Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/tJShfwpmBwIrgy9MBByyIRLfqA0.roa
File: tJShfwpmBwIrgy9MBByyIRLfqA0.roa (raw, json)
Hash identifier: dimL+edZp9i9FC9rvx8d9LkAUwaMcBSbuLmmzLk97vc=
Subject key identifier: B4:94:A1:7F:0A:66:07:02:2B:83:2F:4C:04:1C:B2:21:12:DF:A8:0D
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0194ADF4C2899E3B42E136FB9FC4D50F61F7
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/tJShfwpmBwIrgy9MBByyIRLfqA0.roa
Signing time: Tue 28 Jan 2025 17:28:06 +0000
ROA not before: Tue 28 Jan 2025 17:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 11798
IP address blocks: 185.207.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 17:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:f4:c2:89:9e:3b:42:e1:36:fb:9f:c4:d5:0f:61:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 28 17:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b494a17f0a6607022b832f4c041cb22112dfa80d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:15:2c:ee:62:50:f2:58:fc:3a:f9:25:96:7c:
49:aa:1e:1d:19:a1:14:2b:ec:0c:8f:86:a3:58:c3:
24:b6:9e:8c:f6:dd:5d:a3:24:8d:32:55:17:7e:be:
43:88:12:6a:24:70:5b:5c:67:6d:e3:23:79:79:9f:
26:84:a1:e3:c8:01:1a:d3:dd:15:9b:e4:bc:08:db:
93:45:40:ca:4b:54:ce:ec:56:2b:96:c4:7d:ac:6e:
81:bd:12:c7:5a:36:e1:b3:b2:7f:a2:a1:c4:bc:57:
3d:b3:a2:9f:6d:33:ae:b7:05:68:ef:c9:f9:55:e4:
43:0a:91:fb:17:cf:0a:ef:d9:b9:6b:3e:79:21:9f:
03:93:c1:f6:41:c8:e0:d7:ef:a8:c0:00:34:fa:8f:
a5:de:ec:86:30:10:b8:f7:1f:cc:ed:fb:76:09:a0:
c8:9a:5a:a3:94:e2:c2:e7:ac:96:fb:e0:30:94:6e:
fb:84:73:bd:5e:c9:fd:28:c1:ed:78:e7:55:f9:2a:
69:cb:b2:24:18:cd:fe:d5:8a:a6:53:9c:5a:c8:48:
22:81:49:fc:9c:b6:d2:05:42:ff:6b:31:f5:df:8c:
fe:af:46:d8:3c:24:59:d4:4e:a8:b0:34:aa:af:46:
a4:bb:39:a6:f7:a2:ba:33:fb:a0:66:78:52:6e:72:
ee:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:94:A1:7F:0A:66:07:02:2B:83:2F:4C:04:1C:B2:21:12:DF:A8:0D
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/tJShfwpmBwIrgy9MBByyIRLfqA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.135.0/24
Signature Algorithm: sha256WithRSAEncryption
09:0b:f4:0a:3c:f8:0e:7c:8d:f0:fe:a9:88:6f:f8:5c:de:b3:
64:f7:2f:d0:7d:af:79:a0:c3:60:ca:5b:4d:c7:7b:98:11:7a:
e2:6e:2a:f1:d2:15:9f:75:14:0f:92:c2:1c:54:25:c4:b0:e5:
ce:5f:97:da:72:07:9b:09:ea:4f:53:63:3a:56:eb:5e:8b:54:
e2:6d:bb:ff:28:a7:c2:5a:86:5c:91:a5:ea:1f:d2:7f:07:0b:
d9:3a:ab:99:dd:7d:f0:00:40:25:2e:1f:06:9f:43:fa:dc:1a:
a2:5d:ae:6f:55:20:97:3f:90:5e:0f:85:f0:e1:42:9b:2c:72:
a2:10:e7:5b:ca:6e:66:65:89:ea:02:75:9a:0e:97:18:56:36:
fc:a9:04:24:dc:79:cc:8e:59:de:2f:a5:1c:32:e8:61:6b:1f:
9d:84:90:c6:0e:7e:e8:6f:8e:22:11:b6:af:25:52:de:6f:d7:
b2:4f:14:32:49:57:b8:25:5a:ab:bc:83:8d:37:d2:30:c8:c8:
e9:be:f5:90:5c:8e:5d:d3:31:23:54:c7:1c:71:cc:a0:e1:31:
f8:84:a8:35:cb:8e:e1:01:0b:c7:d7:0a:cf:72:b8:3f:95:82:
78:4a:33:2f:c0:c1:12:c9:ed:57:a5:cb:b1:ee:2c:b4:3d:dc:
36:7e:9d:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSt9MKJnjtC4Tb7n8TVD2H3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTI4MTcyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDk0YTE3ZjBhNjYwNzAyMmI4MzJmNGMwNDFjYjIyMTEyZGZhODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RUs7mJQ8lj8OvkllnxJqh4dGaEU
K+wMj4ajWMMktp6M9t1doySNMlUXfr5DiBJqJHBbXGdt4yN5eZ8mhKHjyAEa090V
m+S8CNuTRUDKS1TO7FYrlsR9rG6BvRLHWjbhs7J/oqHEvFc9s6KfbTOutwVo78n5
VeRDCpH7F88K79m5az55IZ8Dk8H2Qcjg1++owAA0+o+l3uyGMBC49x/M7ft2CaDI
mlqjlOLC56yW++AwlG77hHO9Xsn9KMHteOdV+Sppy7IkGM3+1YqmU5xayEgigUn8
nLbSBUL/azH134z+r0bYPCRZ1E6osDSqr0akuzmm96K6M/ugZnhSbnLu+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSUoX8KZgcCK4MvTAQcsiES36gNMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvdEpTaGZ3cG1Cd0lyZ3k5TUJCeXlJUkxmcUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc+HMA0G
CSqGSIb3DQEBCwUAA4IBAQAJC/QKPPgOfI3w/qmIb/hc3rNk9y/Qfa95oMNgyltN
x3uYEXribirx0hWfdRQPksIcVCXEsOXOX5facgebCepPU2M6Vutei1Tibbv/KKfC
WoZckaXqH9J/BwvZOquZ3X3wAEAlLh8Gn0P63BqiXa5vVSCXP5BeD4Xw4UKbLHKi
EOdbym5mZYnqAnWaDpcYVjb8qQQk3HnMjlneL6UcMuhhax+dhJDGDn7ob44iEbav
JVLeb9eyTxQySVe4JVqrvIONN9IwyMjpvvWQXI5d0zEjVMccccyg4TH4hKg1y47h
AQvH1wrPcrg/lYJ4SjMvwMESye1Xpcux7iy0Pdw2fp0J
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:34 2025 by rpki-client