Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/h95q4VBlkx9HX_WpRQPmoX3dx78.roa
File: h95q4VBlkx9HX_WpRQPmoX3dx78.roa (raw, json)
Hash identifier: 1imt6K0vhc8mozGbKj/pCwpHZST+VOYmjV9exk83WSM=
Subject key identifier: 87:DE:6A:E1:50:65:93:1F:47:5F:F5:A9:45:03:E6:A1:7D:DD:C7:BF
Certificate issuer: /CN=ddf1df598f4a8f3a2d074ccb6f6d16b54d1d111c
Certificate serial: 018CC794AE50EDB9E96D65A5DF0C844B0D12
Authority key identifier: DD:F1:DF:59:8F:4A:8F:3A:2D:07:4C:CB:6F:6D:16:B5:4D:1D:11:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fHfWY9KjzotB0zLb20WtU0dERw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/h95q4VBlkx9HX_WpRQPmoX3dx78.roa
Signing time: Tue 02 Jan 2024 00:30:59 +0000
ROA not before: Tue 02 Jan 2024 00:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60435
IP address blocks: 185.178.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:ae:50:ed:b9:e9:6d:65:a5:df:0c:84:4b:0d:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf1df598f4a8f3a2d074ccb6f6d16b54d1d111c
Validity
Not Before: Jan 2 00:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87de6ae15065931f475ff5a94503e6a17dddc7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ad:26:96:79:ad:07:9d:53:94:e2:bd:65:d0:
e7:09:80:9e:ea:11:8b:87:aa:63:58:0e:24:7a:e4:
83:55:eb:f5:45:0f:9b:76:0e:20:5d:09:e2:10:db:
64:d0:06:fb:67:54:22:4c:5b:91:fc:8e:8e:5c:2a:
e9:bd:9e:0b:39:ce:1d:09:82:94:ec:58:74:0d:c7:
2d:34:2e:25:51:c9:6e:a3:aa:f6:ed:56:52:89:e2:
2e:64:35:b5:00:7f:2a:b9:4a:57:9e:3d:fd:ac:e9:
52:ee:76:86:59:d7:38:7c:69:eb:a6:0c:56:f8:c9:
23:32:d5:80:57:12:61:3e:21:90:d9:0c:d5:0e:59:
56:da:68:56:b1:fa:59:5c:4c:3e:3a:c9:88:c0:39:
21:64:46:98:08:c9:a4:a9:48:7d:e4:4f:da:55:5f:
31:02:dd:da:f2:3e:70:59:91:c3:ca:d9:24:5c:99:
59:e0:8f:62:59:ef:ad:2c:67:1a:60:01:fd:b4:02:
ee:da:fb:fa:4e:40:2a:8d:32:bf:31:50:e4:cb:95:
12:6c:83:74:bd:4e:5e:30:e7:82:7e:15:33:0c:2a:
84:b8:2b:fc:c9:cf:20:c2:56:fc:81:47:ed:57:80:
8e:a1:66:40:9f:8f:1e:43:3c:47:ba:07:f0:e6:2e:
0f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:DE:6A:E1:50:65:93:1F:47:5F:F5:A9:45:03:E6:A1:7D:DD:C7:BF
X509v3 Authority Key Identifier:
keyid:DD:F1:DF:59:8F:4A:8F:3A:2D:07:4C:CB:6F:6D:16:B5:4D:1D:11:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fHfWY9KjzotB0zLb20WtU0dERw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/h95q4VBlkx9HX_WpRQPmoX3dx78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/3fHfWY9KjzotB0zLb20WtU0dERw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.224.0/24
Signature Algorithm: sha256WithRSAEncryption
51:c7:71:4a:7b:b6:98:e6:f8:50:2e:5b:7e:0f:c4:b1:c0:6b:
33:36:f4:77:2e:86:26:d7:43:1b:d0:39:5f:60:7c:0e:44:0e:
24:8f:ef:68:ad:07:16:b1:65:3a:40:36:ae:35:07:d0:8f:91:
39:47:c0:d3:1f:99:a7:18:10:26:6d:b0:aa:21:bc:7d:3d:dd:
b1:26:d5:df:57:e3:93:07:f9:48:82:12:77:91:a6:bb:e7:87:
5b:cf:14:b8:30:b5:2f:7b:2b:6b:5d:4a:11:73:9c:b8:6b:74:
83:af:d0:5b:2a:1b:10:5c:33:46:d5:81:0d:cb:48:15:07:dd:
3b:07:8b:85:6b:89:37:57:44:7d:bf:41:26:79:8b:0e:38:1e:
69:ea:45:26:56:12:86:ca:4f:52:86:e0:95:a6:3d:02:6f:75:
39:ba:2e:3a:fc:74:f6:dd:55:f6:11:3a:31:d9:f6:8b:c0:92:
65:7a:8b:88:67:a2:06:61:f2:00:0c:d9:64:28:ff:e5:cf:50:
87:4b:d5:26:f2:18:08:8c:b6:b9:89:ec:63:47:c3:a8:04:44:
6b:ee:90:6e:17:2a:0e:61:4d:0c:83:41:06:2b:ca:52:8a:93:
40:3e:62:d6:f8:13:78:6d:1c:6e:bc:20:f9:3b:15:99:d4:f3:
59:d0:40:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlK5Q7bnpbWWl3wyESw0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjFkZjU5OGY0YThmM2EyZDA3NGNjYjZmNmQxNmI1NGQx
ZDExMWMwHhcNMjQwMTAyMDAzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2RlNmFlMTUwNjU5MzFmNDc1ZmY1YTk0NTAzZTZhMTdkZGRjN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuK0mlnmtB51TlOK9ZdDnCYCe6hGL
h6pjWA4keuSDVev1RQ+bdg4gXQniENtk0Ab7Z1QiTFuR/I6OXCrpvZ4LOc4dCYKU
7Fh0DcctNC4lUcluo6r27VZSieIuZDW1AH8quUpXnj39rOlS7naGWdc4fGnrpgxW
+MkjMtWAVxJhPiGQ2QzVDllW2mhWsfpZXEw+OsmIwDkhZEaYCMmkqUh95E/aVV8x
At3a8j5wWZHDytkkXJlZ4I9iWe+tLGcaYAH9tALu2vv6TkAqjTK/MVDky5USbIN0
vU5eMOeCfhUzDCqEuCv8yc8gwlb8gUftV4COoWZAn48eQzxHugfw5i4PfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfeauFQZZMfR1/1qUUD5qF93ce/MB8GA1UdIwQY
MBaAFN3x31mPSo86LQdMy29tFrVNHREcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZIZldZOUtqem90QjB6TGIyMFd0VTBkRVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82YjhiY2UtNTg0Yy00OTJjLWJkN2Ut
ZDBmMzFiYzkzMDc5LzEvaDk1cTRWQmxreDlIWF9XcFJRUG1vWDNkeDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82YjhiY2UtNTg0Yy00OTJjLWJkN2UtZDBmMzFiYzkzMDc5
LzEvM2ZIZldZOUtqem90QjB6TGIyMFd0VTBkRVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubLgMA0G
CSqGSIb3DQEBCwUAA4IBAQBRx3FKe7aY5vhQLlt+D8SxwGszNvR3LoYm10Mb0Dlf
YHwORA4kj+9orQcWsWU6QDauNQfQj5E5R8DTH5mnGBAmbbCqIbx9Pd2xJtXfV+OT
B/lIghJ3kaa754dbzxS4MLUveytrXUoRc5y4a3SDr9BbKhsQXDNG1YENy0gVB907
B4uFa4k3V0R9v0EmeYsOOB5p6kUmVhKGyk9ShuCVpj0Cb3U5ui46/HT23VX2ETox
2faLwJJleouIZ6IGYfIADNlkKP/lz1CHS9Um8hgIjLa5iexjR8OoBERr7pBuFyoO
YU0Mg0EGK8pSipNAPmLW+BN4bRxuvCD5OxWZ1PNZ0EDg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:56 2025 by rpki-client