Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/cb53fc-7096-4594-91b1-d92785a61219/1/F4ErRxrvapvTYjpetMhUHvAhh1k.roa
File: F4ErRxrvapvTYjpetMhUHvAhh1k.roa (raw, json)
Hash identifier: tmIVIapfLiVcsDn31gcOTrsPYdK6raoMZ8Dzyl+h48A=
Subject key identifier: 17:81:2B:47:1A:EF:6A:9B:D3:62:3A:5E:B4:C8:54:1E:F0:21:87:59
Certificate issuer: /CN=3812c97dbd32195b6afa91140b5520b5e0c2c5be
Certificate serial: 018CC7953E289A7381C21CB31FA03D10C924
Authority key identifier: 38:12:C9:7D:BD:32:19:5B:6A:FA:91:14:0B:55:20:B5:E0:C2:C5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBLJfb0yGVtq-pEUC1UgteDCxb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/cb53fc-7096-4594-91b1-d92785a61219/1/F4ErRxrvapvTYjpetMhUHvAhh1k.roa
Signing time: Tue 02 Jan 2024 00:31:35 +0000
ROA not before: Tue 02 Jan 2024 00:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44322
IP address blocks: 185.83.240.0/22 maxlen: 24
2a05:a000::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:3e:28:9a:73:81:c2:1c:b3:1f:a0:3d:10:c9:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3812c97dbd32195b6afa91140b5520b5e0c2c5be
Validity
Not Before: Jan 2 00:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17812b471aef6a9bd3623a5eb4c8541ef0218759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e6:99:b3:7e:4b:0a:94:c3:07:f8:cf:9a:8b:
57:1f:f4:87:a1:86:9e:8c:9d:54:0c:97:96:80:70:
b9:13:42:2c:6f:bd:97:37:3f:a4:19:21:d1:35:0c:
df:92:ab:57:a0:2b:09:41:6d:86:23:c1:6a:8f:1f:
64:99:28:42:26:8b:ab:8c:d5:e3:96:75:c7:41:08:
16:88:46:52:c7:47:85:44:6d:18:23:3d:fd:fc:b8:
a5:6d:66:4f:57:be:aa:71:17:a4:e0:85:27:25:18:
0b:fb:68:96:96:5f:5d:95:62:11:e8:e7:33:b3:57:
29:42:52:07:1e:7a:ac:67:28:f1:03:a8:52:97:a4:
65:5a:32:60:2a:32:41:ea:39:18:4f:d8:76:40:52:
d3:ea:4e:96:1d:15:93:36:8d:a0:3c:c2:d7:86:6b:
e3:e0:7f:d8:36:e1:b7:04:4f:17:6f:69:dc:b6:23:
56:f2:1f:ea:04:13:fa:0b:3a:c4:6c:71:51:d7:54:
4f:51:39:c0:7e:30:63:59:74:c7:21:ee:b9:ff:7f:
3f:c0:cb:bf:02:e5:fc:01:9c:ea:81:66:8f:1e:58:
6e:f2:87:5e:15:cc:93:2c:bc:ce:ce:0a:d0:12:e5:
48:4b:4c:ee:11:fa:23:9d:8d:6e:a1:89:11:5e:c5:
32:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:81:2B:47:1A:EF:6A:9B:D3:62:3A:5E:B4:C8:54:1E:F0:21:87:59
X509v3 Authority Key Identifier:
keyid:38:12:C9:7D:BD:32:19:5B:6A:FA:91:14:0B:55:20:B5:E0:C2:C5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBLJfb0yGVtq-pEUC1UgteDCxb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cb53fc-7096-4594-91b1-d92785a61219/1/F4ErRxrvapvTYjpetMhUHvAhh1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cb53fc-7096-4594-91b1-d92785a61219/1/OBLJfb0yGVtq-pEUC1UgteDCxb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.240.0/22
IPv6:
2a05:a000::/29
Signature Algorithm: sha256WithRSAEncryption
a8:83:8e:11:ba:49:0a:8e:98:aa:6f:4b:39:32:fc:c0:3a:49:
83:24:97:b6:90:71:e4:98:d5:2d:f9:50:4a:4f:23:58:85:02:
6a:38:74:ab:c5:ad:f4:53:df:44:9a:b8:b0:2c:76:a8:20:1b:
9b:19:a6:7e:f0:19:73:bd:a8:fa:4b:2c:95:fe:44:66:36:a2:
1d:15:6f:cd:55:d3:ad:77:47:df:d9:ae:87:d6:34:d1:de:89:
aa:f1:e5:08:15:8c:ef:65:ca:93:56:3a:17:58:e9:11:af:02:
56:2a:c4:9c:12:63:3f:73:e5:66:d5:45:91:63:b5:98:5a:f4:
eb:6b:af:bc:c4:c0:27:6c:71:a1:18:d2:1b:79:aa:91:4b:46:
cd:92:8b:4f:80:a9:6e:eb:ca:80:c6:fa:22:5d:cc:29:1e:68:
1a:94:ea:a5:bf:2c:14:e6:d4:2a:25:e7:2c:5e:aa:c9:53:c7:
3b:6c:d1:25:2b:4f:e0:e9:f3:e8:df:1a:df:41:c2:13:7d:6b:
3b:ca:20:1b:9b:e6:8f:68:a3:50:ac:54:2e:87:86:ea:09:3d:
08:73:cc:e0:9d:06:48:bb:e1:6a:88:5e:29:72:e8:c7:8f:a2:
9a:62:a7:3a:17:a7:d7:66:57:be:d7:8f:b6:4f:7e:51:13:d9:
e0:40:e6:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlT4omnOBwhyzH6A9EMkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MTJjOTdkYmQzMjE5NWI2YWZhOTExNDBiNTUyMGI1ZTBj
MmM1YmUwHhcNMjQwMTAyMDAzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzgxMmI0NzFhZWY2YTliZDM2MjNhNWViNGM4NTQxZWYwMjE4NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguaZs35LCpTDB/jPmotXH/SHoYae
jJ1UDJeWgHC5E0Isb72XNz+kGSHRNQzfkqtXoCsJQW2GI8Fqjx9kmShCJourjNXj
lnXHQQgWiEZSx0eFRG0YIz39/LilbWZPV76qcRek4IUnJRgL+2iWll9dlWIR6Ocz
s1cpQlIHHnqsZyjxA6hSl6RlWjJgKjJB6jkYT9h2QFLT6k6WHRWTNo2gPMLXhmvj
4H/YNuG3BE8Xb2nctiNW8h/qBBP6CzrEbHFR11RPUTnAfjBjWXTHIe65/38/wMu/
AuX8AZzqgWaPHlhu8odeFcyTLLzOzgrQEuVIS0zuEfojnY1uoYkRXsUy9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBeBK0ca72qb02I6XrTIVB7wIYdZMB8GA1UdIwQY
MBaAFDgSyX29MhlbavqRFAtVILXgwsW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0JMSmZiMHlHVnRxLXBFVUMxVWd0ZURDeGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9jYjUzZmMtNzA5Ni00NTk0LTkxYjEt
ZDkyNzg1YTYxMjE5LzEvRjRFclJ4cnZhcHZUWWpwZXRNaFVIdkFoaDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9jYjUzZmMtNzA5Ni00NTk0LTkxYjEtZDkyNzg1YTYxMjE5
LzEvT0JMSmZiMHlHVnRxLXBFVUMxVWd0ZURDeGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVPwMA0E
AgACMAcDBQMqBaAAMA0GCSqGSIb3DQEBCwUAA4IBAQCog44RukkKjpiqb0s5MvzA
OkmDJJe2kHHkmNUt+VBKTyNYhQJqOHSrxa30U99EmriwLHaoIBubGaZ+8Blzvaj6
SyyV/kRmNqIdFW/NVdOtd0ff2a6H1jTR3omq8eUIFYzvZcqTVjoXWOkRrwJWKsSc
EmM/c+Vm1UWRY7WYWvTra6+8xMAnbHGhGNIbeaqRS0bNkotPgKlu68qAxvoiXcwp
HmgalOqlvywU5tQqJecsXqrJU8c7bNElK0/g6fPo3xrfQcITfWs7yiAbm+aPaKNQ
rFQuh4bqCT0Ic8zgnQZIu+FqiF4pcujHj6KaYqc6F6fXZle+14+2T35RE9ngQOZW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:57 2025 by rpki-client