Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/889667-c5e2-4341-b5eb-455a12bc8302/1/bvFSWdjYHmXw6Dgqt1nHpx4dAXo.roa
File: bvFSWdjYHmXw6Dgqt1nHpx4dAXo.roa (raw, json)
Hash identifier: jNUGsrnjfw/TzNExA39+TCgfozlsQ0UYLVhNkwvCPq4=
Subject key identifier: 6E:F1:52:59:D8:D8:1E:65:F0:E8:38:2A:B7:59:C7:A7:1E:1D:01:7A
Certificate issuer: /CN=233adc97f9826262007f46286591830df58fc55e
Certificate serial: 018CC8DD05F276708333B9C2D35AE8AB7F8A
Authority key identifier: 23:3A:DC:97:F9:82:62:62:00:7F:46:28:65:91:83:0D:F5:8F:C5:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Izrcl_mCYmIAf0YoZZGDDfWPxV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/889667-c5e2-4341-b5eb-455a12bc8302/1/bvFSWdjYHmXw6Dgqt1nHpx4dAXo.roa
Signing time: Tue 02 Jan 2024 06:29:37 +0000
ROA not before: Tue 02 Jan 2024 06:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29585
IP address blocks: 185.102.2.0/24 maxlen: 24
185.102.3.0/24 maxlen: 24
185.102.0.0/24 maxlen: 24
185.102.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:05:f2:76:70:83:33:b9:c2:d3:5a:e8:ab:7f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=233adc97f9826262007f46286591830df58fc55e
Validity
Not Before: Jan 2 06:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ef15259d8d81e65f0e8382ab759c7a71e1d017a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4a:5a:7a:ec:01:49:51:9f:0f:d3:1e:40:53:
eb:50:d8:d4:6b:80:c1:e3:2f:e2:0a:6d:44:db:0f:
a3:c4:ac:4f:e4:7f:71:31:f4:04:86:45:f3:97:76:
e1:93:d1:19:17:90:69:a1:ce:49:8c:d8:d9:5a:99:
50:bc:a9:75:8c:53:f3:c3:f8:46:56:d0:fb:b7:4f:
f9:7b:61:48:07:88:59:95:d8:18:55:d8:c4:d6:d1:
7a:09:c5:47:2e:16:80:d3:7d:7d:d3:d2:b7:9f:a5:
29:34:22:43:9d:08:61:15:ac:ee:9f:45:a3:c6:5c:
2c:9c:e8:9a:41:a3:0b:cf:c5:f6:c5:d0:6a:65:6a:
8b:41:f5:0a:75:6b:0c:69:9f:52:b0:27:d2:b9:50:
8c:43:10:1d:88:7a:ef:1e:1b:62:46:1a:d9:8e:e2:
47:08:63:be:ad:15:0c:5e:97:40:8f:c9:cc:3c:be:
17:3a:73:2d:f2:14:05:b0:06:e4:8a:bc:0d:ca:4a:
73:95:65:39:c6:f0:2a:a7:da:55:48:3d:59:cd:4b:
c1:5d:bf:de:ff:90:ee:70:c4:15:a6:93:b6:af:98:
81:8b:2b:3e:ca:43:95:96:d4:c5:c0:40:3d:22:dd:
e9:9f:20:2f:81:78:75:19:69:3f:43:f5:7f:03:af:
61:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F1:52:59:D8:D8:1E:65:F0:E8:38:2A:B7:59:C7:A7:1E:1D:01:7A
X509v3 Authority Key Identifier:
keyid:23:3A:DC:97:F9:82:62:62:00:7F:46:28:65:91:83:0D:F5:8F:C5:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Izrcl_mCYmIAf0YoZZGDDfWPxV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/889667-c5e2-4341-b5eb-455a12bc8302/1/bvFSWdjYHmXw6Dgqt1nHpx4dAXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/889667-c5e2-4341-b5eb-455a12bc8302/1/Izrcl_mCYmIAf0YoZZGDDfWPxV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.0.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:b9:1c:96:4b:dc:4a:62:cb:73:e9:70:1b:2d:ba:ea:51:69:
95:ca:6a:25:60:a9:e9:a7:3b:be:bf:cf:a6:6f:9d:3f:8e:87:
d9:4d:e2:5a:dd:e8:f8:58:e5:2a:63:ce:6a:02:8a:53:8c:d7:
29:e3:d3:b0:b0:5d:14:8a:5c:a7:c1:c6:73:da:aa:97:2a:ac:
93:05:1c:41:84:b5:6d:01:bd:37:e7:13:22:07:64:ec:9a:a8:
5d:a7:08:ac:cb:e6:0a:ef:6d:3c:05:0b:4b:61:56:20:84:b1:
42:6a:73:31:3d:fc:63:4b:d3:14:e4:8a:c1:3c:e1:85:dc:f2:
a2:7c:9e:63:a3:7e:51:b4:0b:fa:01:82:a5:77:ab:19:93:cb:
0d:28:be:81:d3:38:61:7c:cd:0d:4f:4b:bb:fb:95:88:b0:c8:
54:9f:03:7a:c5:08:86:97:03:02:8e:39:b0:fe:20:62:eb:f6:
58:bf:35:4a:a1:34:e8:57:df:94:3c:a8:46:99:74:89:32:f3:
80:61:d4:5c:b0:b2:8f:9e:91:54:a1:09:6b:78:dd:ea:1e:c4:
80:5a:f3:1c:d3:0b:9e:2f:c1:79:85:65:af:a6:69:b1:9d:0b:
27:cc:3b:05:20:ad:b8:0f:1f:e2:7f:4e:ea:4a:92:f4:d5:3f:
a0:6c:3f:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3QXydnCDM7nC01roq3+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzM2FkYzk3Zjk4MjYyNjIwMDdmNDYyODY1OTE4MzBkZjU4
ZmM1NWUwHhcNMjQwMTAyMDYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWYxNTI1OWQ4ZDgxZTY1ZjBlODM4MmFiNzU5YzdhNzFlMWQwMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUpaeuwBSVGfD9MeQFPrUNjUa4DB
4y/iCm1E2w+jxKxP5H9xMfQEhkXzl3bhk9EZF5Bpoc5JjNjZWplQvKl1jFPzw/hG
VtD7t0/5e2FIB4hZldgYVdjE1tF6CcVHLhaA031909K3n6UpNCJDnQhhFazun0Wj
xlwsnOiaQaMLz8X2xdBqZWqLQfUKdWsMaZ9SsCfSuVCMQxAdiHrvHhtiRhrZjuJH
CGO+rRUMXpdAj8nMPL4XOnMt8hQFsAbkirwNykpzlWU5xvAqp9pVSD1ZzUvBXb/e
/5DucMQVppO2r5iBiys+ykOVltTFwEA9It3pnyAvgXh1GWk/Q/V/A69hPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7xUlnY2B5l8Og4KrdZx6ceHQF6MB8GA1UdIwQY
MBaAFCM63Jf5gmJiAH9GKGWRgw31j8VeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpyY2xfbUNZbUlBZjBZb1paR0REZldQeFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy84ODk2NjctYzVlMi00MzQxLWI1ZWIt
NDU1YTEyYmM4MzAyLzEvYnZGU1dkallIbVh3NkRncXQxbkhweDRkQVhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy84ODk2NjctYzVlMi00MzQxLWI1ZWItNDU1YTEyYmM4MzAy
LzEvSXpyY2xfbUNZbUlBZjBZb1paR0REZldQeFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWYAMA0G
CSqGSIb3DQEBCwUAA4IBAQCcuRyWS9xKYstz6XAbLbrqUWmVymolYKnppzu+v8+m
b50/jofZTeJa3ej4WOUqY85qAopTjNcp49OwsF0UilynwcZz2qqXKqyTBRxBhLVt
Ab035xMiB2Tsmqhdpwisy+YK7208BQtLYVYghLFCanMxPfxjS9MU5IrBPOGF3PKi
fJ5jo35RtAv6AYKld6sZk8sNKL6B0zhhfM0NT0u7+5WIsMhUnwN6xQiGlwMCjjmw
/iBi6/ZYvzVKoTToV9+UPKhGmXSJMvOAYdRcsLKPnpFUoQlreN3qHsSAWvMc0wue
L8F5hWWvpmmxnQsnzDsFIK24Dx/if07qSpL01T+gbD8d
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:52 2025 by rpki-client