Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/_tQ4D855UYtyfPK4NHY1Hkaur38.roa
File: _tQ4D855UYtyfPK4NHY1Hkaur38.roa (raw, json)
Hash identifier: 6Y72Ix/VxcpgpfNqt1YCkD7EglFvepOdWs2TTdInP6E=
Subject key identifier: FE:D4:38:0F:CE:79:51:8B:72:7C:F2:B8:34:76:35:1E:46:AE:AF:7F
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 018DEE9E9B7CFAB63D95DF733206BE3B9EAC
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/_tQ4D855UYtyfPK4NHY1Hkaur38.roa
Signing time: Wed 28 Feb 2024 07:29:48 +0000
ROA not before: Wed 28 Feb 2024 07:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47894
IP address blocks: 185.35.20.0/24 maxlen: 24
185.35.22.0/24 maxlen: 24
185.35.23.0/24 maxlen: 24
2a00:7300::/32 maxlen: 32
2a00:7300:1::/48 maxlen: 48
2a00:7300:42::/48 maxlen: 48
2a00:7300:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 28 Feb 2024 09:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ee:9e:9b:7c:fa:b6:3d:95:df:73:32:06:be:3b:9e:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Feb 28 07:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fed4380fce79518b727cf2b83476351e46aeaf7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:24:27:ab:59:e1:0f:01:33:fa:eb:10:28:02:
45:84:ab:d3:de:7c:b6:1d:b1:e4:70:ac:44:d5:39:
aa:10:42:70:db:a2:d3:dd:97:82:4a:eb:24:20:9a:
a6:dc:7d:7a:fd:09:a3:a3:dc:6f:de:9b:9a:ea:ea:
5c:b7:2a:46:d7:16:26:82:a6:cb:53:b8:8e:64:18:
bf:53:9e:ac:2f:93:aa:9c:0a:6f:a4:23:74:e1:d6:
71:b3:7f:75:94:4b:b9:6e:a2:2d:9c:64:12:21:ac:
0a:2d:f6:6a:15:e7:ca:9f:38:91:8b:f5:3e:38:35:
f6:0e:82:ac:6b:26:4c:8e:9c:ac:1f:2f:a0:c0:4b:
06:3d:a5:c5:15:10:20:7f:a2:55:1b:14:a4:5c:ec:
83:6e:02:fe:12:f9:cc:b8:ba:4e:85:9d:b1:19:f4:
c2:6e:59:66:07:d6:ef:9b:41:7c:4c:7e:26:d4:02:
15:65:11:64:dc:3d:70:25:65:71:dd:d9:af:0f:f1:
67:d0:e0:b6:a9:5c:1b:cb:6f:66:86:ee:5f:9c:81:
fd:f8:30:a9:7e:58:3a:39:cd:fb:3b:94:03:9c:52:
89:6c:c3:73:1c:80:e0:60:58:e2:87:d2:ef:8e:9a:
b0:2c:8d:96:c4:1f:a0:de:d4:8d:11:59:88:e1:bb:
32:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:D4:38:0F:CE:79:51:8B:72:7C:F2:B8:34:76:35:1E:46:AE:AF:7F
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/_tQ4D855UYtyfPK4NHY1Hkaur38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.20.0/24
185.35.22.0/23
IPv6:
2a00:7300::/32
Signature Algorithm: sha256WithRSAEncryption
30:9b:0b:c8:56:80:0d:8e:10:de:d7:ec:97:86:05:ee:f4:34:
ca:fc:d6:8a:b4:11:be:4a:5d:f8:57:e2:3f:01:0b:14:01:8d:
a3:0d:45:4e:05:50:ac:41:d7:e8:ae:fe:f4:81:2f:e7:fc:51:
a9:71:72:34:8a:75:76:89:cd:16:04:56:12:dd:b4:47:40:b0:
c1:b0:a2:f5:b2:76:7b:1a:ad:25:c3:9f:08:7c:b1:61:8d:5e:
8a:ea:47:f9:f6:8e:e0:78:6a:75:4f:e3:fc:4c:7e:2c:e2:7b:
cd:89:62:b6:84:d9:e7:c9:a6:47:ec:e5:a3:b4:a5:93:2a:b0:
5c:85:3d:4c:dd:95:3b:8f:e6:c4:98:23:e9:db:ae:d8:9a:df:
f3:80:11:ac:3a:45:64:38:60:0d:7b:3d:2d:91:ef:82:f9:f1:
8f:3d:e0:4d:e2:98:97:30:5c:d9:ba:4c:f6:c5:a7:8a:e8:b5:
fa:5e:f7:0f:75:1f:7d:37:1c:e7:74:8b:3e:2a:05:23:56:fb:
3a:4b:e0:59:69:77:a9:05:d5:b7:88:cf:e3:fc:28:c2:39:ae:
b5:57:27:64:91:93:90:b4:87:d1:9b:61:6d:01:68:02:78:83:
6c:1c:17:e6:ea:d0:50:5d:2f:a9:2c:87:d3:46:a4:b3:ec:1e:
ef:c4:34:6b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY3unpt8+rY9ld9zMga+O56sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjQwMjI4MDcyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWQ0MzgwZmNlNzk1MThiNzI3Y2YyYjgzNDc2MzUxZTQ2YWVhZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyQnq1nhDwEz+usQKAJFhKvT3ny2
HbHkcKxE1TmqEEJw26LT3ZeCSuskIJqm3H16/Qmjo9xv3pua6upctypG1xYmgqbL
U7iOZBi/U56sL5OqnApvpCN04dZxs391lEu5bqItnGQSIawKLfZqFefKnziRi/U+
ODX2DoKsayZMjpysHy+gwEsGPaXFFRAgf6JVGxSkXOyDbgL+EvnMuLpOhZ2xGfTC
bllmB9bvm0F8TH4m1AIVZRFk3D1wJWVx3dmvD/Fn0OC2qVwby29mhu5fnIH9+DCp
flg6Oc37O5QDnFKJbMNzHIDgYFjih9LvjpqwLI2WxB+g3tSNEVmI4bsyzwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP7UOA/OeVGLcnzyuDR2NR5Grq9/MB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvX3RRNEQ4NTVVWXR5ZlBLNE5IWTFIa2F1cjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuSMUAwQB
uSMWMA0EAgACMAcDBQAqAHMAMA0GCSqGSIb3DQEBCwUAA4IBAQAwmwvIVoANjhDe
1+yXhgXu9DTK/NaKtBG+Sl34V+I/AQsUAY2jDUVOBVCsQdforv70gS/n/FGpcXI0
inV2ic0WBFYS3bRHQLDBsKL1snZ7Gq0lw58IfLFhjV6K6kf59o7geGp1T+P8TH4s
4nvNiWK2hNnnyaZH7OWjtKWTKrBchT1M3ZU7j+bEmCPp267Ymt/zgBGsOkVkOGAN
ez0tke+C+fGPPeBN4piXMFzZukz2xaeK6LX6XvcPdR99NxzndIs+KgUjVvs6S+BZ
aXepBdW3iM/j/CjCOa61VydkkZOQtIfRm2FtAWgCeINsHBfm6tBQXS+pLIfTRqSz
7B7vxDRr
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:49:38 2025 by rpki-client