Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/wDoNZSBAzSWuvlohLD9hncRu7-w.roa
File: wDoNZSBAzSWuvlohLD9hncRu7-w.roa (raw, json)
Hash identifier: v95ftjjFcF4/PUmUvGFMv3P5jp7tasPnx1mTqVKaS+A=
Subject key identifier: C0:3A:0D:65:20:40:CD:25:AE:BE:5A:21:2C:3F:61:9D:C4:6E:EF:EC
Certificate issuer: /CN=1afba38a8707fd231c3887e4a52bdcdedab20323
Certificate serial: 0191E423FA1D9D0B93A4E300F10BA44CB739
Authority key identifier: 1A:FB:A3:8A:87:07:FD:23:1C:38:87:E4:A5:2B:DC:DE:DA:B2:03:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/wDoNZSBAzSWuvlohLD9hncRu7-w.roa
Signing time: Thu 12 Sep 2024 02:50:48 +0000
ROA not before: Thu 12 Sep 2024 02:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207369
IP address blocks: 185.39.79.0/24 maxlen: 24
185.138.184.0/22 maxlen: 22
185.138.184.0/23 maxlen: 23
185.138.186.0/23 maxlen: 23
185.138.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 07:59:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e4:23:fa:1d:9d:0b:93:a4:e3:00:f1:0b:a4:4c:b7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1afba38a8707fd231c3887e4a52bdcdedab20323
Validity
Not Before: Sep 12 02:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c03a0d652040cd25aebe5a212c3f619dc46eefec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b5:1f:11:ff:bf:6c:3a:9e:65:49:62:be:6a:
10:af:3f:d2:95:64:d3:42:42:1d:a6:a3:74:02:30:
43:64:82:25:69:fb:34:fc:e8:8e:04:57:29:53:eb:
01:3b:2e:c3:f7:0c:80:f3:85:e2:48:d1:b3:0f:80:
58:e5:3d:90:cb:db:62:88:f6:40:07:e1:c8:21:79:
55:81:8e:93:db:5e:2d:41:d6:47:c1:d8:03:bf:41:
38:65:db:27:fd:0e:75:f9:5a:b0:bc:d2:66:ff:c9:
2e:b0:4b:32:24:08:62:03:09:82:a9:6f:d7:50:ee:
5f:5b:ff:cd:f1:e6:a6:c8:1e:1d:6f:69:c1:6d:6b:
a8:fd:ce:40:66:8e:ac:97:98:a8:22:6a:34:f9:22:
0f:bb:c0:4f:ae:ee:3e:a8:fc:82:a4:8c:a3:9e:b9:
70:4d:3e:ab:d6:c5:b3:fc:e2:8f:2b:54:c3:b4:be:
94:49:16:82:ed:0f:56:dd:56:5f:e4:7b:25:05:c0:
3a:c1:56:15:ec:b7:ed:02:33:d4:5f:9d:b5:d7:14:
dc:90:a7:01:28:5f:00:96:7f:c9:45:10:10:51:9a:
5d:eb:94:25:7e:2c:27:38:5d:94:a8:a7:0f:ee:14:
5f:e2:b3:cd:7c:67:a5:a7:00:5c:e7:40:8e:a7:e6:
03:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:3A:0D:65:20:40:CD:25:AE:BE:5A:21:2C:3F:61:9D:C4:6E:EF:EC
X509v3 Authority Key Identifier:
keyid:1A:FB:A3:8A:87:07:FD:23:1C:38:87:E4:A5:2B:DC:DE:DA:B2:03:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/wDoNZSBAzSWuvlohLD9hncRu7-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/GvujiocH_SMcOIfkpSvc3tqyAyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.79.0/24
185.138.184.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:e5:02:f6:11:6b:b8:3f:4e:17:37:77:43:26:5a:63:49:48:
13:bb:1c:d4:90:4f:53:37:79:b9:c9:0e:49:93:64:9a:23:3c:
15:a6:ab:83:8b:e8:25:df:a9:7d:84:09:5f:96:e3:58:ab:b4:
64:a1:ac:a9:2c:70:e1:e0:05:b2:93:54:b1:36:2f:89:e2:cb:
a2:bc:6b:b8:b4:19:fe:89:0a:d0:9c:33:5c:63:7f:d9:e1:68:
bb:85:72:7b:27:7a:30:37:6a:0f:ab:8b:50:2d:a9:a0:08:44:
4a:2d:23:3b:c0:98:a8:c5:71:77:f9:83:3c:b4:e3:58:97:6d:
dd:9d:83:88:07:95:38:9b:31:47:37:07:4c:22:73:45:24:bf:
ed:cd:a4:ba:09:2f:9c:6b:3f:fd:74:2a:8d:1c:ef:7f:63:50:
cb:fb:2b:89:2c:ba:3b:97:6c:a0:fc:6c:94:64:5d:f3:d1:ea:
b0:d1:e8:06:37:cf:14:a8:fd:89:05:cd:02:a9:aa:4a:78:b6:
03:b1:df:ce:d4:ef:75:e7:d8:9f:d1:00:9c:6e:ea:e0:5f:4a:
cc:aa:ea:0f:80:09:46:aa:73:c3:80:48:90:fc:91:cc:6d:85:
6c:6b:0e:d6:6b:d8:0e:0f:bf:63:2a:56:12:af:cf:fc:de:78:
41:5c:d3:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHkI/odnQuTpOMA8QukTLc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmJhMzhhODcwN2ZkMjMxYzM4ODdlNGE1MmJkY2RlZGFi
MjAzMjMwHhcNMjQwOTEyMDI1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDNhMGQ2NTIwNDBjZDI1YWViZTVhMjEyYzNmNjE5ZGM0NmVlZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorUfEf+/bDqeZUlivmoQrz/SlWTT
QkIdpqN0AjBDZIIlafs0/OiOBFcpU+sBOy7D9wyA84XiSNGzD4BY5T2Qy9tiiPZA
B+HIIXlVgY6T214tQdZHwdgDv0E4Zdsn/Q51+VqwvNJm/8kusEsyJAhiAwmCqW/X
UO5fW//N8eamyB4db2nBbWuo/c5AZo6sl5ioImo0+SIPu8BPru4+qPyCpIyjnrlw
TT6r1sWz/OKPK1TDtL6USRaC7Q9W3VZf5HslBcA6wVYV7LftAjPUX5211xTckKcB
KF8Aln/JRRAQUZpd65QlfiwnOF2UqKcP7hRf4rPNfGelpwBc50COp+YD0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMA6DWUgQM0lrr5aISw/YZ3Ebu/sMB8GA1UdIwQY
MBaAFBr7o4qHB/0jHDiH5KUr3N7asgMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3Z1amlvY0hfU01jT0lma3BTdmMzdHF5QXlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83YTliYTItNmE2YS00YzdjLTg4MmEt
MDk5NmFlZDMyZjNiLzEvd0RvTlpTQkF6U1d1dmxvaExEOWhuY1J1Ny13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83YTliYTItNmE2YS00YzdjLTg4MmEtMDk5NmFlZDMyZjNi
LzEvR3Z1amlvY0hfU01jT0lma3BTdmMzdHF5QXlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSdPAwQC
uYq4MA0GCSqGSIb3DQEBCwUAA4IBAQC15QL2EWu4P04XN3dDJlpjSUgTuxzUkE9T
N3m5yQ5Jk2SaIzwVpquDi+gl36l9hAlfluNYq7RkoaypLHDh4AWyk1SxNi+J4sui
vGu4tBn+iQrQnDNcY3/Z4Wi7hXJ7J3owN2oPq4tQLamgCERKLSM7wJioxXF3+YM8
tONYl23dnYOIB5U4mzFHNwdMInNFJL/tzaS6CS+caz/9dCqNHO9/Y1DL+yuJLLo7
l2yg/GyUZF3z0eqw0egGN88UqP2JBc0CqapKeLYDsd/O1O9159if0QCcburgX0rM
quoPgAlGqnPDgEiQ/JHMbYVsaw7Wa9gOD79jKlYSr8/83nhBXNMO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:06 2025 by rpki-client