Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/FIjW3B-CjzF3dN7Pwx4NakyD3Bk.roa
File: FIjW3B-CjzF3dN7Pwx4NakyD3Bk.roa (raw, json)
Hash identifier: YRa/g+4WhZ2NvbnF2/eD1/O9uXBz+5DWTiyPf+5L5wA=
Subject key identifier: 14:88:D6:DC:1F:82:8F:31:77:74:DE:CF:C3:1E:0D:6A:4C:83:DC:19
Certificate issuer: /CN=8ab606cea79b5abe81683a63379b39289b2cab93
Certificate serial: 018CC7256EDA9B5C39588B91437C6648854B
Authority key identifier: 8A:B6:06:CE:A7:9B:5A:BE:81:68:3A:63:37:9B:39:28:9B:2C:AB:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/irYGzqebWr6BaDpjN5s5KJssq5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/FIjW3B-CjzF3dN7Pwx4NakyD3Bk.roa
Signing time: Mon 01 Jan 2024 22:29:28 +0000
ROA not before: Mon 01 Jan 2024 22:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 185.162.56.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 03 May 2024 09:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:6e:da:9b:5c:39:58:8b:91:43:7c:66:48:85:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ab606cea79b5abe81683a63379b39289b2cab93
Validity
Not Before: Jan 1 22:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1488d6dc1f828f317774decfc31e0d6a4c83dc19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:db:30:07:72:88:40:23:19:81:8d:76:05:67:
0b:76:8a:b0:ef:18:0e:c0:95:3d:9d:96:f3:90:a5:
52:fc:27:c8:d3:58:25:bf:2c:60:40:05:e4:02:2d:
4a:53:86:19:db:e9:e6:6d:23:aa:11:be:ba:f2:ec:
bb:87:5f:a5:58:d2:87:a1:63:da:5e:d7:48:25:79:
95:b7:41:b7:0e:3d:7c:79:9c:28:36:41:aa:ed:f7:
a6:91:c3:8b:e5:0a:37:33:d0:86:60:df:e3:38:e1:
38:75:07:5b:cd:de:b1:cf:1c:61:7c:a9:ab:d8:f4:
01:02:b9:71:f9:c9:94:41:ad:70:ce:41:9e:77:14:
81:f5:77:7f:ea:c6:06:22:0e:95:ca:0d:fe:80:01:
90:37:59:65:68:09:ec:2e:33:a0:da:ff:4c:9c:28:
40:10:6e:20:d8:53:e7:e6:01:a1:6a:81:44:56:70:
5d:7e:9a:58:85:0f:ca:b6:79:c8:c2:e0:31:62:40:
a4:57:14:f2:90:50:76:a3:fb:44:8e:4a:cc:87:24:
b5:a6:7d:48:e0:7c:b3:1e:79:2f:19:c5:96:50:4a:
15:c7:19:01:7a:13:4f:19:93:b6:66:90:21:a8:70:
6a:38:98:64:61:cc:14:a4:57:86:0c:7c:8d:bb:66:
33:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:88:D6:DC:1F:82:8F:31:77:74:DE:CF:C3:1E:0D:6A:4C:83:DC:19
X509v3 Authority Key Identifier:
keyid:8A:B6:06:CE:A7:9B:5A:BE:81:68:3A:63:37:9B:39:28:9B:2C:AB:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/irYGzqebWr6BaDpjN5s5KJssq5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/FIjW3B-CjzF3dN7Pwx4NakyD3Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/irYGzqebWr6BaDpjN5s5KJssq5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.56.0/22
Signature Algorithm: sha256WithRSAEncryption
35:5b:96:f3:1e:aa:6c:57:0a:f1:3d:19:81:3c:e7:8a:26:14:
a2:f7:3b:32:86:26:85:76:31:d5:f1:f1:10:52:9c:e6:7f:ec:
1b:09:2e:ef:5c:f1:81:61:27:67:d3:1d:1f:82:65:17:24:3a:
f1:6f:49:5f:cd:6b:3a:f7:9c:89:b8:14:e1:5a:ec:79:16:d3:
62:3a:b0:de:ba:2c:99:3a:9b:f8:bf:e7:56:02:51:94:7f:55:
1b:31:7f:42:21:37:79:04:04:7b:ab:92:18:23:ee:ea:76:4a:
cf:73:1f:c7:00:5c:61:68:27:4f:5a:3b:06:0d:4d:da:af:f2:
b4:81:b7:02:9b:ae:10:73:ab:74:db:25:3c:d6:bb:2d:6c:f9:
2a:4d:a3:0e:15:30:0e:81:9a:54:c7:6f:a3:a6:11:5e:cd:31:
a1:a0:52:0b:f2:7b:ce:e4:85:d8:48:9e:00:73:96:59:52:1c:
58:7b:ab:81:de:0b:57:7f:00:92:57:77:f2:5d:84:18:6c:19:
c3:97:bc:91:f3:e2:27:3f:72:c2:f7:f1:da:2c:32:41:a7:60:
19:52:8a:0c:e7:33:cb:e2:d0:8d:da:d0:2a:25:db:26:fa:38:
61:98:67:0b:16:29:28:94:f2:27:96:53:fb:6e:88:88:e7:bb:
d1:5f:db:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJW7am1w5WIuRQ3xmSIVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYjYwNmNlYTc5YjVhYmU4MTY4M2E2MzM3OWIzOTI4OWIy
Y2FiOTMwHhcNMjQwMTAxMjIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDg4ZDZkYzFmODI4ZjMxNzc3NGRlY2ZjMzFlMGQ2YTRjODNkYzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNswB3KIQCMZgY12BWcLdoqw7xgO
wJU9nZbzkKVS/CfI01glvyxgQAXkAi1KU4YZ2+nmbSOqEb668uy7h1+lWNKHoWPa
XtdIJXmVt0G3Dj18eZwoNkGq7femkcOL5Qo3M9CGYN/jOOE4dQdbzd6xzxxhfKmr
2PQBArlx+cmUQa1wzkGedxSB9Xd/6sYGIg6Vyg3+gAGQN1llaAnsLjOg2v9MnChA
EG4g2FPn5gGhaoFEVnBdfppYhQ/KtnnIwuAxYkCkVxTykFB2o/tEjkrMhyS1pn1I
4HyzHnkvGcWWUEoVxxkBehNPGZO2ZpAhqHBqOJhkYcwUpFeGDHyNu2YzKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBSI1twfgo8xd3Tez8MeDWpMg9wZMB8GA1UdIwQY
MBaAFIq2Bs6nm1q+gWg6YzebOSibLKuTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXJZR3pxZWJXcjZCYURwak41czVLSnNzcTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi84M2Y2MzEtODk3Ny00ZDJlLTg1MjMt
ODg4YzA3ZjIxNTNmLzEvRklqVzNCLUNqekYzZE43UHd4NE5ha3lEM0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi84M2Y2MzEtODk3Ny00ZDJlLTg1MjMtODg4YzA3ZjIxNTNm
LzEvaXJZR3pxZWJXcjZCYURwak41czVLSnNzcTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaI4MA0G
CSqGSIb3DQEBCwUAA4IBAQA1W5bzHqpsVwrxPRmBPOeKJhSi9zsyhiaFdjHV8fEQ
Upzmf+wbCS7vXPGBYSdn0x0fgmUXJDrxb0lfzWs695yJuBThWux5FtNiOrDeuiyZ
Opv4v+dWAlGUf1UbMX9CITd5BAR7q5IYI+7qdkrPcx/HAFxhaCdPWjsGDU3ar/K0
gbcCm64Qc6t02yU81rstbPkqTaMOFTAOgZpUx2+jphFezTGhoFIL8nvO5IXYSJ4A
c5ZZUhxYe6uB3gtXfwCSV3fyXYQYbBnDl7yR8+InP3LC9/HaLDJBp2AZUooM5zPL
4tCN2tAqJdsm+jhhmGcLFikolPInllP7boiI57vRX9vx
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:50 2025 by rpki-client