Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/99QfXzBgsyWEC5C2an0hkI9oNLg.roa
File: 99QfXzBgsyWEC5C2an0hkI9oNLg.roa (raw, json)
Hash identifier: fQWX5P+F8eX/Bnz4H3isEkjxTaVjCuckLYW91g0HubQ=
Subject key identifier: F7:D4:1F:5F:30:60:B3:25:84:0B:90:B6:6A:7D:21:90:8F:68:34:B8
Certificate issuer: /CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Certificate serial: 0194024366405C4D10084E1BB304527821D8
Authority key identifier: 5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/99QfXzBgsyWEC5C2an0hkI9oNLg.roa
Signing time: Thu 26 Dec 2024 09:19:19 +0000
ROA not before: Thu 26 Dec 2024 09:19:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52052
IP address blocks: 185.166.72.0/22 maxlen: 24
193.37.134.0/24 maxlen: 24
193.37.155.0/24 maxlen: 24
193.37.224.0/24 maxlen: 24
193.37.229.0/24 maxlen: 24
194.247.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 12:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:02:43:66:40:5c:4d:10:08:4e:1b:b3:04:52:78:21:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Validity
Not Before: Dec 26 09:19:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7d41f5f3060b325840b90b66a7d21908f6834b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:19:a3:c6:9f:d9:63:19:c1:a6:8b:f1:76:c2:
81:88:f0:b3:ab:39:e3:5b:bf:ea:75:c7:f8:46:96:
52:0c:7e:a4:e7:74:b4:05:8f:1e:0d:2f:fb:58:7a:
fc:71:57:41:44:42:a9:8d:0b:aa:ad:6e:9b:92:5a:
e3:07:79:82:dd:f9:c9:4c:3b:72:cc:86:8d:f0:54:
ea:65:13:e7:5d:7e:a0:3b:0e:33:c3:a6:00:11:e0:
c2:36:6d:86:c3:16:b6:b7:c4:38:c5:51:5f:54:6a:
50:8b:6a:7e:bc:e5:8a:d8:c0:b0:72:17:9a:9f:1c:
78:11:56:8a:aa:f0:37:97:b4:13:28:d7:81:db:7d:
bc:fb:ab:0f:b7:50:3d:95:ea:4b:bd:31:f1:f9:e4:
89:82:5b:1f:3e:72:7d:57:28:69:74:2b:6a:1f:12:
12:02:cb:9f:b3:31:a3:ec:53:fd:ab:6a:db:6e:43:
e3:8c:03:19:20:89:25:a8:1e:3d:81:5b:e5:d1:a6:
c1:b6:06:2e:ee:a5:86:1b:13:ff:52:57:65:b1:c2:
e0:b0:a0:0d:41:de:b2:ea:3e:20:0f:55:21:2e:85:
5b:ee:e6:36:39:bd:b3:5e:fe:36:95:ab:99:65:4d:
f3:55:bd:45:90:42:0a:5a:b0:e4:c1:e5:e4:2d:05:
44:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D4:1F:5F:30:60:B3:25:84:0B:90:B6:6A:7D:21:90:8F:68:34:B8
X509v3 Authority Key Identifier:
keyid:5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/99QfXzBgsyWEC5C2an0hkI9oNLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.72.0/22
193.37.134.0/24
193.37.155.0/24
193.37.224.0/24
193.37.229.0/24
194.247.33.0/24
Signature Algorithm: sha256WithRSAEncryption
96:c8:41:26:c5:51:ad:4c:37:7a:de:a0:30:91:27:fa:34:70:
c3:d1:bf:bb:6a:64:9a:b8:27:e5:30:9f:37:8f:56:d5:f6:db:
b7:3e:b9:44:92:4d:9f:84:49:8f:89:52:ba:d5:ca:d0:5a:c3:
08:fc:aa:2f:ae:14:a1:51:ab:cb:8a:12:ee:5b:d8:00:89:94:
97:60:68:45:66:a4:c6:99:eb:ed:ee:81:4c:4c:08:25:d9:71:
90:dc:3f:3b:b9:ee:ae:e0:0f:1e:54:40:c0:b0:97:f7:df:a8:
6f:c6:1d:b2:c0:79:0a:60:38:83:d0:b6:16:13:64:61:f7:2b:
22:ee:db:25:2e:0c:a5:c7:42:e3:1a:1f:83:4f:92:fc:7a:73:
97:9f:2e:5d:5c:72:80:9e:67:56:9a:ef:27:c2:f1:b3:49:b4:
bc:60:62:05:5b:1d:ab:2a:bc:4e:9d:83:9b:e4:43:29:d5:2f:
26:8c:1e:b2:60:e3:43:b9:67:f5:9c:70:d4:77:22:d4:5c:e9:
32:1d:a4:36:76:0c:d4:ef:63:64:df:cc:b1:87:a6:7e:ac:03:
14:aa:9f:48:c2:cb:16:ed:e1:32:ac:c7:3e:f9:51:72:00:b9:
41:79:cc:22:8e:1c:92:11:b3:b4:51:34:f5:03:39:f5:c5:29:
21:87:85:33
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQCQ2ZAXE0QCE4bswRSeCHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkY2MyZjdkNzkwYTgzMDBhN2RkMzUxOWUwZmI4ODdmYTRk
ZTAyNjAwHhcNMjQxMjI2MDkxOTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2Q0MWY1ZjMwNjBiMzI1ODQwYjkwYjY2YTdkMjE5MDhmNjgzNGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRmjxp/ZYxnBpovxdsKBiPCzqznj
W7/qdcf4RpZSDH6k53S0BY8eDS/7WHr8cVdBREKpjQuqrW6bklrjB3mC3fnJTDty
zIaN8FTqZRPnXX6gOw4zw6YAEeDCNm2Gwxa2t8Q4xVFfVGpQi2p+vOWK2MCwchea
nxx4EVaKqvA3l7QTKNeB2328+6sPt1A9lepLvTHx+eSJglsfPnJ9VyhpdCtqHxIS
AsufszGj7FP9q2rbbkPjjAMZIIklqB49gVvl0abBtgYu7qWGGxP/UldlscLgsKAN
Qd6y6j4gD1UhLoVb7uY2Ob2zXv42lauZZU3zVb1FkEIKWrDkweXkLQVErQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPfUH18wYLMlhAuQtmp9IZCPaDS4MB8GA1UdIwQY
MBaAFF3ML315CoMAp901GeD7iH+k3gJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEt
YmY3MTQ0OWQ5N2RkLzEvOTlRZlh6QmdzeVdFQzVDMmFuMGhrSTlvTkxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEtYmY3MTQ0OWQ5N2Rk
LzEvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuaZIAwQA
wSWGAwQAwSWbAwQAwSXgAwQAwSXlAwQAwvchMA0GCSqGSIb3DQEBCwUAA4IBAQCW
yEEmxVGtTDd63qAwkSf6NHDD0b+7amSauCflMJ83j1bV9tu3PrlEkk2fhEmPiVK6
1crQWsMI/KovrhShUavLihLuW9gAiZSXYGhFZqTGmevt7oFMTAgl2XGQ3D87ue6u
4A8eVEDAsJf336hvxh2ywHkKYDiD0LYWE2Rh9ysi7tslLgylx0LjGh+DT5L8enOX
ny5dXHKAnmdWmu8nwvGzSbS8YGIFWx2rKrxOnYOb5EMp1S8mjB6yYONDuWf1nHDU
dyLUXOkyHaQ2dgzU72Nk38yxh6Z+rAMUqp9IwssW7eEyrMc++VFyALlBecwijhyS
EbO0UTT1Azn1xSkhh4Uz
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:00:17 2025 by rpki-client