Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/4CUwsxsXUb8fJAAyXSs7xTJpVMI.roa
File: 4CUwsxsXUb8fJAAyXSs7xTJpVMI.roa (raw, json)
Hash identifier: oR7antQh76CEhDHFFXZkqPEYbaa+khvLRPgJ25BC7i8=
Subject key identifier: E0:25:30:B3:1B:17:51:BF:1F:24:00:32:5D:2B:3B:C5:32:69:54:C2
Certificate issuer: /CN=ad7d8de8ca061ea164e671c34eb3377f5736bbc3
Certificate serial: 018CC725811EAB3ECEDE0093622C43FF940E
Authority key identifier: AD:7D:8D:E8:CA:06:1E:A1:64:E6:71:C3:4E:B3:37:7F:57:36:BB:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rX2N6MoGHqFk5nHDTrM3f1c2u8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/4CUwsxsXUb8fJAAyXSs7xTJpVMI.roa
Signing time: Mon 01 Jan 2024 22:29:33 +0000
ROA not before: Mon 01 Jan 2024 22:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33796
IP address blocks: 84.238.0.0/17 maxlen: 17
185.197.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:81:1e:ab:3e:ce:de:00:93:62:2c:43:ff:94:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad7d8de8ca061ea164e671c34eb3377f5736bbc3
Validity
Not Before: Jan 1 22:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e02530b31b1751bf1f2400325d2b3bc5326954c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fb:7c:6f:9a:98:b3:67:10:be:3f:ae:7f:b6:
1c:1e:83:66:86:8e:58:f6:99:45:4a:53:54:10:e6:
39:54:9d:6f:6d:23:b9:f1:b6:04:ac:11:68:45:3b:
e7:26:27:fb:cf:b1:a0:06:95:5b:ac:d0:b8:b6:4d:
62:5b:e9:10:ff:93:88:44:8e:e9:d1:35:a4:8a:51:
31:73:fc:24:9f:30:91:9f:0f:4e:0b:35:72:ac:33:
b3:b8:32:26:9c:2e:7f:b9:36:02:de:e6:3f:65:4f:
56:ef:b4:fb:82:fc:83:33:67:ed:3e:e2:8c:eb:99:
ff:99:71:8d:fe:d1:aa:5a:e0:c0:68:0a:fc:58:43:
3f:58:b6:a2:5f:f6:9f:3b:de:d6:93:ce:11:94:76:
f1:ff:2a:7f:28:af:37:3b:14:d3:94:2f:56:57:29:
f1:c4:7e:0b:42:eb:8f:3a:a4:2b:1b:f0:ac:6d:12:
b9:c6:44:b7:a9:6b:22:f8:46:db:c9:1b:49:14:9d:
ce:12:cc:f2:f6:0c:e4:a5:96:cc:25:90:97:24:b4:
7f:14:2e:fb:0d:46:29:3a:15:b0:92:54:fd:c8:d7:
f7:c6:8a:cf:50:7f:9d:22:69:6e:a0:c2:e4:fa:91:
5f:3d:40:fd:b7:fa:1a:88:e9:b0:73:8f:ac:55:b7:
32:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:25:30:B3:1B:17:51:BF:1F:24:00:32:5D:2B:3B:C5:32:69:54:C2
X509v3 Authority Key Identifier:
keyid:AD:7D:8D:E8:CA:06:1E:A1:64:E6:71:C3:4E:B3:37:7F:57:36:BB:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rX2N6MoGHqFk5nHDTrM3f1c2u8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/4CUwsxsXUb8fJAAyXSs7xTJpVMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/rX2N6MoGHqFk5nHDTrM3f1c2u8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.238.0.0/17
185.197.168.0/22
Signature Algorithm: sha256WithRSAEncryption
82:60:02:08:f2:f6:33:5f:ca:1a:cb:de:25:5c:49:e7:e6:ac:
55:5a:f4:a1:80:15:81:77:c8:b7:18:5f:12:5f:54:df:07:ce:
b2:7e:fc:25:68:fe:b5:ab:40:ca:b7:2d:d0:b5:a4:fa:29:77:
af:ff:ee:91:25:05:a6:32:7e:46:3c:cf:0b:3a:6d:dc:f2:8e:
65:05:54:16:bf:e0:8f:62:6f:94:61:ee:15:fe:36:13:cd:7d:
53:67:e8:99:d2:3e:a7:b3:67:e3:55:cf:87:d8:4c:64:9c:24:
9e:cd:17:1a:c7:1f:db:9b:06:71:06:39:03:33:f1:43:7b:bf:
b4:29:00:02:d9:1d:93:fb:dc:c3:71:bb:e7:a7:f7:46:3a:94:
a9:c2:08:a5:c9:0d:b6:70:d6:5f:af:9e:01:10:51:fe:81:cf:
1e:8f:b2:4d:bb:44:11:ee:41:43:de:c7:70:84:56:17:48:7c:
6a:a9:c5:a5:e1:1c:67:bb:90:63:f0:e5:12:cc:03:09:c4:05:
a8:d1:03:5b:1b:7b:27:4c:39:f5:07:30:8b:f6:0f:f1:a4:8c:
a6:ff:0d:30:a2:62:35:ef:10:3a:53:b9:4a:92:fc:f8:9f:49:
e8:84:44:43:84:06:43:c4:9b:d2:4e:d1:5a:18:bd:e2:e9:14:
f1:25:ca:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJYEeqz7O3gCTYixD/5QOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkN2Q4ZGU4Y2EwNjFlYTE2NGU2NzFjMzRlYjMzNzdmNTcz
NmJiYzMwHhcNMjQwMTAxMjIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDI1MzBiMzFiMTc1MWJmMWYyNDAwMzI1ZDJiM2JjNTMyNjk1NGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoft8b5qYs2cQvj+uf7YcHoNmho5Y
9plFSlNUEOY5VJ1vbSO58bYErBFoRTvnJif7z7GgBpVbrNC4tk1iW+kQ/5OIRI7p
0TWkilExc/wknzCRnw9OCzVyrDOzuDImnC5/uTYC3uY/ZU9W77T7gvyDM2ftPuKM
65n/mXGN/tGqWuDAaAr8WEM/WLaiX/afO97Wk84RlHbx/yp/KK83OxTTlC9WVynx
xH4LQuuPOqQrG/CsbRK5xkS3qWsi+EbbyRtJFJ3OEszy9gzkpZbMJZCXJLR/FC77
DUYpOhWwklT9yNf3xorPUH+dImluoMLk+pFfPUD9t/oaiOmwc4+sVbcybQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOAlMLMbF1G/HyQAMl0rO8UyaVTCMB8GA1UdIwQY
MBaAFK19jejKBh6hZOZxw06zN39XNrvDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclgyTjZNb0dIcUZrNW5IRFRyTTNmMWMydThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hMDg1MjAtN2YwNi00ZjEyLTg2NDAt
NDk3ODVmY2RkOWM0LzEvNENVd3N4c1hVYjhmSkFBeVhTczd4VEpwVk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hMDg1MjAtN2YwNi00ZjEyLTg2NDAtNDk3ODVmY2RkOWM0
LzEvclgyTjZNb0dIcUZrNW5IRFRyTTNmMWMydThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHVO4AAwQC
ucWoMA0GCSqGSIb3DQEBCwUAA4IBAQCCYAII8vYzX8oay94lXEnn5qxVWvShgBWB
d8i3GF8SX1TfB86yfvwlaP61q0DKty3QtaT6KXev/+6RJQWmMn5GPM8LOm3c8o5l
BVQWv+CPYm+UYe4V/jYTzX1TZ+iZ0j6ns2fjVc+H2ExknCSezRcaxx/bmwZxBjkD
M/FDe7+0KQAC2R2T+9zDcbvnp/dGOpSpwgilyQ22cNZfr54BEFH+gc8ej7JNu0QR
7kFD3sdwhFYXSHxqqcWl4Rxnu5Bj8OUSzAMJxAWo0QNbG3snTDn1BzCL9g/xpIym
/w0womI17xA6U7lKkvz4n0nohERDhAZDxJvSTtFaGL3i6RTxJcqO
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:20:29 2025 by rpki-client