Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/cUCHyMOoFNg6rg1RtPYstzfdRIg.roa
File: cUCHyMOoFNg6rg1RtPYstzfdRIg.roa (raw, json)
Hash identifier: muuRuQNvR9hm7kt1yjb+ThsorylBSvy/r/WRQvbSDDw=
Subject key identifier: 71:40:87:C8:C3:A8:14:D8:3A:AE:0D:51:B4:F6:2C:B7:37:DD:44:88
Certificate issuer: /CN=fc55e0533efaa5624f538b92ed1a973feff89751
Certificate serial: 019424B3A50CBA5225B552835EF1F752D97E
Authority key identifier: FC:55:E0:53:3E:FA:A5:62:4F:53:8B:92:ED:1A:97:3F:EF:F8:97:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FXgUz76pWJPU4uS7RqXP-_4l1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/cUCHyMOoFNg6rg1RtPYstzfdRIg.roa
Signing time: Thu 02 Jan 2025 01:49:00 +0000
ROA not before: Thu 02 Jan 2025 01:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59432
IP address blocks: 185.84.116.0/24 maxlen: 24
185.84.118.0/24 maxlen: 24
185.132.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 08:03:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a5:0c:ba:52:25:b5:52:83:5e:f1:f7:52:d9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc55e0533efaa5624f538b92ed1a973feff89751
Validity
Not Before: Jan 2 01:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=714087c8c3a814d83aae0d51b4f62cb737dd4488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:89:0a:63:24:32:d0:1c:62:8e:9e:91:9e:4d:
c7:00:a7:60:cd:2e:1d:30:0e:50:78:74:a6:94:ee:
95:c0:f6:ca:e9:1d:21:64:23:5a:aa:f2:59:1d:93:
8d:47:fe:4b:ef:d7:34:db:68:51:17:f5:eb:bd:8c:
79:c6:cf:31:06:a0:31:f8:67:45:75:f8:3d:2e:7a:
38:45:3b:3e:bd:83:35:dd:5f:20:74:1e:62:9c:e8:
eb:19:30:bd:51:36:b7:b6:37:e8:60:65:c6:c1:c8:
45:b2:20:fc:b5:bb:e9:ec:8b:ec:7e:d2:67:07:fd:
ac:88:c4:18:ad:79:31:6e:11:0e:81:cc:b6:08:c4:
76:ba:f6:32:46:93:50:ad:09:30:51:e9:53:ea:56:
bf:0f:50:b0:01:04:7c:d7:ae:c9:8d:0d:26:01:00:
ff:09:02:cf:37:70:9a:e1:f7:37:ce:40:05:01:7a:
b5:e2:da:a2:33:38:4c:91:69:0a:eb:ea:0e:b0:02:
c7:15:2b:48:e4:6c:fc:0d:61:ab:4a:c4:0a:a0:85:
d3:95:8b:da:d5:cc:58:8c:f7:9f:40:08:5a:30:d0:
19:94:d1:c4:81:17:77:ca:87:bd:b5:52:da:ec:3e:
e7:51:65:7c:84:5f:d2:f7:9c:8e:ee:bb:2f:c8:37:
89:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:40:87:C8:C3:A8:14:D8:3A:AE:0D:51:B4:F6:2C:B7:37:DD:44:88
X509v3 Authority Key Identifier:
keyid:FC:55:E0:53:3E:FA:A5:62:4F:53:8B:92:ED:1A:97:3F:EF:F8:97:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FXgUz76pWJPU4uS7RqXP-_4l1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/cUCHyMOoFNg6rg1RtPYstzfdRIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/_FXgUz76pWJPU4uS7RqXP-_4l1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.116.0/24
185.84.118.0/24
185.132.188.0/24
Signature Algorithm: sha256WithRSAEncryption
49:5c:5b:0a:b0:7f:0f:27:7a:0e:0b:c7:ca:86:c8:8b:f3:d2:
17:37:0e:b9:27:cc:97:2f:6b:cf:1c:81:7d:99:d0:59:7b:20:
ae:22:9b:10:fb:d8:c7:b6:9e:44:11:83:a2:c9:eb:0b:68:d7:
ef:ef:18:22:ab:5c:91:e6:12:d5:fe:7a:5c:ab:84:c9:11:9c:
11:f2:e1:c5:cf:95:07:7b:9b:24:72:4a:2a:be:3b:e7:fd:4c:
a8:a4:bc:25:6a:2b:c3:26:3f:87:58:f3:bc:4a:90:71:b2:6c:
0e:e1:a0:23:63:c4:32:a5:ef:e7:29:c5:99:00:cc:18:79:3e:
15:2a:f8:1c:0c:1e:17:52:e2:f7:e2:16:af:f6:6c:cb:cf:3a:
e4:c3:56:a7:c8:62:6f:d9:c5:8f:a7:b0:de:ea:55:08:4c:a1:
04:f0:07:80:e9:26:5d:ec:cd:1e:6e:16:23:ed:48:e2:b5:02:
02:02:c8:77:c9:9e:24:22:56:1b:b8:7d:16:fe:b5:7f:81:6a:
59:9d:92:f9:3f:db:ca:97:9d:98:21:6e:6d:d3:7c:a1:44:e7:
98:f3:df:8e:04:70:09:ab:ab:41:17:1a:2e:b5:da:2d:5d:b9:
c0:2d:a5:50:73:a5:29:d6:cb:cd:40:82:b8:bd:00:9c:a1:17:
06:ce:5e:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQks6UMulIltVKDXvH3Utl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNTVlMDUzM2VmYWE1NjI0ZjUzOGI5MmVkMWE5NzNmZWZm
ODk3NTEwHhcNMjUwMTAyMDE0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQwODdjOGMzYTgxNGQ4M2FhZTBkNTFiNGY2MmNiNzM3ZGQ0NDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4kKYyQy0Bxijp6Rnk3HAKdgzS4d
MA5QeHSmlO6VwPbK6R0hZCNaqvJZHZONR/5L79c022hRF/XrvYx5xs8xBqAx+GdF
dfg9Lno4RTs+vYM13V8gdB5inOjrGTC9UTa3tjfoYGXGwchFsiD8tbvp7IvsftJn
B/2siMQYrXkxbhEOgcy2CMR2uvYyRpNQrQkwUelT6la/D1CwAQR8167JjQ0mAQD/
CQLPN3Ca4fc3zkAFAXq14tqiMzhMkWkK6+oOsALHFStI5Gz8DWGrSsQKoIXTlYva
1cxYjPefQAhaMNAZlNHEgRd3yoe9tVLa7D7nUWV8hF/S95yO7rsvyDeJowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHFAh8jDqBTYOq4NUbT2LLc33USIMB8GA1UdIwQY
MBaAFPxV4FM++qViT1OLku0alz/v+JdRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0ZYZ1V6NzZwV0pQVTR1UzdScVhQLV80bDFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81ZTc1M2QtYzMzZC00N2EzLThlODIt
YTUyODYyYjQ0NTYzLzEvY1VDSHlNT29GTmc2cmcxUnRQWXN0emZkUklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC81ZTc1M2QtYzMzZC00N2EzLThlODItYTUyODYyYjQ0NTYz
LzEvX0ZYZ1V6NzZwV0pQVTR1UzdScVhQLV80bDFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuVR0AwQA
uVR2AwQAuYS8MA0GCSqGSIb3DQEBCwUAA4IBAQBJXFsKsH8PJ3oOC8fKhsiL89IX
Nw65J8yXL2vPHIF9mdBZeyCuIpsQ+9jHtp5EEYOiyesLaNfv7xgiq1yR5hLV/npc
q4TJEZwR8uHFz5UHe5skckoqvjvn/UyopLwlaivDJj+HWPO8SpBxsmwO4aAjY8Qy
pe/nKcWZAMwYeT4VKvgcDB4XUuL34hav9mzLzzrkw1anyGJv2cWPp7De6lUITKEE
8AeA6SZd7M0ebhYj7UjitQICAsh3yZ4kIlYbuH0W/rV/gWpZnZL5P9vKl52YIW5t
03yhROeY89+OBHAJq6tBFxoutdotXbnALaVQc6Up1svNQIK4vQCcoRcGzl6/
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:56:40 2025 by rpki-client