Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/R4Bhl0kCEh5X_qacnIrnz22ai48.roa
File: R4Bhl0kCEh5X_qacnIrnz22ai48.roa (raw, json)
Hash identifier: fAri0nA6O0WBhYbEuz4XDuyUusAUoddE0brz7Z+OFyo=
Subject key identifier: 47:80:61:97:49:02:12:1E:57:FE:A6:9C:9C:8A:E7:CF:6D:9A:8B:8F
Certificate issuer: /CN=c9470ae418eeddd6b39dae9e7a177a19c7799c41
Certificate serial: 018CC56ED7EF77A7598A57FF4ECD8BAD9BFA
Authority key identifier: C9:47:0A:E4:18:EE:DD:D6:B3:9D:AE:9E:7A:17:7A:19:C7:79:9C:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yUcK5Bju3dazna6eehd6Gcd5nEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/R4Bhl0kCEh5X_qacnIrnz22ai48.roa
Signing time: Mon 01 Jan 2024 14:30:24 +0000
ROA not before: Mon 01 Jan 2024 14:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.36.216.0/22 maxlen: 24
194.247.26.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d7:ef:77:a7:59:8a:57:ff:4e:cd:8b:ad:9b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9470ae418eeddd6b39dae9e7a177a19c7799c41
Validity
Not Before: Jan 1 14:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=478061974902121e57fea69c9c8ae7cf6d9a8b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:58:3c:4a:d2:1d:ed:65:a0:4f:df:60:4a:0a:
a7:cf:e6:89:12:dc:9a:7b:0c:b6:91:68:16:65:66:
c8:2c:31:2a:19:ec:52:0c:9a:dc:3c:be:8e:e0:1c:
cb:4d:bd:f9:21:15:7c:bf:1b:c3:06:37:53:ae:92:
2b:af:3b:08:3a:43:1f:5b:9a:e4:20:b4:0b:ce:99:
91:11:f5:28:b8:11:86:54:54:20:13:11:a8:c1:89:
47:ea:a9:67:76:94:a8:6a:36:07:23:88:88:98:1a:
92:5f:e7:18:a7:b9:88:eb:36:fc:61:50:a4:89:db:
43:f9:c6:77:3e:25:e7:11:56:49:c0:da:09:2f:f0:
ab:9e:60:43:ec:5d:68:34:3e:b7:55:cc:23:21:4e:
45:d9:99:d0:15:7d:db:65:ed:f5:ea:20:b0:64:06:
c0:2e:a7:4c:32:75:c0:88:2a:a3:2e:e7:11:b3:f9:
eb:fd:a8:b0:73:14:f7:f2:98:ce:b7:af:e8:d3:6c:
c6:4c:d0:db:5a:40:da:c6:f3:45:63:dd:3c:ad:01:
25:72:19:76:5f:db:c8:e4:39:9d:04:93:be:e4:32:
2c:60:78:c1:09:df:9e:91:16:de:50:f5:53:43:56:
36:75:30:c3:2d:c4:fc:02:40:4d:73:9c:4d:2d:ea:
84:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:80:61:97:49:02:12:1E:57:FE:A6:9C:9C:8A:E7:CF:6D:9A:8B:8F
X509v3 Authority Key Identifier:
keyid:C9:47:0A:E4:18:EE:DD:D6:B3:9D:AE:9E:7A:17:7A:19:C7:79:9C:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yUcK5Bju3dazna6eehd6Gcd5nEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/R4Bhl0kCEh5X_qacnIrnz22ai48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/yUcK5Bju3dazna6eehd6Gcd5nEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.216.0/22
194.247.26.0/23
Signature Algorithm: sha256WithRSAEncryption
29:d8:f8:c5:8c:30:99:05:98:9f:ef:5a:ad:57:59:7b:c9:bc:
54:c8:aa:1f:fa:63:95:a9:e6:4a:cc:b7:0f:f7:b3:eb:c5:a4:
cd:e2:70:01:71:fe:8e:dd:53:28:65:b3:63:ce:84:f4:c1:19:
9a:28:c9:58:83:08:0e:6f:06:ba:b8:69:f6:45:39:66:d3:98:
c6:38:b3:5c:65:e3:82:67:6d:b8:dc:4f:3c:8c:55:b2:82:d9:
46:51:b5:bf:66:95:70:37:86:cc:ab:2d:f0:53:80:04:aa:96:
eb:5d:34:d7:c1:b7:7a:4b:3e:0d:7a:f4:ed:07:0d:42:e3:b2:
5f:89:e3:a8:14:1d:66:64:a6:69:4f:d2:df:02:97:51:73:0b:
56:4c:7d:7c:20:cb:d8:6f:58:f0:70:e3:3b:76:45:5f:31:ba:
d6:f8:7a:5d:c4:5b:0a:fb:fc:bc:d6:f8:0b:43:7b:9d:33:a7:
cb:8d:85:51:13:cf:c1:f2:02:ca:89:84:fc:e6:ea:0b:6a:da:
18:3c:35:0e:f6:80:bd:f0:78:3c:2d:ff:82:9c:5b:fc:16:d9:
af:49:62:9f:99:60:5a:c3:c3:fa:03:d5:e5:78:70:04:f2:f3:
77:bc:1d:95:37:9a:c3:0d:25:3f:e9:be:24:5e:28:a4:0e:fa:
f2:db:2a:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbtfvd6dZilf/Ts2LrZv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NDcwYWU0MThlZWRkZDZiMzlkYWU5ZTdhMTc3YTE5Yzc3
OTljNDEwHhcNMjQwMTAxMTQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzgwNjE5NzQ5MDIxMjFlNTdmZWE2OWM5YzhhZTdjZjZkOWE4YjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlg8StId7WWgT99gSgqnz+aJEtya
ewy2kWgWZWbILDEqGexSDJrcPL6O4BzLTb35IRV8vxvDBjdTrpIrrzsIOkMfW5rk
ILQLzpmREfUouBGGVFQgExGowYlH6qlndpSoajYHI4iImBqSX+cYp7mI6zb8YVCk
idtD+cZ3PiXnEVZJwNoJL/CrnmBD7F1oND63VcwjIU5F2ZnQFX3bZe316iCwZAbA
LqdMMnXAiCqjLucRs/nr/aiwcxT38pjOt6/o02zGTNDbWkDaxvNFY908rQElchl2
X9vI5DmdBJO+5DIsYHjBCd+ekRbeUPVTQ1Y2dTDDLcT8AkBNc5xNLeqESQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEeAYZdJAhIeV/6mnJyK589tmouPMB8GA1UdIwQY
MBaAFMlHCuQY7t3Ws52unnoXehnHeZxBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVVjSzVCanUzZGF6bmE2ZWVoZDZHY2Q1bkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jZTAyMmQtZDhkYi00NDU5LWJlMWMt
YjA5MTIxNWQ1ZTRkLzEvUjRCaGwwa0NFaDVYX3FhY25Jcm56MjJhaTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9jZTAyMmQtZDhkYi00NDU5LWJlMWMtYjA5MTIxNWQ1ZTRk
LzEveVVjSzVCanUzZGF6bmE2ZWVoZDZHY2Q1bkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSTYAwQB
wvcaMA0GCSqGSIb3DQEBCwUAA4IBAQAp2PjFjDCZBZif71qtV1l7ybxUyKof+mOV
qeZKzLcP97PrxaTN4nABcf6O3VMoZbNjzoT0wRmaKMlYgwgObwa6uGn2RTlm05jG
OLNcZeOCZ2243E88jFWygtlGUbW/ZpVwN4bMqy3wU4AEqpbrXTTXwbd6Sz4NevTt
Bw1C47JfieOoFB1mZKZpT9LfApdRcwtWTH18IMvYb1jwcOM7dkVfMbrW+HpdxFsK
+/y81vgLQ3udM6fLjYVRE8/B8gLKiYT85uoLatoYPDUO9oC98Hg8Lf+CnFv8Ftmv
SWKfmWBaw8P6A9XleHAE8vN3vB2VN5rDDSU/6b4kXiikDvry2yqL
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:44 2025 by rpki-client