Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/iMAWs17hJz_YqdJ_8XS83ueyhfE.roa
File: iMAWs17hJz_YqdJ_8XS83ueyhfE.roa (raw, json)
Hash identifier: iqc+PXjQ4pcKz/L+snMwJlOULOOYlz7TB1l97ZxcXek=
Subject key identifier: 88:C0:16:B3:5E:E1:27:3F:D8:A9:D2:7F:F1:74:BC:DE:E7:B2:85:F1
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018CC3B6F42E5B121D865E2126AF66525486
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/iMAWs17hJz_YqdJ_8XS83ueyhfE.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200313
IP address blocks: 185.232.52.0/24 maxlen: 24
195.43.147.0/24 maxlen: 24
185.212.128.0/23 maxlen: 23
185.212.130.0/24 maxlen: 24
185.212.131.0/24 maxlen: 24
2a0d:1640::/32 maxlen: 32
2a0d:63c0::/32 maxlen: 32
2a0d:1643::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Mar 2024 12:39:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f4:2e:5b:12:1d:86:5e:21:26:af:66:52:54:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88c016b35ee1273fd8a9d27ff174bcdee7b285f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:da:26:25:d9:9d:84:f5:88:82:36:6f:fc:81:
6d:53:cd:1d:65:bc:77:6b:d0:20:fc:d5:63:ba:35:
10:73:cb:a6:a3:6c:4d:21:b4:19:70:e9:cf:2b:3e:
8b:fd:a6:cb:8a:c7:67:3d:b2:9f:af:09:a5:f3:be:
95:9a:b8:d9:8e:65:34:e1:a5:c3:67:07:4a:3d:fb:
d1:9e:1a:5e:9d:49:76:34:dc:a0:83:bf:66:0c:3a:
09:1b:e9:bb:51:f5:08:c0:19:46:a4:67:6c:c2:99:
43:79:68:d6:68:22:0b:10:9b:ae:67:b6:76:77:32:
f8:da:e5:46:49:ba:88:9b:c1:a6:0d:e5:85:8c:26:
72:01:ec:33:97:06:8c:f9:43:9f:51:5e:a7:aa:b5:
d6:cc:0e:e3:cf:d2:80:59:41:f0:34:62:6a:cc:4d:
75:f0:35:52:61:4a:43:aa:9d:d5:ea:52:7c:bf:17:
55:8a:12:70:49:ac:12:85:06:ae:a7:ab:62:97:93:
6e:78:24:31:c2:9f:e1:3f:1a:c3:b5:4d:80:4e:03:
7c:e0:34:0f:e6:46:a5:ad:86:5a:b6:db:aa:39:e3:
21:70:08:97:6b:5b:5e:92:37:cd:54:12:b1:83:29:
93:5e:09:db:ec:30:4a:ea:cc:e5:46:e8:b0:5b:58:
22:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C0:16:B3:5E:E1:27:3F:D8:A9:D2:7F:F1:74:BC:DE:E7:B2:85:F1
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/iMAWs17hJz_YqdJ_8XS83ueyhfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.128.0/22
185.232.52.0/24
195.43.147.0/24
IPv6:
2a0d:1640::/32
2a0d:1643::/32
2a0d:63c0::/32
Signature Algorithm: sha256WithRSAEncryption
22:a8:d7:b6:1a:55:73:3c:cb:3f:e6:ec:ce:b8:f2:c4:73:64:
f4:7c:b4:69:be:63:e6:32:71:ec:6a:8f:eb:e0:8f:e2:18:59:
ea:e4:9a:18:fa:28:86:9e:58:b0:56:12:6f:c5:c4:95:b5:3a:
03:37:3b:a1:d9:bf:67:8e:b0:83:2c:62:f2:a2:f0:23:08:bd:
4b:10:be:19:b3:04:f2:e5:f6:f1:e9:0c:79:41:10:b5:7b:72:
5c:43:0d:fa:16:aa:93:f5:48:53:d8:ef:8c:c5:f5:d5:0f:80:
46:a3:5f:9c:4c:29:ee:03:07:9e:0a:b0:09:54:25:39:41:3b:
39:b4:14:62:3b:9c:04:4c:29:08:d7:4a:22:95:af:b3:05:c1:
4e:e8:4f:a9:ee:5d:7f:97:07:4d:4c:9a:46:56:22:e5:91:39:
45:7c:d0:62:53:b6:15:4a:1f:0b:2a:2c:01:ef:25:0c:a3:04:
eb:ce:43:b1:ed:df:e8:58:6f:1c:b0:2f:1d:bf:80:77:40:4f:
6c:77:27:92:0c:24:73:93:58:3b:5c:24:dd:18:27:5f:71:ab:
77:62:e5:17:cf:0b:da:81:30:14:21:b6:b8:d0:03:87:b9:ab:
ec:aa:b9:ce:41:f7:47:9b:ed:02:6d:a4:31:58:ed:f9:5a:7f:
c5:5a:6d:ea
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzDtvQuWxIdhl4hJq9mUlSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGMwMTZiMzVlZTEyNzNmZDhhOWQyN2ZmMTc0YmNkZWU3YjI4NWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNomJdmdhPWIgjZv/IFtU80dZbx3
a9Ag/NVjujUQc8umo2xNIbQZcOnPKz6L/abLisdnPbKfrwml876VmrjZjmU04aXD
ZwdKPfvRnhpenUl2NNygg79mDDoJG+m7UfUIwBlGpGdswplDeWjWaCILEJuuZ7Z2
dzL42uVGSbqIm8GmDeWFjCZyAewzlwaM+UOfUV6nqrXWzA7jz9KAWUHwNGJqzE11
8DVSYUpDqp3V6lJ8vxdVihJwSawShQaup6til5NueCQxwp/hPxrDtU2ATgN84DQP
5kalrYZattuqOeMhcAiXa1tekjfNVBKxgymTXgnb7DBK6szlRuiwW1giIQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIjAFrNe4Sc/2KnSf/F0vN7nsoXxMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvaU1BV3MxN2hKel9ZcWRKXzhYUzgzdWV5aGZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCudSAAwQA
ueg0AwQAwyuTMBsEAgACMBUDBQAqDRZAAwUAKg0WQwMFACoNY8AwDQYJKoZIhvcN
AQELBQADggEBACKo17YaVXM8yz/m7M648sRzZPR8tGm+Y+Yycexqj+vgj+IYWerk
mhj6KIaeWLBWEm/FxJW1OgM3O6HZv2eOsIMsYvKi8CMIvUsQvhmzBPLl9vHpDHlB
ELV7clxDDfoWqpP1SFPY74zF9dUPgEajX5xMKe4DB54KsAlUJTlBOzm0FGI7nARM
KQjXSiKVr7MFwU7oT6nuXX+XB01MmkZWIuWROUV80GJTthVKHwsqLAHvJQyjBOvO
Q7Ht3+hYbxywLx2/gHdAT2x3J5IMJHOTWDtcJN0YJ19xq3di5RfPC9qBMBQhtrjQ
A4e5q+yquc5B90eb7QJtpDFY7flaf8Vabeo=
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:48:01 2025 by rpki-client