Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/lMiFDiie4vtc8_h6_vGtEZk3CcU.roa
File: lMiFDiie4vtc8_h6_vGtEZk3CcU.roa (raw, json)
Hash identifier: zyoFfl6g03fIoJCvk7+pBO4BGI4Snm6MXfFQab0j4FU=
Subject key identifier: 94:C8:85:0E:28:9E:E2:FB:5C:F3:F8:7A:FE:F1:AD:11:99:37:09:C5
Certificate issuer: /CN=413ffa106ae3fee6be87bac06a87ba57ed1c1140
Certificate serial: 018CC5DCDB29B2827442F576F46EA5A0B18A
Authority key identifier: 41:3F:FA:10:6A:E3:FE:E6:BE:87:BA:C0:6A:87:BA:57:ED:1C:11:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QT_6EGrj_ua-h7rAaoe6V-0cEUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/lMiFDiie4vtc8_h6_vGtEZk3CcU.roa
Signing time: Mon 01 Jan 2024 16:30:34 +0000
ROA not before: Mon 01 Jan 2024 16:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60621
IP address blocks: 185.14.197.0/24 maxlen: 24
185.14.196.0/24 maxlen: 24
185.14.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:db:29:b2:82:74:42:f5:76:f4:6e:a5:a0:b1:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=413ffa106ae3fee6be87bac06a87ba57ed1c1140
Validity
Not Before: Jan 1 16:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94c8850e289ee2fb5cf3f87afef1ad11993709c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6f:88:11:bf:85:57:fb:91:80:b1:4c:95:8b:
76:75:eb:7d:cc:07:1e:00:5d:db:86:42:55:2d:c1:
15:a4:ee:65:60:8f:c2:6b:43:34:b2:00:ef:52:cd:
e5:fb:7c:bc:fd:f2:f1:95:83:f7:0a:5c:2e:c6:a1:
cc:32:eb:18:b0:64:28:48:26:99:03:97:d5:1a:13:
44:ac:36:8d:f7:f9:74:8b:0f:1e:b4:df:bb:ec:7b:
ae:0b:ce:73:6e:a4:4b:23:0e:54:7b:32:fd:16:e6:
ae:95:fa:d7:85:b2:e6:a3:c7:14:3d:b1:96:41:d7:
bb:1f:0a:48:fa:55:82:c3:b2:7c:a2:1f:02:da:70:
62:17:99:c8:03:10:f8:4e:12:7c:74:4e:65:23:0e:
0e:54:39:48:7e:65:1b:ce:dd:87:91:4c:cd:3c:67:
3a:44:4c:87:8b:54:70:b2:47:9d:2c:85:ff:ff:cc:
3e:77:e5:06:5c:5b:4f:be:5e:ed:3d:fd:10:ef:f5:
30:65:f1:f2:99:5b:b9:36:b6:29:df:95:a7:63:4e:
7a:4a:0f:65:81:36:1a:5b:3f:83:23:75:e8:b0:63:
61:cb:14:0a:d2:ee:be:84:62:82:ea:8e:b1:05:de:
9e:71:96:95:22:ba:db:e9:2d:13:71:57:9c:1f:c9:
d7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C8:85:0E:28:9E:E2:FB:5C:F3:F8:7A:FE:F1:AD:11:99:37:09:C5
X509v3 Authority Key Identifier:
keyid:41:3F:FA:10:6A:E3:FE:E6:BE:87:BA:C0:6A:87:BA:57:ED:1C:11:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QT_6EGrj_ua-h7rAaoe6V-0cEUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/lMiFDiie4vtc8_h6_vGtEZk3CcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/QT_6EGrj_ua-h7rAaoe6V-0cEUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.196.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:b9:cd:3c:d9:81:6d:47:76:4d:eb:33:00:85:4b:d2:59:fd:
1d:79:2d:d5:76:01:71:06:05:8f:0d:46:d4:b7:c6:5c:05:58:
f0:2e:05:ef:2d:4a:0c:02:15:78:30:84:a1:8d:39:44:e7:24:
2a:66:be:15:c2:d2:d4:75:ae:07:00:cc:db:20:01:a2:59:c2:
33:99:a9:c2:83:fd:22:6a:21:bc:bc:07:a8:18:b5:dd:90:d2:
4f:df:7f:53:48:8e:3f:af:3c:1b:29:1e:90:7a:a9:06:07:69:
ce:c7:da:af:57:01:b6:46:e6:42:e1:51:cd:cf:94:68:bb:8a:
67:2d:eb:1f:c5:25:8a:45:9a:cd:a4:23:42:33:e3:e0:77:6a:
3d:2c:72:0f:24:eb:19:a5:8e:e2:70:50:ea:4d:bb:bc:0e:e6:
83:59:68:07:1d:95:5c:c2:e1:87:91:2c:43:91:bb:e5:51:aa:
4e:a2:8a:ab:1b:0c:40:30:78:54:f7:58:57:a4:9a:8d:92:34:
42:8e:b9:1a:49:b6:4d:b9:62:b0:e2:02:f3:6f:72:57:5b:9e:
75:52:b9:75:c3:0e:72:60:99:28:b5:d8:21:71:f6:fe:f9:d6:
25:ef:d3:2d:5f:df:d1:34:25:cf:9c:b2:07:88:a9:26:39:ce:
86:2b:50:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3NspsoJ0QvV29G6loLGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxM2ZmYTEwNmFlM2ZlZTZiZTg3YmFjMDZhODdiYTU3ZWQx
YzExNDAwHhcNMjQwMTAxMTYzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGM4ODUwZTI4OWVlMmZiNWNmM2Y4N2FmZWYxYWQxMTk5MzcwOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2+IEb+FV/uRgLFMlYt2det9zAce
AF3bhkJVLcEVpO5lYI/Ca0M0sgDvUs3l+3y8/fLxlYP3ClwuxqHMMusYsGQoSCaZ
A5fVGhNErDaN9/l0iw8etN+77HuuC85zbqRLIw5UezL9FuaulfrXhbLmo8cUPbGW
Qde7HwpI+lWCw7J8oh8C2nBiF5nIAxD4ThJ8dE5lIw4OVDlIfmUbzt2HkUzNPGc6
REyHi1RwskedLIX//8w+d+UGXFtPvl7tPf0Q7/UwZfHymVu5NrYp35WnY056Sg9l
gTYaWz+DI3XosGNhyxQK0u6+hGKC6o6xBd6ecZaVIrrb6S0TcVecH8nX4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJTIhQ4onuL7XPP4ev7xrRGZNwnFMB8GA1UdIwQY
MBaAFEE/+hBq4/7mvoe6wGqHulftHBFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRfNkVHcmpfdWEtaDdyQWFvZTZWLTBjRVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jNzk2MzUtYmVjNC00ZmI1LTg5MmMt
ZmEyNmVjMzlmYWJhLzEvbE1pRkRpaWU0dnRjOF9oNl92R3RFWmszQ2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jNzk2MzUtYmVjNC00ZmI1LTg5MmMtZmEyNmVjMzlmYWJh
LzEvUVRfNkVHcmpfdWEtaDdyQWFvZTZWLTBjRVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQ7EMA0G
CSqGSIb3DQEBCwUAA4IBAQA6uc082YFtR3ZN6zMAhUvSWf0deS3VdgFxBgWPDUbU
t8ZcBVjwLgXvLUoMAhV4MIShjTlE5yQqZr4VwtLUda4HAMzbIAGiWcIzmanCg/0i
aiG8vAeoGLXdkNJP339TSI4/rzwbKR6QeqkGB2nOx9qvVwG2RuZC4VHNz5Rou4pn
LesfxSWKRZrNpCNCM+Pgd2o9LHIPJOsZpY7icFDqTbu8DuaDWWgHHZVcwuGHkSxD
kbvlUapOooqrGwxAMHhU91hXpJqNkjRCjrkaSbZNuWKw4gLzb3JXW551Url1ww5y
YJkotdghcfb++dYl79MtX9/RNCXPnLIHiKkmOc6GK1D0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:21 2025 by rpki-client