Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/1hWhwV1bkQXOfj3OnDWt5Cct3l8.roa
File: 1hWhwV1bkQXOfj3OnDWt5Cct3l8.roa (raw, json)
Hash identifier: FkflQtFXJGqugy6N4yAFxxXdi7OXFFhHDID7LIfhbh8=
Subject key identifier: D6:15:A1:C1:5D:5B:91:05:CE:7E:3D:CE:9C:35:AD:E4:27:2D:DE:5F
Certificate issuer: /CN=cd4065967dec092b5fc90152e4a95339ba1d2289
Certificate serial: 018CC86FCB43264D803F5F6FAB3E5EB291D5
Authority key identifier: CD:40:65:96:7D:EC:09:2B:5F:C9:01:52:E4:A9:53:39:BA:1D:22:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/1hWhwV1bkQXOfj3OnDWt5Cct3l8.roa
Signing time: Tue 02 Jan 2024 04:30:18 +0000
ROA not before: Tue 02 Jan 2024 04:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 185.144.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:cb:43:26:4d:80:3f:5f:6f:ab:3e:5e:b2:91:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd4065967dec092b5fc90152e4a95339ba1d2289
Validity
Not Before: Jan 2 04:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d615a1c15d5b9105ce7e3dce9c35ade4272dde5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:69:89:ef:37:74:d5:dc:84:b5:16:5d:24:f6:
6c:d4:95:62:be:51:96:20:98:a3:bd:3d:1d:1e:f9:
af:dd:41:7d:d7:a1:ac:d9:4e:ed:43:71:b0:2a:df:
89:7b:80:94:50:81:c5:55:2c:1a:35:81:9b:75:aa:
7a:1c:90:2c:94:0b:81:cb:7d:b1:f1:e1:b5:53:4d:
c6:d8:e6:9b:a9:8f:97:0c:79:93:f5:73:35:0d:08:
63:6b:63:3d:2a:6a:bb:49:55:62:8f:d3:c1:30:b8:
fc:0e:0b:56:f8:c3:40:35:bc:ae:a9:e4:e7:9f:7f:
53:a0:78:a7:1b:ad:4b:9f:18:ab:43:7b:3b:fc:f4:
ca:a6:be:80:85:e8:a4:62:c0:16:eb:87:d3:35:82:
7b:f3:d3:dd:3d:89:e7:4c:09:bd:db:f6:eb:d3:63:
e5:85:48:d1:b7:83:3a:c8:e9:73:c2:ed:14:a4:fa:
2f:64:6a:c9:05:aa:a1:c9:64:97:a5:83:1f:39:49:
31:6d:9f:03:aa:b0:9d:29:cc:7c:55:ec:7d:62:fa:
cf:fd:b6:4f:23:ab:d8:7e:c8:d4:8e:be:16:35:c2:
66:c3:95:d0:28:6e:bf:ef:50:21:3b:83:82:ef:95:
27:43:9c:b7:db:d7:19:f6:df:a5:30:9c:16:ba:69:
28:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:15:A1:C1:5D:5B:91:05:CE:7E:3D:CE:9C:35:AD:E4:27:2D:DE:5F
X509v3 Authority Key Identifier:
keyid:CD:40:65:96:7D:EC:09:2B:5F:C9:01:52:E4:A9:53:39:BA:1D:22:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/1hWhwV1bkQXOfj3OnDWt5Cct3l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.12.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:8b:6f:1d:17:dc:29:86:a4:88:c7:30:37:60:50:2d:8c:9b:
76:4b:2c:d3:f1:f0:e5:83:93:3b:58:1c:e3:78:03:3e:3e:71:
9c:b4:ae:12:a2:2c:d1:7d:4d:69:aa:e6:90:2f:cf:02:01:f4:
60:b8:4f:ea:ec:94:59:24:52:ed:ab:f3:ed:82:10:51:c5:90:
05:49:90:0a:7d:74:4a:95:99:f8:25:ab:80:5d:e7:0e:64:8b:
dc:db:f7:8a:3d:c7:cf:a9:11:6f:18:06:69:30:f5:cc:53:0e:
de:0b:3b:81:fd:65:9b:fe:04:92:c1:6a:37:11:a6:09:90:1a:
de:28:b7:ff:60:48:4c:c4:b0:48:76:e0:43:1a:63:87:21:4c:
96:48:aa:bc:2d:dc:c4:71:57:e9:96:c5:04:4c:51:ce:c0:e8:
3d:f6:5b:28:3d:15:4f:35:4c:e2:d2:41:0c:b6:13:5f:b5:ad:
bd:10:8d:0f:b5:5c:47:7a:b0:70:5f:8e:1a:96:65:f7:75:10:
b3:fe:0f:3e:cf:a7:b1:7f:ed:2a:5d:c7:0a:ae:7d:89:82:8f:
d6:19:cd:a0:e0:0b:89:fa:7b:d6:e8:bf:e2:63:53:18:cc:83:
c2:64:14:cd:72:af:bb:7b:c4:08:4c:c0:a5:7e:3d:4f:6d:6d:
b9:97:4a:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb8tDJk2AP19vqz5espHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNDA2NTk2N2RlYzA5MmI1ZmM5MDE1MmU0YTk1MzM5YmEx
ZDIyODkwHhcNMjQwMTAyMDQzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjE1YTFjMTVkNWI5MTA1Y2U3ZTNkY2U5YzM1YWRlNDI3MmRkZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2mJ7zd01dyEtRZdJPZs1JVivlGW
IJijvT0dHvmv3UF916Gs2U7tQ3GwKt+Je4CUUIHFVSwaNYGbdap6HJAslAuBy32x
8eG1U03G2OabqY+XDHmT9XM1DQhja2M9Kmq7SVVij9PBMLj8DgtW+MNANbyuqeTn
n39ToHinG61LnxirQ3s7/PTKpr6AheikYsAW64fTNYJ789PdPYnnTAm92/br02Pl
hUjRt4M6yOlzwu0UpPovZGrJBaqhyWSXpYMfOUkxbZ8DqrCdKcx8Vex9YvrP/bZP
I6vYfsjUjr4WNcJmw5XQKG6/71AhO4OC75UnQ5y329cZ9t+lMJwWumkoVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYVocFdW5EFzn49zpw1reQnLd5fMB8GA1UdIwQY
MBaAFM1AZZZ97AkrX8kBUuSpUzm6HSKJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85NDRmMmEtZjY3My00MmJmLTllM2Qt
ZWRjZWY3NDUxZWY0LzEvMWhXaHdWMWJrUVhPZmozT25EV3Q1Q2N0M2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85NDRmMmEtZjY3My00MmJmLTllM2QtZWRjZWY3NDUxZWY0
LzEvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZAMMA0G
CSqGSIb3DQEBCwUAA4IBAQCoi28dF9wphqSIxzA3YFAtjJt2SyzT8fDlg5M7WBzj
eAM+PnGctK4SoizRfU1pquaQL88CAfRguE/q7JRZJFLtq/PtghBRxZAFSZAKfXRK
lZn4JauAXecOZIvc2/eKPcfPqRFvGAZpMPXMUw7eCzuB/WWb/gSSwWo3EaYJkBre
KLf/YEhMxLBIduBDGmOHIUyWSKq8LdzEcVfplsUETFHOwOg99lsoPRVPNUzi0kEM
thNfta29EI0PtVxHerBwX44almX3dRCz/g8+z6exf+0qXccKrn2Jgo/WGc2g4AuJ
+nvW6L/iY1MYzIPCZBTNcq+7e8QITMClfj1PbW25l0oG
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:53:17 2025 by rpki-client