Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/IuVMy9Yk3s42hVQeQvYlyE7PZ9w.roa
File: IuVMy9Yk3s42hVQeQvYlyE7PZ9w.roa (raw, json)
Hash identifier: ocvGT1nLzIxzb4fZ+WEi2qu7tnuw9ydJH9rFkM7djsM=
Subject key identifier: 22:E5:4C:CB:D6:24:DE:CE:36:85:54:1E:42:F6:25:C8:4E:CF:67:DC
Certificate issuer: /CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Certificate serial: 0193FE309CF24D59886FE3422C9134B373F3
Authority key identifier: 5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/IuVMy9Yk3s42hVQeQvYlyE7PZ9w.roa
Signing time: Wed 25 Dec 2024 14:20:18 +0000
ROA not before: Wed 25 Dec 2024 14:20:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52052
IP address blocks: 185.166.72.0/22 maxlen: 24
193.37.134.0/24 maxlen: 24
193.37.155.0/24 maxlen: 24
193.37.224.0/24 maxlen: 24
193.37.229.0/24 maxlen: 24
194.247.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Dec 2024 09:17:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fe:30:9c:f2:4d:59:88:6f:e3:42:2c:91:34:b3:73:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Validity
Not Before: Dec 25 14:20:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22e54ccbd624dece3685541e42f625c84ecf67dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c1:c2:ab:2a:b5:31:8a:e5:70:ec:57:40:4b:
60:ca:0d:f0:c3:a6:18:fa:ec:94:be:4b:2f:4d:92:
ce:a6:48:76:87:02:cf:30:2d:01:f6:94:63:9c:b6:
e1:cb:c6:da:46:1d:9b:45:4c:6f:97:13:c5:80:76:
4d:2a:fe:04:9f:81:60:7d:fc:2e:f9:6a:4d:ca:2a:
7b:a5:ae:ee:6f:40:4b:20:03:9d:ed:0d:3f:ef:73:
fb:f7:42:ff:d0:13:9b:5b:5f:fd:b3:31:7b:77:4f:
45:37:5e:cd:88:c7:85:e4:d8:e2:63:1d:0e:a4:1f:
1c:44:38:92:44:6a:97:51:27:e4:71:a8:1b:ac:8f:
a7:fc:c0:b7:ac:22:e1:db:01:6e:f1:49:3c:4a:1b:
70:b8:1a:e6:f5:b7:b0:22:9b:b2:99:44:f5:7b:14:
8c:a7:2d:ac:6b:f4:85:70:d9:3a:bf:6e:8e:1f:26:
d6:52:e7:7b:69:77:67:c2:ca:c2:11:d6:1d:79:43:
12:cf:05:f4:24:79:b2:dc:13:38:70:f9:fd:54:7c:
66:28:a1:99:02:18:ba:d9:15:7a:16:cf:58:64:6d:
9a:23:67:c3:7d:7e:c6:12:04:8f:45:e1:e2:dd:04:
86:e7:f7:3a:0c:94:7b:06:cf:37:b4:39:89:0a:1c:
c5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E5:4C:CB:D6:24:DE:CE:36:85:54:1E:42:F6:25:C8:4E:CF:67:DC
X509v3 Authority Key Identifier:
keyid:5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/IuVMy9Yk3s42hVQeQvYlyE7PZ9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.72.0/22
193.37.134.0/24
193.37.155.0/24
193.37.224.0/24
193.37.229.0/24
194.247.33.0/24
Signature Algorithm: sha256WithRSAEncryption
74:b3:6f:2c:bb:1e:aa:f6:f7:bd:3a:51:ee:26:32:1f:9a:9d:
79:23:0a:93:4f:09:0a:6c:23:f1:de:d4:35:64:8d:e0:24:54:
7a:08:42:c6:64:7d:19:20:52:05:7d:c9:81:54:10:81:cd:79:
66:41:2c:7f:c7:dc:d7:96:23:46:34:e3:e2:75:28:f7:2f:03:
e2:69:99:54:26:9e:7b:02:6d:9b:b2:be:4c:bf:72:54:30:67:
0a:cb:88:d1:d8:63:2e:98:50:a5:47:0b:29:c4:c2:92:34:bb:
e4:2a:ed:05:9e:5a:5f:8c:c4:64:1c:50:bb:76:63:aa:f5:52:
07:8e:1c:e1:95:ef:81:01:e6:d0:5b:5d:34:7c:28:6f:e9:7a:
13:06:3d:47:0f:9e:0e:bb:8e:84:5b:3f:cd:2a:72:c5:21:24:
48:f6:55:db:89:fc:78:91:6e:9c:48:c3:05:ff:b8:cc:ce:ba:
33:70:90:c0:a7:42:fc:e7:bf:29:85:09:35:17:38:e4:af:d4:
c8:88:50:e2:1b:27:77:5b:2f:dd:f1:79:26:9e:3c:aa:97:6b:
7d:45:d1:f9:63:5b:8b:3d:23:47:a1:ae:56:77:1c:ca:0f:88:
0b:34:a9:35:0e:1e:82:37:89:6a:6a:64:85:71:2c:55:fc:2a:
79:a6:1c:96
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZP+MJzyTVmIb+NCLJE0s3PzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkY2MyZjdkNzkwYTgzMDBhN2RkMzUxOWUwZmI4ODdmYTRk
ZTAyNjAwHhcNMjQxMjI1MTQyMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmU1NGNjYmQ2MjRkZWNlMzY4NTU0MWU0MmY2MjVjODRlY2Y2N2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsHCqyq1MYrlcOxXQEtgyg3ww6YY
+uyUvksvTZLOpkh2hwLPMC0B9pRjnLbhy8baRh2bRUxvlxPFgHZNKv4En4Fgffwu
+WpNyip7pa7ub0BLIAOd7Q0/73P790L/0BObW1/9szF7d09FN17NiMeF5NjiYx0O
pB8cRDiSRGqXUSfkcagbrI+n/MC3rCLh2wFu8Uk8ShtwuBrm9bewIpuymUT1exSM
py2sa/SFcNk6v26OHybWUud7aXdnwsrCEdYdeUMSzwX0JHmy3BM4cPn9VHxmKKGZ
Ahi62RV6Fs9YZG2aI2fDfX7GEgSPReHi3QSG5/c6DJR7Bs83tDmJChzFeQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCLlTMvWJN7ONoVUHkL2JchOz2fcMB8GA1UdIwQY
MBaAFF3ML315CoMAp901GeD7iH+k3gJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEt
YmY3MTQ0OWQ5N2RkLzEvSXVWTXk5WWszczQyaFZRZVF2WWx5RTdQWjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEtYmY3MTQ0OWQ5N2Rk
LzEvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuaZIAwQA
wSWGAwQAwSWbAwQAwSXgAwQAwSXlAwQAwvchMA0GCSqGSIb3DQEBCwUAA4IBAQB0
s28sux6q9ve9OlHuJjIfmp15IwqTTwkKbCPx3tQ1ZI3gJFR6CELGZH0ZIFIFfcmB
VBCBzXlmQSx/x9zXliNGNOPidSj3LwPiaZlUJp57Am2bsr5Mv3JUMGcKy4jR2GMu
mFClRwspxMKSNLvkKu0FnlpfjMRkHFC7dmOq9VIHjhzhle+BAebQW100fChv6XoT
Bj1HD54Ou46EWz/NKnLFISRI9lXbifx4kW6cSMMF/7jMzrozcJDAp0L8578phQk1
Fzjkr9TIiFDiGyd3Wy/d8Xkmnjyql2t9RdH5Y1uLPSNHoa5WdxzKD4gLNKk1Dh6C
N4lqamSFcSxV/Cp5phyW
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:51:24 2025 by rpki-client