Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/ctWFH1ySbgchwWT6f6J1MHrvh7Y.roa
File: ctWFH1ySbgchwWT6f6J1MHrvh7Y.roa (raw, json)
Hash identifier: L9kZblqKsjrnv5/pGa4SAUVVVjAL4wo0t6ObKEw1TQE=
Subject key identifier: 72:D5:85:1F:5C:92:6E:07:21:C1:64:FA:7F:A2:75:30:7A:EF:87:B6
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 0190FE79F911C71C137762D505EEAB16991C
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/ctWFH1ySbgchwWT6f6J1MHrvh7Y.roa
Signing time: Mon 29 Jul 2024 12:32:04 +0000
ROA not before: Mon 29 Jul 2024 12:32:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 185.123.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Nov 2024 13:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:79:f9:11:c7:1c:13:77:62:d5:05:ee:ab:16:99:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jul 29 12:32:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72d5851f5c926e0721c164fa7fa275307aef87b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e0:f9:07:72:89:e0:da:0c:1b:d2:b9:e2:c1:
c7:28:d7:2b:7e:c0:e8:c5:66:31:09:3f:fc:bb:ae:
81:86:a5:e0:8b:87:d1:ba:fe:e5:8d:87:67:7f:f4:
5d:7c:6f:9b:b6:c4:c4:69:da:7d:c3:6e:81:78:a6:
1a:65:de:a2:32:f7:d4:00:35:81:36:ce:b0:5c:22:
7c:a7:43:ef:45:28:3f:3f:f7:e6:f6:3f:3e:ef:72:
17:88:e0:5d:77:db:51:f0:75:64:3b:bc:ff:70:20:
2f:31:26:93:f4:16:14:3e:6a:a5:da:50:46:cc:af:
a0:34:3a:1d:e0:7e:cb:cc:64:d4:b4:89:77:79:7d:
09:1c:91:a8:2f:24:33:b1:be:70:f7:fd:95:08:17:
06:7d:3f:17:85:0c:b7:d8:c9:aa:77:5d:50:bd:8b:
7a:31:07:60:4b:02:af:31:47:f9:19:3e:0d:c7:34:
6c:cd:ca:b8:4b:7d:88:4a:4c:66:97:c6:0a:73:64:
ba:18:a8:5f:50:e1:3c:49:c5:12:34:b2:4b:a7:93:
17:03:a1:0d:6a:87:08:77:0b:2d:a8:7c:ee:19:c4:
5a:b0:17:30:dd:14:a0:f4:5e:ba:69:02:7f:e2:99:
d2:5c:50:1f:10:86:2b:90:1f:41:13:9f:99:71:c7:
99:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D5:85:1F:5C:92:6E:07:21:C1:64:FA:7F:A2:75:30:7A:EF:87:B6
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/ctWFH1ySbgchwWT6f6J1MHrvh7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.120.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:aa:0c:8d:4e:91:fd:21:32:94:b3:bf:45:9e:1a:66:f0:7f:
b1:5f:ed:fc:29:92:85:a5:91:ad:09:4f:4d:5e:ee:af:fa:31:
f1:2a:8b:b5:52:69:df:2b:08:bf:2c:63:47:c2:2f:c2:a9:c0:
f4:d6:01:f4:f4:db:2b:01:71:03:76:5b:eb:3a:0d:26:1d:09:
b0:ca:0b:d9:fa:b4:8d:77:db:34:f2:3e:4c:d1:18:86:45:78:
c9:a9:93:eb:a2:e5:8f:88:10:e0:1e:55:94:92:6f:7b:42:61:
f0:79:15:bc:65:98:57:bd:9b:36:4d:81:c4:87:33:4e:84:f2:
e0:31:9f:01:9b:6d:a0:19:05:b0:09:29:bd:4e:c0:d1:6c:d1:
24:f7:21:5b:fa:a0:37:35:bc:ee:fc:2f:fd:48:09:d1:81:62:
83:c5:09:84:4d:b2:10:18:bc:ca:df:28:57:0a:ea:96:d4:66:
0e:74:fd:46:21:bb:58:bb:6b:70:fb:37:fb:0e:2f:01:a5:cb:
30:5a:26:3a:fa:77:15:2c:a7:ab:ad:f2:7f:36:f5:db:dc:51:
8f:f1:42:5e:bc:6b:19:76:cc:e2:60:ed:32:37:2f:db:26:ae:
0f:f2:78:ae:2d:db:95:c6:e2:d1:60:83:43:ff:93:0b:6f:25:
71:d0:35:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZD+efkRxxwTd2LVBe6rFpkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjQwNzI5MTIzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ1ODUxZjVjOTI2ZTA3MjFjMTY0ZmE3ZmEyNzUzMDdhZWY4N2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOD5B3KJ4NoMG9K54sHHKNcrfsDo
xWYxCT/8u66BhqXgi4fRuv7ljYdnf/RdfG+btsTEadp9w26BeKYaZd6iMvfUADWB
Ns6wXCJ8p0PvRSg/P/fm9j8+73IXiOBdd9tR8HVkO7z/cCAvMSaT9BYUPmql2lBG
zK+gNDod4H7LzGTUtIl3eX0JHJGoLyQzsb5w9/2VCBcGfT8XhQy32Mmqd11QvYt6
MQdgSwKvMUf5GT4NxzRszcq4S32ISkxml8YKc2S6GKhfUOE8ScUSNLJLp5MXA6EN
aocIdwstqHzuGcRasBcw3RSg9F66aQJ/4pnSXFAfEIYrkB9BE5+ZcceZLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHLVhR9ckm4HIcFk+n+idTB674e2MB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvY3RXRkgxeVNiZ2Nod1dUNmY2SjFNSHJ2aDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXt4MA0G
CSqGSIb3DQEBCwUAA4IBAQCbqgyNTpH9ITKUs79Fnhpm8H+xX+38KZKFpZGtCU9N
Xu6v+jHxKou1UmnfKwi/LGNHwi/CqcD01gH09NsrAXEDdlvrOg0mHQmwygvZ+rSN
d9s08j5M0RiGRXjJqZProuWPiBDgHlWUkm97QmHweRW8ZZhXvZs2TYHEhzNOhPLg
MZ8Bm22gGQWwCSm9TsDRbNEk9yFb+qA3Nbzu/C/9SAnRgWKDxQmETbIQGLzK3yhX
CuqW1GYOdP1GIbtYu2tw+zf7Di8BpcswWiY6+ncVLKerrfJ/NvXb3FGP8UJevGsZ
dsziYO0yNy/bJq4P8niuLduVxuLRYIND/5MLbyVx0DXj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:19 2025 by rpki-client