Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/28a5f9-9071-4459-9829-55795c26eaca/1/nDnHQxLU1juGh65lVs1IJAbYGEw.roa
File: nDnHQxLU1juGh65lVs1IJAbYGEw.roa (raw, json)
Hash identifier: xXKtIxwl3IMw8phrYXGLmjLoUlSKg3cyt92F3mRQNEU=
Subject key identifier: 9C:39:C7:43:12:D4:D6:3B:86:87:AE:65:56:CD:48:24:06:D8:18:4C
Certificate issuer: /CN=4f525c4cbac8d7d9733245876a5cabe6b35e2fe9
Certificate serial: 018CC64B69C7D8E10B3B0028E5A44BDB44AC
Authority key identifier: 4F:52:5C:4C:BA:C8:D7:D9:73:32:45:87:6A:5C:AB:E6:B3:5E:2F:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T1JcTLrI19lzMkWHalyr5rNeL-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/28a5f9-9071-4459-9829-55795c26eaca/1/nDnHQxLU1juGh65lVs1IJAbYGEw.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43645
IP address blocks: 185.80.252.0/22 maxlen: 22
185.80.255.0/24 maxlen: 24
2a05:8380::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:69:c7:d8:e1:0b:3b:00:28:e5:a4:4b:db:44:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f525c4cbac8d7d9733245876a5cabe6b35e2fe9
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c39c74312d4d63b8687ae6556cd482406d8184c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1b:0c:5a:10:7d:fb:b3:a7:8a:65:7f:19:ac:
55:3c:ea:1b:c8:15:8b:da:f8:a7:19:a2:6f:b8:73:
7e:f6:9f:53:c8:e1:21:20:c3:eb:52:b7:b7:b9:a1:
a7:77:53:b9:ae:b9:dc:ae:1b:ef:15:84:0d:6b:15:
02:93:42:7f:42:51:3b:07:ab:5f:3c:49:fa:c3:88:
5d:8e:f7:5a:07:b1:33:bf:75:59:5c:fa:87:9e:b7:
1a:83:56:22:92:4f:66:42:2b:09:ef:d4:84:d4:75:
ec:d9:01:3f:b7:e3:e6:cd:13:b5:7e:d9:6b:ba:7b:
00:62:90:c1:cc:b0:19:06:b3:ec:f2:cb:3c:14:1c:
36:9f:fb:50:55:e4:50:5c:8a:a5:b2:f0:00:24:3d:
fc:bf:7f:23:db:a9:45:90:51:58:39:5c:21:0d:63:
68:c4:0a:a4:bf:e7:5a:b9:7b:ed:67:5c:04:39:de:
bc:6e:ef:00:cf:97:2a:13:ea:19:93:50:da:b8:fa:
e2:1c:78:d5:ea:9f:2e:5a:ed:b7:c6:1f:94:57:28:
91:1f:ed:40:2a:b0:5e:1b:0c:e5:32:10:e3:6c:68:
9b:63:d7:10:e6:1e:a7:69:97:d4:8a:b5:2f:d2:db:
96:0b:74:4d:86:7d:84:d0:3e:77:2d:5f:bb:80:52:
c7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:39:C7:43:12:D4:D6:3B:86:87:AE:65:56:CD:48:24:06:D8:18:4C
X509v3 Authority Key Identifier:
keyid:4F:52:5C:4C:BA:C8:D7:D9:73:32:45:87:6A:5C:AB:E6:B3:5E:2F:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T1JcTLrI19lzMkWHalyr5rNeL-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/28a5f9-9071-4459-9829-55795c26eaca/1/nDnHQxLU1juGh65lVs1IJAbYGEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/28a5f9-9071-4459-9829-55795c26eaca/1/T1JcTLrI19lzMkWHalyr5rNeL-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.252.0/22
IPv6:
2a05:8380::/29
Signature Algorithm: sha256WithRSAEncryption
99:61:e4:c3:f1:ed:35:08:84:f4:e6:de:73:7a:5b:c3:e9:f8:
24:80:cb:ae:f7:f6:4e:75:1d:af:50:42:5d:25:c9:50:ea:24:
f4:13:80:e1:f3:37:7d:ef:6f:c6:24:6f:4e:dd:43:88:41:d5:
19:4b:a9:61:ea:84:05:df:48:ab:54:7c:30:2b:4f:0a:49:f2:
37:c2:aa:dd:7f:c9:e9:a5:93:a4:61:1e:6a:1e:42:8e:7f:3a:
31:8b:96:bf:30:a8:1d:15:dd:52:f8:d0:7b:51:a5:05:c6:69:
d9:c5:bb:a5:54:c3:2a:af:b8:a2:29:7c:bd:7d:5d:6a:57:da:
c8:ed:f3:c7:80:c6:ec:5c:4f:cb:ba:6c:47:1b:55:78:dd:35:
72:32:9c:df:24:6f:16:54:2e:b5:c9:24:1e:8c:ba:a8:63:74:
81:71:07:ae:ca:69:ef:6a:b3:33:13:ac:0a:a2:90:e9:02:0b:
48:85:91:33:e3:92:ae:a5:b5:37:b6:ac:b6:99:8b:8d:f0:de:
be:ea:0f:a1:1f:f0:9f:ae:40:b4:8a:53:41:66:04:49:41:14:
b2:1b:bd:da:82:ac:e3:3e:d8:3c:12:41:de:d2:f3:88:c5:79:
a1:07:8e:22:8a:31:ff:52:45:f9:a9:7e:5c:a3:b2:7f:a0:bb:
49:3b:a7:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGS2nH2OELOwAo5aRL20SsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNTI1YzRjYmFjOGQ3ZDk3MzMyNDU4NzZhNWNhYmU2YjM1
ZTJmZTkwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzM5Yzc0MzEyZDRkNjNiODY4N2FlNjU1NmNkNDgyNDA2ZDgxODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BsMWhB9+7OnimV/GaxVPOobyBWL
2vinGaJvuHN+9p9TyOEhIMPrUre3uaGnd1O5rrncrhvvFYQNaxUCk0J/QlE7B6tf
PEn6w4hdjvdaB7Ezv3VZXPqHnrcag1Yikk9mQisJ79SE1HXs2QE/t+PmzRO1ftlr
unsAYpDBzLAZBrPs8ss8FBw2n/tQVeRQXIqlsvAAJD38v38j26lFkFFYOVwhDWNo
xAqkv+dauXvtZ1wEOd68bu8Az5cqE+oZk1DauPriHHjV6p8uWu23xh+UVyiRH+1A
KrBeGwzlMhDjbGibY9cQ5h6naZfUirUv0tuWC3RNhn2E0D53LV+7gFLHFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJw5x0MS1NY7hoeuZVbNSCQG2BhMMB8GA1UdIwQY
MBaAFE9SXEy6yNfZczJFh2pcq+azXi/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDFKY1RMckkxOWx6TWtXSGFseXI1ck5lTC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8yOGE1ZjktOTA3MS00NDU5LTk4Mjkt
NTU3OTVjMjZlYWNhLzEvbkRuSFF4TFUxanVHaDY1bFZzMUlKQWJZR0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8yOGE1ZjktOTA3MS00NDU5LTk4MjktNTU3OTVjMjZlYWNh
LzEvVDFKY1RMckkxOWx6TWtXSGFseXI1ck5lTC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVD8MA0E
AgACMAcDBQMqBYOAMA0GCSqGSIb3DQEBCwUAA4IBAQCZYeTD8e01CIT05t5zelvD
6fgkgMuu9/ZOdR2vUEJdJclQ6iT0E4Dh8zd972/GJG9O3UOIQdUZS6lh6oQF30ir
VHwwK08KSfI3wqrdf8nppZOkYR5qHkKOfzoxi5a/MKgdFd1S+NB7UaUFxmnZxbul
VMMqr7iiKXy9fV1qV9rI7fPHgMbsXE/LumxHG1V43TVyMpzfJG8WVC61ySQejLqo
Y3SBcQeuymnvarMzE6wKopDpAgtIhZEz45KupbU3tqy2mYuN8N6+6g+hH/CfrkC0
ilNBZgRJQRSyG73agqzjPtg8EkHe0vOIxXmhB44iijH/UkX5qX5co7J/oLtJO6dD
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:09 2025 by rpki-client