Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/4W92b3JBqZ3lQmAaoO5U5rBZ3Ic.roa
File: 4W92b3JBqZ3lQmAaoO5U5rBZ3Ic.roa (raw, json)
Hash identifier: WWWvlCtYnrFwCeyE9GjN/13mnnjgXSsQRU/GlTGuCU0=
Subject key identifier: E1:6F:76:6F:72:41:A9:9D:E5:42:60:1A:A0:EE:54:E6:B0:59:DC:87
Certificate issuer: /CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Certificate serial: 018CC5DCB2304DFE1F934C624595423F652B
Authority key identifier: 4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/4W92b3JBqZ3lQmAaoO5U5rBZ3Ic.roa
Signing time: Mon 01 Jan 2024 16:30:24 +0000
ROA not before: Mon 01 Jan 2024 16:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205766
IP address blocks: 185.26.156.0/24 maxlen: 24
2a00:d0c0:200::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:b2:30:4d:fe:1f:93:4c:62:45:95:42:3f:65:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Validity
Not Before: Jan 1 16:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e16f766f7241a99de542601aa0ee54e6b059dc87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:51:31:26:fc:4c:e6:fb:e0:b1:0c:25:bc:d8:
0e:4b:f5:19:fe:c2:9f:37:26:9a:ec:96:9c:26:50:
c0:54:31:f6:46:12:fa:45:a2:0f:ad:2b:41:af:8f:
4d:39:c7:a1:e2:0e:73:fa:a7:70:a6:b1:c6:90:89:
ea:f4:ce:f3:b1:35:3d:5a:56:9b:22:71:43:df:b9:
43:0d:9f:e3:6a:fd:5a:95:53:36:ff:d2:99:91:ba:
da:68:1a:64:75:8a:57:c3:9d:82:09:1b:48:02:9f:
76:66:b9:4c:17:8e:f1:f1:6c:9d:a3:fd:62:50:0d:
84:a2:98:d7:51:72:d4:77:16:3e:7e:c7:65:5e:66:
41:6a:43:d9:ad:45:bc:f3:5c:7b:3f:85:cf:2d:0b:
a3:b2:b1:d4:d1:45:9c:55:c2:18:a9:32:93:5b:73:
96:59:32:bd:b6:1c:4b:56:fc:40:39:72:ca:cc:37:
80:dd:f4:e7:92:ad:49:79:33:e8:f7:0a:f6:7a:1b:
ff:8b:4d:72:ce:59:d4:06:95:b6:7f:68:3f:32:c2:
68:90:3e:15:37:ed:1c:51:67:e4:9d:38:12:0e:4b:
9a:7a:76:23:81:0d:dd:07:f4:21:37:a1:15:e3:85:
49:26:34:f9:99:7f:e1:ae:73:af:b4:1d:5c:45:dd:
bf:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:6F:76:6F:72:41:A9:9D:E5:42:60:1A:A0:EE:54:E6:B0:59:DC:87
X509v3 Authority Key Identifier:
keyid:4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/4W92b3JBqZ3lQmAaoO5U5rBZ3Ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.156.0/24
IPv6:
2a00:d0c0:200::/48
Signature Algorithm: sha256WithRSAEncryption
0f:a0:cd:78:44:47:6b:ab:73:73:cf:7f:f3:7e:57:0a:0e:3f:
51:13:49:27:a2:92:1f:05:e1:84:e3:c8:9d:c4:8a:1e:3b:5b:
4a:ed:14:52:cf:36:ef:bf:69:a3:51:d9:f3:58:57:ed:ba:16:
6e:c6:6b:39:ba:e8:6e:ce:1f:da:06:39:a9:03:67:85:97:24:
17:cf:2a:7f:67:c9:eb:d7:04:6b:99:cc:bb:44:2a:c8:8e:4c:
19:d8:e3:bd:a5:99:9e:39:d8:a4:f3:34:93:a2:ac:ab:fb:0d:
aa:75:6b:de:7f:d5:17:fe:52:bd:7d:ba:28:9d:ed:0c:60:a9:
9b:bc:55:e3:06:79:eb:c9:76:cb:7a:6c:75:a8:70:25:d7:d5:
6e:b7:b4:a4:3f:0a:f1:8b:44:97:a2:47:0a:50:99:72:01:a0:
94:56:4b:9d:3c:cd:ee:7d:aa:0e:f0:72:3b:bd:01:31:de:44:
da:1a:f6:fc:78:03:2e:7f:6c:b9:e8:4d:df:a2:42:a2:64:3f:
a3:3c:9a:d3:01:3b:07:3d:82:a3:a4:bc:34:84:c3:02:39:03:
1a:17:70:97:cc:4c:e9:47:76:11:7b:c2:04:7b:53:1e:d0:9b:
eb:4c:7a:35:bc:6f:4c:57:ca:16:c8:3a:31:d8:86:d5:70:ee:
eb:7d:60:63
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3LIwTf4fk0xiRZVCP2UrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmODk1ZmYwZTk5YTc3YzAxN2U4YTM4MzI5MmNiNWM2Zjgy
NjExMjAwHhcNMjQwMTAxMTYzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTZmNzY2ZjcyNDFhOTlkZTU0MjYwMWFhMGVlNTRlNmIwNTlkYzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1ExJvxM5vvgsQwlvNgOS/UZ/sKf
Nyaa7JacJlDAVDH2RhL6RaIPrStBr49NOceh4g5z+qdwprHGkInq9M7zsTU9Wlab
InFD37lDDZ/jav1alVM2/9KZkbraaBpkdYpXw52CCRtIAp92ZrlMF47x8Wydo/1i
UA2EopjXUXLUdxY+fsdlXmZBakPZrUW881x7P4XPLQujsrHU0UWcVcIYqTKTW3OW
WTK9thxLVvxAOXLKzDeA3fTnkq1JeTPo9wr2ehv/i01yzlnUBpW2f2g/MsJokD4V
N+0cUWfknTgSDkuaenYjgQ3dB/QhN6EV44VJJjT5mX/hrnOvtB1cRd2/PwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOFvdm9yQamd5UJgGqDuVOawWdyHMB8GA1UdIwQY
MBaAFE+JX/DpmnfAF+ijgykstcb4JhEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTkt
ZDA1Mzc0NWMyYWNjLzEvNFc5MmIzSkJxWjNsUW1BYW9PNVU1ckJaM0ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTktZDA1Mzc0NWMyYWNj
LzEvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuRqcMA8E
AgACMAkDBwAqANDAAgAwDQYJKoZIhvcNAQELBQADggEBAA+gzXhER2urc3PPf/N+
VwoOP1ETSSeikh8F4YTjyJ3Eih47W0rtFFLPNu+/aaNR2fNYV+26Fm7Gazm66G7O
H9oGOakDZ4WXJBfPKn9nyevXBGuZzLtEKsiOTBnY472lmZ452KTzNJOirKv7Dap1
a95/1Rf+Ur19uiid7QxgqZu8VeMGeevJdst6bHWocCXX1W63tKQ/CvGLRJeiRwpQ
mXIBoJRWS508ze59qg7wcju9ATHeRNoa9vx4Ay5/bLnoTd+iQqJkP6M8mtMBOwc9
gqOkvDSEwwI5AxoXcJfMTOlHdhF7wgR7Ux7Qm+tMejW8b0xXyhbIOjHYhtVw7ut9
YGM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:20 2025 by rpki-client