Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4NzpwthbFT1XIfilN8SE9LwuvH0.roa
File: 4NzpwthbFT1XIfilN8SE9LwuvH0.roa (raw, json)
Hash identifier: QB9uPfepCis/fGH1nujUPY2G0h0QZ3TnusZUBbarFig=
Subject key identifier: E0:DC:E9:C2:D8:5B:15:3D:57:21:F8:A5:37:C4:84:F4:BC:2E:BC:7D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193E3C32F4DC10A143A7A68EABD201842E6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4NzpwthbFT1XIfilN8SE9LwuvH0.roa
Signing time: Fri 20 Dec 2024 11:10:39 +0000
ROA not before: Fri 20 Dec 2024 11:10:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213893
IP address blocks: 185.218.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:c3:2f:4d:c1:0a:14:3a:7a:68:ea:bd:20:18:42:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 20 11:10:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0dce9c2d85b153d5721f8a537c484f4bc2ebc7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2a:a8:54:dc:e5:ef:db:0f:c8:38:5a:30:e0:
dc:05:a9:22:38:12:8a:91:87:42:58:c4:12:5d:2b:
9f:4a:10:c1:ce:e6:ee:ba:f1:c5:d8:81:1b:ea:3a:
78:8a:b7:ff:e5:2b:e7:32:47:e4:76:32:25:da:60:
e7:e0:bb:e1:38:a4:41:4b:a4:d5:d7:df:8b:d2:ac:
4b:ad:cd:8b:20:37:65:d6:d9:61:5d:b4:12:ce:25:
35:26:26:9a:52:8a:ad:0e:96:45:64:c0:b4:87:eb:
55:d7:8f:c9:ce:da:f7:6d:b1:a9:b0:09:d9:a8:d4:
5f:26:60:65:bd:0a:30:43:1b:b9:fb:db:24:90:85:
aa:63:44:e5:aa:04:c6:35:c9:5a:f7:77:a8:51:d6:
6d:21:32:c8:3f:67:28:37:55:08:f7:59:61:b4:02:
5f:48:45:ae:26:c3:ac:1f:2b:67:1d:4e:0c:1f:98:
d6:63:67:f0:29:7c:a3:d1:e5:e5:77:77:74:99:fd:
31:6c:a8:28:23:40:ee:18:42:79:b6:60:4f:d8:69:
a0:1f:82:9e:68:d0:6b:4c:78:4e:45:85:75:3a:72:
fa:38:31:d6:4d:09:d2:a7:10:a3:1f:c6:f6:6a:76:
58:f7:9c:a0:56:82:11:9a:40:ad:9c:db:fa:d7:5c:
e5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:DC:E9:C2:D8:5B:15:3D:57:21:F8:A5:37:C4:84:F4:BC:2E:BC:7D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4NzpwthbFT1XIfilN8SE9LwuvH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.137.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:9f:b7:a7:46:af:db:9d:33:55:e7:fb:b5:fe:16:ca:6b:5b:
c7:85:17:8d:23:5c:35:20:7b:ce:17:12:18:29:99:51:6b:28:
76:38:cf:98:67:1c:fd:45:0f:fa:4e:5e:89:84:9b:11:f3:2c:
c6:77:4f:f7:8e:e2:81:27:13:47:6a:39:7e:a7:c5:e8:fd:bd:
4b:50:0f:23:6f:88:2d:1f:18:55:ab:6c:64:a1:f2:8c:33:53:
72:fd:ef:fa:cf:00:72:ca:82:2b:91:3c:18:81:7c:e5:88:4e:
5d:b4:76:c3:cf:33:08:ad:b3:ed:47:f1:b2:c8:6c:d7:ca:02:
82:54:8f:c0:95:81:e4:66:a9:52:75:dc:7a:84:99:bf:b6:42:
7d:05:d2:7b:7d:c8:8d:de:59:bd:17:ff:80:5e:75:f1:f3:1b:
d4:3c:fa:35:67:6f:50:f7:a0:39:44:69:80:29:70:04:6d:ee:
8a:0b:fa:43:f6:1f:24:cd:a8:56:7f:11:40:eb:93:a4:61:f8:
6e:af:85:10:ea:f7:22:d8:15:34:72:25:66:0b:42:76:f1:26:
71:d7:c5:c6:7a:cc:35:ca:b5:62:f8:80:ae:2d:7b:e4:97:05:
fe:fe:f9:b4:91:f8:eb:66:fe:1b:50:ca:85:12:d4:59:39:d8:
1b:da:ec:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPjwy9NwQoUOnpo6r0gGELmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjIwMTExMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGRjZTljMmQ4NWIxNTNkNTcyMWY4YTUzN2M0ODRmNGJjMmViYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSqoVNzl79sPyDhaMODcBakiOBKK
kYdCWMQSXSufShDBzubuuvHF2IEb6jp4irf/5SvnMkfkdjIl2mDn4LvhOKRBS6TV
19+L0qxLrc2LIDdl1tlhXbQSziU1JiaaUoqtDpZFZMC0h+tV14/Jztr3bbGpsAnZ
qNRfJmBlvQowQxu5+9skkIWqY0TlqgTGNcla93eoUdZtITLIP2coN1UI91lhtAJf
SEWuJsOsHytnHU4MH5jWY2fwKXyj0eXld3d0mf0xbKgoI0DuGEJ5tmBP2GmgH4Ke
aNBrTHhORYV1OnL6ODHWTQnSpxCjH8b2anZY95ygVoIRmkCtnNv611zlTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODc6cLYWxU9VyH4pTfEhPS8Lrx9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNE56cHd0aGJGVDFYSWZpbE44U0U5THd1dkgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudqJMA0G
CSqGSIb3DQEBCwUAA4IBAQAMn7enRq/bnTNV5/u1/hbKa1vHhReNI1w1IHvOFxIY
KZlRayh2OM+YZxz9RQ/6Tl6JhJsR8yzGd0/3juKBJxNHajl+p8Xo/b1LUA8jb4gt
HxhVq2xkofKMM1Ny/e/6zwByyoIrkTwYgXzliE5dtHbDzzMIrbPtR/GyyGzXygKC
VI/AlYHkZqlSddx6hJm/tkJ9BdJ7fciN3lm9F/+AXnXx8xvUPPo1Z29Q96A5RGmA
KXAEbe6KC/pD9h8kzahWfxFA65OkYfhur4UQ6vci2BU0ciVmC0J28SZx18XGesw1
yrVi+ICuLXvklwX+/vm0kfjrZv4bUMqFEtRZOdgb2uyD
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:14:29 2025 by rpki-client