Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/6c3125-fff1-4da0-8a32-7664e8a21fc7/1/4opRnbyKa6AqJ8mtge-QmXNZjHU.roa
File: 4opRnbyKa6AqJ8mtge-QmXNZjHU.roa (raw, json)
Hash identifier: yj/CpG4U7lt4+sJ9h071gpt7JUiyStN00sBvpxUR/EY=
Subject key identifier: E2:8A:51:9D:BC:8A:6B:A0:2A:27:C9:AD:81:EF:90:99:73:59:8C:75
Certificate issuer: /CN=6496ae38aedacbbeeee1e093956db3287ae7b53d
Certificate serial: 018CC500AF590117B5D710010D1F73503C2C
Authority key identifier: 64:96:AE:38:AE:DA:CB:BE:EE:E1:E0:93:95:6D:B3:28:7A:E7:B5:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZJauOK7ay77u4eCTlW2zKHrntT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/6c3125-fff1-4da0-8a32-7664e8a21fc7/1/4opRnbyKa6AqJ8mtge-QmXNZjHU.roa
Signing time: Mon 01 Jan 2024 12:30:05 +0000
ROA not before: Mon 01 Jan 2024 12:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28682
IP address blocks: 185.49.0.0/22 maxlen: 22
2a01:9ce0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 28 Nov 2024 12:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:af:59:01:17:b5:d7:10:01:0d:1f:73:50:3c:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6496ae38aedacbbeeee1e093956db3287ae7b53d
Validity
Not Before: Jan 1 12:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e28a519dbc8a6ba02a27c9ad81ef909973598c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9b:96:6f:29:58:3b:2e:45:f4:57:fc:08:66:
c5:9e:f9:ef:c5:0c:89:a9:e3:80:61:6f:92:d0:58:
66:91:e7:d0:9a:0b:c0:de:ff:9d:90:0c:26:46:db:
0a:ce:5d:23:bc:6a:bd:67:94:40:1b:9a:33:7a:46:
8f:ec:6b:14:c6:92:e2:b5:00:4f:66:18:75:26:72:
89:c5:e4:25:6a:52:ad:17:5d:8e:8b:17:94:f0:e8:
62:1d:71:6f:dd:ab:43:e0:4f:04:2d:a8:46:ad:a1:
c4:96:86:fc:f8:df:75:37:6b:09:4e:e0:a0:5c:ec:
d8:06:a3:31:83:da:6a:bd:a9:a9:fa:39:41:f5:d2:
1d:aa:50:ea:63:a4:39:47:02:24:af:38:fa:ef:db:
25:1b:a9:70:20:cd:2f:ad:2f:42:94:cd:05:50:e9:
9d:d3:6b:af:43:ca:d6:85:a7:0b:f8:7e:ee:e3:c5:
24:e1:0d:1d:a9:03:c8:c7:c8:63:3c:59:4f:0d:5a:
06:c8:70:0b:4f:6e:a6:ed:20:09:d5:98:45:01:72:
1f:4a:03:9d:0f:65:59:a6:1e:fa:e6:1a:74:84:64:
bb:cd:2c:48:98:93:ca:de:49:9f:5d:f5:f3:a8:79:
f7:cb:d3:78:73:8e:7a:2f:64:b5:c8:af:35:11:e7:
90:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:8A:51:9D:BC:8A:6B:A0:2A:27:C9:AD:81:EF:90:99:73:59:8C:75
X509v3 Authority Key Identifier:
keyid:64:96:AE:38:AE:DA:CB:BE:EE:E1:E0:93:95:6D:B3:28:7A:E7:B5:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZJauOK7ay77u4eCTlW2zKHrntT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/6c3125-fff1-4da0-8a32-7664e8a21fc7/1/4opRnbyKa6AqJ8mtge-QmXNZjHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/6c3125-fff1-4da0-8a32-7664e8a21fc7/1/ZJauOK7ay77u4eCTlW2zKHrntT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.0.0/22
IPv6:
2a01:9ce0::/32
Signature Algorithm: sha256WithRSAEncryption
29:a6:ff:26:51:03:02:9c:c5:29:97:03:c9:b2:54:fa:49:b0:
4d:83:57:15:81:fc:2b:93:66:99:75:61:b7:85:2c:3e:b0:d8:
7b:93:16:31:4f:66:e9:22:ba:4c:37:e4:f1:32:26:31:25:5b:
ef:c2:8c:42:04:ea:dd:5a:10:9d:00:1b:c1:00:f3:9b:d1:ed:
88:aa:71:a7:90:21:dc:64:66:29:49:51:ba:ef:5d:b4:e3:6c:
cc:ad:fb:26:14:ac:86:76:62:5a:e7:32:f1:2b:74:af:6a:10:
d0:d0:5a:67:39:71:0c:23:75:0b:23:9c:9e:71:aa:b3:15:74:
f6:28:9c:b2:2e:d9:25:7b:ce:9f:e0:31:3c:0b:40:ea:11:dc:
55:2c:97:96:68:18:4a:32:4c:11:19:07:0d:76:f6:39:b7:81:
69:d1:5f:af:45:2f:bd:0c:4d:5f:1e:15:7e:5a:a2:da:5e:cc:
9d:1a:76:28:00:c8:b6:e6:79:cd:a2:58:2d:2c:f9:2c:29:96:
91:13:4b:50:75:f7:98:98:b2:f1:20:a1:31:3d:17:1a:8b:11:
fd:93:27:0c:78:ba:3a:44:3a:34:ca:2f:67:30:7c:6e:bd:59:
85:dd:98:40:79:7a:47:f7:35:b2:22:ee:ae:9d:cd:c3:b9:7c:
c9:92:cb:b0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAK9ZARe11xABDR9zUDwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0OTZhZTM4YWVkYWNiYmVlZWUxZTA5Mzk1NmRiMzI4N2Fl
N2I1M2QwHhcNMjQwMTAxMTIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjhhNTE5ZGJjOGE2YmEwMmEyN2M5YWQ4MWVmOTA5OTczNTk4Yzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpuWbylYOy5F9Ff8CGbFnvnvxQyJ
qeOAYW+S0FhmkefQmgvA3v+dkAwmRtsKzl0jvGq9Z5RAG5ozekaP7GsUxpLitQBP
Zhh1JnKJxeQlalKtF12OixeU8OhiHXFv3atD4E8ELahGraHElob8+N91N2sJTuCg
XOzYBqMxg9pqvamp+jlB9dIdqlDqY6Q5RwIkrzj679slG6lwIM0vrS9ClM0FUOmd
02uvQ8rWhacL+H7u48Uk4Q0dqQPIx8hjPFlPDVoGyHALT26m7SAJ1ZhFAXIfSgOd
D2VZph765hp0hGS7zSxImJPK3kmfXfXzqHn3y9N4c456L2S1yK81EeeQrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOKKUZ28imugKifJrYHvkJlzWYx1MB8GA1UdIwQY
MBaAFGSWrjiu2su+7uHgk5Vtsyh657U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkphdU9LN2F5Nzd1NGVDVGxXMnpLSHJudFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82YzMxMjUtZmZmMS00ZGEwLThhMzIt
NzY2NGU4YTIxZmM3LzEvNG9wUm5ieUthNkFxSjhtdGdlLVFtWE5aakhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82YzMxMjUtZmZmMS00ZGEwLThhMzItNzY2NGU4YTIxZmM3
LzEvWkphdU9LN2F5Nzd1NGVDVGxXMnpLSHJudFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTEAMA0E
AgACMAcDBQAqAZzgMA0GCSqGSIb3DQEBCwUAA4IBAQAppv8mUQMCnMUplwPJslT6
SbBNg1cVgfwrk2aZdWG3hSw+sNh7kxYxT2bpIrpMN+TxMiYxJVvvwoxCBOrdWhCd
ABvBAPOb0e2IqnGnkCHcZGYpSVG6712042zMrfsmFKyGdmJa5zLxK3SvahDQ0Fpn
OXEMI3ULI5yecaqzFXT2KJyyLtkle86f4DE8C0DqEdxVLJeWaBhKMkwRGQcNdvY5
t4Fp0V+vRS+9DE1fHhV+WqLaXsydGnYoAMi25nnNolgtLPksKZaRE0tQdfeYmLLx
IKExPRcaixH9kycMeLo6RDo0yi9nMHxuvVmF3ZhAeXpH9zWyIu6unc3DuXzJksuw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:26 2025 by rpki-client