Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/I8HSDE1gsvJlroa8hx4YWUf8OtQ.roa
File: I8HSDE1gsvJlroa8hx4YWUf8OtQ.roa (raw, json)
Hash identifier: dWyz3gM0dUHPN+n9QXGvQKGWk2EfMD9yJUsE0B4yXKM=
Subject key identifier: 23:C1:D2:0C:4D:60:B2:F2:65:AE:86:BC:87:1E:18:59:47:FC:3A:D4
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AEEBC34832649EE20BC0B0858B1560
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/I8HSDE1gsvJlroa8hx4YWUf8OtQ.roa
Signing time: Tue 26 Nov 2024 13:35:14 +0000
ROA not before: Tue 26 Nov 2024 13:35:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396540
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:ae:eb:c3:48:32:64:9e:e2:0b:c0:b0:85:8b:15:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23c1d20c4d60b2f265ae86bc871e185947fc3ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:ca:d4:d1:a4:b2:a7:95:d3:70:5f:99:80:38:
95:31:3a:d0:cd:3d:93:f6:a8:ef:02:92:16:99:df:
75:fa:84:3c:40:3b:5e:3a:8f:3a:b3:52:c9:f3:97:
30:35:3d:76:16:ef:bf:6b:0f:bf:3c:7f:66:af:44:
d5:96:34:5c:65:f9:71:ef:f5:d0:be:0a:6b:ee:aa:
20:98:56:04:c1:2a:b1:23:69:72:50:b0:35:8d:ee:
c4:e8:2a:37:9c:3b:d0:a3:dc:4e:7e:54:c5:d3:30:
a2:1a:b8:74:5e:99:39:25:49:e9:1f:b7:19:ca:bb:
fb:cf:40:3f:13:68:7d:42:ae:5a:e7:62:d7:12:aa:
58:b8:21:2b:ed:5a:4f:58:5b:ec:bc:d9:ea:6e:eb:
86:f2:89:6a:71:b5:22:60:4a:e5:14:64:7b:0b:af:
04:84:3f:4b:41:90:c5:66:6c:d3:01:e4:f7:c2:ea:
dc:84:cd:d8:29:4a:34:f3:95:9b:63:4c:fc:15:2a:
9a:ae:23:c4:e3:8d:cc:76:06:9b:1d:26:74:3b:17:
a3:e6:fb:30:21:f0:49:27:cb:1a:a9:17:db:be:0a:
39:5a:25:5f:f9:8b:50:c5:1a:c9:ff:9f:69:5e:99:
7a:12:5c:a0:cf:11:92:ad:3c:86:e2:44:71:58:27:
d1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C1:D2:0C:4D:60:B2:F2:65:AE:86:BC:87:1E:18:59:47:FC:3A:D4
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/I8HSDE1gsvJlroa8hx4YWUf8OtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
b6:8f:be:9f:73:2c:5e:7f:af:27:ec:05:e3:1f:c2:d5:3e:8b:
3a:51:0e:3c:12:e0:1d:29:4a:6c:77:ba:83:04:01:6f:ba:da:
21:16:50:20:7c:c8:2d:1b:5d:6c:33:e9:b6:d0:57:61:1d:b9:
b9:3b:aa:58:02:64:75:c5:47:41:bd:ee:30:f2:c7:f4:0e:f5:
44:e9:aa:27:03:a7:bc:32:b5:00:5c:89:77:c9:30:a8:fc:11:
f2:41:71:3c:b8:50:f5:77:5c:29:24:12:08:1d:d9:3b:b6:e4:
97:e4:82:a4:b8:36:9d:04:8d:87:ff:69:75:31:4c:1b:04:ba:
a2:11:cf:aa:d1:61:2d:a8:91:a1:2a:10:9f:69:8f:11:1d:76:
71:70:fe:2c:5f:85:ed:4b:d1:0b:d5:d0:28:de:13:17:ff:57:
ca:3f:29:ab:07:46:c6:ad:75:be:55:fb:90:2f:67:f1:79:8b:
4c:11:41:c0:97:81:dd:65:9d:01:2c:b6:94:0e:e6:47:f0:75:
8d:5b:46:1b:b9:45:02:c8:c4:33:de:e1:b8:30:a4:08:55:05:
ec:16:fd:47:7b:2f:13:6c:f3:7d:9b:f5:2a:9d:18:49:35:fc:
bb:78:e7:f9:df:16:33:59:f3:5f:f4:94:a3:98:0e:2b:cb:c7:
de:38:39:af
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNoruvDSDJknuILwLCFixVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2MxZDIwYzRkNjBiMmYyNjVhZTg2YmM4NzFlMTg1OTQ3ZmMzYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/crU0aSyp5XTcF+ZgDiVMTrQzT2T
9qjvApIWmd91+oQ8QDteOo86s1LJ85cwNT12Fu+/aw+/PH9mr0TVljRcZflx7/XQ
vgpr7qogmFYEwSqxI2lyULA1je7E6Co3nDvQo9xOflTF0zCiGrh0Xpk5JUnpH7cZ
yrv7z0A/E2h9Qq5a52LXEqpYuCEr7VpPWFvsvNnqbuuG8olqcbUiYErlFGR7C68E
hD9LQZDFZmzTAeT3wurchM3YKUo085WbY0z8FSqariPE443MdgabHSZ0Oxej5vsw
IfBJJ8saqRfbvgo5WiVf+YtQxRrJ/59pXpl6ElygzxGSrTyG4kRxWCfRaQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCPB0gxNYLLyZa6GvIceGFlH/DrUMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvSThIU0RFMWdzdkpscm9hOGh4NFlXVWY4T3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBALaPvp9zLF5/ryfsBeMfwtU+izpRDjwS
4B0pSmx3uoMEAW+62iEWUCB8yC0bXWwz6bbQV2Edubk7qlgCZHXFR0G97jDyx/QO
9UTpqicDp7wytQBciXfJMKj8EfJBcTy4UPV3XCkkEggd2Tu25JfkgqS4Np0EjYf/
aXUxTBsEuqIRz6rRYS2okaEqEJ9pjxEddnFw/ixfhe1L0QvV0CjeExf/V8o/KasH
Rsatdb5V+5AvZ/F5i0wRQcCXgd1lnQEstpQO5kfwdY1bRhu5RQLIxDPe4bgwpAhV
BewW/Ud7LxNs832b9SqdGEk1/Lt45/nfFjNZ81/0lKOYDivLx944Oa8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:37 2025 by rpki-client