Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/IcaWxKRpSQTq3kSpC9e_JvUNoQg.roa
File: IcaWxKRpSQTq3kSpC9e_JvUNoQg.roa (raw, json)
Hash identifier: EuLdbuZpor/nfuRrvlrgbsi5WNHGML81mh3T+jJUREc=
Subject key identifier: 21:C6:96:C4:A4:69:49:04:EA:DE:44:A9:0B:D7:BF:26:F5:0D:A1:08
Certificate issuer: /CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Certificate serial: 01916C26B87EBED66C27E330ABC6D958F5E3
Authority key identifier: B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/IcaWxKRpSQTq3kSpC9e_JvUNoQg.roa
Signing time: Mon 19 Aug 2024 19:39:22 +0000
ROA not before: Mon 19 Aug 2024 19:39:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.253.184.0/24 maxlen: 24
185.253.185.0/24 maxlen: 24
185.253.186.0/24 maxlen: 24
185.253.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Aug 2024 19:47:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6c:26:b8:7e:be:d6:6c:27:e3:30:ab:c6:d9:58:f5:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Validity
Not Before: Aug 19 19:39:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21c696c4a4694904eade44a90bd7bf26f50da108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d7:dc:41:1f:54:e4:63:a7:8d:6f:5c:c8:cf:
3f:4a:cb:e5:1c:fa:67:fe:ef:27:03:7b:ed:a1:b8:
cd:95:7a:e4:54:e4:81:0a:98:e7:1d:d1:a2:e4:dd:
6d:9b:5f:7b:49:43:e9:f3:d0:8d:62:c4:19:44:e8:
ca:2e:7e:f5:3f:a3:49:03:dc:67:cc:c3:eb:23:72:
11:68:ea:db:09:6b:85:cb:da:c6:b6:cb:16:30:3a:
31:5c:13:2b:e1:c2:b9:9a:56:26:ae:ac:37:a1:86:
13:c9:a3:9a:fb:d0:e3:a0:2a:ca:6c:cf:95:c7:ad:
1e:ff:28:2f:69:04:01:48:71:9e:f1:75:05:80:44:
5a:3b:ab:91:05:26:3d:5c:ae:a7:70:59:4c:e2:04:
fc:f9:7c:7a:45:10:af:52:4b:5a:57:fc:e8:27:c8:
d8:f9:54:d4:32:30:d5:c0:13:e5:a3:3e:24:2a:58:
78:87:97:82:74:c1:1b:15:6a:93:5b:df:31:80:6c:
7d:b7:25:95:60:80:43:99:94:a4:b1:30:89:44:9c:
8d:02:07:a8:f5:1a:84:d4:32:0e:75:53:f0:73:c1:
ef:65:2d:7a:ad:e1:5a:d1:0c:91:a1:69:c9:cf:82:
a7:97:2b:76:36:a8:22:2a:8d:c9:21:ca:eb:6d:55:
9a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C6:96:C4:A4:69:49:04:EA:DE:44:A9:0B:D7:BF:26:F5:0D:A1:08
X509v3 Authority Key Identifier:
keyid:B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/IcaWxKRpSQTq3kSpC9e_JvUNoQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/sQw889xTylScA-T19G2RzpC44HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.184.0/22
Signature Algorithm: sha256WithRSAEncryption
38:6e:3b:ef:23:1e:c5:37:ff:c5:24:48:e1:18:22:e9:2c:e1:
9e:c4:af:b4:be:36:26:c8:dd:f4:02:cf:0e:5b:01:a6:c4:d9:
b2:fa:ac:2d:53:f3:24:24:aa:97:b1:13:df:0e:02:3c:b8:eb:
85:b9:44:f3:c9:38:ee:e5:08:fa:6b:d2:28:9f:7c:9b:aa:bb:
53:a9:a5:6a:71:d1:ce:8f:07:f5:49:0a:b6:9e:da:be:47:e8:
9f:98:31:d0:bc:bd:81:13:2f:21:2e:9e:de:d6:4e:d4:ec:1e:
f4:62:87:cb:11:2e:98:36:72:94:47:0b:88:3a:05:3c:15:9d:
84:de:2b:0c:b5:66:15:e8:be:93:72:2e:46:b3:da:16:b7:61:
6e:64:6a:ff:5b:98:71:9b:89:42:7e:a5:1c:80:c2:2a:aa:dd:
19:7a:9f:4b:b4:0d:7f:7c:02:d1:ef:be:21:1e:58:c0:36:cf:
91:c7:e1:36:bf:e8:c6:61:c2:c1:96:c3:6f:7b:7e:db:17:be:
11:21:26:d3:9f:ba:e8:60:3c:4f:6c:e1:2d:bf:13:b9:21:03:
32:41:db:91:d6:28:72:c4:94:1c:3f:62:ea:9a:2e:d3:77:69:
01:95:c6:3a:ef:03:ba:e7:51:e3:75:3a:4b:c4:f4:ea:12:49:
4a:d3:1d:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFsJrh+vtZsJ+Mwq8bZWPXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMGMzY2YzZGM1M2NhNTQ5YzAzZTRmNWY0NmQ5MWNlOTBi
OGUwNzAwHhcNMjQwODE5MTkzOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWM2OTZjNGE0Njk0OTA0ZWFkZTQ0YTkwYmQ3YmYyNmY1MGRhMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtfcQR9U5GOnjW9cyM8/SsvlHPpn
/u8nA3vtobjNlXrkVOSBCpjnHdGi5N1tm197SUPp89CNYsQZROjKLn71P6NJA9xn
zMPrI3IRaOrbCWuFy9rGtssWMDoxXBMr4cK5mlYmrqw3oYYTyaOa+9DjoCrKbM+V
x60e/ygvaQQBSHGe8XUFgERaO6uRBSY9XK6ncFlM4gT8+Xx6RRCvUktaV/zoJ8jY
+VTUMjDVwBPloz4kKlh4h5eCdMEbFWqTW98xgGx9tyWVYIBDmZSksTCJRJyNAgeo
9RqE1DIOdVPwc8HvZS16reFa0QyRoWnJz4Knlyt2NqgiKo3JIcrrbVWahQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHGlsSkaUkE6t5EqQvXvyb1DaEIMB8GA1UdIwQY
MBaAFLEMPPPcU8pUnAPk9fRtkc6QuOBwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMt
MzZmODJiZDM3OWJkLzEvSWNhV3hLUnBTUVRxM2tTcEM5ZV9KdlVOb1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMtMzZmODJiZDM3OWJk
LzEvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf24MA0G
CSqGSIb3DQEBCwUAA4IBAQA4bjvvIx7FN//FJEjhGCLpLOGexK+0vjYmyN30As8O
WwGmxNmy+qwtU/MkJKqXsRPfDgI8uOuFuUTzyTju5Qj6a9Ion3ybqrtTqaVqcdHO
jwf1SQq2ntq+R+ifmDHQvL2BEy8hLp7e1k7U7B70YofLES6YNnKURwuIOgU8FZ2E
3isMtWYV6L6Tci5Gs9oWt2FuZGr/W5hxm4lCfqUcgMIqqt0Zep9LtA1/fALR774h
HljANs+Rx+E2v+jGYcLBlsNve37bF74RISbTn7roYDxPbOEtvxO5IQMyQduR1ihy
xJQcP2Lqmi7Td2kBlcY67wO651HjdTpLxPTqEklK0x0b
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:02:52 2025 by rpki-client