Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/8246eb-8469-42df-a08f-90c421f55adb/1/T17mdNFfr5zW0R1tPdlf7GY9kzc.roa
File: T17mdNFfr5zW0R1tPdlf7GY9kzc.roa (raw, json)
Hash identifier: DxwuRzHC1RWhA9DyONnDUpYxKudt9lAJyG+48FUnG6k=
Subject key identifier: 4F:5E:E6:74:D1:5F:AF:9C:D6:D1:1D:6D:3D:D9:5F:EC:66:3D:93:37
Certificate issuer: /CN=7f9b4cfdc9b0d9e3c31e0ebb81e6f1b1cbbdc9e4
Certificate serial: 018CC86F44CF0292A8DED7431131B84D06D2
Authority key identifier: 7F:9B:4C:FD:C9:B0:D9:E3:C3:1E:0E:BB:81:E6:F1:B1:CB:BD:C9:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f5tM_cmw2ePDHg67gebxscu9yeQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/8246eb-8469-42df-a08f-90c421f55adb/1/T17mdNFfr5zW0R1tPdlf7GY9kzc.roa
Signing time: Tue 02 Jan 2024 04:29:44 +0000
ROA not before: Tue 02 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59874
IP address blocks: 185.175.192.0/24 maxlen: 24
185.175.195.0/24 maxlen: 24
185.175.193.0/24 maxlen: 24
185.175.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:44:cf:02:92:a8:de:d7:43:11:31:b8:4d:06:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f9b4cfdc9b0d9e3c31e0ebb81e6f1b1cbbdc9e4
Validity
Not Before: Jan 2 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f5ee674d15faf9cd6d11d6d3dd95fec663d9337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:74:4e:4f:ab:44:57:42:cc:ba:a4:c2:44:e7:
aa:a3:34:1f:b3:f6:ee:a5:d1:87:49:1e:c8:f4:d3:
ea:92:41:1e:a5:32:9c:c1:47:94:f2:9a:f5:29:88:
44:b5:c6:04:7f:81:14:52:32:52:b1:97:5d:b6:eb:
08:ae:20:98:98:b8:a3:43:e9:73:3a:23:d9:06:97:
0e:1f:56:6e:06:d5:30:4f:fa:60:be:45:12:9d:36:
f3:29:51:4d:e6:0d:96:cc:e2:92:fd:73:0b:c7:68:
be:5d:3d:89:76:62:f3:b6:39:d8:de:bd:22:3a:15:
e2:5a:a4:5f:9a:3a:cb:58:8e:6e:81:70:61:a5:6e:
a6:dd:4b:96:f4:1b:6f:8b:b7:c0:90:11:2b:d4:fc:
88:4a:80:74:c7:7a:b9:cb:e8:7a:49:00:31:ee:02:
73:6e:7c:d0:ad:94:2a:fb:27:b5:ba:a1:9e:29:fe:
a0:75:11:5b:3e:be:51:91:61:10:89:9f:10:b7:86:
dd:62:e2:bf:05:84:61:92:a9:a7:fb:4e:03:8e:22:
b0:88:30:ca:b9:6b:1c:cd:8a:d0:50:c1:53:72:e2:
1f:28:1b:b3:69:6e:8f:69:00:1c:e3:7b:96:fe:eb:
fd:26:e3:06:61:f5:a6:88:09:96:dd:dc:a3:07:50:
73:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:5E:E6:74:D1:5F:AF:9C:D6:D1:1D:6D:3D:D9:5F:EC:66:3D:93:37
X509v3 Authority Key Identifier:
keyid:7F:9B:4C:FD:C9:B0:D9:E3:C3:1E:0E:BB:81:E6:F1:B1:CB:BD:C9:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5tM_cmw2ePDHg67gebxscu9yeQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8246eb-8469-42df-a08f-90c421f55adb/1/T17mdNFfr5zW0R1tPdlf7GY9kzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8246eb-8469-42df-a08f-90c421f55adb/1/f5tM_cmw2ePDHg67gebxscu9yeQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.192.0/22
Signature Algorithm: sha256WithRSAEncryption
34:44:f1:a0:aa:51:d7:dc:4e:6e:4c:e1:4c:af:83:5b:b3:ec:
45:22:77:65:c2:39:e7:48:79:03:c8:d9:43:a3:e7:d5:d6:5b:
a1:a4:16:1c:08:d8:e7:a8:c4:83:19:94:9b:ad:6e:8a:c1:9f:
0a:f8:e5:3e:d5:6c:ed:ab:77:21:31:bf:2d:16:67:c3:e0:d9:
e8:ce:55:04:97:55:61:55:d2:fa:fa:1e:13:fb:fe:f8:e3:04:
8e:fa:77:75:6b:08:3e:d1:da:6a:99:32:7f:d8:81:30:18:10:
b2:dd:8b:1b:fc:1f:73:2f:73:f3:a2:c7:33:b9:bf:f1:50:c4:
46:c7:4b:31:1e:ed:a0:88:f5:c5:3a:67:b2:cd:4b:7a:4a:8a:
48:82:9d:69:9c:1d:ae:ba:7b:19:76:6e:36:08:9f:c7:68:75:
30:43:ef:99:ef:6d:81:5d:28:dd:38:ce:63:4b:90:ce:e9:5a:
b0:86:69:82:bd:5a:28:58:a2:60:37:31:7e:a6:d0:72:6d:fc:
90:1b:5d:e7:b3:9f:bb:ae:c0:72:69:71:02:22:04:17:e5:b4:
2e:94:c2:59:44:f3:47:66:d5:78:42:a0:3e:35:65:3e:2b:10:
2a:61:a6:f4:5c:35:b6:17:e5:56:f0:dd:57:1c:c7:f1:9a:cb:
99:5d:83:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb0TPApKo3tdDETG4TQbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmOWI0Y2ZkYzliMGQ5ZTNjMzFlMGViYjgxZTZmMWIxY2Ji
ZGM5ZTQwHhcNMjQwMTAyMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjVlZTY3NGQxNWZhZjljZDZkMTFkNmQzZGQ5NWZlYzY2M2Q5MzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHROT6tEV0LMuqTCROeqozQfs/bu
pdGHSR7I9NPqkkEepTKcwUeU8pr1KYhEtcYEf4EUUjJSsZddtusIriCYmLijQ+lz
OiPZBpcOH1ZuBtUwT/pgvkUSnTbzKVFN5g2WzOKS/XMLx2i+XT2JdmLztjnY3r0i
OhXiWqRfmjrLWI5ugXBhpW6m3UuW9Btvi7fAkBEr1PyISoB0x3q5y+h6SQAx7gJz
bnzQrZQq+ye1uqGeKf6gdRFbPr5RkWEQiZ8Qt4bdYuK/BYRhkqmn+04DjiKwiDDK
uWsczYrQUMFTcuIfKBuzaW6PaQAc43uW/uv9JuMGYfWmiAmW3dyjB1BztQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE9e5nTRX6+c1tEdbT3ZX+xmPZM3MB8GA1UdIwQY
MBaAFH+bTP3JsNnjwx4Ou4Hm8bHLvcnkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjV0TV9jbXcyZVBESGc2N2dlYnhzY3U5eWVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84MjQ2ZWItODQ2OS00MmRmLWEwOGYt
OTBjNDIxZjU1YWRiLzEvVDE3bWRORmZyNXpXMFIxdFBkbGY3R1k5a3pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84MjQ2ZWItODQ2OS00MmRmLWEwOGYtOTBjNDIxZjU1YWRi
LzEvZjV0TV9jbXcyZVBESGc2N2dlYnhzY3U5eWVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCua/AMA0G
CSqGSIb3DQEBCwUAA4IBAQA0RPGgqlHX3E5uTOFMr4Nbs+xFIndlwjnnSHkDyNlD
o+fV1luhpBYcCNjnqMSDGZSbrW6KwZ8K+OU+1Wztq3chMb8tFmfD4NnozlUEl1Vh
VdL6+h4T+/744wSO+nd1awg+0dpqmTJ/2IEwGBCy3Ysb/B9zL3Pzosczub/xUMRG
x0sxHu2giPXFOmeyzUt6SopIgp1pnB2uunsZdm42CJ/HaHUwQ++Z722BXSjdOM5j
S5DO6VqwhmmCvVooWKJgNzF+ptBybfyQG13ns5+7rsByaXECIgQX5bQulMJZRPNH
ZtV4QqA+NWU+KxAqYab0XDW2F+VW8N1XHMfxmsuZXYNX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:34 2025 by rpki-client