Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/5bb1d0-634e-46fc-a75a-0c9aa6696b49/1/i4dArMAJ_la5K19zHq79wpAFFT8.roa
File: i4dArMAJ_la5K19zHq79wpAFFT8.roa (raw, json)
Hash identifier: YW89ceIhq8M2ItirVkZ10xrzxfWDMUSrUa2/crj4bUg=
Subject key identifier: 8B:87:40:AC:C0:09:FE:56:B9:2B:5F:73:1E:AE:FD:C2:90:05:15:3F
Certificate issuer: /CN=e5c78fa1993d4512fe2436b8ceda8bfc929d657d
Certificate serial: 018CC4255F2853C96D0191AFEDDE577B7B7C
Authority key identifier: E5:C7:8F:A1:99:3D:45:12:FE:24:36:B8:CE:DA:8B:FC:92:9D:65:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cePoZk9RRL-JDa4ztqL_JKdZX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/5bb1d0-634e-46fc-a75a-0c9aa6696b49/1/i4dArMAJ_la5K19zHq79wpAFFT8.roa
Signing time: Mon 01 Jan 2024 08:30:32 +0000
ROA not before: Mon 01 Jan 2024 08:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 185.164.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Jun 2024 18:26:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5f:28:53:c9:6d:01:91:af:ed:de:57:7b:7b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5c78fa1993d4512fe2436b8ceda8bfc929d657d
Validity
Not Before: Jan 1 08:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b8740acc009fe56b92b5f731eaefdc29005153f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9a:4f:29:e0:d7:94:4a:6a:c3:e8:87:5c:f2:
b3:eb:14:c3:fa:6f:f1:62:26:89:0d:78:f7:cd:f3:
72:ab:d1:6d:25:5c:e7:52:40:8d:fe:4d:d0:b8:78:
a0:6a:2e:6f:ec:1d:58:ea:f2:d2:b2:ee:8d:2e:0d:
d0:71:85:ce:7b:d0:2c:6e:ca:10:57:4a:c2:e1:ff:
66:61:55:fb:a6:0a:25:ff:63:cf:55:76:dc:70:77:
ee:fb:24:ee:c7:0d:75:16:cc:96:1f:09:85:ad:62:
06:b8:3d:ed:fa:2e:48:2f:60:33:4e:b2:19:38:8d:
74:59:ab:c9:05:c3:92:9e:60:b0:19:13:fe:06:8d:
3e:67:9b:95:62:74:a2:04:76:51:36:ad:70:cc:99:
b9:34:12:5a:46:f8:f1:57:46:27:06:ee:55:a0:29:
2b:d8:cf:f2:b9:6c:6c:bb:07:6d:1d:bd:f0:d6:3b:
34:5c:38:25:0c:e0:ed:42:0c:07:ce:16:f9:7d:ed:
2a:f4:13:f2:0d:07:85:4a:6e:3d:cb:14:94:4e:b3:
5d:80:c8:93:6e:ec:d0:00:3d:3b:84:e6:89:b0:86:
96:c5:60:b5:14:ad:39:20:3f:40:d3:4d:61:d3:0d:
5f:e9:33:7a:32:38:f2:72:9b:f9:07:da:44:38:af:
27:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:87:40:AC:C0:09:FE:56:B9:2B:5F:73:1E:AE:FD:C2:90:05:15:3F
X509v3 Authority Key Identifier:
keyid:E5:C7:8F:A1:99:3D:45:12:FE:24:36:B8:CE:DA:8B:FC:92:9D:65:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cePoZk9RRL-JDa4ztqL_JKdZX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5bb1d0-634e-46fc-a75a-0c9aa6696b49/1/i4dArMAJ_la5K19zHq79wpAFFT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5bb1d0-634e-46fc-a75a-0c9aa6696b49/1/5cePoZk9RRL-JDa4ztqL_JKdZX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.163.0/24
Signature Algorithm: sha256WithRSAEncryption
14:0d:8a:f4:6c:16:42:56:9c:f5:a8:d0:37:91:d7:f1:04:de:
7a:9f:b2:a6:42:fe:70:98:ae:a7:d2:90:69:14:5c:df:c1:de:
6d:72:20:99:f0:12:30:c3:0a:a9:cd:41:c6:09:97:20:f5:41:
6b:d7:ab:18:45:ad:6a:8d:16:c4:af:ab:cb:48:6a:0c:77:a6:
4b:19:6d:90:79:2b:a4:e6:ce:16:f8:fe:32:94:47:72:ee:74:
6c:1a:59:52:8c:ee:c5:79:0c:41:cf:84:a3:57:3b:5a:39:7e:
68:86:a1:7b:0c:c1:72:54:9c:0b:c3:be:a8:36:e1:c6:d3:bc:
80:e8:7b:cf:d2:e9:93:71:dd:b8:fe:2b:2e:3f:e5:9f:f9:65:
80:dc:bf:46:27:27:df:17:f1:fa:6e:62:70:49:8c:79:19:8a:
51:bb:e7:76:22:05:4d:ea:fc:ae:c1:83:cb:84:77:52:e3:58:
02:98:1b:de:77:f7:c8:d4:99:9e:59:a4:b0:32:95:08:13:fd:
31:dd:01:3a:b6:bd:69:f2:7c:ba:bb:34:68:7a:2c:5e:95:c1:
01:56:66:f5:14:7e:76:f1:89:3b:b2:4c:fd:24:3d:23:b2:5b:
02:39:68:e0:b3:b3:8e:56:c6:50:b9:99:dc:d0:a4:6d:6e:16:
2c:ab:d9:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJV8oU8ltAZGv7d5Xe3t8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1Yzc4ZmExOTkzZDQ1MTJmZTI0MzZiOGNlZGE4YmZjOTI5
ZDY1N2QwHhcNMjQwMTAxMDgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjg3NDBhY2MwMDlmZTU2YjkyYjVmNzMxZWFlZmRjMjkwMDUxNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJpPKeDXlEpqw+iHXPKz6xTD+m/x
YiaJDXj3zfNyq9FtJVznUkCN/k3QuHigai5v7B1Y6vLSsu6NLg3QcYXOe9AsbsoQ
V0rC4f9mYVX7pgol/2PPVXbccHfu+yTuxw11FsyWHwmFrWIGuD3t+i5IL2AzTrIZ
OI10WavJBcOSnmCwGRP+Bo0+Z5uVYnSiBHZRNq1wzJm5NBJaRvjxV0YnBu5VoCkr
2M/yuWxsuwdtHb3w1js0XDglDODtQgwHzhb5fe0q9BPyDQeFSm49yxSUTrNdgMiT
buzQAD07hOaJsIaWxWC1FK05ID9A001h0w1f6TN6Mjjycpv5B9pEOK8njQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIuHQKzACf5WuStfcx6u/cKQBRU/MB8GA1UdIwQY
MBaAFOXHj6GZPUUS/iQ2uM7ai/ySnWV9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNlUG9aazlSUkwtSkRhNHp0cUxfSktkWlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy81YmIxZDAtNjM0ZS00NmZjLWE3NWEt
MGM5YWE2Njk2YjQ5LzEvaTRkQXJNQUpfbGE1SzE5ekhxNzl3cEFGRlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy81YmIxZDAtNjM0ZS00NmZjLWE3NWEtMGM5YWE2Njk2YjQ5
LzEvNWNlUG9aazlSUkwtSkRhNHp0cUxfSktkWlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaSjMA0G
CSqGSIb3DQEBCwUAA4IBAQAUDYr0bBZCVpz1qNA3kdfxBN56n7KmQv5wmK6n0pBp
FFzfwd5tciCZ8BIwwwqpzUHGCZcg9UFr16sYRa1qjRbEr6vLSGoMd6ZLGW2QeSuk
5s4W+P4ylEdy7nRsGllSjO7FeQxBz4SjVztaOX5ohqF7DMFyVJwLw76oNuHG07yA
6HvP0umTcd24/isuP+Wf+WWA3L9GJyffF/H6bmJwSYx5GYpRu+d2IgVN6vyuwYPL
hHdS41gCmBved/fI1JmeWaSwMpUIE/0x3QE6tr1p8ny6uzRoeixelcEBVmb1FH52
8Yk7skz9JD0jslsCOWjgs7OOVsZQuZnc0KRtbhYsq9lj
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:11 2025 by rpki-client