Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/42a193-b30b-403f-befe-3245450d3742/1/iYOgbFEY8sKtvCyJAVpiY_0kfDE.roa
File: iYOgbFEY8sKtvCyJAVpiY_0kfDE.roa (raw, json)
Hash identifier: Cbke1ik5E3csM92xFDsL065jpPi3K3H9JX6mfdDiQA4=
Subject key identifier: 89:83:A0:6C:51:18:F2:C2:AD:BC:2C:89:01:5A:62:63:FD:24:7C:31
Certificate issuer: /CN=e52acfcbd79f232c5d72a550bc4c66f11107a0e2
Certificate serial: 01924CD9B3B63E6FEC1F9C4E1865CCDB3B5E
Authority key identifier: E5:2A:CF:CB:D7:9F:23:2C:5D:72:A5:50:BC:4C:66:F1:11:07:A0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5SrPy9efIyxdcqVQvExm8REHoOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/42a193-b30b-403f-befe-3245450d3742/1/iYOgbFEY8sKtvCyJAVpiY_0kfDE.roa
Signing time: Wed 02 Oct 2024 10:49:48 +0000
ROA not before: Wed 02 Oct 2024 10:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206866
IP address blocks: 185.56.182.0/23 maxlen: 24
2a02:52e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 02 Oct 2024 14:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4c:d9:b3:b6:3e:6f:ec:1f:9c:4e:18:65:cc:db:3b:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e52acfcbd79f232c5d72a550bc4c66f11107a0e2
Validity
Not Before: Oct 2 10:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8983a06c5118f2c2adbc2c89015a6263fd247c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:49:38:50:87:21:02:70:76:0f:43:5d:6c:28:
1c:02:bb:d8:23:4c:5a:9d:26:0d:ee:5e:97:da:d7:
85:a7:82:9e:59:66:a7:20:40:21:17:c7:98:9c:bf:
d9:6b:d6:01:04:d7:57:bc:6c:78:9b:a9:0d:62:e8:
d3:84:1c:ba:86:b0:81:66:0b:b9:fa:88:f5:ae:c8:
50:56:7c:3d:20:f1:4b:2e:cf:64:77:1a:7e:35:48:
ff:72:16:73:aa:c2:4b:05:c9:77:ed:da:28:81:84:
8b:11:ec:59:c2:7a:98:ab:40:f1:06:08:46:3a:ca:
49:5a:ff:3f:0f:ec:b7:38:dd:77:39:bd:e5:39:6c:
13:93:1a:7c:62:79:a5:80:cb:17:6c:f8:e5:f4:27:
9e:50:25:a9:f7:26:07:5b:90:ea:96:ae:a3:c7:ce:
66:25:fc:4b:75:48:58:08:3f:8d:44:9f:e3:3e:0d:
8e:a3:f0:ed:2e:93:74:ae:12:dc:14:b4:2f:18:6a:
4b:d2:72:c5:25:73:ba:86:2d:13:99:8d:ed:ca:61:
15:57:ba:b2:33:0d:6b:d1:83:69:58:2d:cc:98:12:
04:09:4c:92:7e:9f:04:bc:b4:37:70:9a:f0:b3:a4:
8d:6b:85:d1:b0:fc:fa:09:fe:39:13:04:cf:d0:47:
9b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:83:A0:6C:51:18:F2:C2:AD:BC:2C:89:01:5A:62:63:FD:24:7C:31
X509v3 Authority Key Identifier:
keyid:E5:2A:CF:CB:D7:9F:23:2C:5D:72:A5:50:BC:4C:66:F1:11:07:A0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5SrPy9efIyxdcqVQvExm8REHoOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/42a193-b30b-403f-befe-3245450d3742/1/iYOgbFEY8sKtvCyJAVpiY_0kfDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/42a193-b30b-403f-befe-3245450d3742/1/5SrPy9efIyxdcqVQvExm8REHoOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.182.0/23
IPv6:
2a02:52e0::/32
Signature Algorithm: sha256WithRSAEncryption
b5:12:f1:8c:74:a8:23:b7:d5:23:2e:83:d3:30:3d:7c:29:b1:
89:6e:a4:8b:29:60:1f:15:ad:35:78:25:c5:17:ad:7c:fc:ee:
78:0d:ea:cb:c2:d8:79:fe:bf:0f:33:d4:a1:0d:ec:1f:fa:b2:
f4:33:b5:58:4b:31:60:fb:2f:29:c9:d9:12:b9:6f:5d:9e:69:
7c:96:29:45:51:c3:4e:e2:79:e3:b3:15:be:50:33:63:a9:7b:
3b:38:4e:cf:23:9a:08:d3:d7:e8:85:ef:17:42:73:71:14:81:
4d:e2:17:b3:d8:f2:f5:0d:d6:65:ee:44:88:35:20:c6:92:dd:
de:52:8c:1f:0f:83:83:e7:3b:bc:b5:b7:c0:21:ae:68:ce:ec:
83:34:28:3d:8a:48:bd:81:8d:56:5b:c3:e5:c5:e8:eb:c5:fd:
f6:a2:62:a2:88:08:7b:d5:a0:f5:d7:53:99:07:17:15:84:b0:
4e:86:6c:b2:93:16:0c:de:c2:7a:d8:2e:b6:19:55:3e:51:9e:
ed:06:9e:da:9d:c7:5b:08:9d:ff:23:4f:b6:41:db:e4:8d:5b:
ae:7c:0d:35:4a:81:10:ac:84:50:ab:2f:31:21:e1:cf:e7:4d:
fe:b8:d6:9a:39:39:8d:6c:ae:95:e3:3e:01:6e:05:27:a0:31:
ab:b9:49:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJM2bO2Pm/sH5xOGGXM2zteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmFjZmNiZDc5ZjIzMmM1ZDcyYTU1MGJjNGM2NmYxMTEw
N2EwZTIwHhcNMjQxMDAyMTA0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTgzYTA2YzUxMThmMmMyYWRiYzJjODkwMTVhNjI2M2ZkMjQ3YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0k4UIchAnB2D0NdbCgcArvYI0xa
nSYN7l6X2teFp4KeWWanIEAhF8eYnL/Za9YBBNdXvGx4m6kNYujThBy6hrCBZgu5
+oj1rshQVnw9IPFLLs9kdxp+NUj/chZzqsJLBcl37doogYSLEexZwnqYq0DxBghG
OspJWv8/D+y3ON13Ob3lOWwTkxp8YnmlgMsXbPjl9CeeUCWp9yYHW5Dqlq6jx85m
JfxLdUhYCD+NRJ/jPg2Oo/DtLpN0rhLcFLQvGGpL0nLFJXO6hi0TmY3tymEVV7qy
Mw1r0YNpWC3MmBIECUySfp8EvLQ3cJrws6SNa4XRsPz6Cf45EwTP0EebWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFImDoGxRGPLCrbwsiQFaYmP9JHwxMB8GA1UdIwQY
MBaAFOUqz8vXnyMsXXKlULxMZvERB6DiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVNyUHk5ZWZJeXhkY3FWUXZFeG04UkVIb09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80MmExOTMtYjMwYi00MDNmLWJlZmUt
MzI0NTQ1MGQzNzQyLzEvaVlPZ2JGRVk4c0t0dkN5SkFWcGlZXzBrZkRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80MmExOTMtYjMwYi00MDNmLWJlZmUtMzI0NTQ1MGQzNzQy
LzEvNVNyUHk5ZWZJeXhkY3FWUXZFeG04UkVIb09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuTi2MA0E
AgACMAcDBQAqAlLgMA0GCSqGSIb3DQEBCwUAA4IBAQC1EvGMdKgjt9UjLoPTMD18
KbGJbqSLKWAfFa01eCXFF618/O54DerLwth5/r8PM9ShDewf+rL0M7VYSzFg+y8p
ydkSuW9dnml8lilFUcNO4nnjsxW+UDNjqXs7OE7PI5oI09fohe8XQnNxFIFN4hez
2PL1DdZl7kSINSDGkt3eUowfD4OD5zu8tbfAIa5ozuyDNCg9iki9gY1WW8Plxejr
xf32omKiiAh71aD111OZBxcVhLBOhmyykxYM3sJ62C62GVU+UZ7tBp7ancdbCJ3/
I0+2QdvkjVuufA01SoEQrIRQqy8xIeHP503+uNaaOTmNbK6V4z4BbgUnoDGruUmo
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:20:28 2025 by rpki-client