Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/ooH43mDFYK4-WkPsh4DoB3dV4Ik.roa
File: ooH43mDFYK4-WkPsh4DoB3dV4Ik.roa (raw, json)
Hash identifier: xIeAZAG7Lm5g5gRk3/JRMVuP3SQsmrP7HdI+hXPWsDI=
Subject key identifier: A2:81:F8:DE:60:C5:60:AE:3E:5A:43:EC:87:80:E8:07:77:55:E0:89
Certificate issuer: /CN=9e9e6887ea7572a6411306c87b0cc089397a6354
Certificate serial: 018798E7CED7970DE00BD529F3AD50F4DDD3
Authority key identifier: 9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/ooH43mDFYK4-WkPsh4DoB3dV4Ik.roa
Signing time: Wed 19 Apr 2023 09:45:41 +0000
ROA not before: Wed 19 Apr 2023 09:45:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213145
IP address blocks: 188.125.175.0/24 maxlen: 24
188.125.173.0/24 maxlen: 24
185.117.99.0/24 maxlen: 24
185.14.175.0/24 maxlen: 24
185.117.123.0/24 maxlen: 24
185.117.120.0/24 maxlen: 24
185.117.121.0/24 maxlen: 24
185.117.122.0/24 maxlen: 24
188.125.172.0/24 maxlen: 24
188.125.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Aug 2023 12:50:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:e7:ce:d7:97:0d:e0:0b:d5:29:f3:ad:50:f4:dd:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e9e6887ea7572a6411306c87b0cc089397a6354
Validity
Not Before: Apr 19 09:45:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a281f8de60c560ae3e5a43ec8780e8077755e089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:70:93:e4:37:ac:dc:61:ad:1c:68:af:3e:c2:
9f:2b:0f:82:5d:2e:cf:67:bf:8f:f4:e3:f0:a1:d3:
3d:b2:e1:ba:71:b8:94:23:e7:69:0d:d1:a2:03:87:
98:3d:1b:5b:32:2b:13:b5:17:88:80:18:fb:c7:96:
08:9d:58:59:50:e1:aa:d8:8c:03:ee:87:14:34:f7:
8c:5d:2d:85:9c:8c:81:52:72:bd:cb:71:e0:86:f8:
b4:0c:6d:a8:f4:9d:03:19:c1:e3:f1:df:5f:14:2b:
17:6d:18:37:b4:f6:b1:39:0a:95:4e:ac:ac:60:38:
f8:4a:88:21:13:e5:52:75:b0:56:54:2d:82:ea:d7:
f1:5f:bd:cf:c3:2f:69:62:35:dc:0f:71:e9:de:7a:
c3:75:53:1a:8a:4f:29:2d:c2:59:10:cf:7c:ed:dc:
cc:2a:0c:56:22:b5:f2:55:90:0e:8b:20:20:3c:7e:
b9:d1:ec:4c:2a:53:b2:3c:e0:9e:c9:0e:aa:d2:83:
8c:7c:27:e6:05:bd:fa:66:d6:1e:5f:04:98:46:40:
49:b3:6c:60:d8:c3:9d:f7:d0:fa:f8:0a:47:d5:f6:
ae:64:c4:4a:ca:e3:ad:14:c6:4e:98:04:9d:20:dd:
50:8b:09:a0:34:c7:60:23:e3:6a:3b:f3:ab:71:bb:
d3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:81:F8:DE:60:C5:60:AE:3E:5A:43:EC:87:80:E8:07:77:55:E0:89
X509v3 Authority Key Identifier:
keyid:9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/ooH43mDFYK4-WkPsh4DoB3dV4Ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/np5oh-p1cqZBEwbIewzAiTl6Y1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.175.0/24
185.117.99.0/24
185.117.120.0/22
188.125.171.0-188.125.173.255
188.125.175.0/24
Signature Algorithm: sha256WithRSAEncryption
50:bd:53:fb:fe:b7:27:e6:84:7a:33:c2:4b:a9:7a:05:8e:93:
04:1c:d7:cb:e7:d7:ea:e5:18:d8:b9:e9:68:a0:11:c4:1e:8c:
03:eb:37:63:61:38:ba:13:90:1f:d6:df:86:9e:02:56:0d:62:
2b:31:1d:7d:f4:5c:3f:88:cc:6d:a1:4f:3e:fc:17:2e:51:66:
0d:fc:0d:7d:b3:83:cc:0f:dd:75:7b:5d:ad:12:b7:fb:ca:b9:
20:c3:8e:6b:82:40:55:5c:88:c4:51:52:d2:12:16:2e:18:ac:
08:cf:ef:b4:c9:63:1e:a9:bc:61:d4:2c:a0:16:99:65:2f:a2:
1a:d1:26:74:02:08:aa:c5:49:31:0b:16:e8:a1:3c:f0:5c:de:
a1:ad:c5:12:12:d2:54:38:3b:41:1e:c1:0c:4d:ef:e9:35:cb:
7d:22:af:17:8b:06:ed:32:d1:da:ec:d1:ee:f3:97:04:d5:6b:
7b:a1:25:b0:de:47:ef:f8:da:7b:90:5d:53:7c:af:ae:c3:ef:
3d:2f:1d:21:cc:f5:85:52:91:23:93:77:b6:20:5a:b8:8f:96:
b0:15:4f:3c:61:af:5c:41:ff:e5:5b:36:d4:d3:13:87:c5:66:
e9:69:2c:7d:3e:97:a6:31:c5:27:8e:8b:a3:59:88:1b:c1:1b:
1f:7e:b5:69
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYeY587Xlw3gC9Up861Q9N3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOWU2ODg3ZWE3NTcyYTY0MTEzMDZjODdiMGNjMDg5Mzk3
YTYzNTQwHhcNMjMwNDE5MDk0NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjgxZjhkZTYwYzU2MGFlM2U1YTQzZWM4NzgwZTgwNzc3NTVlMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnCT5Des3GGtHGivPsKfKw+CXS7P
Z7+P9OPwodM9suG6cbiUI+dpDdGiA4eYPRtbMisTtReIgBj7x5YInVhZUOGq2IwD
7ocUNPeMXS2FnIyBUnK9y3Hghvi0DG2o9J0DGcHj8d9fFCsXbRg3tPaxOQqVTqys
YDj4SoghE+VSdbBWVC2C6tfxX73Pwy9pYjXcD3Hp3nrDdVMaik8pLcJZEM987dzM
KgxWIrXyVZAOiyAgPH650exMKlOyPOCeyQ6q0oOMfCfmBb36ZtYeXwSYRkBJs2xg
2MOd99D6+ApH1fauZMRKyuOtFMZOmASdIN1QiwmgNMdgI+NqO/OrcbvT2wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKKB+N5gxWCuPlpD7IeA6Ad3VeCJMB8GA1UdIwQY
MBaAFJ6eaIfqdXKmQRMGyHsMwIk5emNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnA1b2gtcDFjcVpCRXdiSWV3ekFpVGw2WTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9lMmFiYWQtNThmYS00Y2VkLTg2NTAt
ZWM1MDhkZWM3NzkzLzEvb29INDNtREZZSzQtV2tQc2g0RG9CM2RWNElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9lMmFiYWQtNThmYS00Y2VkLTg2NTAtZWM1MDhkZWM3Nzkz
LzEvbnA1b2gtcDFjcVpCRXdiSWV3ekFpVGw2WTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAuQ6vAwQA
uXVjAwQCuXV4MAwDBAC8fasDBAG8fawDBAC8fa8wDQYJKoZIhvcNAQELBQADggEB
AFC9U/v+tyfmhHozwkupegWOkwQc18vn1+rlGNi56WigEcQejAPrN2NhOLoTkB/W
34aeAlYNYisxHX30XD+IzG2hTz78Fy5RZg38DX2zg8wP3XV7Xa0St/vKuSDDjmuC
QFVciMRRUtISFi4YrAjP77TJYx6pvGHULKAWmWUvohrRJnQCCKrFSTELFuihPPBc
3qGtxRIS0lQ4O0EewQxN7+k1y30irxeLBu0y0drs0e7zlwTVa3uhJbDeR+/42nuQ
XVN8r67D7z0vHSHM9YVSkSOTd7YgWriPlrAVTzxhr1xB/+VbNtTTE4fFZulpLH0+
l6YxxSeOi6NZiBvBGx9+tWk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:01 2024 by rpki-client on console-fra.rpki-client.org