Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/614d64-37d3-4bbc-8f3d-b43cd4d97c8e/1/0hJ2sdq3xRMiiKVKwhbkG64wVjM.roa
File: 0hJ2sdq3xRMiiKVKwhbkG64wVjM.roa (raw, json)
Hash identifier: fAFtokEIrXqxb/g9h5/NKal5LrtkS7wx1I6JO6UpboM=
Subject key identifier: D2:12:76:B1:DA:B7:C5:13:22:88:A5:4A:C2:16:E4:1B:AE:30:56:33
Certificate issuer: /CN=15b595260f72c222547ac3e367f2c887ae38a3fc
Certificate serial: 018CCA29759E11ACFDDA160C212DA8DEB05F
Authority key identifier: 15:B5:95:26:0F:72:C2:22:54:7A:C3:E3:67:F2:C8:87:AE:38:A3:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FbWVJg9ywiJUesPjZ_LIh644o_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/614d64-37d3-4bbc-8f3d-b43cd4d97c8e/1/0hJ2sdq3xRMiiKVKwhbkG64wVjM.roa
Signing time: Tue 02 Jan 2024 12:32:43 +0000
ROA not before: Tue 02 Jan 2024 12:32:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205665
IP address blocks: 185.209.232.0/22 maxlen: 22
185.209.232.0/24 maxlen: 24
185.209.233.0/24 maxlen: 24
185.209.234.0/24 maxlen: 24
185.209.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:75:9e:11:ac:fd:da:16:0c:21:2d:a8:de:b0:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15b595260f72c222547ac3e367f2c887ae38a3fc
Validity
Not Before: Jan 2 12:32:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d21276b1dab7c5132288a54ac216e41bae305633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:59:82:29:e1:b3:5f:a7:e3:a0:31:09:60:1b:
43:53:9d:19:58:15:49:ae:5a:bd:f6:7d:c5:9a:ac:
67:62:15:6a:9d:d6:89:85:2f:30:4c:c0:25:c5:eb:
06:5b:7e:24:9b:34:41:66:e7:0a:40:17:c2:95:ed:
02:ef:98:fc:7d:cd:c4:59:a3:42:89:d9:54:07:da:
64:30:04:ab:c6:94:55:aa:78:83:a6:07:20:cc:0e:
fe:54:f6:e3:9e:76:58:40:3b:a9:28:3d:e4:83:5b:
92:83:65:64:e1:4d:2b:31:d3:97:2f:ee:c4:d3:08:
76:ba:29:3d:cf:cd:2a:bf:da:8a:15:4a:03:0f:82:
cc:5b:aa:86:17:b4:d9:ce:fc:88:36:4a:ce:2d:a7:
57:9b:08:c7:74:03:b7:a4:81:cc:83:8f:1c:2f:fa:
59:92:98:22:63:2d:42:5c:d5:c6:df:b9:bb:01:20:
8d:5f:de:ed:a6:5b:62:56:a7:47:14:ff:c5:bb:95:
10:44:13:91:86:ba:b6:9c:a0:1f:93:ce:15:0b:ee:
d3:13:99:8e:da:09:c1:5e:e1:f6:c0:3e:0f:8b:a9:
44:92:cd:08:df:6b:be:7b:af:ed:ea:07:d9:48:3b:
c3:57:5d:db:0f:e2:86:ca:ab:19:c8:1c:cb:78:45:
45:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:12:76:B1:DA:B7:C5:13:22:88:A5:4A:C2:16:E4:1B:AE:30:56:33
X509v3 Authority Key Identifier:
keyid:15:B5:95:26:0F:72:C2:22:54:7A:C3:E3:67:F2:C8:87:AE:38:A3:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FbWVJg9ywiJUesPjZ_LIh644o_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/614d64-37d3-4bbc-8f3d-b43cd4d97c8e/1/0hJ2sdq3xRMiiKVKwhbkG64wVjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/614d64-37d3-4bbc-8f3d-b43cd4d97c8e/1/FbWVJg9ywiJUesPjZ_LIh644o_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:d9:53:87:4c:fd:e4:62:56:c3:b1:bf:cd:60:80:5e:45:f6:
9d:f6:44:60:aa:5c:7f:4b:c6:c5:80:59:a8:f4:d9:36:70:e7:
59:0b:86:db:6a:c9:3b:44:c2:f1:e1:d5:6e:6c:45:4b:37:68:
4e:c6:a5:07:50:be:e0:ab:c9:05:67:81:28:83:f8:86:a2:1e:
e9:df:08:5b:11:15:11:46:0d:93:d0:e8:c5:c4:e8:71:e1:f3:
ae:ec:a3:9d:ef:b2:d9:c9:c8:3e:cb:97:70:7c:be:2f:06:52:
ef:5c:e4:4c:fe:63:31:06:29:4e:a2:f9:78:a9:04:8a:59:45:
64:48:2b:df:37:ca:a0:59:69:4b:84:26:b9:d0:d6:68:bd:4c:
c7:d9:fa:95:11:82:63:78:59:a5:a3:65:00:57:24:ca:04:49:
6d:48:c0:ac:e3:49:04:2e:c3:87:c9:db:d0:39:7d:52:4c:17:
2c:9d:46:8b:24:66:b4:81:7b:17:70:af:ef:fd:40:59:56:59:
27:8d:4b:57:46:62:ac:f4:2e:af:f5:63:0b:90:21:00:98:a3:
db:bb:c3:b2:06:9e:df:04:85:6e:e5:04:a7:a3:9c:c9:f1:d1:
93:2c:cf:14:2b:3f:83:5d:36:d1:84:2d:d1:ca:a9:a1:c8:e5:
49:99:5a:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKXWeEaz92hYMIS2o3rBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1YjU5NTI2MGY3MmMyMjI1NDdhYzNlMzY3ZjJjODg3YWUz
OGEzZmMwHhcNMjQwMTAyMTIzMjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjEyNzZiMWRhYjdjNTEzMjI4OGE1NGFjMjE2ZTQxYmFlMzA1NjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1mCKeGzX6fjoDEJYBtDU50ZWBVJ
rlq99n3FmqxnYhVqndaJhS8wTMAlxesGW34kmzRBZucKQBfCle0C75j8fc3EWaNC
idlUB9pkMASrxpRVqniDpgcgzA7+VPbjnnZYQDupKD3kg1uSg2Vk4U0rMdOXL+7E
0wh2uik9z80qv9qKFUoDD4LMW6qGF7TZzvyINkrOLadXmwjHdAO3pIHMg48cL/pZ
kpgiYy1CXNXG37m7ASCNX97tpltiVqdHFP/Fu5UQRBORhrq2nKAfk84VC+7TE5mO
2gnBXuH2wD4Pi6lEks0I32u+e6/t6gfZSDvDV13bD+KGyqsZyBzLeEVF/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNISdrHat8UTIoilSsIW5BuuMFYzMB8GA1UdIwQY
MBaAFBW1lSYPcsIiVHrD42fyyIeuOKP8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmJXVkpnOXl3aUpVZXNQalpfTEloNjQ0b193LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi82MTRkNjQtMzdkMy00YmJjLThmM2Qt
YjQzY2Q0ZDk3YzhlLzEvMGhKMnNkcTN4Uk1paUtWS3doYmtHNjR3VmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi82MTRkNjQtMzdkMy00YmJjLThmM2QtYjQzY2Q0ZDk3Yzhl
LzEvRmJXVkpnOXl3aUpVZXNQalpfTEloNjQ0b193LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudHoMA0G
CSqGSIb3DQEBCwUAA4IBAQAc2VOHTP3kYlbDsb/NYIBeRfad9kRgqlx/S8bFgFmo
9Nk2cOdZC4bbask7RMLx4dVubEVLN2hOxqUHUL7gq8kFZ4Eog/iGoh7p3whbERUR
Rg2T0OjFxOhx4fOu7KOd77LZycg+y5dwfL4vBlLvXORM/mMxBilOovl4qQSKWUVk
SCvfN8qgWWlLhCa50NZovUzH2fqVEYJjeFmlo2UAVyTKBEltSMCs40kELsOHydvQ
OX1STBcsnUaLJGa0gXsXcK/v/UBZVlknjUtXRmKs9C6v9WMLkCEAmKPbu8OyBp7f
BIVu5QSno5zJ8dGTLM8UKz+DXTbRhC3RyqmhyOVJmVo1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:24 2025 by rpki-client