Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/R8wOgcDBFMoQCuYHbEZEsHZnRLI.roa
File: R8wOgcDBFMoQCuYHbEZEsHZnRLI.roa (raw, json)
Hash identifier: T+M4cA84ZOnvoHRZS9yT6YvetfcmwPuc00yLL9gvyKQ=
Subject key identifier: 47:CC:0E:81:C0:C1:14:CA:10:0A:E6:07:6C:46:44:B0:76:67:44:B2
Certificate issuer: /CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Certificate serial: 018CC56ECE76B3D0557275B79DABBC4A740A
Authority key identifier: 4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/R8wOgcDBFMoQCuYHbEZEsHZnRLI.roa
Signing time: Mon 01 Jan 2024 14:30:22 +0000
ROA not before: Mon 01 Jan 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30848
IP address blocks: 185.85.195.0/24 maxlen: 24
128.65.202.0/24 maxlen: 24
128.65.206.0/24 maxlen: 24
128.65.203.0/24 maxlen: 24
128.65.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 07:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ce:76:b3:d0:55:72:75:b7:9d:ab:bc:4a:74:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Validity
Not Before: Jan 1 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47cc0e81c0c114ca100ae6076c4644b0766744b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c5:1f:51:59:74:ea:85:d9:84:57:11:12:c1:
d9:95:79:40:61:c6:ac:5e:a2:8a:b3:a9:d3:27:f7:
62:10:91:a8:e9:95:f9:46:d5:c1:26:dd:2d:db:44:
5c:69:33:a6:b5:51:04:95:ca:0b:cd:ba:53:34:77:
76:9b:f2:63:2e:6b:7e:19:28:9c:ef:66:88:3f:50:
27:c1:2e:43:09:5a:91:bc:61:2c:cd:ad:b3:b4:0d:
24:1c:80:4b:29:aa:e9:82:b0:55:48:46:2d:5b:20:
f8:5f:37:2c:8a:e3:ce:b3:cd:6a:a0:72:36:e4:72:
a9:24:73:5d:2f:be:c5:40:dd:2e:54:11:0c:7f:8a:
4b:01:7c:5c:92:fe:87:4c:d4:5e:34:25:19:d0:c4:
c5:da:6f:54:5b:70:b8:5b:5a:c1:a6:37:17:1a:eb:
fa:46:9c:19:cd:5d:3a:a6:d8:2e:19:af:d4:90:fe:
7b:29:34:1a:65:d5:f2:3a:d8:56:03:15:e2:01:52:
4f:fb:4d:b4:4d:88:7e:39:87:5d:53:fa:55:df:96:
f0:d8:f0:9a:46:da:29:ea:b1:6c:89:d3:3b:4a:0f:
59:42:98:00:f2:4a:a3:18:70:f9:50:e8:d5:3e:1a:
4b:92:98:16:c4:8a:a1:be:70:58:bb:41:9c:4b:d9:
98:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:CC:0E:81:C0:C1:14:CA:10:0A:E6:07:6C:46:44:B0:76:67:44:B2
X509v3 Authority Key Identifier:
keyid:4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/R8wOgcDBFMoQCuYHbEZEsHZnRLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/TlFGu04hl0T1jCaOnsYhwY3SKcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.202.0/23
128.65.206.0/23
185.85.195.0/24
Signature Algorithm: sha256WithRSAEncryption
47:fc:5e:2b:96:07:cf:c9:8d:c3:d5:1c:10:5e:2f:9b:7f:cb:
d6:c2:a7:19:6f:c4:1c:6c:1b:c5:09:4e:4b:41:c0:45:d4:a0:
50:d8:2f:a2:58:6d:62:b8:cc:84:a8:d6:95:fd:ca:69:80:17:
80:ca:0a:0e:74:75:dc:33:04:63:73:61:02:67:8b:97:d2:77:
35:20:91:29:ad:c9:f8:ec:e7:fc:9d:5b:44:b6:0a:07:57:45:
d9:f5:13:ae:62:f2:10:43:f7:6a:7d:12:d3:ce:36:b2:b5:82:
c7:d1:98:9c:26:15:41:36:d8:1f:b3:33:7d:e4:d2:ce:f3:42:
b2:be:e0:1c:5e:4c:6a:1b:16:6b:9a:8c:f0:a5:79:5a:86:f6:
f2:9a:77:03:fe:1f:19:58:42:29:a5:68:e9:8d:9a:77:11:2e:
b9:2a:c3:73:96:7a:ca:09:05:bd:d5:de:e9:a2:fc:0f:04:1b:
4b:a4:e2:28:a0:fc:2e:92:d4:9d:ab:6a:aa:62:98:52:df:34:
c8:21:1e:8a:62:61:d0:c2:67:3a:94:e0:ad:58:74:82:e4:3e:
59:7f:5b:2c:b8:04:da:1f:a8:d0:bf:21:d1:fa:04:57:0a:9c:
30:f0:fc:a3:f8:b2:7b:22:d6:77:dd:c6:f3:cc:fe:9c:07:25:
41:8d:ff:34
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbs52s9BVcnW3nau8SnQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTE0NmJiNGUyMTk3NDRmNThjMjY4ZTllYzYyMWMxOGRk
MjI5YzMwHhcNMjQwMTAxMTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2NjMGU4MWMwYzExNGNhMTAwYWU2MDc2YzQ2NDRiMDc2Njc0NGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisUfUVl06oXZhFcREsHZlXlAYcas
XqKKs6nTJ/diEJGo6ZX5RtXBJt0t20RcaTOmtVEElcoLzbpTNHd2m/JjLmt+GSic
72aIP1AnwS5DCVqRvGEsza2ztA0kHIBLKarpgrBVSEYtWyD4XzcsiuPOs81qoHI2
5HKpJHNdL77FQN0uVBEMf4pLAXxckv6HTNReNCUZ0MTF2m9UW3C4W1rBpjcXGuv6
RpwZzV06ptguGa/UkP57KTQaZdXyOthWAxXiAVJP+020TYh+OYddU/pV35bw2PCa
Rtop6rFsidM7Sg9ZQpgA8kqjGHD5UOjVPhpLkpgWxIqhvnBYu0GcS9mYTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEfMDoHAwRTKEArmB2xGRLB2Z0SyMB8GA1UdIwQY
MBaAFE5RRrtOIZdE9Ywmjp7GIcGN0inDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQt
YzkyMGM1MTdkNjAwLzEvUjh3T2djREJGTW9RQ3VZSGJFWkVzSFpuUkxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQtYzkyMGM1MTdkNjAw
LzEvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBgEHKAwQB
gEHOAwQAuVXDMA0GCSqGSIb3DQEBCwUAA4IBAQBH/F4rlgfPyY3D1RwQXi+bf8vW
wqcZb8QcbBvFCU5LQcBF1KBQ2C+iWG1iuMyEqNaV/cppgBeAygoOdHXcMwRjc2EC
Z4uX0nc1IJEprcn47Of8nVtEtgoHV0XZ9ROuYvIQQ/dqfRLTzjaytYLH0ZicJhVB
NtgfszN95NLO80KyvuAcXkxqGxZrmozwpXlahvbymncD/h8ZWEIppWjpjZp3ES65
KsNzlnrKCQW91d7povwPBBtLpOIooPwuktSdq2qqYphS3zTIIR6KYmHQwmc6lOCt
WHSC5D5Zf1ssuATaH6jQvyHR+gRXCpww8Pyj+LJ7ItZ33cbzzP6cByVBjf80
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:16:12 2024 by rpki-client on console-ams.rpki-client.org