Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/YAzqJTAOJGoBogRvsCrcVfTlhPc.roa
File: YAzqJTAOJGoBogRvsCrcVfTlhPc.roa (raw, json)
Hash identifier: 8KBj9ywO0r4zquX0fP/ToRPT6xWcRxSpYDctUaH9NWI=
Subject key identifier: 60:0C:EA:25:30:0E:24:6A:01:A2:04:6F:B0:2A:DC:55:F4:E5:84:F7
Certificate issuer: /CN=d81bef5a1a31ef5cfc036b9c2b70a42abd04007e
Certificate serial: 01907EA4A8264FBF8BD7FB2A9F273B18195E
Authority key identifier: D8:1B:EF:5A:1A:31:EF:5C:FC:03:6B:9C:2B:70:A4:2A:BD:04:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BvvWhox71z8A2ucK3CkKr0EAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/YAzqJTAOJGoBogRvsCrcVfTlhPc.roa
Signing time: Thu 04 Jul 2024 16:47:18 +0000
ROA not before: Thu 04 Jul 2024 16:47:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204536
IP address blocks: 185.87.180.0/22 maxlen: 22
185.87.180.0/24 maxlen: 24
185.87.181.0/24 maxlen: 24
185.87.182.0/24 maxlen: 24
185.87.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7e:a4:a8:26:4f:bf:8b:d7:fb:2a:9f:27:3b:18:19:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d81bef5a1a31ef5cfc036b9c2b70a42abd04007e
Validity
Not Before: Jul 4 16:47:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=600cea25300e246a01a2046fb02adc55f4e584f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:40:d3:7b:8d:97:c5:2a:c7:45:95:2d:30:dd:
28:fc:ed:9b:be:ec:d9:6e:5d:ee:93:1c:2b:e1:5d:
e9:3e:e2:db:e4:bd:2f:ea:2e:b3:2e:41:4a:95:1e:
92:ba:08:60:1f:f2:56:3b:d5:b0:2a:e7:fe:f2:f1:
c6:aa:99:5b:dc:d5:b8:4c:6b:b2:69:d8:f6:7d:c5:
bc:1d:26:d0:5d:4e:97:98:14:08:fb:a5:8c:46:ad:
de:32:ff:d6:5b:df:b4:d9:25:ee:e6:0c:91:de:2a:
a4:59:45:bd:1f:d2:05:26:64:85:50:b4:70:89:32:
08:39:7c:87:30:16:85:2c:d6:6f:2d:08:6a:b2:fc:
7f:dd:40:73:93:23:45:d6:aa:42:bd:b9:94:47:79:
8f:92:ab:ba:13:9d:59:e1:f4:20:d9:f8:e8:57:a3:
63:70:28:fd:0f:86:0e:04:1a:e2:f7:aa:06:0d:4b:
52:05:37:25:ff:31:47:ac:7a:75:ef:25:79:26:84:
aa:eb:a6:9d:36:bb:e3:ea:b3:05:25:d3:71:ac:91:
e1:2e:ac:86:3c:9d:55:c0:4c:70:51:eb:ce:9b:f2:
6d:93:f6:ce:25:59:4e:f5:31:76:70:56:c0:ad:22:
81:6c:d6:56:09:f7:53:ab:d1:b6:57:0d:8f:25:4c:
fa:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0C:EA:25:30:0E:24:6A:01:A2:04:6F:B0:2A:DC:55:F4:E5:84:F7
X509v3 Authority Key Identifier:
keyid:D8:1B:EF:5A:1A:31:EF:5C:FC:03:6B:9C:2B:70:A4:2A:BD:04:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BvvWhox71z8A2ucK3CkKr0EAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/YAzqJTAOJGoBogRvsCrcVfTlhPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/56ebd2-8185-48bd-bbd4-9ceeba8ba24c/1/2BvvWhox71z8A2ucK3CkKr0EAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.180.0/22
Signature Algorithm: sha256WithRSAEncryption
67:a0:a8:c3:e6:36:d2:8a:67:d1:50:de:5a:17:23:00:95:48:
88:5d:73:d1:a6:da:b3:d1:49:19:27:94:0c:b8:5e:78:9e:9c:
df:fa:52:28:98:64:01:6c:2e:7a:ed:c3:7a:d1:67:81:8a:d1:
22:2d:00:ac:c3:cf:2f:ca:76:d3:7e:ec:18:ce:ef:a9:49:33:
40:d0:fb:c3:9a:ea:25:9d:c2:47:12:5d:e4:db:f7:22:45:08:
b9:5e:ad:d3:24:19:ef:b8:c0:0b:c6:4f:8d:b2:d3:f0:37:84:
d9:0f:21:27:de:36:85:c5:76:8e:ca:b1:63:4a:14:4b:50:e5:
9e:33:4d:49:3c:dd:b8:e6:61:fd:06:d5:4c:16:f4:65:08:0b:
06:01:0b:ef:e5:49:94:8e:d2:89:e8:7e:5f:c3:dc:ea:06:fa:
7b:0f:47:01:0e:8c:17:07:39:93:db:87:3c:63:a6:af:9f:23:
65:e6:bc:77:e5:1f:c9:58:ae:d7:e5:f1:b6:9f:3c:3a:20:ae:
12:c8:0d:f1:38:dc:bd:16:bf:59:d3:53:cd:3e:6f:2e:e4:63:
56:74:dc:5c:12:b8:95:6c:76:66:20:d4:a3:d1:73:e7:fb:b8:
9d:53:e0:92:ff:e3:95:5a:f3:25:fd:6e:a1:fb:8a:f7:11:d8:
e7:ee:7e:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZB+pKgmT7+L1/sqnyc7GBleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWJlZjVhMWEzMWVmNWNmYzAzNmI5YzJiNzBhNDJhYmQw
NDAwN2UwHhcNMjQwNzA0MTY0NzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDBjZWEyNTMwMGUyNDZhMDFhMjA0NmZiMDJhZGM1NWY0ZTU4NGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEDTe42XxSrHRZUtMN0o/O2bvuzZ
bl3ukxwr4V3pPuLb5L0v6i6zLkFKlR6SughgH/JWO9WwKuf+8vHGqplb3NW4TGuy
adj2fcW8HSbQXU6XmBQI+6WMRq3eMv/WW9+02SXu5gyR3iqkWUW9H9IFJmSFULRw
iTIIOXyHMBaFLNZvLQhqsvx/3UBzkyNF1qpCvbmUR3mPkqu6E51Z4fQg2fjoV6Nj
cCj9D4YOBBri96oGDUtSBTcl/zFHrHp17yV5JoSq66adNrvj6rMFJdNxrJHhLqyG
PJ1VwExwUevOm/Jtk/bOJVlO9TF2cFbArSKBbNZWCfdTq9G2Vw2PJUz6dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGAM6iUwDiRqAaIEb7Aq3FX05YT3MB8GA1UdIwQY
MBaAFNgb71oaMe9c/ANrnCtwpCq9BAB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ2dldob3g3MXo4QTJ1Y0szQ2tLcjBFQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81NmViZDItODE4NS00OGJkLWJiZDQt
OWNlZWJhOGJhMjRjLzEvWUF6cUpUQU9KR29Cb2dSdnNDcmNWZlRsaFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81NmViZDItODE4NS00OGJkLWJiZDQtOWNlZWJhOGJhMjRj
LzEvMkJ2dldob3g3MXo4QTJ1Y0szQ2tLcjBFQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVe0MA0G
CSqGSIb3DQEBCwUAA4IBAQBnoKjD5jbSimfRUN5aFyMAlUiIXXPRptqz0UkZJ5QM
uF54npzf+lIomGQBbC567cN60WeBitEiLQCsw88vynbTfuwYzu+pSTNA0PvDmuol
ncJHEl3k2/ciRQi5Xq3TJBnvuMALxk+NstPwN4TZDyEn3jaFxXaOyrFjShRLUOWe
M01JPN245mH9BtVMFvRlCAsGAQvv5UmUjtKJ6H5fw9zqBvp7D0cBDowXBzmT24c8
Y6avnyNl5rx35R/JWK7X5fG2nzw6IK4SyA3xONy9Fr9Z01PNPm8u5GNWdNxcEriV
bHZmINSj0XPn+7idU+CS/+OVWvMl/W6h+4r3Edjn7n5n
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:45 2025 by rpki-client