Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/2WhceVJ-1wKt4iYT9MvwcmwkGNE.roa
File: 2WhceVJ-1wKt4iYT9MvwcmwkGNE.roa (raw, json)
Hash identifier: oxpye8OsKv8shkhbFy3+ICSxMJL7kBJlTT0ZEf+DEn4=
Subject key identifier: D9:68:5C:79:52:7E:D7:02:AD:E2:26:13:F4:CB:F0:72:6C:24:18:D1
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 018CC7940D8F41DAA256EB52E3BC0D3A6A4C
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/2WhceVJ-1wKt4iYT9MvwcmwkGNE.roa
Signing time: Tue 02 Jan 2024 00:30:17 +0000
ROA not before: Tue 02 Jan 2024 00:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 185.189.244.0/23 maxlen: 24
185.189.246.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:0d:8f:41:da:a2:56:eb:52:e3:bc:0d:3a:6a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Jan 2 00:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9685c79527ed702ade22613f4cbf0726c2418d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:94:8a:84:5b:af:4c:68:1a:38:42:47:73:eb:
87:a2:b8:1e:3c:4c:ec:ab:39:9e:a3:29:2b:96:9d:
fa:d1:1e:2e:a4:9b:5a:81:10:20:61:63:be:da:11:
f3:1d:a2:c6:c9:5b:7a:d1:07:65:db:f7:e2:6d:0a:
69:b1:dd:48:cf:9e:f2:f5:33:3e:2f:d5:cb:68:27:
14:6f:1b:e3:dc:81:bf:c0:45:8f:37:25:d4:f2:7e:
f9:11:52:f1:bc:41:eb:16:f2:46:8a:8c:43:bf:37:
22:66:15:f4:70:9e:13:f1:89:c4:1c:ec:66:34:25:
86:50:6c:ba:2e:10:a1:17:c8:d5:fd:be:19:66:e8:
eb:c1:4a:3f:b8:76:b7:80:db:b3:60:fe:05:47:3d:
ee:b2:c1:0b:ab:76:df:31:68:1c:4f:17:ab:1c:87:
1f:d4:98:25:bc:d4:8f:0b:40:ef:1f:ae:75:74:07:
39:6b:fa:a8:a0:8f:d5:c6:29:9e:37:55:d2:27:0b:
66:7c:70:ab:c2:89:05:e3:31:d7:ab:39:ea:e9:ed:
b3:0d:31:7c:ae:90:2f:06:08:52:b8:31:5c:54:1d:
19:24:95:6b:ed:5f:80:34:a1:d6:c6:60:8b:60:89:
69:f6:c6:7a:ca:1a:e0:31:3e:a5:b6:2b:7a:b4:96:
b4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:68:5C:79:52:7E:D7:02:AD:E2:26:13:F4:CB:F0:72:6C:24:18:D1
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/2WhceVJ-1wKt4iYT9MvwcmwkGNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.244.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:58:e7:ed:ae:b6:ee:e3:af:4d:5b:fc:67:c5:02:92:e0:cf:
d5:b4:56:f7:5c:cc:f4:83:be:f6:67:1f:ab:51:c3:a4:61:e0:
26:59:c2:6f:3c:12:55:fa:20:83:da:d5:c1:f8:c4:50:ae:46:
f8:73:d0:8c:3a:bc:8f:b5:a1:02:97:c7:f9:fe:4f:a9:2c:ac:
51:4f:04:98:5a:f9:ea:fd:1c:db:c4:89:7c:6a:42:e9:c7:cf:
23:35:94:83:64:0d:1c:52:20:38:e3:4e:2a:6d:b7:ea:19:6c:
b8:d7:d9:f6:12:e8:72:af:e1:6a:ba:ef:ab:01:f4:7d:0f:3e:
eb:be:7a:70:15:94:d6:eb:87:b2:63:a9:6b:fb:da:6d:e2:d5:
84:f2:fd:68:a1:ed:fb:1b:95:67:03:05:a6:f1:d1:db:9a:94:
e4:94:7f:b6:60:ec:df:ee:2b:c5:cc:fd:ff:67:50:9d:08:b0:
83:79:bb:df:21:0a:50:5b:8c:ad:6c:84:42:0e:b9:d6:69:62:
24:b6:d0:92:e1:b8:03:45:7e:9b:a9:8a:ae:dc:cf:53:9a:a9:
87:5d:5a:80:0a:2e:56:61:55:ac:69:38:4f:f1:4c:49:88:cd:
11:fa:0c:08:e3:19:8b:31:1f:68:64:a8:ab:6a:34:2a:18:58:
70:59:ec:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlA2PQdqiVutS47wNOmpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjQwMTAyMDAzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTY4NWM3OTUyN2VkNzAyYWRlMjI2MTNmNGNiZjA3MjZjMjQxOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpSKhFuvTGgaOEJHc+uHorgePEzs
qzmeoykrlp360R4upJtagRAgYWO+2hHzHaLGyVt60Qdl2/fibQppsd1Iz57y9TM+
L9XLaCcUbxvj3IG/wEWPNyXU8n75EVLxvEHrFvJGioxDvzciZhX0cJ4T8YnEHOxm
NCWGUGy6LhChF8jV/b4ZZujrwUo/uHa3gNuzYP4FRz3ussELq3bfMWgcTxerHIcf
1JglvNSPC0DvH651dAc5a/qooI/VximeN1XSJwtmfHCrwokF4zHXqznq6e2zDTF8
rpAvBghSuDFcVB0ZJJVr7V+ANKHWxmCLYIlp9sZ6yhrgMT6ltit6tJa0DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNloXHlSftcCreImE/TL8HJsJBjRMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvMldoY2VWSi0xd0t0NGlZVDlNdndjbXdrR05FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub30MA0G
CSqGSIb3DQEBCwUAA4IBAQB9WOftrrbu469NW/xnxQKS4M/VtFb3XMz0g772Zx+r
UcOkYeAmWcJvPBJV+iCD2tXB+MRQrkb4c9CMOryPtaECl8f5/k+pLKxRTwSYWvnq
/RzbxIl8akLpx88jNZSDZA0cUiA4404qbbfqGWy419n2Euhyr+Fquu+rAfR9Dz7r
vnpwFZTW64eyY6lr+9pt4tWE8v1ooe37G5VnAwWm8dHbmpTklH+2YOzf7ivFzP3/
Z1CdCLCDebvfIQpQW4ytbIRCDrnWaWIkttCS4bgDRX6bqYqu3M9TmqmHXVqACi5W
YVWsaThP8UxJiM0R+gwI4xmLMR9oZKirajQqGFhwWext
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:45:53 2025 by rpki-client