Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/rgBBVtF1ifD0VlgWGPeA8CCpIaA.roa
File: rgBBVtF1ifD0VlgWGPeA8CCpIaA.roa (raw, json)
Hash identifier: qKP7nbP/djO4d/BUsa6MEOg32bbHK0Z95lafWDia2vM=
Subject key identifier: AE:00:41:56:D1:75:89:F0:F4:56:58:16:18:F7:80:F0:20:A9:21:A0
Certificate issuer: /CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Certificate serial: 018CC94E5287B2CB220BBF28F77EDE72AF7A
Authority key identifier: CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/rgBBVtF1ifD0VlgWGPeA8CCpIaA.roa
Signing time: Tue 02 Jan 2024 08:33:22 +0000
ROA not before: Tue 02 Jan 2024 08:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60372
IP address blocks: 185.156.214.0/24 maxlen: 24
185.156.215.0/24 maxlen: 24
185.4.252.0/24 maxlen: 24
185.4.253.0/24 maxlen: 24
185.4.254.0/24 maxlen: 24
185.4.255.0/24 maxlen: 24
185.156.212.24/29 maxlen: 29
185.156.212.8/29 maxlen: 29
185.156.212.0/24 maxlen: 24
185.156.213.0/24 maxlen: 24
2a02:7740::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 31 Jan 2024 09:58:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:52:87:b2:cb:22:0b:bf:28:f7:7e:de:72:af:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Validity
Not Before: Jan 2 08:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae004156d17589f0f456581618f780f020a921a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:51:2e:4a:52:3d:28:02:f2:a2:2b:82:c1:56:
7f:a8:fd:61:f9:e6:c7:10:81:4f:95:d0:35:f6:3d:
74:cc:bd:1a:82:8d:65:34:9a:04:42:e0:43:96:00:
3e:10:51:3f:29:f8:91:73:cd:3f:b2:62:47:11:d3:
03:28:ac:da:81:bc:33:52:c6:b8:ff:f6:e8:cc:a3:
21:f8:92:ab:6b:dd:00:47:b5:23:fe:2c:25:1c:7a:
11:19:36:4e:2f:4a:8f:c2:46:68:12:c8:97:4c:41:
fb:99:d5:9d:b9:0f:cf:10:e1:ba:2d:a1:fe:95:ed:
8b:2b:ae:f1:51:d5:b7:0b:cb:a2:f4:74:df:65:0d:
43:90:4f:bc:9a:2b:70:a7:9e:80:cc:f9:ff:8c:b9:
56:3f:84:2c:a5:0f:17:c2:0a:3b:73:18:d2:0e:b0:
db:3d:cb:87:14:fa:a8:e0:ed:3d:e9:d7:59:ee:2c:
3e:c2:08:8a:87:ef:b6:6f:b7:12:68:a4:c6:68:ce:
d3:24:21:87:1b:ea:89:51:40:4b:c2:cc:75:d7:1a:
a8:9a:a2:05:1b:d0:1f:a9:3b:f5:f4:58:73:70:11:
f7:13:0e:1e:94:ec:1a:e5:de:14:a5:29:34:33:29:
4e:10:60:11:b3:a8:29:e2:d9:a1:a6:38:ca:a9:12:
6f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:00:41:56:D1:75:89:F0:F4:56:58:16:18:F7:80:F0:20:A9:21:A0
X509v3 Authority Key Identifier:
keyid:CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/rgBBVtF1ifD0VlgWGPeA8CCpIaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.252.0/22
185.156.212.0/22
IPv6:
2a02:7740::/32
Signature Algorithm: sha256WithRSAEncryption
4e:02:1f:d0:70:67:99:bf:f8:0b:7b:f2:38:d0:04:b7:03:d2:
f4:0d:f9:aa:91:ad:97:27:14:2e:46:6a:88:a8:47:3f:7a:4f:
6f:42:18:39:16:b6:87:39:a6:a9:b5:3a:9d:af:6c:64:0a:c6:
ae:c9:97:00:b8:49:25:71:c2:d2:d0:ac:e5:d5:6c:ef:29:fc:
6e:2b:1d:3a:81:c7:9a:2c:a0:f5:df:4c:1b:1d:14:d6:25:dd:
ba:12:2b:ae:50:04:98:5b:b7:72:57:7b:1b:4e:03:78:62:6d:
c8:1f:ba:eb:57:3a:53:01:4f:4c:bb:41:e8:b6:b6:51:69:81:
10:6b:91:a5:d8:61:20:76:50:94:83:6f:9e:27:f8:22:ef:33:
46:84:f0:9c:d0:34:be:b7:a4:d5:19:e2:49:99:8c:e3:a0:6a:
17:55:45:82:08:da:d4:be:17:25:d8:6d:2f:43:26:73:43:4a:
cf:1f:33:88:be:f1:c1:b4:43:72:b5:ed:0b:4c:71:b7:4b:6b:
74:e8:3f:6f:83:79:2f:17:e7:db:bd:e9:49:ad:a8:2f:53:b2:
4f:84:49:97:59:28:4d:e0:33:42:27:86:70:79:b2:9f:b4:33:
eb:61:05:09:6c:06:82:5c:4a:f2:c0:c6:bb:f7:78:02:78:e1:
e5:46:17:5c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJTlKHsssiC78o937ecq96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTAyNDNmOTg2MzZmYWEwZmI2YzVhZTZiYWQ5YjBhYmFk
MjM0MzgwHhcNMjQwMTAyMDgzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTAwNDE1NmQxNzU4OWYwZjQ1NjU4MTYxOGY3ODBmMDIwYTkyMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglEuSlI9KALyoiuCwVZ/qP1h+ebH
EIFPldA19j10zL0ago1lNJoEQuBDlgA+EFE/KfiRc80/smJHEdMDKKzagbwzUsa4
//bozKMh+JKra90AR7Uj/iwlHHoRGTZOL0qPwkZoEsiXTEH7mdWduQ/PEOG6LaH+
le2LK67xUdW3C8ui9HTfZQ1DkE+8mitwp56AzPn/jLlWP4QspQ8Xwgo7cxjSDrDb
PcuHFPqo4O096ddZ7iw+wgiKh++2b7cSaKTGaM7TJCGHG+qJUUBLwsx11xqomqIF
G9AfqTv19FhzcBH3Ew4elOwa5d4UpSk0MylOEGARs6gp4tmhpjjKqRJvswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK4AQVbRdYnw9FZYFhj3gPAgqSGgMB8GA1UdIwQY
MBaAFMsQJD+YY2+qD7bFrmutmwq60jQ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mOGViOWMtNWI5OS00Y2VmLTkzZjAt
NDhmMTUxYjUyMzFmLzEvcmdCQlZ0RjFpZkQwVmxnV0dQZUE4Q0NwSWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mOGViOWMtNWI5OS00Y2VmLTkzZjAtNDhmMTUxYjUyMzFm
LzEveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQT8AwQC
uZzUMA0EAgACMAcDBQAqAndAMA0GCSqGSIb3DQEBCwUAA4IBAQBOAh/QcGeZv/gL
e/I40AS3A9L0Dfmqka2XJxQuRmqIqEc/ek9vQhg5FraHOaaptTqdr2xkCsauyZcA
uEklccLS0Kzl1WzvKfxuKx06gceaLKD130wbHRTWJd26EiuuUASYW7dyV3sbTgN4
Ym3IH7rrVzpTAU9Mu0HotrZRaYEQa5Gl2GEgdlCUg2+eJ/gi7zNGhPCc0DS+t6TV
GeJJmYzjoGoXVUWCCNrUvhcl2G0vQyZzQ0rPHzOIvvHBtENyte0LTHG3S2t06D9v
g3kvF+fbvelJragvU7JPhEmXWShN4DNCJ4ZwebKftDPrYQUJbAaCXErywMa793gC
eOHlRhdc
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:20:00 2025 by rpki-client