Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/39d5f1-66f7-49d8-afba-14a1909b1237/1/9MXzBC4F9-iY-VaS_MgEPMGWFQE.roa
File: 9MXzBC4F9-iY-VaS_MgEPMGWFQE.roa (raw, json)
Hash identifier: rCi7WiLxMNiIQoVcrCIA4neEyLDOT5UGIO7/tPaXXiQ=
Subject key identifier: F4:C5:F3:04:2E:05:F7:E8:98:F9:56:92:FC:C8:04:3C:C1:96:15:01
Certificate issuer: /CN=ee1cce901e5fb7c92f09a915cf6e656f693ba100
Certificate serial: 0192B8776E0D2F4BA3F340C6209A528EBFB6
Authority key identifier: EE:1C:CE:90:1E:5F:B7:C9:2F:09:A9:15:CF:6E:65:6F:69:3B:A1:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hzOkB5ft8kvCakVz25lb2k7oQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/39d5f1-66f7-49d8-afba-14a1909b1237/1/9MXzBC4F9-iY-VaS_MgEPMGWFQE.roa
Signing time: Wed 23 Oct 2024 08:21:27 +0000
ROA not before: Wed 23 Oct 2024 08:21:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36131
IP address blocks: 185.155.136.0/22 maxlen: 22
185.155.136.0/24 maxlen: 24
185.155.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:77:6e:0d:2f:4b:a3:f3:40:c6:20:9a:52:8e:bf:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1cce901e5fb7c92f09a915cf6e656f693ba100
Validity
Not Before: Oct 23 08:21:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4c5f3042e05f7e898f95692fcc8043cc1961501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e5:81:fa:10:92:f7:93:9f:4c:f0:e8:01:0e:
b0:1f:18:a7:4e:a4:95:43:6a:cf:d4:64:4c:dc:7c:
a9:ba:e9:36:51:5c:7a:9a:cf:10:33:87:49:ba:6b:
dc:f1:95:f4:ba:98:e5:bf:92:52:f3:89:98:20:aa:
d7:b6:d0:1d:58:32:6f:eb:5a:74:b4:e6:c1:51:1c:
d6:81:f8:3c:1b:a3:53:cd:4a:f6:d4:d0:1a:2c:98:
5b:1f:5a:57:07:ad:56:85:75:34:50:99:0a:f9:c0:
c1:e0:5e:a6:40:d2:75:5d:a4:90:8b:f3:4c:45:58:
f2:0c:7a:91:93:ee:79:de:18:fe:40:c5:ba:ec:39:
ac:98:ec:ff:8b:7a:65:bc:38:37:78:3a:e2:d4:a5:
5c:ef:1b:b5:be:05:83:ad:7a:70:83:07:c2:62:39:
6e:21:1e:87:89:2f:e4:9e:15:2d:61:20:84:67:5d:
42:60:33:69:8e:28:96:0e:c2:bc:8f:98:0e:85:32:
cf:b7:8e:8d:07:25:02:6c:87:f9:d0:49:54:e4:c9:
40:31:a5:80:51:ce:b8:9f:b2:96:02:fa:77:a2:21:
9f:5d:f1:10:83:94:94:c9:06:a2:97:3b:df:ea:58:
f3:2e:e1:ed:b4:39:58:f0:6a:30:f2:55:58:04:14:
93:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C5:F3:04:2E:05:F7:E8:98:F9:56:92:FC:C8:04:3C:C1:96:15:01
X509v3 Authority Key Identifier:
keyid:EE:1C:CE:90:1E:5F:B7:C9:2F:09:A9:15:CF:6E:65:6F:69:3B:A1:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hzOkB5ft8kvCakVz25lb2k7oQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/39d5f1-66f7-49d8-afba-14a1909b1237/1/9MXzBC4F9-iY-VaS_MgEPMGWFQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/39d5f1-66f7-49d8-afba-14a1909b1237/1/7hzOkB5ft8kvCakVz25lb2k7oQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.136.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:82:16:d3:f9:51:ee:29:4f:30:43:2c:3c:68:81:a2:ef:39:
a5:99:b7:16:d1:ce:0d:58:fd:22:f6:08:8e:a0:3f:1a:25:e3:
3b:e1:0b:e8:7f:82:62:83:70:3c:63:e9:2d:0a:cf:96:e5:d4:
96:da:c4:28:9c:fa:cf:ec:0e:e9:d6:f2:d6:a0:ca:c8:9f:50:
2a:2f:88:e5:b5:47:16:7c:c9:db:55:d9:57:f0:d0:e1:d9:db:
84:b5:86:bc:78:36:de:f5:15:1d:d0:56:a7:3c:6c:de:41:01:
07:17:e5:d2:af:e8:5d:61:49:ed:c6:5c:9d:35:e5:29:81:9a:
34:de:b2:03:e2:66:c5:f6:36:68:af:12:7a:12:6f:57:db:f9:
fd:7e:2b:25:4c:3f:5d:05:c6:b1:b3:a2:12:70:af:55:ba:3c:
e7:15:e0:d3:49:ce:7e:dc:61:51:e7:44:f8:18:f8:6b:e4:97:
f5:fd:c7:a8:cf:ab:4a:55:24:65:1c:bb:0a:24:a3:cc:c8:80:
4a:ab:dc:18:84:f1:e5:f7:9f:83:67:f9:6f:bc:81:63:97:e2:
87:2b:82:17:60:4c:0c:7f:8c:69:d3:cf:62:66:3f:29:61:ff:
f6:a9:d9:95:ac:3b:2e:5a:f9:5f:f3:cb:3d:2d:e3:59:93:b7:
8b:e0:77:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZK4d24NL0uj80DGIJpSjr+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWNjZTkwMWU1ZmI3YzkyZjA5YTkxNWNmNmU2NTZmNjkz
YmExMDAwHhcNMjQxMDIzMDgyMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGM1ZjMwNDJlMDVmN2U4OThmOTU2OTJmY2M4MDQzY2MxOTYxNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+WB+hCS95OfTPDoAQ6wHxinTqSV
Q2rP1GRM3Hypuuk2UVx6ms8QM4dJumvc8ZX0upjlv5JS84mYIKrXttAdWDJv61p0
tObBURzWgfg8G6NTzUr21NAaLJhbH1pXB61WhXU0UJkK+cDB4F6mQNJ1XaSQi/NM
RVjyDHqRk+553hj+QMW67DmsmOz/i3plvDg3eDri1KVc7xu1vgWDrXpwgwfCYjlu
IR6HiS/knhUtYSCEZ11CYDNpjiiWDsK8j5gOhTLPt46NByUCbIf50ElU5MlAMaWA
Uc64n7KWAvp3oiGfXfEQg5SUyQailzvf6ljzLuHttDlY8Gow8lVYBBST5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPTF8wQuBffomPlWkvzIBDzBlhUBMB8GA1UdIwQY
MBaAFO4czpAeX7fJLwmpFc9uZW9pO6EAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h6T2tCNWZ0OGt2Q2FrVnoyNWxiMms3b1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zOWQ1ZjEtNjZmNy00OWQ4LWFmYmEt
MTRhMTkwOWIxMjM3LzEvOU1YekJDNEY5LWlZLVZhU19NZ0VQTUdXRlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zOWQ1ZjEtNjZmNy00OWQ4LWFmYmEtMTRhMTkwOWIxMjM3
LzEvN2h6T2tCNWZ0OGt2Q2FrVnoyNWxiMms3b1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZuIMA0G
CSqGSIb3DQEBCwUAA4IBAQCaghbT+VHuKU8wQyw8aIGi7zmlmbcW0c4NWP0i9giO
oD8aJeM74Qvof4Jig3A8Y+ktCs+W5dSW2sQonPrP7A7p1vLWoMrIn1AqL4jltUcW
fMnbVdlX8NDh2duEtYa8eDbe9RUd0FanPGzeQQEHF+XSr+hdYUntxlydNeUpgZo0
3rID4mbF9jZorxJ6Em9X2/n9fislTD9dBcaxs6IScK9VujznFeDTSc5+3GFR50T4
GPhr5Jf1/ceoz6tKVSRlHLsKJKPMyIBKq9wYhPHl95+DZ/lvvIFjl+KHK4IXYEwM
f4xp089iZj8pYf/2qdmVrDsuWvlf88s9LeNZk7eL4HeU
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:47:19 2025 by rpki-client