Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/rckK_-GsK1Z7qSfoCiLKGtKiJoM.roa
File: rckK_-GsK1Z7qSfoCiLKGtKiJoM.roa (raw, json)
Hash identifier: pn7l+LUXNfiJKiCCbpeflqjyaZUp9JELuHtC137W1/E=
Subject key identifier: AD:C9:0A:FF:E1:AC:2B:56:7B:A9:27:E8:0A:22:CA:1A:D2:A2:26:83
Certificate issuer: /CN=08175e0a36c789d31420b33303fbc7324c7c574b
Certificate serial: 018CC5DD0B59798D3CABC0D86E3280F73A05
Authority key identifier: 08:17:5E:0A:36:C7:89:D3:14:20:B3:33:03:FB:C7:32:4C:7C:57:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBdeCjbHidMUILMzA_vHMkx8V0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/rckK_-GsK1Z7qSfoCiLKGtKiJoM.roa
Signing time: Mon 01 Jan 2024 16:30:46 +0000
ROA not before: Mon 01 Jan 2024 16:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62248
IP address blocks: 185.42.168.0/24 maxlen: 24
185.42.171.0/24 maxlen: 24
185.42.170.0/24 maxlen: 24
185.42.169.0/24 maxlen: 24
2a01:6560::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 07:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:0b:59:79:8d:3c:ab:c0:d8:6e:32:80:f7:3a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08175e0a36c789d31420b33303fbc7324c7c574b
Validity
Not Before: Jan 1 16:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adc90affe1ac2b567ba927e80a22ca1ad2a22683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e2:6d:f6:e8:92:73:a1:41:54:af:c2:71:4c:
d3:60:b2:b7:3c:0e:84:77:b0:e0:fe:6b:61:98:8d:
4c:4e:db:4c:e4:7a:ce:58:3b:7a:45:cd:2c:58:ef:
98:ab:08:17:83:37:41:b2:b3:97:d9:d9:10:96:63:
76:8f:c1:32:bd:e5:53:90:0d:05:01:9d:4c:b1:9b:
22:92:11:89:16:bf:cc:02:b8:74:7b:6c:e2:60:f0:
07:e7:44:5f:c4:62:44:81:0f:94:8c:5b:d3:80:95:
7a:47:a9:6a:38:ee:68:82:64:43:83:45:e5:88:7b:
bc:6f:09:74:e4:67:40:32:2a:13:40:ff:06:27:3f:
3c:85:d0:38:ab:1d:dd:a5:0e:49:0e:54:42:2c:42:
4f:63:ad:d2:cf:63:c1:75:ee:a5:61:b1:30:35:9d:
91:aa:24:c4:31:3b:50:dc:b7:c0:a1:1d:96:f5:8f:
b5:1b:86:8e:dd:52:a0:14:60:30:56:ee:aa:53:4c:
15:03:08:f9:22:ad:f6:de:af:7b:a3:50:6e:56:20:
b5:2e:21:d7:62:a9:5e:cd:aa:f3:99:f5:1c:11:f5:
71:ee:48:ab:06:2a:fa:6b:16:f5:02:63:57:3f:50:
2e:24:27:17:df:9e:af:06:cc:e2:c6:4f:ae:22:32:
15:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C9:0A:FF:E1:AC:2B:56:7B:A9:27:E8:0A:22:CA:1A:D2:A2:26:83
X509v3 Authority Key Identifier:
keyid:08:17:5E:0A:36:C7:89:D3:14:20:B3:33:03:FB:C7:32:4C:7C:57:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBdeCjbHidMUILMzA_vHMkx8V0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/rckK_-GsK1Z7qSfoCiLKGtKiJoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/28e9cb-8ef3-482a-8ed1-2f50708ac57f/1/CBdeCjbHidMUILMzA_vHMkx8V0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.168.0/22
IPv6:
2a01:6560::/32
Signature Algorithm: sha256WithRSAEncryption
41:cf:11:da:8d:a2:73:ef:91:a0:fc:5b:08:bb:f7:e7:72:be:
8d:83:d0:0b:ef:8a:31:2d:89:56:54:3f:52:bd:64:a7:6e:7e:
d9:bf:a2:02:da:31:7b:5b:08:c2:cb:28:f6:7f:2a:e0:5e:7e:
15:ba:b1:02:35:c6:c4:eb:78:8d:59:ed:9f:39:2e:e2:da:b6:
26:4a:fd:43:2b:f5:a3:60:96:6c:df:d2:5c:b0:ff:66:72:52:
9a:9c:ef:77:87:56:af:f9:05:ce:c1:1d:ba:66:37:23:a2:e3:
f0:8e:61:07:49:8a:ca:06:60:f6:e2:a8:af:ad:bb:63:46:21:
a4:2b:33:e2:4b:9f:84:34:73:d5:9e:dd:7a:eb:14:33:4a:fa:
a0:db:5c:f9:8e:44:5f:28:c2:1a:22:59:36:4d:90:63:a2:90:
10:01:b3:56:59:89:34:a4:5e:d8:09:60:84:6c:bb:85:29:94:
18:b3:f2:ae:a4:db:22:ea:60:62:6a:e6:69:65:7d:50:ec:2a:
af:15:f4:30:3b:b8:55:a5:3c:58:5d:c0:ce:75:84:d9:97:2a:
ad:3d:e3:aa:a1:f6:0e:84:df:24:ac:34:eb:dd:b0:c8:03:99:
63:66:97:cc:12:47:52:1f:f7:0a:27:35:b0:99:9f:27:e8:93:
73:f8:32:27
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3QtZeY08q8DYbjKA9zoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MTc1ZTBhMzZjNzg5ZDMxNDIwYjMzMzAzZmJjNzMyNGM3
YzU3NGIwHhcNMjQwMTAxMTYzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGM5MGFmZmUxYWMyYjU2N2JhOTI3ZTgwYTIyY2ExYWQyYTIyNjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+Jt9uiSc6FBVK/CcUzTYLK3PA6E
d7Dg/mthmI1MTttM5HrOWDt6Rc0sWO+YqwgXgzdBsrOX2dkQlmN2j8EyveVTkA0F
AZ1MsZsikhGJFr/MArh0e2ziYPAH50RfxGJEgQ+UjFvTgJV6R6lqOO5ogmRDg0Xl
iHu8bwl05GdAMioTQP8GJz88hdA4qx3dpQ5JDlRCLEJPY63Sz2PBde6lYbEwNZ2R
qiTEMTtQ3LfAoR2W9Y+1G4aO3VKgFGAwVu6qU0wVAwj5Iq323q97o1BuViC1LiHX
YqlezarzmfUcEfVx7kirBir6axb1AmNXP1AuJCcX356vBszixk+uIjIVwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK3JCv/hrCtWe6kn6AoiyhrSoiaDMB8GA1UdIwQY
MBaAFAgXXgo2x4nTFCCzMwP7xzJMfFdLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0JkZUNqYkhpZE1VSUxNekFfdkhNa3g4VjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8yOGU5Y2ItOGVmMy00ODJhLThlZDEt
MmY1MDcwOGFjNTdmLzEvcmNrS18tR3NLMVo3cVNmb0NpTEtHdEtpSm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8yOGU5Y2ItOGVmMy00ODJhLThlZDEtMmY1MDcwOGFjNTdm
LzEvQ0JkZUNqYkhpZE1VSUxNekFfdkhNa3g4VjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSqoMA0E
AgACMAcDBQAqAWVgMA0GCSqGSIb3DQEBCwUAA4IBAQBBzxHajaJz75Gg/FsIu/fn
cr6Ng9AL74oxLYlWVD9SvWSnbn7Zv6IC2jF7WwjCyyj2fyrgXn4VurECNcbE63iN
We2fOS7i2rYmSv1DK/WjYJZs39JcsP9mclKanO93h1av+QXOwR26ZjcjouPwjmEH
SYrKBmD24qivrbtjRiGkKzPiS5+ENHPVnt166xQzSvqg21z5jkRfKMIaIlk2TZBj
opAQAbNWWYk0pF7YCWCEbLuFKZQYs/KupNsi6mBiauZpZX1Q7CqvFfQwO7hVpTxY
XcDOdYTZlyqtPeOqofYOhN8krDTr3bDIA5ljZpfMEkdSH/cKJzWwmZ8n6JNz+DIn
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:26:08 2025 by rpki-client