Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/KOJXxCOCtOpLro4AbyFzDSrmN8E.roa
File: KOJXxCOCtOpLro4AbyFzDSrmN8E.roa (raw, json)
Hash identifier: t1l7HZCe/croPKxa4migr+z4Yhog6Vc1/w2C5VIKQBA=
Subject key identifier: 28:E2:57:C4:23:82:B4:EA:4B:AE:8E:00:6F:21:73:0D:2A:E6:37:C1
Certificate issuer: /CN=e5cf78f5f339ee777da749210a96eced96b7f2e7
Certificate serial: 018CC3B6F6000B1566B7B5B43E4B5EFEB8D4
Authority key identifier: E5:CF:78:F5:F3:39:EE:77:7D:A7:49:21:0A:96:EC:ED:96:B7:F2:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5c949fM57nd9p0khCpbs7Za38uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/KOJXxCOCtOpLro4AbyFzDSrmN8E.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207021
IP address blocks: 185.80.191.0/24 maxlen: 24
185.80.190.0/24 maxlen: 24
185.80.189.0/24 maxlen: 24
185.80.188.0/24 maxlen: 24
2a05:7f00:190::/48 maxlen: 48
2a05:7f00:188::/48 maxlen: 48
2a05:7f00:191::/48 maxlen: 48
2a05:7f00:189::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f6:00:0b:15:66:b7:b5:b4:3e:4b:5e:fe:b8:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5cf78f5f339ee777da749210a96eced96b7f2e7
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28e257c42382b4ea4bae8e006f21730d2ae637c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:76:c7:7f:f6:28:0c:1a:7a:ae:4b:8d:9e:56:
26:ae:f9:65:8e:50:c4:66:d9:13:70:2e:3d:57:8e:
4c:58:61:77:6a:3a:89:88:63:e8:fb:df:e5:3c:2a:
62:08:30:6b:3e:1d:4e:10:f1:6f:1f:53:ab:ef:c3:
5e:09:83:35:bd:8b:e4:9e:15:45:7a:31:6c:58:1c:
70:4b:a5:9f:9e:4d:f3:6b:23:bc:77:4f:c3:bf:47:
9a:25:da:6a:62:1e:d2:dd:f0:65:77:dd:4c:56:8e:
d8:73:3d:50:bd:d7:8e:f7:94:95:c8:7a:17:39:22:
b9:c8:a6:07:b8:a7:bf:5e:4c:b5:8e:6e:f6:eb:16:
46:f9:b6:7e:da:f7:f7:d5:dd:9c:06:47:70:85:94:
ef:db:29:2d:ec:45:0e:64:1d:5a:af:78:2a:ab:d7:
80:70:41:2f:a6:c1:e5:47:d7:b6:5f:87:eb:23:91:
14:94:46:90:6a:45:75:5e:ed:fe:83:7c:0d:a8:27:
bc:93:48:3f:97:e1:85:03:c8:09:bc:fd:78:82:da:
fb:77:95:e2:12:f8:0c:2b:ed:33:d5:e8:d0:d7:aa:
86:16:b3:fc:57:bb:2a:7a:1f:20:1d:27:fa:a3:ad:
d2:9d:cd:df:17:35:d9:08:90:84:5a:2a:09:4a:e1:
dd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E2:57:C4:23:82:B4:EA:4B:AE:8E:00:6F:21:73:0D:2A:E6:37:C1
X509v3 Authority Key Identifier:
keyid:E5:CF:78:F5:F3:39:EE:77:7D:A7:49:21:0A:96:EC:ED:96:B7:F2:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c949fM57nd9p0khCpbs7Za38uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/KOJXxCOCtOpLro4AbyFzDSrmN8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/5c949fM57nd9p0khCpbs7Za38uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.188.0/22
IPv6:
2a05:7f00:188::/47
2a05:7f00:190::/47
Signature Algorithm: sha256WithRSAEncryption
55:a0:ea:7a:47:aa:cd:a9:4f:50:89:97:f6:f7:a2:15:7d:8e:
e6:87:c0:06:83:46:fa:9a:91:5c:a7:62:c5:88:13:41:55:05:
b8:83:5f:60:f7:d4:6a:ff:97:a6:77:60:ff:72:6a:c2:9f:c0:
0f:50:43:2d:cb:9a:1b:a0:b7:46:1b:12:07:76:02:65:d1:7f:
93:d0:bf:22:d1:0f:1f:eb:5d:b6:21:a6:de:b7:10:93:66:09:
9f:c5:ed:71:34:e0:83:c5:9b:23:ce:31:53:0a:91:28:52:5f:
21:48:ab:0c:2b:b2:b2:6e:70:69:ad:15:f5:ea:2f:b2:3b:a2:
6a:18:d9:44:06:72:86:b6:94:a1:e1:76:b4:f0:c4:3a:79:ba:
b9:22:1f:a4:9f:ca:f9:a4:4d:54:ff:37:08:30:e2:09:c6:fc:
85:bd:14:3c:b7:a7:60:e2:b5:d9:98:11:be:d2:f8:c0:73:13:
22:66:a4:b2:cf:28:f7:0f:6c:bb:4a:19:3d:b3:3c:b4:04:c3:
1a:4f:d7:57:01:0d:31:bf:3e:f2:a8:93:15:95:4c:ae:82:36:
c3:d8:f0:45:8e:59:c4:97:68:a0:cb:39:e3:17:82:18:46:27:
67:b0:ab:8f:40:5c:c9:7d:11:ca:cb:a3:a3:c1:d7:ab:5a:bf:
58:02:19:fd
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDtvYACxVmt7W0Pkte/rjUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1Y2Y3OGY1ZjMzOWVlNzc3ZGE3NDkyMTBhOTZlY2VkOTZi
N2YyZTcwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGUyNTdjNDIzODJiNGVhNGJhZThlMDA2ZjIxNzMwZDJhZTYzN2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnbHf/YoDBp6rkuNnlYmrvlljlDE
ZtkTcC49V45MWGF3ajqJiGPo+9/lPCpiCDBrPh1OEPFvH1Or78NeCYM1vYvknhVF
ejFsWBxwS6Wfnk3zayO8d0/Dv0eaJdpqYh7S3fBld91MVo7Ycz1QvdeO95SVyHoX
OSK5yKYHuKe/Xky1jm726xZG+bZ+2vf31d2cBkdwhZTv2ykt7EUOZB1ar3gqq9eA
cEEvpsHlR9e2X4frI5EUlEaQakV1Xu3+g3wNqCe8k0g/l+GFA8gJvP14gtr7d5Xi
EvgMK+0z1ejQ16qGFrP8V7sqeh8gHSf6o63Snc3fFzXZCJCEWioJSuHd9wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCjiV8QjgrTqS66OAG8hcw0q5jfBMB8GA1UdIwQY
MBaAFOXPePXzOe53fadJIQqW7O2Wt/LnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWM5NDlmTTU3bmQ5cDBraENwYnM3WmEzOHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jNGJkOTUtYzY3MC00OTBkLThjYzAt
YjdkYzgzNzA2YTJhLzEvS09KWHhDT0N0T3BMcm80QWJ5RnpEU3JtTjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jNGJkOTUtYzY3MC00OTBkLThjYzAtYjdkYzgzNzA2YTJh
LzEvNWM5NDlmTTU3bmQ5cDBraENwYnM3WmEzOHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuVC8MBgE
AgACMBIDBwEqBX8AAYgDBwEqBX8AAZAwDQYJKoZIhvcNAQELBQADggEBAFWg6npH
qs2pT1CJl/b3ohV9juaHwAaDRvqakVynYsWIE0FVBbiDX2D31Gr/l6Z3YP9yasKf
wA9QQy3Lmhugt0YbEgd2AmXRf5PQvyLRDx/rXbYhpt63EJNmCZ/F7XE04IPFmyPO
MVMKkShSXyFIqwwrsrJucGmtFfXqL7I7omoY2UQGcoa2lKHhdrTwxDp5urkiH6Sf
yvmkTVT/Nwgw4gnG/IW9FDy3p2DitdmYEb7S+MBzEyJmpLLPKPcPbLtKGT2zPLQE
wxpP11cBDTG/PvKokxWVTK6CNsPY8EWOWcSXaKDLOeMXghhGJ2ewq49AXMl9EcrL
o6PB16tav1gCGf0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:32 2025 by rpki-client