Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/G8P8Up3iwBNuY6VX8xHlV2xw_Sc.roa
File: G8P8Up3iwBNuY6VX8xHlV2xw_Sc.roa (raw, json)
Hash identifier: DPZTUR8SEgFuO3IeipECn6P1+JwvZA2wEW1lrp3T8B8=
Subject key identifier: 1B:C3:FC:52:9D:E2:C0:13:6E:63:A5:57:F3:11:E5:57:6C:70:FD:27
Certificate issuer: /CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Certificate serial: 018CC8DEFEF17135EABE633D5EF820B966F3
Authority key identifier: 99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/G8P8Up3iwBNuY6VX8xHlV2xw_Sc.roa
Signing time: Tue 02 Jan 2024 06:31:46 +0000
ROA not before: Tue 02 Jan 2024 06:31:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206352
IP address blocks: 185.217.50.0/23 maxlen: 23
185.217.48.0/23 maxlen: 23
185.188.253.0/24 maxlen: 24
185.188.254.0/23 maxlen: 23
185.248.2.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:fe:f1:71:35:ea:be:63:3d:5e:f8:20:b9:66:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Validity
Not Before: Jan 2 06:31:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bc3fc529de2c0136e63a557f311e5576c70fd27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9d:2a:f6:0a:a2:a0:5c:7d:20:47:2e:8e:6e:
31:86:92:55:8f:09:02:74:2e:32:69:da:86:f1:7e:
38:ae:56:27:aa:c6:ae:e9:6f:54:57:b9:36:ef:c9:
e0:ed:35:95:55:17:43:53:8a:fa:af:d8:04:53:55:
df:8b:14:2f:5c:c0:67:a4:37:a4:fc:2e:3f:b4:65:
0d:c0:a8:77:f3:3a:38:a6:2f:30:a3:23:c3:1f:73:
95:7f:cc:59:45:10:40:21:bb:08:45:d1:18:c0:19:
35:b7:18:c1:3b:39:b0:39:69:e5:af:ad:13:30:93:
7d:95:ce:ad:77:94:79:88:65:b5:51:de:f2:fd:4a:
0f:f6:01:74:cc:7f:0c:ea:78:e5:e0:98:6d:02:4d:
04:69:72:e4:0c:21:d0:6e:ee:aa:b2:5a:8d:e1:c3:
ab:4b:14:2f:b8:95:56:27:ba:04:ef:b0:08:9d:e9:
44:21:21:8c:06:08:3b:86:fb:4a:90:17:11:65:80:
48:82:5d:7c:50:0f:65:1b:8b:6a:ee:c8:b8:da:d4:
ea:95:95:d2:a8:37:98:c6:0f:97:22:ed:9d:2f:7b:
e4:08:e6:0f:1a:0b:3d:f0:b7:68:e7:0b:b7:d5:63:
8b:d7:43:cf:be:1a:8d:b6:f3:b8:89:e1:58:7e:0e:
24:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C3:FC:52:9D:E2:C0:13:6E:63:A5:57:F3:11:E5:57:6C:70:FD:27
X509v3 Authority Key Identifier:
keyid:99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/G8P8Up3iwBNuY6VX8xHlV2xw_Sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/mdy98GMqEBYTqPbJRJsp7UXBqHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.253.0-185.188.255.255
185.217.48.0/22
185.248.2.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:c0:7d:dc:31:d1:4b:84:72:1a:ce:ca:1d:1f:74:ab:55:d6:
08:7b:c2:16:c3:30:48:f8:a2:8b:e6:e2:f5:ca:b0:6e:d6:9f:
ae:f8:90:53:7b:d1:b0:f7:b7:26:46:0a:29:58:04:b3:cc:b0:
b5:cc:ff:18:ba:07:c3:dd:02:0f:30:d2:75:73:7f:53:44:d4:
9e:18:01:a7:f0:63:6b:f8:e3:e1:0f:ad:b4:ef:a6:fa:fc:65:
c1:3e:04:63:da:c3:68:4f:f5:4f:89:bc:85:66:4a:16:4a:5d:
6a:a4:34:ad:ac:07:01:16:dc:02:2f:1b:98:95:7e:65:46:82:
5c:3a:1e:39:42:e9:ad:27:7e:f9:bf:c0:9c:41:47:64:a1:14:
57:c2:4c:ad:80:59:b2:5e:1f:d7:02:0e:4a:bd:86:e6:38:4d:
31:72:de:4b:0e:04:b6:d7:e0:a1:d0:e7:d0:f9:a7:f5:c4:9d:
9a:53:77:a7:83:5b:2c:d8:ad:22:ea:47:82:77:df:5f:9b:c0:
98:6c:e8:58:3b:c1:04:95:df:3d:11:bd:9a:0b:f1:6b:d8:e6:
5c:b0:a4:93:df:a1:1f:07:a0:e8:4f:89:86:c3:e8:3f:be:1c:
8d:4d:13:04:8c:21:96:e1:e7:57:2a:21:e0:6a:5c:b6:19:fd:
67:25:1b:a5
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzI3v7xcTXqvmM9XvgguWbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZGNiZGYwNjMyYTEwMTYxM2E4ZjZjOTQ0OWIyOWVkNDVj
MWE4NzIwHhcNMjQwMTAyMDYzMTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmMzZmM1MjlkZTJjMDEzNmU2M2E1NTdmMzExZTU1NzZjNzBmZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ0q9gqioFx9IEcujm4xhpJVjwkC
dC4yadqG8X44rlYnqsau6W9UV7k278ng7TWVVRdDU4r6r9gEU1XfixQvXMBnpDek
/C4/tGUNwKh38zo4pi8woyPDH3OVf8xZRRBAIbsIRdEYwBk1txjBOzmwOWnlr60T
MJN9lc6td5R5iGW1Ud7y/UoP9gF0zH8M6njl4JhtAk0EaXLkDCHQbu6qslqN4cOr
SxQvuJVWJ7oE77AInelEISGMBgg7hvtKkBcRZYBIgl18UA9lG4tq7si42tTqlZXS
qDeYxg+XIu2dL3vkCOYPGgs98Ldo5wu31WOL10PPvhqNtvO4ieFYfg4k+wIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFBvD/FKd4sATbmOlV/MR5VdscP0nMB8GA1UdIwQY
MBaAFJncvfBjKhAWE6j2yUSbKe1FwahyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWR5OThHTXFFQllUcVBiSlJKc3A3VVhCcUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My80ZjNkMWItODM2MS00MTFlLWExNDgt
ODg1OGE1NTlmMjUxLzEvRzhQOFVwM2l3Qk51WTZWWDh4SGxWMnh3X1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My80ZjNkMWItODM2MS00MTFlLWExNDgtODg1OGE1NTlmMjUx
LzEvbWR5OThHTXFFQllUcVBiSlJKc3A3VVhCcUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZMAsDBAC5vP0D
AwC5vAMEArnZMAMEAbn4AjANBgkqhkiG9w0BAQsFAAOCAQEAbcB93DHRS4RyGs7K
HR90q1XWCHvCFsMwSPiii+bi9cqwbtafrviQU3vRsPe3JkYKKVgEs8ywtcz/GLoH
w90CDzDSdXN/U0TUnhgBp/Bja/jj4Q+ttO+m+vxlwT4EY9rDaE/1T4m8hWZKFkpd
aqQ0rawHARbcAi8bmJV+ZUaCXDoeOULprSd++b/AnEFHZKEUV8JMrYBZsl4f1wIO
Sr2G5jhNMXLeSw4EttfgodDn0Pmn9cSdmlN3p4NbLNitIupHgnffX5vAmGzoWDvB
BJXfPRG9mgvxa9jmXLCkk9+hHweg6E+JhsPoP74cjU0TBIwhluHnVyoh4Gpcthn9
ZyUbpQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:03:29 2025 by rpki-client