Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f9dd1c-317b-41c1-8fcb-7d9eabee15ac/1/4McoBRYRAxA-sszpdy5KLxc-YnI.roa
File: 4McoBRYRAxA-sszpdy5KLxc-YnI.roa (raw, json)
Hash identifier: E1+30CAfZ1SFC059THB6+UgDRrJIfXOfJ4lVBHa6RCg=
Subject key identifier: E0:C7:28:05:16:11:03:10:3E:B2:CC:E9:77:2E:4A:2F:17:3E:62:72
Certificate issuer: /CN=5316590a0eaf48df2b1ae23b9d559e9cac25997e
Certificate serial: 018CC725B8A2D710290F37EA62E6C8BF181B
Authority key identifier: 53:16:59:0A:0E:AF:48:DF:2B:1A:E2:3B:9D:55:9E:9C:AC:25:99:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UxZZCg6vSN8rGuI7nVWenKwlmX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/f9dd1c-317b-41c1-8fcb-7d9eabee15ac/1/4McoBRYRAxA-sszpdy5KLxc-YnI.roa
Signing time: Mon 01 Jan 2024 22:29:47 +0000
ROA not before: Mon 01 Jan 2024 22:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 185.168.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:b8:a2:d7:10:29:0f:37:ea:62:e6:c8:bf:18:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5316590a0eaf48df2b1ae23b9d559e9cac25997e
Validity
Not Before: Jan 1 22:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0c72805161103103eb2cce9772e4a2f173e6272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:64:22:b4:fb:0c:16:f1:c5:9b:f5:a6:05:e4:
99:63:35:f2:be:11:b7:1c:fe:06:58:32:b8:95:0a:
fc:e7:19:d1:eb:49:ac:45:9b:14:eb:89:a7:af:5b:
5c:bf:96:97:b6:39:b9:58:23:c2:f4:2a:5c:07:53:
a8:26:33:a6:e7:a9:de:6d:a4:72:f8:bb:c8:5c:1e:
88:a8:92:09:c0:74:97:21:62:1c:b2:0c:e5:a4:45:
89:d8:51:8b:15:0c:4d:b1:d0:fc:38:d5:ed:e2:ff:
10:4b:d5:7d:b1:70:d6:fa:3f:71:4a:b8:f9:16:fd:
3d:11:32:0d:dc:27:3b:01:89:4a:d9:ab:df:07:ed:
ba:ea:43:8b:f8:88:cc:c4:c6:2c:be:2c:4d:03:51:
d1:92:ca:d3:2e:8f:86:3a:bc:2c:f0:94:8c:95:d4:
b1:9e:d9:d5:9f:85:06:b0:a0:a8:c7:5d:76:65:da:
f3:67:7e:ff:81:8f:d4:f3:6d:5f:da:4f:13:48:f4:
00:65:32:a7:de:fb:68:73:32:82:17:b9:69:e2:ed:
1f:26:38:f5:32:95:98:e7:75:5c:4d:88:97:42:d7:
e1:9e:fd:97:ff:0d:6a:28:5b:ac:7a:70:48:9f:97:
85:56:0b:45:96:26:36:85:25:33:ee:5d:c3:c5:4a:
1e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C7:28:05:16:11:03:10:3E:B2:CC:E9:77:2E:4A:2F:17:3E:62:72
X509v3 Authority Key Identifier:
keyid:53:16:59:0A:0E:AF:48:DF:2B:1A:E2:3B:9D:55:9E:9C:AC:25:99:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UxZZCg6vSN8rGuI7nVWenKwlmX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f9dd1c-317b-41c1-8fcb-7d9eabee15ac/1/4McoBRYRAxA-sszpdy5KLxc-YnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f9dd1c-317b-41c1-8fcb-7d9eabee15ac/1/UxZZCg6vSN8rGuI7nVWenKwlmX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.216.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:80:a1:0e:15:ce:09:db:92:88:3c:f0:23:4a:6c:a4:dc:ee:
41:8d:6b:c4:48:5e:e6:e0:4f:a7:4b:74:44:93:1f:df:df:bc:
f1:c1:a1:00:5d:f3:0d:1d:60:15:bc:4d:4a:0e:1e:8d:58:7b:
80:20:6a:8b:33:6e:54:e4:04:6a:f1:7d:4c:6f:d0:77:38:36:
54:5b:74:3b:ee:ba:6a:21:5f:81:11:36:db:2a:10:48:27:a0:
4c:7b:b5:d1:d1:50:21:d2:93:65:60:9a:d9:38:c8:e7:58:ad:
ec:8c:71:7a:49:c0:b3:9c:2d:2b:0e:20:3e:c3:ae:f6:f3:f6:
1b:ee:e7:4a:06:0e:b3:bc:cc:72:21:01:19:10:df:8e:ce:74:
78:54:62:a2:37:03:ae:85:96:81:cf:fb:90:da:2c:b4:bd:c6:
0c:56:33:89:5a:1f:cb:06:54:c3:89:52:56:4f:26:56:ac:ae:
e3:26:6b:60:58:22:c2:9f:1c:0d:7a:5b:e6:d6:b0:18:16:91:
91:cc:cb:c7:3c:1e:5f:fb:80:16:5c:d0:13:7e:f7:4f:87:97:
d9:e5:13:da:3d:45:ea:4b:68:3d:ae:5e:f5:9c:b8:42:e8:ac:
be:15:4c:8d:06:c4:0a:ca:9c:cd:b0:6a:08:a2:91:9b:ae:f7:
05:3f:e7:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJbii1xApDzfqYubIvxgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMTY1OTBhMGVhZjQ4ZGYyYjFhZTIzYjlkNTU5ZTljYWMy
NTk5N2UwHhcNMjQwMTAxMjIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGM3MjgwNTE2MTEwMzEwM2ViMmNjZTk3NzJlNGEyZjE3M2U2MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimQitPsMFvHFm/WmBeSZYzXyvhG3
HP4GWDK4lQr85xnR60msRZsU64mnr1tcv5aXtjm5WCPC9CpcB1OoJjOm56nebaRy
+LvIXB6IqJIJwHSXIWIcsgzlpEWJ2FGLFQxNsdD8ONXt4v8QS9V9sXDW+j9xSrj5
Fv09ETIN3Cc7AYlK2avfB+266kOL+IjMxMYsvixNA1HRksrTLo+GOrws8JSMldSx
ntnVn4UGsKCox112ZdrzZ37/gY/U821f2k8TSPQAZTKn3vtoczKCF7lp4u0fJjj1
MpWY53VcTYiXQtfhnv2X/w1qKFusenBIn5eFVgtFliY2hSUz7l3DxUoeVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODHKAUWEQMQPrLM6XcuSi8XPmJyMB8GA1UdIwQY
MBaAFFMWWQoOr0jfKxriO51VnpysJZl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXhaWkNnNnZTTjhyR3VJN25WV2VuS3dsbVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9mOWRkMWMtMzE3Yi00MWMxLThmY2It
N2Q5ZWFiZWUxNWFjLzEvNE1jb0JSWVJBeEEtc3N6cGR5NUtMeGMtWW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9mOWRkMWMtMzE3Yi00MWMxLThmY2ItN2Q5ZWFiZWUxNWFj
LzEvVXhaWkNnNnZTTjhyR3VJN25WV2VuS3dsbVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuajYMA0G
CSqGSIb3DQEBCwUAA4IBAQCegKEOFc4J25KIPPAjSmyk3O5BjWvESF7m4E+nS3RE
kx/f37zxwaEAXfMNHWAVvE1KDh6NWHuAIGqLM25U5ARq8X1Mb9B3ODZUW3Q77rpq
IV+BETbbKhBIJ6BMe7XR0VAh0pNlYJrZOMjnWK3sjHF6ScCznC0rDiA+w6728/Yb
7udKBg6zvMxyIQEZEN+OznR4VGKiNwOuhZaBz/uQ2iy0vcYMVjOJWh/LBlTDiVJW
TyZWrK7jJmtgWCLCnxwNelvm1rAYFpGRzMvHPB5f+4AWXNATfvdPh5fZ5RPaPUXq
S2g9rl71nLhC6Ky+FUyNBsQKypzNsGoIopGbrvcFP+eh
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:02 2025 by rpki-client