Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/fLG_VRBzMQLTf34BRY3yyNPt-sk.roa
File: fLG_VRBzMQLTf34BRY3yyNPt-sk.roa (raw, json)
Hash identifier: ebFwX4IRV2dyazXg6KxQfH5MIHZ4PDpgNvM1ornAoc4=
Subject key identifier: 7C:B1:BF:55:10:73:31:02:D3:7F:7E:01:45:8D:F2:C8:D3:ED:FA:C9
Certificate issuer: /CN=64a7a6cd583814d393bee2635b545574cc75620c
Certificate serial: 018CC9BC05C0FB30EFA376DCA81AEE7E5132
Authority key identifier: 64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/fLG_VRBzMQLTf34BRY3yyNPt-sk.roa
Signing time: Tue 02 Jan 2024 10:33:11 +0000
ROA not before: Tue 02 Jan 2024 10:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51554
IP address blocks: 185.157.8.0/23 maxlen: 23
185.157.8.0/22 maxlen: 22
185.157.10.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:05:c0:fb:30:ef:a3:76:dc:a8:1a:ee:7e:51:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64a7a6cd583814d393bee2635b545574cc75620c
Validity
Not Before: Jan 2 10:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cb1bf5510733102d37f7e01458df2c8d3edfac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6d:ea:62:35:f3:18:2b:6b:ad:76:e1:fc:0a:
69:bc:4e:1e:2e:71:e4:84:6f:ae:f7:4b:39:fd:f0:
e4:df:f0:0b:46:01:be:59:03:c1:a1:8a:4e:e3:1f:
95:d9:da:33:51:94:87:62:23:c6:89:1f:3b:39:2f:
b9:0f:f8:48:02:97:cf:f4:48:f5:a6:e5:88:da:f7:
81:d2:0a:e0:c4:18:27:04:14:0f:20:db:05:63:bd:
7c:1e:c9:07:10:b6:b9:ca:dd:83:1d:8e:8b:d7:b6:
3d:77:f5:4a:67:13:5f:13:f6:2b:82:fc:65:b5:fd:
a9:d4:2e:3c:c7:41:c7:3e:57:12:c0:f8:44:dc:6e:
52:e3:c3:c5:fd:1c:b1:45:2d:fa:af:cd:8f:28:d4:
22:31:d1:85:f1:e0:1f:5f:18:9f:46:9f:2a:22:09:
4a:2c:53:a8:4a:8e:e2:3c:a3:f2:9b:11:48:4b:78:
f7:d7:b7:b1:ae:87:5d:a8:a5:d8:42:61:0e:eb:1e:
c4:c0:63:1f:8e:f2:c6:d8:59:60:2b:59:f6:5b:46:
84:07:f7:0b:6c:65:79:d9:83:93:02:6e:62:dc:fc:
e6:1f:0b:3a:ca:ef:66:83:01:47:91:57:20:f4:2e:
a1:78:f2:f7:86:04:f7:64:8b:0e:1d:c1:05:bd:2d:
a5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B1:BF:55:10:73:31:02:D3:7F:7E:01:45:8D:F2:C8:D3:ED:FA:C9
X509v3 Authority Key Identifier:
keyid:64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/fLG_VRBzMQLTf34BRY3yyNPt-sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.8.0/22
Signature Algorithm: sha256WithRSAEncryption
82:ec:74:74:30:fd:1e:1b:1e:41:7f:15:1e:15:48:01:fe:c0:
9a:1f:fd:05:ba:04:cb:ae:12:4d:9c:26:15:69:7b:e7:32:1f:
d3:c6:bd:e1:7b:22:df:73:bc:d3:44:76:53:ee:65:44:07:26:
b5:7a:45:28:60:9f:bd:ac:f5:f7:e2:b7:68:5e:a4:78:cf:23:
41:f6:53:20:91:1e:43:bc:60:4d:04:52:58:d4:d4:a7:2d:81:
9c:da:56:80:3f:4c:ec:37:66:91:11:da:66:47:42:93:9e:ab:
84:95:69:17:a3:a6:cb:36:e9:b2:09:c7:9a:f9:39:ca:66:28:
eb:e3:1e:9d:8e:df:a1:73:61:56:9d:56:ed:28:78:2a:d5:fe:
9f:76:9a:ac:ac:49:84:e8:5b:6d:c4:44:17:41:0d:d4:5e:4a:
7c:9c:ee:99:6a:be:99:ba:23:6e:3b:3a:6f:f2:b5:e2:f2:d5:
8a:c6:53:a9:65:a5:80:1a:00:0a:46:03:2f:96:61:c9:1d:bc:
7e:58:7b:67:3a:1d:e7:89:32:92:57:86:72:2d:ba:46:3d:b3:
d7:92:e2:01:f5:4f:39:eb:5a:93:8b:f7:43:99:28:c6:65:24:
2d:20:48:f1:11:c2:fe:a5:2d:5d:10:b3:01:47:d3:99:78:17:
47:45:8e:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvAXA+zDvo3bcqBruflEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YTdhNmNkNTgzODE0ZDM5M2JlZTI2MzViNTQ1NTc0Y2M3
NTYyMGMwHhcNMjQwMTAyMTAzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2IxYmY1NTEwNzMzMTAyZDM3ZjdlMDE0NThkZjJjOGQzZWRmYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi23qYjXzGCtrrXbh/AppvE4eLnHk
hG+u90s5/fDk3/ALRgG+WQPBoYpO4x+V2dozUZSHYiPGiR87OS+5D/hIApfP9Ej1
puWI2veB0grgxBgnBBQPINsFY718HskHELa5yt2DHY6L17Y9d/VKZxNfE/Yrgvxl
tf2p1C48x0HHPlcSwPhE3G5S48PF/RyxRS36r82PKNQiMdGF8eAfXxifRp8qIglK
LFOoSo7iPKPymxFIS3j317exroddqKXYQmEO6x7EwGMfjvLG2FlgK1n2W0aEB/cL
bGV52YOTAm5i3PzmHws6yu9mgwFHkVcg9C6hePL3hgT3ZIsOHcEFvS2lgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHyxv1UQczEC039+AUWN8sjT7frJMB8GA1UdIwQY
MBaAFGSnps1YOBTTk77iY1tUVXTMdWIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYt
NmY1ZDhhNzRhMGU0LzEvZkxHX1ZSQnpNUUxUZjM0QlJZM3l5TlB0LXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYtNmY1ZDhhNzRhMGU0
LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ0IMA0G
CSqGSIb3DQEBCwUAA4IBAQCC7HR0MP0eGx5BfxUeFUgB/sCaH/0FugTLrhJNnCYV
aXvnMh/Txr3heyLfc7zTRHZT7mVEBya1ekUoYJ+9rPX34rdoXqR4zyNB9lMgkR5D
vGBNBFJY1NSnLYGc2laAP0zsN2aREdpmR0KTnquElWkXo6bLNumyCcea+TnKZijr
4x6djt+hc2FWnVbtKHgq1f6fdpqsrEmE6FttxEQXQQ3UXkp8nO6Zar6ZuiNuOzpv
8rXi8tWKxlOpZaWAGgAKRgMvlmHJHbx+WHtnOh3niTKSV4ZyLbpGPbPXkuIB9U85
61qTi/dDmSjGZSQtIEjxEcL+pS1dELMBR9OZeBdHRY4N
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:16 2025 by rpki-client