Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/cd33d5-7bba-49e4-9ab0-78f6c804773d/1/H4-v6OLCzwllBiGiV-e0PsYjCsM.roa
File: H4-v6OLCzwllBiGiV-e0PsYjCsM.roa (raw, json)
Hash identifier: OiD01gnjrzMfZfOrfDIwAaK+MxfO0u4a0h2ohhHsu9Q=
Subject key identifier: 1F:8F:AF:E8:E2:C2:CF:09:65:06:21:A2:57:E7:B4:3E:C6:23:0A:C3
Certificate issuer: /CN=afadf7c5f82dbc0b1dba3282862d53ec887d5c66
Certificate serial: 019194207BFD1F84763AF8CA6C16DB336AA7
Authority key identifier: AF:AD:F7:C5:F8:2D:BC:0B:1D:BA:32:82:86:2D:53:EC:88:7D:5C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r633xfgtvAsdujKChi1T7Ih9XGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/cd33d5-7bba-49e4-9ab0-78f6c804773d/1/H4-v6OLCzwllBiGiV-e0PsYjCsM.roa
Signing time: Tue 27 Aug 2024 13:57:22 +0000
ROA not before: Tue 27 Aug 2024 13:57:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204787
IP address blocks: 185.240.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:94:20:7b:fd:1f:84:76:3a:f8:ca:6c:16:db:33:6a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afadf7c5f82dbc0b1dba3282862d53ec887d5c66
Validity
Not Before: Aug 27 13:57:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f8fafe8e2c2cf09650621a257e7b43ec6230ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:da:9d:a2:7b:46:25:eb:bb:bb:c0:68:2b:3d:
f9:87:d1:a1:2a:e2:c4:9f:03:72:5e:4a:74:4b:37:
15:17:b9:bd:2b:ab:b1:fc:92:39:5a:8c:58:c0:e2:
01:78:88:6a:77:84:b1:48:be:b8:3b:5b:0b:db:a6:
fb:71:83:82:f9:90:80:73:9f:7e:6b:74:65:d6:57:
06:4a:ef:54:0a:b8:ca:1e:21:23:4b:00:f9:ff:8c:
f3:e7:a7:e2:5d:de:c4:5b:cf:e0:6c:ff:07:7f:3a:
26:b1:9a:41:4d:5d:14:a7:41:14:dc:01:38:b0:3b:
e8:31:c4:cc:92:3d:af:6d:70:30:a8:35:94:e5:33:
eb:e8:42:8f:30:de:36:2a:f5:11:f8:f6:89:08:2a:
25:e9:5f:1c:94:ec:93:48:4d:bb:5d:ae:b1:cb:24:
7d:ef:e2:b5:a7:64:65:06:85:e8:85:e6:e2:1f:74:
f3:fd:67:81:a7:f0:47:55:98:9f:bc:c5:3f:d5:aa:
0a:5d:30:40:30:08:2d:c5:dc:29:a3:26:89:99:9f:
29:e1:f0:d4:3f:3c:67:b7:ff:70:e6:96:dc:ab:48:
cc:74:07:27:20:de:00:6a:fb:54:33:e1:2d:24:3f:
b0:47:fa:18:cb:43:f5:29:c4:01:ff:0b:30:a3:fb:
09:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:8F:AF:E8:E2:C2:CF:09:65:06:21:A2:57:E7:B4:3E:C6:23:0A:C3
X509v3 Authority Key Identifier:
keyid:AF:AD:F7:C5:F8:2D:BC:0B:1D:BA:32:82:86:2D:53:EC:88:7D:5C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r633xfgtvAsdujKChi1T7Ih9XGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/cd33d5-7bba-49e4-9ab0-78f6c804773d/1/H4-v6OLCzwllBiGiV-e0PsYjCsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/cd33d5-7bba-49e4-9ab0-78f6c804773d/1/r633xfgtvAsdujKChi1T7Ih9XGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.56.0/22
Signature Algorithm: sha256WithRSAEncryption
21:e9:50:f4:ba:23:10:4a:ed:7f:e2:c1:02:f1:a4:a5:a3:f4:
8c:0b:de:b5:94:7e:c8:7e:04:9d:16:4a:e5:c7:a1:75:db:c4:
8d:3b:c4:49:ae:fe:00:ec:d5:71:c7:2c:12:87:93:ee:e1:5e:
f9:a9:cc:ef:90:fd:ef:92:e1:f7:29:98:47:58:7d:f2:10:84:
65:89:a7:93:a7:ca:df:e5:e5:e1:71:88:4f:81:db:95:d0:5b:
d2:d5:aa:78:c2:87:ce:c7:0c:10:e0:90:6d:78:2d:df:95:7d:
c7:5f:63:96:13:ce:ac:83:27:e7:82:b0:65:b8:be:85:1d:18:
72:d9:ae:94:27:6b:4d:b5:64:96:4b:87:66:13:93:ab:c4:c5:
60:c8:54:6c:ab:95:d9:f7:71:b5:a6:c2:a7:73:fd:8f:cf:f3:
55:1c:ce:03:8b:b1:bf:09:a9:fb:3a:ec:0d:50:35:25:a1:fe:
97:f7:1b:12:5c:3a:4e:5a:f5:b2:b1:15:c5:6a:7a:37:a4:03:
37:4d:0e:41:f9:7f:cb:4c:cd:41:1c:33:57:22:ba:59:99:a7:
f0:e3:60:80:72:95:46:15:91:f9:47:a4:c8:e5:0d:16:2f:d3:
4d:85:b6:03:94:45:51:da:39:23:07:40:67:cc:f6:52:f1:3a:
ec:17:56:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGUIHv9H4R2OvjKbBbbM2qnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYWRmN2M1ZjgyZGJjMGIxZGJhMzI4Mjg2MmQ1M2VjODg3
ZDVjNjYwHhcNMjQwODI3MTM1NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjhmYWZlOGUyYzJjZjA5NjUwNjIxYTI1N2U3YjQzZWM2MjMwYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNqdontGJeu7u8BoKz35h9GhKuLE
nwNyXkp0SzcVF7m9K6ux/JI5WoxYwOIBeIhqd4SxSL64O1sL26b7cYOC+ZCAc59+
a3Rl1lcGSu9UCrjKHiEjSwD5/4zz56fiXd7EW8/gbP8HfzomsZpBTV0Up0EU3AE4
sDvoMcTMkj2vbXAwqDWU5TPr6EKPMN42KvUR+PaJCCol6V8clOyTSE27Xa6xyyR9
7+K1p2RlBoXohebiH3Tz/WeBp/BHVZifvMU/1aoKXTBAMAgtxdwpoyaJmZ8p4fDU
Pzxnt/9w5pbcq0jMdAcnIN4AavtUM+EtJD+wR/oYy0P1KcQB/wswo/sJUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB+Pr+jiws8JZQYholfntD7GIwrDMB8GA1UdIwQY
MBaAFK+t98X4LbwLHboygoYtU+yIfVxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjYzM3hmZ3R2QXNkdWpLQ2hpMVQ3SWg5WEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jZDMzZDUtN2JiYS00OWU0LTlhYjAt
NzhmNmM4MDQ3NzNkLzEvSDQtdjZPTEN6d2xsQmlHaVYtZTBQc1lqQ3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jZDMzZDUtN2JiYS00OWU0LTlhYjAtNzhmNmM4MDQ3NzNk
LzEvcjYzM3hmZ3R2QXNkdWpLQ2hpMVQ3SWg5WEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufA4MA0G
CSqGSIb3DQEBCwUAA4IBAQAh6VD0uiMQSu1/4sEC8aSlo/SMC961lH7IfgSdFkrl
x6F128SNO8RJrv4A7NVxxywSh5Pu4V75qczvkP3vkuH3KZhHWH3yEIRliaeTp8rf
5eXhcYhPgduV0FvS1ap4wofOxwwQ4JBteC3flX3HX2OWE86sgyfngrBluL6FHRhy
2a6UJ2tNtWSWS4dmE5OrxMVgyFRsq5XZ93G1psKnc/2Pz/NVHM4Di7G/Can7OuwN
UDUlof6X9xsSXDpOWvWysRXFano3pAM3TQ5B+X/LTM1BHDNXIrpZmafw42CAcpVG
FZH5R6TI5Q0WL9NNhbYDlEVR2jkjB0BnzPZS8TrsF1YA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:43 2025 by rpki-client