Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/e62fee-da47-4777-9d39-1fece0592e9b/1/63wbpPAOQViku3eUa4dd9R9OLIE.roa
File: 63wbpPAOQViku3eUa4dd9R9OLIE.roa (raw, json)
Hash identifier: CL/fLWBVQLgtEoGaxq0AD8cUtF49JANhCy/PcB3NQC8=
Subject key identifier: EB:7C:1B:A4:F0:0E:41:58:A4:BB:77:94:6B:87:5D:F5:1F:4E:2C:81
Certificate issuer: /CN=7bcabe6490fa8bd572440fd6616a8430ee66d154
Certificate serial: 0192FC8EAB680F11CF4954E12C3F7EB92ECE
Authority key identifier: 7B:CA:BE:64:90:FA:8B:D5:72:44:0F:D6:61:6A:84:30:EE:66:D1:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e8q-ZJD6i9VyRA_WYWqEMO5m0VQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/e62fee-da47-4777-9d39-1fece0592e9b/1/63wbpPAOQViku3eUa4dd9R9OLIE.roa
Signing time: Tue 05 Nov 2024 13:41:01 +0000
ROA not before: Tue 05 Nov 2024 13:41:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204657
IP address blocks: 185.132.232.0/24 maxlen: 24
185.132.233.0/24 maxlen: 24
185.132.234.0/24 maxlen: 24
185.132.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:8e:ab:68:0f:11:cf:49:54:e1:2c:3f:7e:b9:2e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bcabe6490fa8bd572440fd6616a8430ee66d154
Validity
Not Before: Nov 5 13:41:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb7c1ba4f00e4158a4bb77946b875df51f4e2c81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8b:c1:56:f8:d4:07:0b:ff:2e:32:df:06:31:
b4:72:6a:b6:27:27:e5:ae:c4:80:9d:7b:00:fb:01:
41:1a:ea:09:ed:d8:af:4c:4e:84:58:76:b8:db:2f:
37:fc:d8:77:84:00:6a:f6:3b:b3:15:75:dd:ed:d0:
01:3a:54:f7:4d:ea:08:a9:55:f9:5e:10:72:f4:c3:
f0:c8:85:ca:21:f9:92:b2:3f:b8:ee:ca:e9:d4:26:
3d:28:2c:db:36:40:8a:1b:68:8d:ce:b7:59:07:1f:
01:a5:88:e8:73:b3:61:c7:ac:df:9d:05:31:2c:57:
a2:ab:07:df:b3:ea:9c:a4:b6:0b:0d:4d:3f:a5:d8:
0d:10:79:0d:ec:5e:23:11:0c:38:fc:65:23:cf:6a:
32:68:f7:b7:18:fd:fb:80:dc:b8:e6:43:9b:00:cd:
21:cc:ca:a7:d7:b5:b7:92:e3:e6:d6:c4:7e:39:13:
82:31:ab:ba:58:a7:54:5f:4b:d3:31:9e:57:15:2a:
8f:a8:dd:95:73:45:a9:fa:3a:31:5a:f2:68:24:35:
de:cd:86:1b:4f:f0:e4:e0:c4:8d:f4:2a:22:00:c3:
38:c6:8b:b8:d1:10:72:5d:8e:a6:9a:d2:bc:7a:2f:
2a:fe:c2:6a:1e:f7:04:b5:f8:ed:cd:51:56:6a:ee:
62:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:7C:1B:A4:F0:0E:41:58:A4:BB:77:94:6B:87:5D:F5:1F:4E:2C:81
X509v3 Authority Key Identifier:
keyid:7B:CA:BE:64:90:FA:8B:D5:72:44:0F:D6:61:6A:84:30:EE:66:D1:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8q-ZJD6i9VyRA_WYWqEMO5m0VQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e62fee-da47-4777-9d39-1fece0592e9b/1/63wbpPAOQViku3eUa4dd9R9OLIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e62fee-da47-4777-9d39-1fece0592e9b/1/e8q-ZJD6i9VyRA_WYWqEMO5m0VQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.232.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:1f:61:82:a2:64:e9:03:64:80:fc:72:e0:c4:d1:2c:a1:77:
d7:1e:0b:27:b2:d5:ed:65:fb:a8:05:9b:35:53:c2:c9:60:70:
89:e0:0f:05:84:8f:4c:6f:c8:86:2b:5f:89:b7:4e:d3:f1:ab:
33:22:29:ac:66:d0:43:f3:04:c4:8d:d5:fc:05:e3:9c:c9:3d:
71:f3:f6:6e:52:6d:24:a6:15:7f:44:36:fc:25:ac:a5:d1:13:
e9:f9:5f:a9:27:7d:c5:a9:7d:b4:02:40:51:7c:ea:39:1d:9c:
ac:aa:4e:40:53:0a:c8:e8:7f:7e:3b:d5:16:31:de:1c:cb:26:
24:3f:8a:86:dd:93:14:5c:1b:79:de:a4:27:b7:53:7c:b3:a8:
36:73:6e:b5:71:25:d1:37:7d:5d:09:5a:91:88:ef:76:4a:e4:
b6:22:dd:c1:4b:af:8a:f5:04:f0:9f:00:9b:ad:3c:d0:5e:91:
2a:dc:a5:dc:5a:f3:25:96:12:0f:76:09:bc:40:06:8a:f0:15:
90:b5:9d:d6:69:fa:db:8b:c1:df:81:d8:c8:8b:bf:21:72:ff:
12:b6:8f:a7:9a:80:90:c8:2b:4d:6a:e1:d3:83:6a:62:08:32:
dd:61:4d:62:4f:fb:47:de:89:7c:c9:f9:12:0c:3c:fb:16:67:
45:b0:bf:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL8jqtoDxHPSVThLD9+uS7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiY2FiZTY0OTBmYThiZDU3MjQ0MGZkNjYxNmE4NDMwZWU2
NmQxNTQwHhcNMjQxMTA1MTM0MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjdjMWJhNGYwMGU0MTU4YTRiYjc3OTQ2Yjg3NWRmNTFmNGUyYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4vBVvjUBwv/LjLfBjG0cmq2Jyfl
rsSAnXsA+wFBGuoJ7divTE6EWHa42y83/Nh3hABq9juzFXXd7dABOlT3TeoIqVX5
XhBy9MPwyIXKIfmSsj+47srp1CY9KCzbNkCKG2iNzrdZBx8BpYjoc7Nhx6zfnQUx
LFeiqwffs+qcpLYLDU0/pdgNEHkN7F4jEQw4/GUjz2oyaPe3GP37gNy45kObAM0h
zMqn17W3kuPm1sR+OROCMau6WKdUX0vTMZ5XFSqPqN2Vc0Wp+joxWvJoJDXezYYb
T/Dk4MSN9CoiAMM4xou40RByXY6mmtK8ei8q/sJqHvcEtfjtzVFWau5iqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOt8G6TwDkFYpLt3lGuHXfUfTiyBMB8GA1UdIwQY
MBaAFHvKvmSQ+ovVckQP1mFqhDDuZtFUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZThxLVpKRDZpOVZ5UkFfV1lXcUVNTzVtMFZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9lNjJmZWUtZGE0Ny00Nzc3LTlkMzkt
MWZlY2UwNTkyZTliLzEvNjN3YnBQQU9RVmlrdTNlVWE0ZGQ5UjlPTElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9lNjJmZWUtZGE0Ny00Nzc3LTlkMzktMWZlY2UwNTkyZTli
LzEvZThxLVpKRDZpOVZ5UkFfV1lXcUVNTzVtMFZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYToMA0G
CSqGSIb3DQEBCwUAA4IBAQBdH2GComTpA2SA/HLgxNEsoXfXHgsnstXtZfuoBZs1
U8LJYHCJ4A8FhI9Mb8iGK1+Jt07T8aszIimsZtBD8wTEjdX8BeOcyT1x8/ZuUm0k
phV/RDb8Jayl0RPp+V+pJ33FqX20AkBRfOo5HZysqk5AUwrI6H9+O9UWMd4cyyYk
P4qG3ZMUXBt53qQnt1N8s6g2c261cSXRN31dCVqRiO92SuS2It3BS6+K9QTwnwCb
rTzQXpEq3KXcWvMllhIPdgm8QAaK8BWQtZ3Wafrbi8HfgdjIi78hcv8Sto+nmoCQ
yCtNauHTg2piCDLdYU1iT/tH3ol8yfkSDDz7FmdFsL+u
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:44 2025 by rpki-client