Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/wXoC1fh7hXXFlBkUL_S4g9pnBPI.roa
File: wXoC1fh7hXXFlBkUL_S4g9pnBPI.roa (raw, json)
Hash identifier: B/C+xYQdIHzWIvjtF6E26abfhzR3dgluYP0lVeTIIsU=
Subject key identifier: C1:7A:02:D5:F8:7B:85:75:C5:94:19:14:2F:F4:B8:83:DA:67:04:F2
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 0193688C353B7BAFA0054D1D46AC44564F77
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/wXoC1fh7hXXFlBkUL_S4g9pnBPI.roa
Signing time: Tue 26 Nov 2024 12:57:19 +0000
ROA not before: Tue 26 Nov 2024 12:57:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206961
IP address blocks: 185.165.124.0/22 maxlen: 24
185.165.124.0/23 maxlen: 23
185.165.126.0/23 maxlen: 23
185.197.140.0/24 maxlen: 24
185.197.141.0/24 maxlen: 24
185.197.142.0/24 maxlen: 24
185.197.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Nov 2024 10:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:8c:35:3b:7b:af:a0:05:4d:1d:46:ac:44:56:4f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Nov 26 12:57:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c17a02d5f87b8575c59419142ff4b883da6704f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:ce:eb:42:53:a2:92:ac:5f:e3:84:0b:96:
22:39:a7:dd:15:b8:04:bf:fb:0c:1b:71:85:43:df:
ab:0d:84:5e:41:70:c9:e5:14:de:ee:7a:11:6c:43:
61:d7:15:ed:40:80:05:f8:71:94:8a:a7:ac:62:81:
95:38:90:10:d7:9c:8d:d8:15:14:a8:34:92:ee:e8:
f6:92:58:82:0b:8f:c6:33:39:cd:7b:ce:a2:95:72:
f0:4b:9c:01:d4:f1:5c:3c:33:18:a6:da:d5:c6:ab:
01:79:25:f4:24:7e:6a:df:58:af:43:0f:9f:d1:d5:
b2:84:d6:f0:b5:4b:e9:be:de:48:35:07:87:b0:95:
71:f3:d1:3c:25:95:0b:7e:b6:11:7c:01:e6:ef:6d:
af:a7:21:f7:23:58:5c:2a:f1:4a:81:1f:b9:1b:8d:
16:ef:97:f3:15:ab:4f:f4:f8:7f:ac:9c:83:60:f6:
7e:b1:f6:5c:fb:2e:bd:55:98:d1:00:51:71:f9:d5:
05:49:31:52:bc:e4:20:1c:4d:b4:72:1b:11:38:d7:
37:ca:e9:db:01:ff:c9:c0:c1:c8:7d:f3:09:60:88:
f7:89:3b:94:e7:07:01:ef:55:1f:93:49:9f:ae:da:
a3:bd:98:bd:99:a0:2f:5c:cd:88:06:0a:77:ca:3c:
a5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:7A:02:D5:F8:7B:85:75:C5:94:19:14:2F:F4:B8:83:DA:67:04:F2
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/wXoC1fh7hXXFlBkUL_S4g9pnBPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.124.0/22
185.197.140.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:d1:70:7b:9f:c6:16:80:21:a7:b7:71:68:78:24:3f:ca:94:
c7:20:58:cc:42:d3:fc:e5:35:58:01:bf:1e:57:d3:c3:f4:6e:
ba:b3:1c:ea:3d:dd:ff:5c:b9:6b:7b:fe:ef:dc:be:ed:e6:5d:
c8:b3:c3:aa:95:dc:48:c7:16:d8:c8:1f:50:c9:69:c0:78:e2:
ae:32:a7:2b:9c:4c:43:3c:e7:32:5a:4d:ad:7e:86:76:02:b9:
a9:78:f9:b6:77:d1:bf:11:24:3a:7e:90:49:af:3f:54:7e:58:
b1:66:9a:ab:d7:3c:8d:ed:b5:dc:16:5e:53:34:b1:aa:fe:eb:
7e:d4:49:c6:c1:95:41:67:ee:70:1b:03:4f:58:41:25:09:13:
d9:49:e3:4a:02:60:7a:37:46:b3:83:ef:a2:15:ec:4d:fc:be:
79:63:e5:94:ed:34:31:d0:b4:81:4b:6f:08:40:9f:39:bf:44:
a1:6e:3f:df:b7:11:45:b7:7a:97:96:bf:13:a3:a8:71:ef:83:
15:a5:e5:86:35:03:58:89:a0:1c:24:f8:67:8b:21:ef:d3:1d:
8c:9d:b6:19:04:a4:77:da:55:35:e8:e7:48:d9:54:97:4e:f5:
6e:78:c4:e9:83:b2:44:4d:e8:d1:a8:fa:a3:92:7a:17:96:c6:
ff:83:c1:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNojDU7e6+gBU0dRqxEVk93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjQxMTI2MTI1NzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTdhMDJkNWY4N2I4NTc1YzU5NDE5MTQyZmY0Yjg4M2RhNjcwNGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKDO60JTopKsX+OEC5YiOafdFbgE
v/sMG3GFQ9+rDYReQXDJ5RTe7noRbENh1xXtQIAF+HGUiqesYoGVOJAQ15yN2BUU
qDSS7uj2kliCC4/GMznNe86ilXLwS5wB1PFcPDMYptrVxqsBeSX0JH5q31ivQw+f
0dWyhNbwtUvpvt5INQeHsJVx89E8JZULfrYRfAHm722vpyH3I1hcKvFKgR+5G40W
75fzFatP9Ph/rJyDYPZ+sfZc+y69VZjRAFFx+dUFSTFSvOQgHE20chsRONc3yunb
Af/JwMHIffMJYIj3iTuU5wcB71Ufk0mfrtqjvZi9maAvXM2IBgp3yjyl/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMF6AtX4e4V1xZQZFC/0uIPaZwTyMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvd1hvQzFmaDdoWFhGbEJrVUxfUzRnOXBuQlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaV8AwQC
ucWMMA0GCSqGSIb3DQEBCwUAA4IBAQB60XB7n8YWgCGnt3FoeCQ/ypTHIFjMQtP8
5TVYAb8eV9PD9G66sxzqPd3/XLlre/7v3L7t5l3Is8OqldxIxxbYyB9QyWnAeOKu
MqcrnExDPOcyWk2tfoZ2ArmpePm2d9G/ESQ6fpBJrz9UflixZpqr1zyN7bXcFl5T
NLGq/ut+1EnGwZVBZ+5wGwNPWEElCRPZSeNKAmB6N0azg++iFexN/L55Y+WU7TQx
0LSBS28IQJ85v0Shbj/ftxFFt3qXlr8To6hx74MVpeWGNQNYiaAcJPhniyHv0x2M
nbYZBKR32lU16OdI2VSXTvVueMTpg7JETejRqPqjknoXlsb/g8FQ
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:47:21 2025 by rpki-client