Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/4c043c-5fcd-48cb-bd50-c596af2a42ba/1/dSbhL2yPOCTfM8yX6RxNH--tyk4.roa
File: dSbhL2yPOCTfM8yX6RxNH--tyk4.roa (raw, json)
Hash identifier: hfjZ/nFOt8IskNPeS9G8zTEwfdBB7x8lslc+hfsCKTo=
Subject key identifier: 75:26:E1:2F:6C:8F:38:24:DF:33:CC:97:E9:1C:4D:1F:EF:AD:CA:4E
Certificate issuer: /CN=3e17837a10db1d3dd73e20df0b479e40db2236fe
Certificate serial: 018CC94E54908EBE79C5C240D9E7920A0E47
Authority key identifier: 3E:17:83:7A:10:DB:1D:3D:D7:3E:20:DF:0B:47:9E:40:DB:22:36:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PheDehDbHT3XPiDfC0eeQNsiNv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/4c043c-5fcd-48cb-bd50-c596af2a42ba/1/dSbhL2yPOCTfM8yX6RxNH--tyk4.roa
Signing time: Tue 02 Jan 2024 08:33:23 +0000
ROA not before: Tue 02 Jan 2024 08:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201730
IP address blocks: 185.173.148.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:54:90:8e:be:79:c5:c2:40:d9:e7:92:0a:0e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e17837a10db1d3dd73e20df0b479e40db2236fe
Validity
Not Before: Jan 2 08:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7526e12f6c8f3824df33cc97e91c4d1fefadca4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:01:4f:fd:f5:2d:17:f8:a0:9b:49:3b:3e:b6:
78:dd:95:22:1f:f0:a0:dd:d1:6b:aa:16:c7:1d:8d:
72:b0:0e:e5:93:15:f8:2a:4c:96:ac:e0:30:f5:bf:
07:dc:7b:02:8a:e7:b4:1b:09:f1:74:34:f4:af:79:
62:8a:c1:02:13:96:50:76:4f:9d:c0:f7:59:88:fa:
9a:3f:4f:fb:3a:5b:e4:17:43:fb:d3:0d:54:7f:99:
80:46:b2:34:6b:bc:3c:eb:10:42:59:af:2c:9e:46:
1d:9a:91:1b:1e:7a:0c:76:dd:e9:ae:75:0a:8a:f3:
a3:e1:92:7f:3e:fe:2c:c2:98:da:0f:a6:00:17:2a:
1d:43:9e:9d:af:85:07:70:3e:5f:a2:76:18:78:e3:
b8:df:39:95:55:29:f7:f1:b1:74:ad:62:6a:4b:b4:
33:84:16:b3:b4:97:57:b2:cb:c9:49:f3:27:e8:2a:
78:50:51:9b:36:a1:d0:e4:49:a0:22:ec:d6:1d:86:
57:22:78:15:ef:8b:a9:b5:d1:a6:a0:31:26:b2:a3:
08:5d:c7:99:05:a6:e0:7c:e2:14:0d:e3:f8:d9:55:
5f:73:4d:c5:2d:a9:ac:2b:d5:f6:05:ea:b6:21:66:
59:75:c6:20:2a:3c:10:37:a8:c5:e1:54:67:44:a5:
2d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:26:E1:2F:6C:8F:38:24:DF:33:CC:97:E9:1C:4D:1F:EF:AD:CA:4E
X509v3 Authority Key Identifier:
keyid:3E:17:83:7A:10:DB:1D:3D:D7:3E:20:DF:0B:47:9E:40:DB:22:36:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PheDehDbHT3XPiDfC0eeQNsiNv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/4c043c-5fcd-48cb-bd50-c596af2a42ba/1/dSbhL2yPOCTfM8yX6RxNH--tyk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/4c043c-5fcd-48cb-bd50-c596af2a42ba/1/PheDehDbHT3XPiDfC0eeQNsiNv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.148.0/22
Signature Algorithm: sha256WithRSAEncryption
73:46:54:da:88:14:35:75:54:a1:78:4c:7c:12:b5:0a:ee:ca:
f5:07:43:70:64:35:70:59:d2:38:d7:7f:1f:93:76:63:5f:ca:
da:1e:65:a7:97:fe:87:30:ce:3a:c8:9e:42:60:3a:c7:19:0d:
94:89:8d:88:28:2c:98:cb:0b:89:1c:1c:bd:19:fc:b7:02:65:
56:d6:e2:1b:18:38:d0:9a:df:ea:e7:6b:44:32:72:24:05:a2:
95:33:3a:35:ee:2b:b2:a2:f8:d4:71:22:bd:91:d2:a1:45:de:
54:60:7c:04:6f:5a:e7:15:12:1b:3e:90:03:14:b8:07:e5:75:
9d:8f:db:40:a7:fb:7e:52:80:be:7e:62:8c:3c:23:3b:77:ed:
44:25:23:d6:b0:66:1e:12:33:bd:99:e6:56:fd:da:36:3a:8a:
a4:73:7c:25:12:e9:56:3d:75:81:92:50:e5:2b:a7:53:98:a8:
d9:bd:3f:1b:28:d7:06:f1:83:ad:44:96:7d:20:18:ad:32:f4:
2a:8f:93:d1:fe:cf:2c:71:78:e6:6f:9d:53:0e:51:b5:42:81:
27:77:ed:82:b1:51:9b:f6:37:3d:53:9b:c7:5a:a2:a3:af:81:
ec:81:2b:a4:97:a1:50:47:72:84:73:11:b3:20:1e:17:31:50:
3f:c5:81:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTlSQjr55xcJA2eeSCg5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMTc4MzdhMTBkYjFkM2RkNzNlMjBkZjBiNDc5ZTQwZGIy
MjM2ZmUwHhcNMjQwMTAyMDgzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTI2ZTEyZjZjOGYzODI0ZGYzM2NjOTdlOTFjNGQxZmVmYWRjYTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAFP/fUtF/igm0k7PrZ43ZUiH/Cg
3dFrqhbHHY1ysA7lkxX4KkyWrOAw9b8H3HsCiue0GwnxdDT0r3liisECE5ZQdk+d
wPdZiPqaP0/7OlvkF0P70w1Uf5mARrI0a7w86xBCWa8snkYdmpEbHnoMdt3prnUK
ivOj4ZJ/Pv4swpjaD6YAFyodQ56dr4UHcD5fonYYeOO43zmVVSn38bF0rWJqS7Qz
hBaztJdXssvJSfMn6Cp4UFGbNqHQ5EmgIuzWHYZXIngV74uptdGmoDEmsqMIXceZ
BabgfOIUDeP42VVfc03FLamsK9X2Beq2IWZZdcYgKjwQN6jF4VRnRKUtzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUm4S9sjzgk3zPMl+kcTR/vrcpOMB8GA1UdIwQY
MBaAFD4Xg3oQ2x091z4g3wtHnkDbIjb+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGhlRGVoRGJIVDNYUGlEZkMwZWVRTnNpTnY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS80YzA0M2MtNWZjZC00OGNiLWJkNTAt
YzU5NmFmMmE0MmJhLzEvZFNiaEwyeVBPQ1RmTTh5WDZSeE5ILS10eWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS80YzA0M2MtNWZjZC00OGNiLWJkNTAtYzU5NmFmMmE0MmJh
LzEvUGhlRGVoRGJIVDNYUGlEZkMwZWVRTnNpTnY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCua2UMA0G
CSqGSIb3DQEBCwUAA4IBAQBzRlTaiBQ1dVSheEx8ErUK7sr1B0NwZDVwWdI4138f
k3ZjX8raHmWnl/6HMM46yJ5CYDrHGQ2UiY2IKCyYywuJHBy9Gfy3AmVW1uIbGDjQ
mt/q52tEMnIkBaKVMzo17iuyovjUcSK9kdKhRd5UYHwEb1rnFRIbPpADFLgH5XWd
j9tAp/t+UoC+fmKMPCM7d+1EJSPWsGYeEjO9meZW/do2Ooqkc3wlEulWPXWBklDl
K6dTmKjZvT8bKNcG8YOtRJZ9IBitMvQqj5PR/s8scXjmb51TDlG1QoEnd+2CsVGb
9jc9U5vHWqKjr4HsgSukl6FQR3KEcxGzIB4XMVA/xYGI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:33 2025 by rpki-client