Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/ab8070-4f58-4634-9a44-387536d03a71/1/h1HXoXeXgh4-C1qt-68wYZac9Yw.roa
File: h1HXoXeXgh4-C1qt-68wYZac9Yw.roa (raw, json)
Hash identifier: Afh/pQ9Nh5SMiDBzfCRxpgodnqjYLz6W3d+MAuVtEH0=
Subject key identifier: 87:51:D7:A1:77:97:82:1E:3E:0B:5A:AD:FB:AF:30:61:96:9C:F5:8C
Certificate issuer: /CN=e22d7eae21d8baee9de6940d8ce6b29d92a9031e
Certificate serial: 018E3C3B54C203EB85399931AE4D6CBE09A1
Authority key identifier: E2:2D:7E:AE:21:D8:BA:EE:9D:E6:94:0D:8C:E6:B2:9D:92:A9:03:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4i1-riHYuu6d5pQNjOaynZKpAx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/ab8070-4f58-4634-9a44-387536d03a71/1/h1HXoXeXgh4-C1qt-68wYZac9Yw.roa
Signing time: Thu 14 Mar 2024 09:11:44 +0000
ROA not before: Thu 14 Mar 2024 09:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.138.144.0/22 maxlen: 24
2a07:ec0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3c:3b:54:c2:03:eb:85:39:99:31:ae:4d:6c:be:09:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e22d7eae21d8baee9de6940d8ce6b29d92a9031e
Validity
Not Before: Mar 14 09:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8751d7a17797821e3e0b5aadfbaf3061969cf58c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9f:61:ae:e6:56:5a:38:a9:27:bb:62:ca:4b:
7a:4d:48:e4:e7:06:62:1f:1d:cb:95:f3:d0:2a:98:
1c:03:df:8d:6e:9b:09:68:b8:41:3b:c9:5b:9b:3b:
91:a1:f8:cf:93:1e:fa:c7:f9:7c:70:46:d0:9f:2d:
cd:d3:5c:2b:38:35:e6:5e:b3:8a:aa:81:83:c2:66:
bc:0f:e3:5b:91:ed:cf:71:69:65:8e:dc:d3:37:9d:
3c:9b:e1:4b:74:97:7c:4f:0d:04:0b:23:79:5a:95:
44:a5:b2:f3:4c:d0:9a:37:ee:b9:52:6a:02:3f:c4:
f0:01:35:a9:c6:dd:c4:da:e6:de:04:05:7a:7a:d0:
27:fd:d9:94:f7:32:e4:d1:d9:46:89:4a:09:90:7c:
32:f4:e1:ae:30:5b:46:87:0c:34:79:a2:b9:f2:46:
24:cf:e0:20:4f:fe:51:7f:bb:50:0c:9a:f3:ef:65:
46:b5:ab:88:de:3f:39:8e:1e:fc:d1:52:83:3d:ce:
56:f8:e2:c3:7c:f3:97:ad:b6:67:06:f1:75:16:58:
bb:10:17:37:8c:cf:2c:5b:8a:eb:20:ce:de:10:0d:
89:e5:fa:0c:97:c5:95:0a:69:08:16:17:8f:4b:04:
3a:9c:34:65:40:f6:81:f3:a7:83:ca:d1:bd:c8:bb:
9e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:51:D7:A1:77:97:82:1E:3E:0B:5A:AD:FB:AF:30:61:96:9C:F5:8C
X509v3 Authority Key Identifier:
keyid:E2:2D:7E:AE:21:D8:BA:EE:9D:E6:94:0D:8C:E6:B2:9D:92:A9:03:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4i1-riHYuu6d5pQNjOaynZKpAx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ab8070-4f58-4634-9a44-387536d03a71/1/h1HXoXeXgh4-C1qt-68wYZac9Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ab8070-4f58-4634-9a44-387536d03a71/1/4i1-riHYuu6d5pQNjOaynZKpAx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.144.0/22
IPv6:
2a07:ec0::/29
Signature Algorithm: sha256WithRSAEncryption
4d:bf:2c:c9:c7:60:95:11:3c:c3:d2:b6:3f:cc:37:1a:7f:5b:
72:f9:5f:af:4c:7e:f7:52:9c:b9:24:b9:c9:a9:2c:19:ff:d0:
96:a8:f5:ed:0f:d8:6f:82:87:79:51:93:6b:f4:e9:04:1b:97:
c0:bc:b0:fa:65:51:30:f5:ce:10:43:67:9e:65:d7:85:28:3d:
d9:6a:b0:c2:44:17:cc:40:0c:a4:52:0a:bf:77:48:ca:46:6e:
1f:94:2b:8d:34:e1:da:0d:3c:4b:1d:4e:f6:ec:40:9d:ba:d2:
be:5b:c7:22:41:aa:3b:56:cc:dd:d9:af:dd:e5:14:1c:02:28:
24:9a:69:8e:b6:1b:8d:36:76:68:95:0a:76:0b:22:5c:dc:8d:
54:78:e5:26:15:ec:18:47:f6:3c:62:3f:69:89:5f:5a:f3:2c:
6e:63:4e:17:4a:77:cb:89:f2:f4:71:28:d7:a1:a4:9e:41:01:
e8:29:da:1a:d5:a7:74:7b:70:0a:e3:23:6d:43:a5:41:20:6c:
d9:8a:2c:50:f5:bd:13:08:4e:a3:68:74:b3:2c:a2:38:0f:1f:
cd:78:9a:af:18:7b:ad:1e:cc:4e:88:c8:39:d5:53:dd:28:74:
45:55:fe:cb:5c:a6:38:9b:c7:fb:7e:76:12:0f:70:c5:4d:c4:
5b:d8:88:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY48O1TCA+uFOZkxrk1svgmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMmQ3ZWFlMjFkOGJhZWU5ZGU2OTQwZDhjZTZiMjlkOTJh
OTAzMWUwHhcNMjQwMzE0MDkxMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzUxZDdhMTc3OTc4MjFlM2UwYjVhYWRmYmFmMzA2MTk2OWNmNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj59hruZWWjipJ7tiykt6TUjk5wZi
Hx3LlfPQKpgcA9+NbpsJaLhBO8lbmzuRofjPkx76x/l8cEbQny3N01wrODXmXrOK
qoGDwma8D+Nbke3PcWlljtzTN508m+FLdJd8Tw0ECyN5WpVEpbLzTNCaN+65UmoC
P8TwATWpxt3E2ubeBAV6etAn/dmU9zLk0dlGiUoJkHwy9OGuMFtGhww0eaK58kYk
z+AgT/5Rf7tQDJrz72VGtauI3j85jh780VKDPc5W+OLDfPOXrbZnBvF1Fli7EBc3
jM8sW4rrIM7eEA2J5foMl8WVCmkIFhePSwQ6nDRlQPaB86eDytG9yLuedwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIdR16F3l4IePgtarfuvMGGWnPWMMB8GA1UdIwQY
MBaAFOItfq4h2LruneaUDYzmsp2SqQMeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGkxLXJpSFl1dTZkNXBRTmpPYXluWktwQXg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hYjgwNzAtNGY1OC00NjM0LTlhNDQt
Mzg3NTM2ZDAzYTcxLzEvaDFIWG9YZVhnaDQtQzFxdC02OHdZWmFjOVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hYjgwNzAtNGY1OC00NjM0LTlhNDQtMzg3NTM2ZDAzYTcx
LzEvNGkxLXJpSFl1dTZkNXBRTmpPYXluWktwQXg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYqQMA0E
AgACMAcDBQMqBw7AMA0GCSqGSIb3DQEBCwUAA4IBAQBNvyzJx2CVETzD0rY/zDca
f1ty+V+vTH73Upy5JLnJqSwZ/9CWqPXtD9hvgod5UZNr9OkEG5fAvLD6ZVEw9c4Q
Q2eeZdeFKD3ZarDCRBfMQAykUgq/d0jKRm4flCuNNOHaDTxLHU727ECdutK+W8ci
Qao7Vszd2a/d5RQcAigkmmmOthuNNnZolQp2CyJc3I1UeOUmFewYR/Y8Yj9piV9a
8yxuY04XSnfLifL0cSjXoaSeQQHoKdoa1ad0e3AK4yNtQ6VBIGzZiixQ9b0TCE6j
aHSzLKI4Dx/NeJqvGHutHsxOiMg51VPdKHRFVf7LXKY4m8f7fnYSD3DFTcRb2Ihy
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:12 2025 by rpki-client