Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/wE6Kn9cgAUXMGX4DNfn8tGbd3yY.roa
File: wE6Kn9cgAUXMGX4DNfn8tGbd3yY.roa (raw, json)
Hash identifier: xbcmJc+sFYfhHb3kVeuHVtsscI2Gj/Hc6pzlkSB5vFA=
Subject key identifier: C0:4E:8A:9F:D7:20:01:45:CC:19:7E:03:35:F9:FC:B4:66:DD:DF:26
Certificate issuer: /CN=1afba38a8707fd231c3887e4a52bdcdedab20323
Certificate serial: 01928A178C331A58075361ADC06E73590F87
Authority key identifier: 1A:FB:A3:8A:87:07:FD:23:1C:38:87:E4:A5:2B:DC:DE:DA:B2:03:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/wE6Kn9cgAUXMGX4DNfn8tGbd3yY.roa
Signing time: Mon 14 Oct 2024 08:14:11 +0000
ROA not before: Mon 14 Oct 2024 08:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207369
IP address blocks: 185.39.79.0/24 maxlen: 24
185.138.184.0/22 maxlen: 22
185.138.184.0/23 maxlen: 23
185.138.186.0/23 maxlen: 23
185.138.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 02:18:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:17:8c:33:1a:58:07:53:61:ad:c0:6e:73:59:0f:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1afba38a8707fd231c3887e4a52bdcdedab20323
Validity
Not Before: Oct 14 08:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c04e8a9fd7200145cc197e0335f9fcb466dddf26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:60:fb:bf:54:42:c5:1f:65:46:e1:2f:9f:68:
ac:4e:a9:76:c0:e8:3a:85:96:cf:ff:32:43:de:9d:
12:88:be:87:d1:15:90:20:3d:11:64:9a:46:84:94:
26:8f:62:f7:ed:cd:d3:c6:09:a1:e0:10:72:0e:44:
b6:29:f3:b1:14:83:f6:62:74:ae:05:81:9f:a9:3c:
75:7c:a1:51:a6:d3:50:a2:05:30:96:9c:ab:26:b1:
26:b9:bc:c3:b0:65:0f:19:d7:a9:3f:61:3a:97:44:
37:35:d9:39:ff:b6:40:e3:f7:61:be:8f:02:8c:39:
b0:ac:08:f1:9c:11:3a:ab:46:2c:0b:89:95:56:59:
2b:a1:11:d1:a0:5a:ad:55:5a:8b:93:14:c6:ae:be:
51:75:d1:b6:b2:aa:41:3b:d8:ae:eb:d9:47:15:5c:
00:4e:d6:50:9d:27:6a:67:4d:21:0b:b2:ca:20:be:
d9:29:d9:79:2c:3a:ea:e8:1f:a2:91:1b:72:f9:a2:
e0:3a:73:c5:aa:bb:cc:9c:41:77:93:d7:2d:2f:96:
8e:c5:bc:c2:e1:60:1f:a0:91:20:cc:f1:9f:d1:1a:
cb:4c:d9:31:eb:59:d2:e9:e3:4a:57:ad:b3:45:a0:
73:c9:72:96:af:55:52:7e:df:eb:a9:a0:5c:02:0c:
ec:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:4E:8A:9F:D7:20:01:45:CC:19:7E:03:35:F9:FC:B4:66:DD:DF:26
X509v3 Authority Key Identifier:
keyid:1A:FB:A3:8A:87:07:FD:23:1C:38:87:E4:A5:2B:DC:DE:DA:B2:03:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/wE6Kn9cgAUXMGX4DNfn8tGbd3yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/GvujiocH_SMcOIfkpSvc3tqyAyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.79.0/24
185.138.184.0/22
Signature Algorithm: sha256WithRSAEncryption
25:78:36:8b:2f:1b:f3:ef:92:6e:71:5b:ba:f0:ed:b8:bb:0b:
05:94:b7:f9:b9:73:4f:ab:60:16:c2:84:fe:eb:a7:eb:29:04:
b2:90:cd:54:de:5a:50:21:e5:fa:f6:95:eb:11:e4:f2:15:2e:
7e:b6:30:0d:af:e3:0b:29:77:06:4f:db:cb:24:7a:16:a7:c3:
fb:b1:96:26:8a:45:9f:7b:5e:fb:d4:5d:81:3b:d7:2b:3d:b6:
18:42:c0:f4:d6:62:3e:8c:95:ce:04:3e:b7:a1:e4:94:da:36:
c6:ed:ae:5e:37:39:8d:52:82:1f:35:77:1a:a7:02:41:12:10:
d6:40:40:05:73:04:1a:84:0f:f2:52:5e:81:53:1c:2e:42:4f:
ed:d1:99:1b:45:3d:63:35:ce:7f:30:7f:6a:23:d3:28:75:6f:
a3:56:ee:f8:c7:83:ae:cc:96:fa:e8:25:75:cc:81:cb:b8:f1:
b9:9c:cb:27:18:42:33:45:f7:e8:e1:20:b0:38:43:0f:c1:de:
2f:93:89:e1:c5:5c:5b:90:5c:2a:4a:47:d5:70:ed:0b:3f:d8:
80:45:8f:44:60:fd:33:c9:ae:51:a2:eb:97:03:5c:93:f8:b6:
b6:4e:d5:f0:12:e9:f5:a8:0a:0c:3a:e4:22:cc:b5:9f:f7:3b:
1a:69:35:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKKF4wzGlgHU2GtwG5zWQ+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmJhMzhhODcwN2ZkMjMxYzM4ODdlNGE1MmJkY2RlZGFi
MjAzMjMwHhcNMjQxMDE0MDgxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDRlOGE5ZmQ3MjAwMTQ1Y2MxOTdlMDMzNWY5ZmNiNDY2ZGRkZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GD7v1RCxR9lRuEvn2isTql2wOg6
hZbP/zJD3p0SiL6H0RWQID0RZJpGhJQmj2L37c3Txgmh4BByDkS2KfOxFIP2YnSu
BYGfqTx1fKFRptNQogUwlpyrJrEmubzDsGUPGdepP2E6l0Q3Ndk5/7ZA4/dhvo8C
jDmwrAjxnBE6q0YsC4mVVlkroRHRoFqtVVqLkxTGrr5RddG2sqpBO9iu69lHFVwA
TtZQnSdqZ00hC7LKIL7ZKdl5LDrq6B+ikRty+aLgOnPFqrvMnEF3k9ctL5aOxbzC
4WAfoJEgzPGf0RrLTNkx61nS6eNKV62zRaBzyXKWr1VSft/rqaBcAgzsEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMBOip/XIAFFzBl+AzX5/LRm3d8mMB8GA1UdIwQY
MBaAFBr7o4qHB/0jHDiH5KUr3N7asgMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3Z1amlvY0hfU01jT0lma3BTdmMzdHF5QXlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83YTliYTItNmE2YS00YzdjLTg4MmEt
MDk5NmFlZDMyZjNiLzEvd0U2S245Y2dBVVhNR1g0RE5mbjh0R2JkM3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83YTliYTItNmE2YS00YzdjLTg4MmEtMDk5NmFlZDMyZjNi
LzEvR3Z1amlvY0hfU01jT0lma3BTdmMzdHF5QXlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSdPAwQC
uYq4MA0GCSqGSIb3DQEBCwUAA4IBAQAleDaLLxvz75JucVu68O24uwsFlLf5uXNP
q2AWwoT+66frKQSykM1U3lpQIeX69pXrEeTyFS5+tjANr+MLKXcGT9vLJHoWp8P7
sZYmikWfe1771F2BO9crPbYYQsD01mI+jJXOBD63oeSU2jbG7a5eNzmNUoIfNXca
pwJBEhDWQEAFcwQahA/yUl6BUxwuQk/t0ZkbRT1jNc5/MH9qI9ModW+jVu74x4Ou
zJb66CV1zIHLuPG5nMsnGEIzRffo4SCwOEMPwd4vk4nhxVxbkFwqSkfVcO0LP9iA
RY9EYP0zya5RouuXA1yT+La2TtXwEun1qAoMOuQizLWf9zsaaTUQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:51 2025 by rpki-client