtBvOHY
BgceRYUl1Pdsdqinmh/tvr1MiWfvjxOBJT4oN78DtmMU
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:27:43 2025 by rpki-client