Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/RT_jtKnS_ErT5b4agTjLXlvKwTo.roa
File: RT_jtKnS_ErT5b4agTjLXlvKwTo.roa (raw, json)
Hash identifier: 9OnznBW0lPFmba2Fk1kXzRxuO2jBu3gz0dhC+E9G4wk=
Subject key identifier: 45:3F:E3:B4:A9:D2:FC:4A:D3:E5:BE:1A:81:38:CB:5E:5B:CA:C1:3A
Certificate issuer: /CN=71949b47df313cbab9452da98fcc637608a909bd
Certificate serial: 018F0C51A69E4D587C90D90DBABB6D301364
Authority key identifier: 71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/RT_jtKnS_ErT5b4agTjLXlvKwTo.roa
Signing time: Tue 23 Apr 2024 18:57:08 +0000
ROA not before: Tue 23 Apr 2024 18:57:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28742
IP address blocks: 185.158.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 11:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0c:51:a6:9e:4d:58:7c:90:d9:0d:ba:bb:6d:30:13:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71949b47df313cbab9452da98fcc637608a909bd
Validity
Not Before: Apr 23 18:57:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=453fe3b4a9d2fc4ad3e5be1a8138cb5e5bcac13a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:97:65:9f:20:4a:29:ab:75:db:dc:dc:db:b6:
ab:91:fa:40:79:41:7d:a8:d4:f1:64:e1:0a:dd:1f:
4e:96:19:d3:84:6a:eb:72:f5:e9:7c:25:f1:6f:9b:
9f:e3:c6:f9:9b:e9:2f:6d:d5:bb:75:52:a7:58:91:
65:c7:bb:4a:53:f7:9e:8c:ef:f1:a9:37:49:f2:e8:
91:f1:53:f1:04:d7:80:01:02:b8:98:bd:65:77:c8:
d5:7d:a4:85:27:3d:97:e0:5c:32:0f:1f:ae:a7:c5:
1e:34:27:4c:2e:d4:7b:92:0a:d8:03:22:05:af:72:
7b:cb:c0:c5:08:93:ac:d8:9e:c8:30:e8:79:8d:05:
19:99:e2:8d:c6:2d:29:1c:4f:7e:17:8f:fa:b3:54:
e8:70:ab:99:ff:c1:52:99:b9:ab:18:e9:e9:33:f8:
27:18:86:71:5d:e7:16:99:78:f9:3e:be:64:49:fe:
77:20:41:94:04:db:b7:88:1c:bb:79:40:c1:31:b4:
49:c9:37:96:fd:48:43:fd:52:38:21:52:1d:b9:2b:
44:93:cc:e6:ac:1b:64:64:18:79:d0:27:30:91:ee:
70:73:a3:ec:c7:8b:6d:fd:ad:be:50:37:f1:68:70:
c0:40:64:a1:22:2b:13:82:36:d7:56:39:70:ca:95:
1e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:3F:E3:B4:A9:D2:FC:4A:D3:E5:BE:1A:81:38:CB:5E:5B:CA:C1:3A
X509v3 Authority Key Identifier:
keyid:71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/RT_jtKnS_ErT5b4agTjLXlvKwTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.28.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:ef:30:fc:2a:09:3a:f7:5d:33:38:9b:e1:47:69:40:4e:4c:
91:25:45:80:09:fa:68:b7:f5:71:e4:fa:3f:eb:96:00:e8:df:
40:73:fb:53:ab:28:08:cc:98:aa:53:ee:d8:11:35:65:96:35:
a8:53:04:56:27:48:90:66:17:c6:ae:29:d1:ec:85:68:6f:ac:
90:ee:2c:2b:c8:63:04:16:8a:01:3f:c0:c8:22:cd:82:20:d2:
67:34:2e:49:35:c3:92:f7:ef:a0:b7:b5:7c:f3:a4:71:8b:7d:
b2:f6:43:16:00:47:fb:7b:6e:01:de:07:c7:c3:ca:be:a8:56:
00:30:38:63:d2:9a:cf:76:a0:01:05:24:de:82:d6:af:d7:2e:
8b:bf:af:66:8d:a9:dc:00:2b:c3:97:b6:6a:11:bd:42:ab:0d:
ab:e4:ab:15:5b:18:d1:9b:6e:15:a8:27:ea:3d:c4:bb:ab:8d:
e9:e4:0a:71:f1:89:00:e0:ac:4d:b9:5e:c7:fb:92:39:7b:b4:
b2:81:e3:25:15:f1:e3:9a:b8:cc:78:b3:aa:bc:01:cd:30:9a:
82:1e:95:a9:c5:1c:8f:93:d3:de:a4:2a:b7:29:6a:5c:51:77:
4d:a8:b6:c7:ac:fa:e9:93:c9:67:4e:f7:cd:8f:c5:85:1e:6f:
88:1f:28:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8MUaaeTVh8kNkNurttMBNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTQ5YjQ3ZGYzMTNjYmFiOTQ1MmRhOThmY2M2Mzc2MDhh
OTA5YmQwHhcNMjQwNDIzMTg1NzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTNmZTNiNGE5ZDJmYzRhZDNlNWJlMWE4MTM4Y2I1ZTViY2FjMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZdlnyBKKat129zc27arkfpAeUF9
qNTxZOEK3R9OlhnThGrrcvXpfCXxb5uf48b5m+kvbdW7dVKnWJFlx7tKU/eejO/x
qTdJ8uiR8VPxBNeAAQK4mL1ld8jVfaSFJz2X4FwyDx+up8UeNCdMLtR7kgrYAyIF
r3J7y8DFCJOs2J7IMOh5jQUZmeKNxi0pHE9+F4/6s1TocKuZ/8FSmbmrGOnpM/gn
GIZxXecWmXj5Pr5kSf53IEGUBNu3iBy7eUDBMbRJyTeW/UhD/VI4IVIduStEk8zm
rBtkZBh50Ccwke5wc6Psx4tt/a2+UDfxaHDAQGShIisTgjbXVjlwypUeOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEU/47Sp0vxK0+W+GoE4y15bysE6MB8GA1UdIwQY
MBaAFHGUm0ffMTy6uUUtqY/MY3YIqQm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgt
MDA2NmY1NDFmYWVhLzEvUlRfanRLblNfRXJUNWI0YWdUakxYbHZLd1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgtMDA2NmY1NDFmYWVh
LzEvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ4cMA0G
CSqGSIb3DQEBCwUAA4IBAQBL7zD8Kgk6910zOJvhR2lATkyRJUWACfpot/Vx5Po/
65YA6N9Ac/tTqygIzJiqU+7YETVlljWoUwRWJ0iQZhfGrinR7IVob6yQ7iwryGME
FooBP8DIIs2CINJnNC5JNcOS9++gt7V886Rxi32y9kMWAEf7e24B3gfHw8q+qFYA
MDhj0prPdqABBSTegtav1y6Lv69mjancACvDl7ZqEb1Cqw2r5KsVWxjRm24VqCfq
PcS7q43p5Apx8YkA4KxNuV7H+5I5e7SygeMlFfHjmrjMeLOqvAHNMJqCHpWpxRyP
k9PepCq3KWpcUXdNqLbHrPrpk8lnTvfNj8WFHm+IHyga
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:41 2025 by rpki-client