Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/Vdeg5CwrIl7kXwozYb1MTrztwsk.roa
File: Vdeg5CwrIl7kXwozYb1MTrztwsk.roa (raw, json)
Hash identifier: 9xo3ff6onZ2Vdqc9A3VHir7odUrxxlKX3606AhAanww=
Subject key identifier: 55:D7:A0:E4:2C:2B:22:5E:E4:5F:0A:33:61:BD:4C:4E:BC:ED:C2:C9
Certificate issuer: /CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Certificate serial: 0193B9E3EE80A18A61F276595B7E4F0DC13E
Authority key identifier: 87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/Vdeg5CwrIl7kXwozYb1MTrztwsk.roa
Signing time: Thu 12 Dec 2024 08:02:22 +0000
ROA not before: Thu 12 Dec 2024 08:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205925
IP address blocks: 185.197.212.0/22 maxlen: 22
185.197.212.0/24 maxlen: 24
185.197.213.0/24 maxlen: 24
185.197.214.0/24 maxlen: 24
2a0a:7c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b9:e3:ee:80:a1:8a:61:f2:76:59:5b:7e:4f:0d:c1:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Validity
Not Before: Dec 12 08:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55d7a0e42c2b225ee45f0a3361bd4c4ebcedc2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9a:55:3d:5b:40:a9:29:2d:39:24:ef:e1:76:
b8:00:95:d4:18:ab:df:74:f4:6e:94:e6:39:16:9b:
17:7f:de:7a:68:a1:41:23:32:36:cb:18:1b:6a:f9:
cb:cc:6f:35:1d:6b:e3:c4:b5:31:ce:f7:4e:32:b8:
93:ea:18:51:60:10:aa:80:be:ba:7e:4b:13:aa:22:
6e:d2:05:65:83:49:ae:c7:8b:b5:54:ae:54:b9:77:
65:bd:22:39:fe:4b:f7:e9:5d:b5:5d:5d:07:73:22:
92:1b:38:f0:67:b0:8d:d7:df:d2:2d:0e:74:b5:8c:
e8:d2:03:c9:29:9b:6e:57:4a:6b:70:38:ad:69:fa:
5f:b2:28:0b:ec:f9:ed:8e:cf:ce:2d:61:c9:90:b3:
8f:64:02:c6:4c:4d:08:50:ce:c2:15:d3:e5:05:d1:
48:7e:97:af:9f:a3:19:c3:ad:ce:f2:cd:31:c6:1d:
35:b5:d9:9f:0e:7e:3e:44:49:43:43:d3:a6:3b:68:
b3:1b:db:81:ef:83:6f:6d:95:06:05:a4:3d:39:63:
c3:6c:73:26:8c:8a:3e:fc:47:2e:34:ac:4d:65:fa:
83:a2:91:3c:ec:67:14:32:18:13:3f:76:d8:94:aa:
53:c9:5b:58:7f:0e:ec:48:69:40:b8:67:72:fc:06:
9a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D7:A0:E4:2C:2B:22:5E:E4:5F:0A:33:61:BD:4C:4E:BC:ED:C2:C9
X509v3 Authority Key Identifier:
keyid:87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/Vdeg5CwrIl7kXwozYb1MTrztwsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.212.0/22
IPv6:
2a0a:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
3c:5f:94:a9:44:71:36:01:3f:e3:77:49:30:9e:d9:76:ca:57:
a4:b0:d0:61:87:69:23:db:92:e2:3e:39:46:f1:42:24:89:91:
8a:b7:6c:48:de:80:b1:75:3c:6b:05:7f:8a:56:6e:57:b7:18:
e6:71:29:dc:81:2f:25:44:47:7f:f5:ce:f2:fb:46:1b:2f:58:
71:76:a0:a0:e4:01:b6:ad:f3:96:ac:bc:cf:e8:9c:35:50:d2:
50:42:27:60:6e:e4:29:6f:6f:38:c6:6b:35:c1:84:db:10:b1:
fd:4a:96:38:da:1b:02:ec:3e:83:f4:1b:5f:da:c1:05:44:25:
aa:86:c6:68:8b:8c:c2:12:d7:e2:fc:3a:ba:dc:14:8d:64:8d:
ec:7f:50:0c:ce:71:62:33:d3:2b:8f:58:43:b5:95:03:97:1e:
5e:89:ef:c6:5a:98:f2:dd:46:42:2f:24:27:cf:21:c6:c5:b9:
b7:df:fe:27:3e:67:cf:78:b1:99:46:b3:7c:b4:22:d4:c1:79:
53:d3:d4:cb:de:fa:ea:91:86:cb:4c:6c:d7:bf:20:7b:89:bb:
5f:3d:ea:f7:a8:38:57:18:9f:9c:6d:05:8e:0f:6c:68:11:59:
4b:66:8a:e1:fa:04:3e:b0:c9:4f:53:de:ac:8a:ed:ad:96:87:
da:62:90:c7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZO54+6AoYph8nZZW35PDcE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZWQ5Y2I4MzQwYWMyMDk1YTRjYjA1MjhlNWVhMmY3Mzhj
ZWE2NzIwHhcNMjQxMjEyMDgwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWQ3YTBlNDJjMmIyMjVlZTQ1ZjBhMzM2MWJkNGM0ZWJjZWRjMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJpVPVtAqSktOSTv4Xa4AJXUGKvf
dPRulOY5FpsXf956aKFBIzI2yxgbavnLzG81HWvjxLUxzvdOMriT6hhRYBCqgL66
fksTqiJu0gVlg0mux4u1VK5UuXdlvSI5/kv36V21XV0HcyKSGzjwZ7CN19/SLQ50
tYzo0gPJKZtuV0prcDitafpfsigL7Pntjs/OLWHJkLOPZALGTE0IUM7CFdPlBdFI
fpevn6MZw63O8s0xxh01tdmfDn4+RElDQ9OmO2izG9uB74NvbZUGBaQ9OWPDbHMm
jIo+/EcuNKxNZfqDopE87GcUMhgTP3bYlKpTyVtYfw7sSGlAuGdy/AaaewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFXXoOQsKyJe5F8KM2G9TE687cLJMB8GA1UdIwQY
MBaAFIftnLg0CsIJWkywUo5eovc4zqZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDct
N2IyMWJmMzAzY2NjLzEvVmRlZzVDd3JJbDdrWHdvelliMU1Ucnp0d3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDctN2IyMWJmMzAzY2Nj
LzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucXUMA0E
AgACMAcDBQAqCnxAMA0GCSqGSIb3DQEBCwUAA4IBAQA8X5SpRHE2AT/jd0kwntl2
yleksNBhh2kj25LiPjlG8UIkiZGKt2xI3oCxdTxrBX+KVm5XtxjmcSncgS8lREd/
9c7y+0YbL1hxdqCg5AG2rfOWrLzP6Jw1UNJQQidgbuQpb284xms1wYTbELH9SpY4
2hsC7D6D9Btf2sEFRCWqhsZoi4zCEtfi/Dq63BSNZI3sf1AMznFiM9Mrj1hDtZUD
lx5eie/GWpjy3UZCLyQnzyHGxbm33/4nPmfPeLGZRrN8tCLUwXlT09TL3vrqkYbL
TGzXvyB7ibtfPer3qDhXGJ+cbQWOD2xoEVlLZorh+gQ+sMlPU96siu2tlofaYpDH
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:47:04 2025 by rpki-client