Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/c-bZF1ThWs_rFQZwfHGkmK24CTk.roa
File: c-bZF1ThWs_rFQZwfHGkmK24CTk.roa (raw, json)
Hash identifier: Anv6k65DGZBD3WIQNn+U5/CG/c1q3YX1ng0YqQazXkU=
Subject key identifier: 73:E6:D9:17:54:E1:5A:CF:EB:15:06:70:7C:71:A4:98:AD:B8:09:39
Certificate issuer: /CN=f27a6d4d32832831725c48db518a2400f1a924bd
Certificate serial: 018CC5DC8E35093CC19D311CC35E3A5EAFC2
Authority key identifier: F2:7A:6D:4D:32:83:28:31:72:5C:48:DB:51:8A:24:00:F1:A9:24:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/c-bZF1ThWs_rFQZwfHGkmK24CTk.roa
Signing time: Mon 01 Jan 2024 16:30:15 +0000
ROA not before: Mon 01 Jan 2024 16:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39232
IP address blocks: 185.18.246.0/23 maxlen: 23
185.18.244.0/23 maxlen: 23
185.18.244.0/22 maxlen: 22
78.109.48.0/21 maxlen: 21
78.109.48.0/22 maxlen: 22
78.109.52.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:8e:35:09:3c:c1:9d:31:1c:c3:5e:3a:5e:af:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f27a6d4d32832831725c48db518a2400f1a924bd
Validity
Not Before: Jan 1 16:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73e6d91754e15acfeb1506707c71a498adb80939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cd:04:48:9f:94:78:bb:0f:f9:67:73:1a:55:
80:e7:68:a4:63:81:55:ec:32:f8:67:7a:7a:66:93:
96:97:b8:56:1b:d1:b0:ae:bd:30:00:35:e8:a2:ef:
eb:c4:df:1b:d9:41:ae:38:86:cd:c2:fc:60:39:b2:
9b:4c:4d:1d:1c:80:29:dd:76:8f:d2:c5:8f:81:db:
a8:7c:c4:6d:53:a7:58:98:99:93:ba:90:93:6d:d5:
7d:c1:41:b3:6a:76:23:6a:51:eb:18:75:06:8f:e0:
fd:d3:d4:4d:59:4c:bf:52:4f:3a:96:90:5e:49:8e:
d8:23:01:a7:2f:20:bb:7f:40:76:ce:35:78:74:98:
cd:be:a6:ce:bf:49:84:db:b9:ff:5d:23:6b:80:d5:
ab:23:38:92:48:08:f2:b3:34:b5:20:95:3f:be:ef:
35:b9:24:cd:bc:17:b3:b1:45:ef:76:1e:c0:0b:fb:
83:41:65:f3:56:1f:d7:dd:01:1d:e0:17:e6:b4:56:
54:54:0c:79:5b:a5:fb:fd:15:87:05:f3:03:13:e8:
95:28:b3:13:39:6b:87:94:cb:c1:cb:d3:2d:dd:19:
95:8b:4e:09:76:72:d0:10:90:55:95:cd:ea:0b:77:
eb:47:50:e2:8a:0b:63:fd:8e:40:c8:22:1a:75:f5:
78:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E6:D9:17:54:E1:5A:CF:EB:15:06:70:7C:71:A4:98:AD:B8:09:39
X509v3 Authority Key Identifier:
keyid:F2:7A:6D:4D:32:83:28:31:72:5C:48:DB:51:8A:24:00:F1:A9:24:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/c-bZF1ThWs_rFQZwfHGkmK24CTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.48.0/21
185.18.244.0/22
Signature Algorithm: sha256WithRSAEncryption
77:8c:47:50:54:5d:88:dd:b3:9a:c9:17:c4:9e:72:01:4c:70:
fe:c2:b1:c9:c7:2c:eb:e1:26:25:2c:50:31:f3:29:85:fb:4c:
0f:bf:0f:dc:c6:22:71:a7:4b:06:c7:72:28:b6:95:30:7c:ad:
68:99:1e:82:e5:19:2c:11:03:96:b4:c0:b9:eb:52:e7:f5:c4:
aa:76:27:ea:4b:76:81:9f:0f:58:7b:84:d4:50:3b:cc:92:f7:
0a:9e:26:13:ab:05:60:e8:ef:84:25:e9:b9:b6:01:87:3c:f1:
d0:c2:dd:1c:6c:b5:99:e7:4d:df:bc:f3:d2:5c:0f:67:a9:08:
9e:91:20:ae:3d:3e:f7:e8:47:05:05:3b:65:ce:34:dc:0b:de:
dc:11:76:6a:57:19:2a:8b:55:c2:96:cb:cf:e6:25:75:4b:a0:
29:6e:57:b7:f8:5a:cf:86:b7:9d:2e:0d:61:97:8c:39:f4:68:
84:84:60:54:20:77:6b:cc:ce:75:7a:3c:26:3a:d9:b7:fd:4f:
4e:55:e2:cb:4a:04:f9:db:a5:5c:29:8a:72:48:51:a8:c7:d8:
ee:4b:6b:4f:22:9f:d4:7e:98:09:09:1f:d2:fd:d2:74:f6:26:
24:35:bb:8c:57:aa:bd:f3:dc:49:0e:7e:74:8f:3b:fa:e5:b0:
aa:9c:c6:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3I41CTzBnTEcw146Xq/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyN2E2ZDRkMzI4MzI4MzE3MjVjNDhkYjUxOGEyNDAwZjFh
OTI0YmQwHhcNMjQwMTAxMTYzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2U2ZDkxNzU0ZTE1YWNmZWIxNTA2NzA3YzcxYTQ5OGFkYjgwOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM0ESJ+UeLsP+WdzGlWA52ikY4FV
7DL4Z3p6ZpOWl7hWG9Gwrr0wADXoou/rxN8b2UGuOIbNwvxgObKbTE0dHIAp3XaP
0sWPgduofMRtU6dYmJmTupCTbdV9wUGzanYjalHrGHUGj+D909RNWUy/Uk86lpBe
SY7YIwGnLyC7f0B2zjV4dJjNvqbOv0mE27n/XSNrgNWrIziSSAjyszS1IJU/vu81
uSTNvBezsUXvdh7AC/uDQWXzVh/X3QEd4BfmtFZUVAx5W6X7/RWHBfMDE+iVKLMT
OWuHlMvBy9Mt3RmVi04JdnLQEJBVlc3qC3frR1Diigtj/Y5AyCIadfV4AwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHPm2RdU4VrP6xUGcHxxpJituAk5MB8GA1UdIwQY
MBaAFPJ6bU0ygygxclxI21GKJADxqSS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG5wdFRUS0RLREZ5WEVqYlVZb2tBUEdwSkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yOGY4ZWMtZTU3Ny00NzUyLTg2ODUt
MTU3M2VmNjI3MWViLzEvYy1iWkYxVGhXc19yRlFad2ZIR2ttSzI0Q1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8yOGY4ZWMtZTU3Ny00NzUyLTg2ODUtMTU3M2VmNjI3MWVi
LzEvOG5wdFRUS0RLREZ5WEVqYlVZb2tBUEdwSkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTm0wAwQC
uRL0MA0GCSqGSIb3DQEBCwUAA4IBAQB3jEdQVF2I3bOayRfEnnIBTHD+wrHJxyzr
4SYlLFAx8ymF+0wPvw/cxiJxp0sGx3IotpUwfK1omR6C5RksEQOWtMC561Ln9cSq
difqS3aBnw9Ye4TUUDvMkvcKniYTqwVg6O+EJem5tgGHPPHQwt0cbLWZ503fvPPS
XA9nqQiekSCuPT736EcFBTtlzjTcC97cEXZqVxkqi1XClsvP5iV1S6Apble3+FrP
hredLg1hl4w59GiEhGBUIHdrzM51ejwmOtm3/U9OVeLLSgT526VcKYpySFGox9ju
S2tPIp/UfpgJCR/S/dJ09iYkNbuMV6q989xJDn50jzv65bCqnMYe
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:50:05 2025 by rpki-client