Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/RapmdbKxd4-1u1OMZqp-QNSnv7g.roa
File: RapmdbKxd4-1u1OMZqp-QNSnv7g.roa (raw, json)
Hash identifier: vsj1XuWEeCqCpen7DLBtj9gNrp7e9YqR9empotnE2Z8=
Subject key identifier: 45:AA:66:75:B2:B1:77:8F:B5:BB:53:8C:66:AA:7E:40:D4:A7:BF:B8
Certificate issuer: /CN=85db83a8365a604476f282d24d327ad1ef0fde52
Certificate serial: 018CC793599F3A98F08685D79AFDCF6DDD71
Authority key identifier: 85:DB:83:A8:36:5A:60:44:76:F2:82:D2:4D:32:7A:D1:EF:0F:DE:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hduDqDZaYER28oLSTTJ60e8P3lI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/RapmdbKxd4-1u1OMZqp-QNSnv7g.roa
Signing time: Tue 02 Jan 2024 00:29:31 +0000
ROA not before: Tue 02 Jan 2024 00:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41960
IP address blocks: 185.199.232.0/22 maxlen: 24
46.226.236.0/22 maxlen: 24
213.5.232.0/22 maxlen: 24
185.25.80.0/22 maxlen: 24
185.199.188.0/22 maxlen: 24
2a00:c600::/29 maxlen: 64
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:59:9f:3a:98:f0:86:85:d7:9a:fd:cf:6d:dd:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85db83a8365a604476f282d24d327ad1ef0fde52
Validity
Not Before: Jan 2 00:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45aa6675b2b1778fb5bb538c66aa7e40d4a7bfb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4b:49:f1:24:42:7f:a6:c6:81:26:69:da:77:
56:f5:50:41:38:79:3e:0d:c0:64:4b:4d:29:3a:85:
b5:cf:86:4f:e5:1a:33:64:0a:c5:e4:ef:fc:4d:0a:
df:f5:bb:9b:1d:b3:59:59:09:69:a4:54:7e:0b:20:
1f:95:dd:8b:aa:d0:35:b9:c4:c2:bc:40:a9:61:42:
82:78:3f:bc:ee:1a:39:e9:8d:d6:66:7a:f3:d6:da:
25:b1:36:32:06:cc:c0:3d:34:ee:21:a4:e2:d8:34:
f2:c0:36:09:30:d9:d9:3b:6c:9d:c8:a4:83:53:5b:
e0:64:02:7a:68:64:4b:14:b1:87:6b:8c:96:98:b8:
38:d0:73:73:5e:36:89:76:66:e1:6f:00:37:92:60:
5f:84:be:71:c4:8e:45:fc:cc:1a:94:06:bb:18:1b:
ec:c8:4f:27:9a:ed:15:ab:20:33:a4:1c:06:5a:f3:
f4:84:b7:ef:e5:d8:b5:aa:cd:0e:28:4a:0d:87:4f:
5c:ff:b4:8d:15:09:68:2e:fc:b8:f6:2b:78:1f:8f:
70:cb:d6:51:b3:8c:c4:70:e0:16:8e:be:f4:04:fc:
53:f8:ec:9b:76:f7:e7:38:2d:da:5d:dd:0d:f3:2a:
77:96:9a:b1:62:6f:09:09:80:8e:96:cf:7e:3d:28:
53:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:AA:66:75:B2:B1:77:8F:B5:BB:53:8C:66:AA:7E:40:D4:A7:BF:B8
X509v3 Authority Key Identifier:
keyid:85:DB:83:A8:36:5A:60:44:76:F2:82:D2:4D:32:7A:D1:EF:0F:DE:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hduDqDZaYER28oLSTTJ60e8P3lI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/RapmdbKxd4-1u1OMZqp-QNSnv7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/hduDqDZaYER28oLSTTJ60e8P3lI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.236.0/22
185.25.80.0/22
185.199.188.0/22
185.199.232.0/22
213.5.232.0/22
IPv6:
2a00:c600::/29
Signature Algorithm: sha256WithRSAEncryption
0f:b1:62:5e:1a:e6:30:68:54:e7:ae:8a:db:f6:0a:0d:45:8e:
27:73:91:3f:8c:2d:c3:be:9b:5b:32:96:50:f9:a5:03:d1:01:
db:88:5d:1d:55:73:dd:8e:a0:e6:8a:0c:92:05:5d:cd:3a:76:
7e:ad:ca:8d:b1:c9:bf:8e:78:a6:11:5d:1d:25:d1:ef:44:a3:
5c:2e:f2:55:ba:ba:4f:d6:eb:d0:bd:32:f4:a6:ce:64:d0:74:
09:c6:cd:85:60:2f:28:00:ef:f8:23:e7:24:45:18:b0:7c:82:
d7:d8:14:88:23:c8:dc:d7:c6:5f:8f:d6:4b:2c:cc:77:d0:a0:
19:9e:3d:5c:9f:a9:0f:05:ab:aa:cf:e8:5c:ab:82:bf:52:03:
97:ea:4a:17:41:ed:03:82:be:08:d7:8b:f0:aa:df:7e:dc:cf:
ba:e3:cc:f9:47:7e:a8:aa:1b:36:e0:6e:f8:a2:d4:de:f1:0f:
ac:a7:50:1b:80:c7:2a:57:c1:99:37:d3:76:13:a6:8a:bd:09:
ee:b0:27:21:0a:14:01:70:19:35:9f:32:f3:63:9e:ab:6d:a3:
6a:f6:a9:bf:0d:bd:8c:bb:2e:3c:05:be:b7:aa:8e:d8:34:df:
d8:c4:57:3f:cb:98:f1:fb:cc:c9:67:e2:81:8d:5a:8f:ef:3b:
a7:19:27:04
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHk1mfOpjwhoXXmv3Pbd1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGI4M2E4MzY1YTYwNDQ3NmYyODJkMjRkMzI3YWQxZWYw
ZmRlNTIwHhcNMjQwMTAyMDAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWFhNjY3NWIyYjE3NzhmYjViYjUzOGM2NmFhN2U0MGQ0YTdiZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0tJ8SRCf6bGgSZp2ndW9VBBOHk+
DcBkS00pOoW1z4ZP5RozZArF5O/8TQrf9bubHbNZWQlppFR+CyAfld2LqtA1ucTC
vECpYUKCeD+87ho56Y3WZnrz1tolsTYyBszAPTTuIaTi2DTywDYJMNnZO2ydyKSD
U1vgZAJ6aGRLFLGHa4yWmLg40HNzXjaJdmbhbwA3kmBfhL5xxI5F/MwalAa7GBvs
yE8nmu0VqyAzpBwGWvP0hLfv5di1qs0OKEoNh09c/7SNFQloLvy49it4H49wy9ZR
s4zEcOAWjr70BPxT+OybdvfnOC3aXd0N8yp3lpqxYm8JCYCOls9+PShTMQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEWqZnWysXePtbtTjGaqfkDUp7+4MB8GA1UdIwQY
MBaAFIXbg6g2WmBEdvKC0k0yetHvD95SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR1RHFEWmFZRVIyOG9MU1RUSjYwZThQM2xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yYzhmMDgtZTU5OS00NGYzLWJiYzEt
OGNiZWY5MTNlMzQyLzEvUmFwbWRiS3hkNC0xdTFPTVpxcC1RTlNudjdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yYzhmMDgtZTU5OS00NGYzLWJiYzEtOGNiZWY5MTNlMzQy
LzEvaGR1RHFEWmFZRVIyOG9MU1RUSjYwZThQM2xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLuLsAwQC
uRlQAwQCuce8AwQCucfoAwQC1QXoMA0EAgACMAcDBQMqAMYAMA0GCSqGSIb3DQEB
CwUAA4IBAQAPsWJeGuYwaFTnrorb9goNRY4nc5E/jC3DvptbMpZQ+aUD0QHbiF0d
VXPdjqDmigySBV3NOnZ+rcqNscm/jnimEV0dJdHvRKNcLvJVurpP1uvQvTL0ps5k
0HQJxs2FYC8oAO/4I+ckRRiwfILX2BSII8jc18Zfj9ZLLMx30KAZnj1cn6kPBauq
z+hcq4K/UgOX6koXQe0Dgr4I14vwqt9+3M+648z5R36oqhs24G74otTe8Q+sp1Ab
gMcqV8GZN9N2E6aKvQnusCchChQBcBk1nzLzY56rbaNq9qm/Db2Muy48Bb63qo7Y
NN/YxFc/y5jx+8zJZ+KBjVqP7zunGScE
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:12:27 2025 by rpki-client