Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/jyFpDRZf_lsDUlhSQGsMYzKz40w.roa
File: jyFpDRZf_lsDUlhSQGsMYzKz40w.roa (raw, json)
Hash identifier: AqtwxNLjNg5epinz9v9WHveepTX5Q6vUobnd5nnS5k8=
Subject key identifier: 8F:21:69:0D:16:5F:FE:5B:03:52:58:52:40:6B:0C:63:32:B3:E3:4C
Certificate issuer: /CN=85b611a0b7d4334b7a2395e8cce7b0e3c9b838e8
Certificate serial: 01909BDCC1D8530FD6310AA1CE90CFE73EE2
Authority key identifier: 85:B6:11:A0:B7:D4:33:4B:7A:23:95:E8:CC:E7:B0:E3:C9:B8:38:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/jyFpDRZf_lsDUlhSQGsMYzKz40w.roa
Signing time: Wed 10 Jul 2024 08:57:34 +0000
ROA not before: Wed 10 Jul 2024 08:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211717
IP address blocks: 185.51.44.0/22 maxlen: 24
185.51.44.0/23 maxlen: 23
185.51.45.0/24 maxlen: 24
185.51.46.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:dc:c1:d8:53:0f:d6:31:0a:a1:ce:90:cf:e7:3e:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b611a0b7d4334b7a2395e8cce7b0e3c9b838e8
Validity
Not Before: Jul 10 08:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f21690d165ffe5b03525852406b0c6332b3e34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:af:7f:b9:c6:c5:6b:bf:2f:de:17:0b:d2:51:
1d:4c:e0:c1:17:c1:9f:f0:c5:22:e6:f6:16:b3:1e:
2c:2f:52:c2:06:05:7c:49:5f:88:b4:c7:99:aa:ca:
f0:68:02:26:50:c1:33:b3:10:2f:0c:69:47:27:01:
c9:c5:a2:10:d7:68:5f:a5:61:c1:0a:2b:b1:6d:f4:
61:e5:98:97:64:b7:0e:04:7b:40:1d:d9:1e:75:c7:
ba:08:32:f1:c6:c8:45:99:09:34:c3:97:e2:8a:d5:
1c:9f:7a:d3:97:3e:63:23:f8:59:f7:32:b2:e1:de:
e4:96:29:6b:70:9c:5e:47:f5:71:83:9a:7f:2d:0b:
58:07:78:53:54:68:7f:73:5f:6b:0a:09:22:c2:74:
bf:42:fb:c6:6d:ba:77:b8:d0:3a:a6:49:8b:3e:16:
78:87:b1:36:79:2e:42:21:7e:6d:5e:0f:fe:06:c5:
4b:d5:30:87:75:7f:fb:e3:c8:d7:61:01:ea:5f:d3:
a4:58:8e:80:58:8a:0d:19:ce:c7:91:c8:81:0c:f7:
a5:72:b2:4a:60:a2:d7:d3:24:c7:32:4b:23:83:79:
12:8d:76:ef:13:67:bc:7b:a1:9e:d7:2e:0d:19:fb:
8c:3f:57:58:c9:9a:e1:aa:16:63:7b:46:2e:b2:44:
44:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:21:69:0D:16:5F:FE:5B:03:52:58:52:40:6B:0C:63:32:B3:E3:4C
X509v3 Authority Key Identifier:
keyid:85:B6:11:A0:B7:D4:33:4B:7A:23:95:E8:CC:E7:B0:E3:C9:B8:38:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/jyFpDRZf_lsDUlhSQGsMYzKz40w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.44.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:fb:af:34:c5:02:c4:10:75:18:ca:d2:a9:e1:49:14:2e:73:
e2:d1:0f:9b:80:34:32:a6:25:95:52:0d:6c:ab:8f:24:76:1c:
42:86:9c:61:ce:3f:56:a1:ed:df:58:9e:9d:da:38:63:19:3a:
dd:a1:8b:f5:e6:cd:60:8e:a7:7e:f5:e2:fe:cd:28:00:3d:b0:
d1:84:f8:74:3e:01:a6:16:19:4b:ae:ce:32:ea:ba:3a:ce:57:
be:1d:72:3a:16:9d:37:3d:b4:8d:e9:35:63:d4:de:ce:bc:2f:
00:5a:d2:4a:2c:8e:0d:75:13:f6:6a:74:e4:9e:e9:34:ff:0a:
67:a1:da:19:10:50:5c:db:a9:6d:38:03:de:c7:70:49:49:e3:
60:d5:e9:94:fd:a0:a5:b5:73:45:43:dd:62:f1:fb:85:87:e2:
a9:a0:40:01:7f:49:73:2c:c3:6d:37:f9:a1:bb:c2:fe:df:44:
ec:9b:c2:b7:02:7e:78:17:9c:08:cd:08:66:4e:9d:40:cb:6b:
30:27:9b:fc:7b:28:55:6a:85:33:81:84:47:a0:a4:63:f4:b4:
c8:64:22:8d:44:32:3c:f9:71:54:90:4d:27:cb:9b:ca:37:4b:
bf:36:02:9a:48:02:ef:e3:06:ec:49:27:75:48:35:9d:8e:9a:
4a:c3:ff:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCb3MHYUw/WMQqhzpDP5z7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjYxMWEwYjdkNDMzNGI3YTIzOTVlOGNjZTdiMGUzYzli
ODM4ZTgwHhcNMjQwNzEwMDg1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjIxNjkwZDE2NWZmZTViMDM1MjU4NTI0MDZiMGM2MzMyYjNlMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA069/ucbFa78v3hcL0lEdTODBF8Gf
8MUi5vYWsx4sL1LCBgV8SV+ItMeZqsrwaAImUMEzsxAvDGlHJwHJxaIQ12hfpWHB
CiuxbfRh5ZiXZLcOBHtAHdkedce6CDLxxshFmQk0w5fiitUcn3rTlz5jI/hZ9zKy
4d7klilrcJxeR/Vxg5p/LQtYB3hTVGh/c19rCgkiwnS/QvvGbbp3uNA6pkmLPhZ4
h7E2eS5CIX5tXg/+BsVL1TCHdX/748jXYQHqX9OkWI6AWIoNGc7HkciBDPelcrJK
YKLX0yTHMksjg3kSjXbvE2e8e6Ge1y4NGfuMP1dYyZrhqhZje0YuskREoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI8haQ0WX/5bA1JYUkBrDGMys+NMMB8GA1UdIwQY
MBaAFIW2EaC31DNLeiOV6MznsOPJuDjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ZDU2M2QtYzQ3MC00M2IzLTgyYmIt
ODhjYjRlNzEwNmVhLzEvanlGcERSWmZfbHNEVWxoU1FHc01Zekt6NDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ZDU2M2QtYzQ3MC00M2IzLTgyYmItODhjYjRlNzEwNmVh
LzEvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTMsMA0G
CSqGSIb3DQEBCwUAA4IBAQAe+680xQLEEHUYytKp4UkULnPi0Q+bgDQypiWVUg1s
q48kdhxChpxhzj9Woe3fWJ6d2jhjGTrdoYv15s1gjqd+9eL+zSgAPbDRhPh0PgGm
FhlLrs4y6ro6zle+HXI6Fp03PbSN6TVj1N7OvC8AWtJKLI4NdRP2anTknuk0/wpn
odoZEFBc26ltOAPex3BJSeNg1emU/aCltXNFQ91i8fuFh+KpoEABf0lzLMNtN/mh
u8L+30Tsm8K3An54F5wIzQhmTp1Ay2swJ5v8eyhVaoUzgYRHoKRj9LTIZCKNRDI8
+XFUkE0ny5vKN0u/NgKaSALv4wbsSSd1SDWdjppKw//+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:37 2025 by rpki-client