Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/1-5aA-DKlKwsUmvcfOVBqsbCUR1A.roa
File: 1-5aA-DKlKwsUmvcfOVBqsbCUR1A.roa (raw, json)
Hash identifier: NA5nJFToGzxN9cU6QWu4ju2G8vhNlt0ccKO2GyjTu00=
Subject key identifier: FB:96:80:F8:32:A5:2B:0B:14:9A:F7:1F:39:50:6A:B1:B0:94:47:50
Certificate issuer: /CN=3c87feb4ab9a57765fc0a664572c35032e866ad4
Certificate serial: 0191220CE37E77D0B4F76CC96CB5C46AE4B2
Authority key identifier: 3C:87:FE:B4:AB:9A:57:76:5F:C0:A6:64:57:2C:35:03:2E:86:6A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/1-5aA-DKlKwsUmvcfOVBqsbCUR1A.roa
Signing time: Mon 05 Aug 2024 10:19:15 +0000
ROA not before: Mon 05 Aug 2024 10:19:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204073
IP address blocks: 185.146.48.0/22 maxlen: 22
185.146.48.0/23 maxlen: 23
185.146.50.0/23 maxlen: 23
185.191.216.0/22 maxlen: 22
185.191.216.0/23 maxlen: 23
185.191.218.0/23 maxlen: 23
185.221.148.0/22 maxlen: 22
185.221.148.0/23 maxlen: 23
185.221.150.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 26 Aug 2024 12:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:22:0c:e3:7e:77:d0:b4:f7:6c:c9:6c:b5:c4:6a:e4:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c87feb4ab9a57765fc0a664572c35032e866ad4
Validity
Not Before: Aug 5 10:19:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb9680f832a52b0b149af71f39506ab1b0944750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6a:84:b1:8d:cc:d0:52:f7:1c:24:86:fe:64:
d5:07:57:05:ad:88:aa:04:f3:ca:0d:ad:9b:35:ee:
13:56:58:36:4a:46:a5:99:51:f6:a3:26:78:b4:d7:
5e:a6:b8:bf:8f:c6:99:38:1d:bc:27:ea:18:9f:ce:
b3:9f:c9:02:65:23:c0:4a:f5:88:ac:c8:8e:64:dd:
74:61:41:48:e6:e7:a2:cc:81:75:99:99:84:14:e8:
7a:7d:f2:76:c3:33:21:01:a0:32:37:12:ab:a5:e2:
df:21:46:b1:6e:29:24:86:9f:38:4c:e8:b0:94:c4:
a3:6e:1a:19:3c:35:f5:61:28:45:7b:39:bf:d2:40:
1f:8a:9a:13:a3:b1:be:3f:5c:93:6f:25:40:35:19:
de:50:41:b0:f2:e0:1f:8f:94:3f:81:a6:f7:b3:45:
98:d6:6d:8e:65:db:98:d7:17:f6:2d:a0:73:66:80:
61:e2:c5:f5:46:c2:3a:33:3e:0b:ac:62:4e:87:fc:
bc:16:1d:39:70:94:65:42:f7:58:97:70:aa:ab:55:
04:22:6f:a5:2a:af:26:64:b7:58:87:fa:68:0d:15:
b8:44:a3:4f:1a:bf:f9:27:f9:85:fe:3c:62:e8:7b:
6e:37:ae:a8:2d:21:00:7c:25:83:7b:87:1a:a3:08:
ac:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:96:80:F8:32:A5:2B:0B:14:9A:F7:1F:39:50:6A:B1:B0:94:47:50
X509v3 Authority Key Identifier:
keyid:3C:87:FE:B4:AB:9A:57:76:5F:C0:A6:64:57:2C:35:03:2E:86:6A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/1-5aA-DKlKwsUmvcfOVBqsbCUR1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.48.0/22
185.191.216.0/22
185.221.148.0/22
Signature Algorithm: sha256WithRSAEncryption
53:d8:ec:f5:b2:b8:98:bd:41:ee:43:ec:1a:da:c4:08:50:be:
b4:60:73:4c:88:8d:11:59:fc:ae:2d:04:41:12:0d:61:27:81:
64:3f:07:f4:97:c8:ad:6b:20:53:ca:12:ad:cd:1e:bc:9b:e3:
da:54:31:fb:10:67:ca:51:77:86:71:89:3f:8b:4a:5c:c4:9f:
3a:cf:12:0a:fb:8a:a8:8b:40:0e:fb:f5:12:71:5b:e5:5d:dc:
d1:37:73:b7:3f:62:1e:ba:a2:cf:3c:a6:54:b4:8a:c2:39:c8:
33:67:be:18:10:28:18:10:a8:25:ac:1d:18:8f:52:c9:64:ab:
0f:9b:39:81:f1:43:6b:52:52:4f:4a:d1:1e:5c:2f:ff:ae:48:
9e:22:5e:14:dd:32:db:77:00:8b:85:93:98:64:ec:ae:78:0e:
1b:ac:c2:fa:a3:cb:55:51:08:84:0e:90:f0:f2:2a:a0:b6:21:
18:ee:79:2c:77:7a:ea:cf:4b:d8:81:59:9e:f8:08:41:0d:0e:
09:d1:51:a8:89:d8:c5:94:ca:ac:94:78:c5:04:e3:55:20:7a:
1f:e1:13:1a:8a:82:c3:6c:32:03:cc:ed:62:81:71:25:03:f4:
2e:c3:e9:5d:37:1c:ea:a1:c0:26:e8:6d:86:6b:32:ac:76:5e:
b0:ee:3b:f0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEiDON+d9C092zJbLXEauSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjODdmZWI0YWI5YTU3NzY1ZmMwYTY2NDU3MmMzNTAzMmU4
NjZhZDQwHhcNMjQwODA1MTAxOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjk2ODBmODMyYTUyYjBiMTQ5YWY3MWYzOTUwNmFiMWIwOTQ0NzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmqEsY3M0FL3HCSG/mTVB1cFrYiq
BPPKDa2bNe4TVlg2SkalmVH2oyZ4tNdepri/j8aZOB28J+oYn86zn8kCZSPASvWI
rMiOZN10YUFI5ueizIF1mZmEFOh6ffJ2wzMhAaAyNxKrpeLfIUaxbikkhp84TOiw
lMSjbhoZPDX1YShFezm/0kAfipoTo7G+P1yTbyVANRneUEGw8uAfj5Q/gab3s0WY
1m2OZduY1xf2LaBzZoBh4sX1RsI6Mz4LrGJOh/y8Fh05cJRlQvdYl3Cqq1UEIm+l
Kq8mZLdYh/poDRW4RKNPGr/5J/mF/jxi6HtuN66oLSEAfCWDe4caowis7QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPuWgPgypSsLFJr3HzlQarGwlEdQMB8GA1UdIwQY
MBaAFDyH/rSrmld2X8CmZFcsNQMuhmrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUElmLXRLdWFWM1pmd0taa1Z5dzFBeTZHYXRRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wZTQxYTYtZDg0NS00ZGExLThiMzQt
NDhmYjAwZmM5N2I2LzEvMS01YUEtREtsS3dzVW12Y2ZPVkJxc2JDVVIxQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjQvMGU0MWE2LWQ4NDUtNGRhMS04YjM0LTQ4ZmIwMGZjOTdi
Ni8xL1BJZi10S3VhVjNaZndLWmtWeXcxQXk2R2F0US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArmSMAME
Arm/2AMEArndlDANBgkqhkiG9w0BAQsFAAOCAQEAU9js9bK4mL1B7kPsGtrECFC+
tGBzTIiNEVn8ri0EQRINYSeBZD8H9JfIrWsgU8oSrc0evJvj2lQx+xBnylF3hnGJ
P4tKXMSfOs8SCvuKqItADvv1EnFb5V3c0Tdztz9iHrqizzymVLSKwjnIM2e+GBAo
GBCoJawdGI9SyWSrD5s5gfFDa1JST0rRHlwv/65IniJeFN0y23cAi4WTmGTsrngO
G6zC+qPLVVEIhA6Q8PIqoLYhGO55LHd66s9L2IFZnvgIQQ0OCdFRqInYxZTKrJR4
xQTjVSB6H+ETGoqCw2wyA8ztYoFxJQP0LsPpXTcc6qHAJuhthmsyrHZesO478A==
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:30:44 2025 by rpki-client