Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6ce994-8e99-40f9-a4eb-b2d73678727b/1/UDlEqtFvi8QMIwl9NlgeMbdkRSQ.roa
File: UDlEqtFvi8QMIwl9NlgeMbdkRSQ.roa (raw, json)
Hash identifier: IbGniZ5QuqvyRgYP+sK2swz86C11okJAtpQQvw/IHtA=
Subject key identifier: 50:39:44:AA:D1:6F:8B:C4:0C:23:09:7D:36:58:1E:31:B7:64:45:24
Certificate issuer: /CN=60c44dff71879863ea71442023b7f354dc3dad7c
Certificate serial: 018CC3B6CBEA8C0500AFF060FA2553A7F240
Authority key identifier: 60:C4:4D:FF:71:87:98:63:EA:71:44:20:23:B7:F3:54:DC:3D:AD:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMRN_3GHmGPqcUQgI7fzVNw9rXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6ce994-8e99-40f9-a4eb-b2d73678727b/1/UDlEqtFvi8QMIwl9NlgeMbdkRSQ.roa
Signing time: Mon 01 Jan 2024 06:29:46 +0000
ROA not before: Mon 01 Jan 2024 06:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.88.184.0/24 maxlen: 24
185.88.186.0/24 maxlen: 24
185.88.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:cb:ea:8c:05:00:af:f0:60:fa:25:53:a7:f2:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c44dff71879863ea71442023b7f354dc3dad7c
Validity
Not Before: Jan 1 06:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=503944aad16f8bc40c23097d36581e31b7644524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:18:40:11:a0:9a:06:c5:87:fb:37:18:a1:c6:
3e:0e:41:78:84:f4:03:eb:aa:28:df:d4:05:54:c5:
d3:c3:ee:c0:03:b4:45:61:56:0b:72:14:4f:a8:f6:
19:52:9c:38:cc:cd:5d:5f:bd:bd:ec:62:32:de:be:
58:0d:b8:16:81:ab:e7:a0:cd:2a:39:2f:34:98:05:
15:b9:b3:8a:e4:c4:6a:1c:ac:74:fe:e4:d3:69:ad:
40:8e:4c:99:32:34:c2:50:a2:82:40:42:67:7f:34:
15:17:8c:09:59:b0:53:54:73:d5:8d:12:6a:b7:c0:
3b:64:5f:fe:97:03:ad:71:73:e0:ea:03:ba:79:ff:
d2:41:1e:d4:cc:a0:07:33:e3:eb:f6:c7:5f:73:f6:
97:5c:5c:e5:cf:1a:75:9e:11:b4:d0:12:59:6a:92:
d1:bb:7a:1d:81:80:4e:6f:4e:43:88:05:3f:2b:96:
74:10:08:70:22:c2:4c:a0:97:fe:7d:a6:24:26:48:
d8:f4:3e:64:2e:18:da:06:b8:f6:73:8b:3c:d2:4e:
07:41:27:59:89:ce:39:82:ec:ed:73:cd:a4:91:e4:
44:e0:e3:a5:8e:b7:3e:14:0d:02:b3:a0:78:c6:bc:
97:7d:65:20:51:28:4e:3f:8a:6f:e8:6b:1c:b0:b9:
ac:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:39:44:AA:D1:6F:8B:C4:0C:23:09:7D:36:58:1E:31:B7:64:45:24
X509v3 Authority Key Identifier:
keyid:60:C4:4D:FF:71:87:98:63:EA:71:44:20:23:B7:F3:54:DC:3D:AD:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMRN_3GHmGPqcUQgI7fzVNw9rXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6ce994-8e99-40f9-a4eb-b2d73678727b/1/UDlEqtFvi8QMIwl9NlgeMbdkRSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6ce994-8e99-40f9-a4eb-b2d73678727b/1/YMRN_3GHmGPqcUQgI7fzVNw9rXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.184.0-185.88.186.255
Signature Algorithm: sha256WithRSAEncryption
bc:88:88:02:f0:c8:53:d1:b3:01:27:38:d1:a1:7c:b6:42:b5:
ac:0c:b8:67:ae:93:74:8d:c3:04:21:68:da:78:fd:36:74:e7:
98:43:fa:15:79:5d:2b:dc:62:68:8a:a3:c4:e2:82:ba:6e:4b:
a9:b7:78:f0:da:8f:d1:10:eb:77:d0:d5:c3:8a:89:33:5e:57:
f1:bb:62:1c:0d:b9:63:ef:d3:1a:29:dd:c9:d9:9e:9a:57:48:
13:61:eb:46:04:7f:88:24:22:54:bf:2a:22:cb:02:54:13:fd:
52:a7:01:71:3d:78:5e:96:55:34:05:96:2e:7e:25:6c:57:5e:
26:e4:43:12:ea:5b:cb:b2:5a:b5:43:33:41:8b:9a:ac:23:bc:
b4:6e:ae:04:2f:be:6d:91:71:55:a9:2c:9b:32:05:31:d2:bc:
ab:70:df:45:f9:53:73:25:16:dc:70:13:d2:87:2b:96:16:7c:
cd:fa:d7:a1:b7:38:12:2b:5e:3e:4b:2b:b9:b7:19:e7:ed:a7:
fd:2d:67:43:bc:f1:70:0a:00:b3:8f:9a:5f:ab:b0:b6:4b:bc:
86:d4:92:82:05:c5:a7:ed:1f:6c:2a:1e:94:dc:b7:59:ce:e9:
6f:69:57:56:d6:81:bb:76:f0:fd:bb:bc:ce:80:76:88:0f:14:
51:f1:04:da
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDtsvqjAUAr/Bg+iVTp/JAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzQ0ZGZmNzE4Nzk4NjNlYTcxNDQyMDIzYjdmMzU0ZGMz
ZGFkN2MwHhcNMjQwMTAxMDYyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDM5NDRhYWQxNmY4YmM0MGMyMzA5N2QzNjU4MWUzMWI3NjQ0NTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBhAEaCaBsWH+zcYocY+DkF4hPQD
66oo39QFVMXTw+7AA7RFYVYLchRPqPYZUpw4zM1dX7297GIy3r5YDbgWgavnoM0q
OS80mAUVubOK5MRqHKx0/uTTaa1AjkyZMjTCUKKCQEJnfzQVF4wJWbBTVHPVjRJq
t8A7ZF/+lwOtcXPg6gO6ef/SQR7UzKAHM+Pr9sdfc/aXXFzlzxp1nhG00BJZapLR
u3odgYBOb05DiAU/K5Z0EAhwIsJMoJf+faYkJkjY9D5kLhjaBrj2c4s80k4HQSdZ
ic45guztc82kkeRE4OOljrc+FA0Cs6B4xryXfWUgUShOP4pv6GscsLmsMQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFA5RKrRb4vEDCMJfTZYHjG3ZEUkMB8GA1UdIwQY
MBaAFGDETf9xh5hj6nFEICO381TcPa18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1STl8zR0htR1BxY1VRZ0k3ZnpWTnc5clh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82Y2U5OTQtOGU5OS00MGY5LWE0ZWIt
YjJkNzM2Nzg3MjdiLzEvVURsRXF0RnZpOFFNSXdsOU5sZ2VNYmRrUlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82Y2U5OTQtOGU5OS00MGY5LWE0ZWItYjJkNzM2Nzg3Mjdi
LzEvWU1STl8zR0htR1BxY1VRZ0k3ZnpWTnc5clh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5WLgD
BAC5WLowDQYJKoZIhvcNAQELBQADggEBALyIiALwyFPRswEnONGhfLZCtawMuGeu
k3SNwwQhaNp4/TZ055hD+hV5XSvcYmiKo8TigrpuS6m3ePDaj9EQ63fQ1cOKiTNe
V/G7YhwNuWPv0xop3cnZnppXSBNh60YEf4gkIlS/KiLLAlQT/VKnAXE9eF6WVTQF
li5+JWxXXibkQxLqW8uyWrVDM0GLmqwjvLRurgQvvm2RcVWpLJsyBTHSvKtw30X5
U3MlFtxwE9KHK5YWfM3616G3OBIrXj5LK7m3Geftp/0tZ0O88XAKALOPml+rsLZL
vIbUkoIFxaftH2wqHpTct1nO6W9pV1bWgbt28P27vM6AdogPFFHxBNo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:33:44 2025 by rpki-client