Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/c087e9-d11d-44a6-8c4d-2857f17037a1/1/iwihyOLvuCLsaQOwh_A-HwFTr1o.roa
File: iwihyOLvuCLsaQOwh_A-HwFTr1o.roa (raw, json)
Hash identifier: VMaF3urS5Y57UrmFcFOmIGlqNMD9te9JSufwMcv8adQ=
Subject key identifier: 8B:08:A1:C8:E2:EF:B8:22:EC:69:03:B0:87:F0:3E:1F:01:53:AF:5A
Certificate issuer: /CN=cd1e56e4c4c4a518f2388a5acb5af0452cc2a595
Certificate serial: 018CC5DCCFDB2742FA560776CC887639D7C1
Authority key identifier: CD:1E:56:E4:C4:C4:A5:18:F2:38:8A:5A:CB:5A:F0:45:2C:C2:A5:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zR5W5MTEpRjyOIpay1rwRSzCpZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/c087e9-d11d-44a6-8c4d-2857f17037a1/1/iwihyOLvuCLsaQOwh_A-HwFTr1o.roa
Signing time: Mon 01 Jan 2024 16:30:31 +0000
ROA not before: Mon 01 Jan 2024 16:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61246
IP address blocks: 185.14.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:cf:db:27:42:fa:56:07:76:cc:88:76:39:d7:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd1e56e4c4c4a518f2388a5acb5af0452cc2a595
Validity
Not Before: Jan 1 16:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b08a1c8e2efb822ec6903b087f03e1f0153af5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4c:10:8e:19:22:d3:fe:f2:0c:57:5a:35:2e:
c6:83:bf:01:12:71:e8:c7:06:eb:c2:35:cb:6b:b1:
1f:15:0b:ec:8f:8b:f4:e1:f5:6f:54:1a:c5:75:90:
18:de:24:e8:9e:bd:7c:54:1f:e4:5a:49:b2:b5:1b:
8d:96:2b:ab:b4:ab:91:e9:01:50:76:5e:7a:30:88:
44:b8:3c:f3:ec:4e:5e:6a:46:d2:d4:05:c6:85:97:
43:b9:f6:17:38:4a:d8:d1:b6:45:43:c6:ba:93:09:
dd:9d:ba:02:cb:78:df:f1:ce:20:7f:6d:d3:a7:14:
f4:54:ff:55:62:de:00:18:43:f5:85:0b:e4:78:b4:
b0:e2:6a:6a:4e:e3:b2:41:aa:40:13:83:90:61:32:
5e:a8:02:14:eb:da:16:39:25:63:55:b3:fc:31:47:
1a:1b:00:36:d5:e6:4c:a1:26:41:df:a0:84:72:08:
38:71:0e:36:c0:f3:46:e6:17:36:97:10:ba:fe:04:
08:cc:91:7c:e5:44:3c:ca:d0:58:67:fb:43:6b:3a:
15:74:b2:ff:71:c9:8b:15:14:d2:f7:2f:29:8b:cc:
ef:23:88:57:3a:c4:85:f5:a5:ce:0c:a3:9f:a2:f4:
bb:48:44:78:d8:b8:73:3d:68:d4:94:45:01:f6:cc:
f5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:08:A1:C8:E2:EF:B8:22:EC:69:03:B0:87:F0:3E:1F:01:53:AF:5A
X509v3 Authority Key Identifier:
keyid:CD:1E:56:E4:C4:C4:A5:18:F2:38:8A:5A:CB:5A:F0:45:2C:C2:A5:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zR5W5MTEpRjyOIpay1rwRSzCpZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c087e9-d11d-44a6-8c4d-2857f17037a1/1/iwihyOLvuCLsaQOwh_A-HwFTr1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c087e9-d11d-44a6-8c4d-2857f17037a1/1/zR5W5MTEpRjyOIpay1rwRSzCpZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.80.0/22
Signature Algorithm: sha256WithRSAEncryption
35:7e:22:bc:e9:46:50:3f:8d:ec:60:6c:91:6e:eb:06:f0:97:
40:74:59:8c:c6:63:d0:70:10:05:56:32:30:ce:d4:f6:55:92:
69:4e:d2:1f:2b:e6:d5:14:76:56:5d:71:0a:74:a6:c6:b2:7c:
e7:f8:06:4b:19:bc:3a:d6:70:6c:72:7a:1d:03:ba:b8:34:75:
3d:8b:d5:49:5d:c3:d0:7c:0e:00:cc:1e:09:8c:2d:17:81:e1:
0a:8f:24:6c:3e:d9:66:4c:c4:44:2c:ee:c8:50:76:80:29:e8:
9f:18:aa:92:b9:5b:84:a0:c9:4e:51:61:3d:0e:37:17:21:e4:
2f:d4:09:b5:5f:a5:b4:2c:18:1f:e3:27:40:b0:c2:3b:ca:8f:
72:dd:29:ab:30:c3:61:7b:69:c3:ad:91:43:bf:40:1f:24:57:
f6:03:84:e6:74:26:b6:f9:e6:8a:8e:df:32:20:02:80:96:89:
87:d5:8b:6f:70:d2:81:e1:ae:3b:98:6f:6d:39:04:75:75:d2:
c1:6a:33:91:78:39:75:59:3a:64:e1:45:ea:50:fe:bf:96:82:
6b:3d:4a:57:fa:a2:bc:b9:4d:0e:5d:4f:47:c0:14:ea:c5:a2:
15:7d:62:10:88:95:d5:3c:74:7c:27:bf:49:88:ea:51:c2:14:
cc:15:1e:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3M/bJ0L6Vgd2zIh2OdfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMWU1NmU0YzRjNGE1MThmMjM4OGE1YWNiNWFmMDQ1MmNj
MmE1OTUwHhcNMjQwMTAxMTYzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjA4YTFjOGUyZWZiODIyZWM2OTAzYjA4N2YwM2UxZjAxNTNhZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEwQjhki0/7yDFdaNS7Gg78BEnHo
xwbrwjXLa7EfFQvsj4v04fVvVBrFdZAY3iTonr18VB/kWkmytRuNliurtKuR6QFQ
dl56MIhEuDzz7E5eakbS1AXGhZdDufYXOErY0bZFQ8a6kwndnboCy3jf8c4gf23T
pxT0VP9VYt4AGEP1hQvkeLSw4mpqTuOyQapAE4OQYTJeqAIU69oWOSVjVbP8MUca
GwA21eZMoSZB36CEcgg4cQ42wPNG5hc2lxC6/gQIzJF85UQ8ytBYZ/tDazoVdLL/
ccmLFRTS9y8pi8zvI4hXOsSF9aXODKOfovS7SER42LhzPWjUlEUB9sz1rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIsIocji77gi7GkDsIfwPh8BU69aMB8GA1UdIwQY
MBaAFM0eVuTExKUY8jiKWsta8EUswqWVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelI1VzVNVEVwUmp5T0lwYXkxcndSU3pDcFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9jMDg3ZTktZDExZC00NGE2LThjNGQt
Mjg1N2YxNzAzN2ExLzEvaXdpaHlPTHZ1Q0xzYVFPd2hfQS1Id0ZUcjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9jMDg3ZTktZDExZC00NGE2LThjNGQtMjg1N2YxNzAzN2Ex
LzEvelI1VzVNVEVwUmp5T0lwYXkxcndSU3pDcFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQ5QMA0G
CSqGSIb3DQEBCwUAA4IBAQA1fiK86UZQP43sYGyRbusG8JdAdFmMxmPQcBAFVjIw
ztT2VZJpTtIfK+bVFHZWXXEKdKbGsnzn+AZLGbw61nBscnodA7q4NHU9i9VJXcPQ
fA4AzB4JjC0XgeEKjyRsPtlmTMRELO7IUHaAKeifGKqSuVuEoMlOUWE9DjcXIeQv
1Am1X6W0LBgf4ydAsMI7yo9y3SmrMMNhe2nDrZFDv0AfJFf2A4TmdCa2+eaKjt8y
IAKAlomH1YtvcNKB4a47mG9tOQR1ddLBajOReDl1WTpk4UXqUP6/loJrPUpX+qK8
uU0OXU9HwBTqxaIVfWIQiJXVPHR8J79JiOpRwhTMFR5r
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:57 2025 by rpki-client