Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/CHI9UlWnTaeSTzaw-toPu6L2620.roa
File: CHI9UlWnTaeSTzaw-toPu6L2620.roa (raw, json)
Hash identifier: L+LzvPIoVaw79D3vlY8zTxETcIsyaSyr2cs+MDs0Vcw=
Subject key identifier: 08:72:3D:52:55:A7:4D:A7:92:4F:36:B0:FA:DA:0F:BB:A2:F6:EB:6D
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 0193F78BA8793F45158D9E493770EABF79C8
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/CHI9UlWnTaeSTzaw-toPu6L2620.roa
Signing time: Tue 24 Dec 2024 07:22:25 +0000
ROA not before: Tue 24 Dec 2024 07:22:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60267
IP address blocks: 185.72.15.0/24 maxlen: 24
185.154.56.0/22 maxlen: 22
185.224.48.0/22 maxlen: 22
193.242.164.0/23 maxlen: 23
194.62.56.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f7:8b:a8:79:3f:45:15:8d:9e:49:37:70:ea:bf:79:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Dec 24 07:22:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08723d5255a74da7924f36b0fada0fbba2f6eb6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:36:db:fe:08:47:09:7b:c4:2c:3c:65:e7:78:
13:51:6e:5f:f7:c4:a7:d2:c7:a1:54:5d:31:c2:67:
e3:6a:c0:e1:9a:2b:d8:a4:f1:76:80:92:a1:b3:e8:
6b:06:be:ed:d9:f2:cc:ac:e8:f6:11:5a:bc:7e:6d:
0d:f2:9b:33:8e:b3:4b:3e:d3:ab:07:40:cb:77:17:
ec:fe:98:d2:b4:0f:eb:8a:66:f3:9c:9d:94:29:5e:
54:55:ca:63:af:23:38:82:bc:1f:ed:3a:32:7f:61:
e0:3d:12:aa:e8:5b:eb:fc:20:c1:46:57:26:74:85:
23:03:be:ab:71:cc:6d:71:09:76:aa:65:2c:23:24:
05:6d:13:93:0c:45:28:1b:a3:57:a3:7a:af:6c:db:
51:f2:51:5f:c6:e9:e7:ed:ed:d1:4f:7d:a3:10:b0:
b9:6c:e5:d8:0a:d2:a4:68:99:75:0d:93:39:d5:0b:
fc:a0:19:cb:09:6b:c2:8e:af:1b:6f:87:3a:b8:b2:
ca:56:fc:27:26:8d:42:86:76:12:f6:50:7b:db:79:
8e:d2:fd:fc:b0:98:22:bd:02:b9:20:9d:5b:5b:7f:
f2:e0:3e:d1:cb:e7:73:2e:76:4b:1b:f1:c2:83:e8:
1c:77:f9:c4:63:d7:a2:02:f0:8b:7d:53:a8:db:00:
e0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:72:3D:52:55:A7:4D:A7:92:4F:36:B0:FA:DA:0F:BB:A2:F6:EB:6D
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/CHI9UlWnTaeSTzaw-toPu6L2620.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.15.0/24
185.154.56.0/22
185.224.48.0/22
193.242.164.0/23
194.62.56.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:8a:03:66:24:a0:8f:e5:f0:1a:e0:66:ec:4e:bf:1c:87:65:
23:11:82:30:fe:50:53:a3:59:f3:69:67:a8:c0:52:73:d2:7c:
f4:cf:dc:d4:5a:ea:39:64:ea:aa:8c:d4:cf:84:e3:38:f2:e1:
c7:d2:94:a6:d8:0c:18:fa:3d:4e:af:85:12:0c:83:02:e7:86:
72:cd:fb:aa:98:18:1d:07:1a:8d:59:37:ee:4e:86:16:c6:9f:
9f:cf:80:b0:7c:10:63:69:c3:42:5c:21:f7:f3:32:05:e5:bd:
ad:c0:00:18:ec:de:3b:5e:42:a7:bf:a7:c7:82:a6:b0:62:7d:
1d:18:dd:ad:df:c0:a2:a6:f4:dc:d7:66:2e:12:dc:b9:3b:29:
8e:24:da:55:fc:72:94:45:38:0b:ec:e5:12:0b:3c:ed:ca:de:
cf:b2:35:47:c0:9d:ad:2d:f6:5e:29:cd:e7:c3:d1:29:f0:36:
9c:e9:4f:b1:23:e7:a8:42:0b:ba:60:b3:ff:ef:b2:dd:64:38:
ae:5f:2e:40:ac:5a:4b:c3:3d:14:e2:8c:9d:3f:89:9b:cd:b3:
5e:e1:1e:ab:fe:30:f7:30:40:ca:45:07:4c:0e:d9:0f:3d:81:
28:56:c1:46:c2:5e:40:d8:71:5e:d0:83:43:20:c7:bf:7d:0d:
66:e5:2c:35
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZP3i6h5P0UVjZ5JN3Dqv3nIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjQxMjI0MDcyMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODcyM2Q1MjU1YTc0ZGE3OTI0ZjM2YjBmYWRhMGZiYmEyZjZlYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjbb/ghHCXvELDxl53gTUW5f98Sn
0sehVF0xwmfjasDhmivYpPF2gJKhs+hrBr7t2fLMrOj2EVq8fm0N8pszjrNLPtOr
B0DLdxfs/pjStA/rimbznJ2UKV5UVcpjryM4grwf7Toyf2HgPRKq6Fvr/CDBRlcm
dIUjA76rccxtcQl2qmUsIyQFbROTDEUoG6NXo3qvbNtR8lFfxunn7e3RT32jELC5
bOXYCtKkaJl1DZM51Qv8oBnLCWvCjq8bb4c6uLLKVvwnJo1ChnYS9lB723mO0v38
sJgivQK5IJ1bW3/y4D7Ry+dzLnZLG/HCg+gcd/nEY9eiAvCLfVOo2wDgZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAhyPVJVp02nkk82sPraD7ui9uttMB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvQ0hJOVVsV25UYWVTVHphdy10b1B1NkwyNjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUgPAwQC
uZo4AwQCueAwAwQBwfKkAwQCwj44MA0GCSqGSIb3DQEBCwUAA4IBAQA6igNmJKCP
5fAa4GbsTr8ch2UjEYIw/lBTo1nzaWeowFJz0nz0z9zUWuo5ZOqqjNTPhOM48uHH
0pSm2AwY+j1Or4USDIMC54ZyzfuqmBgdBxqNWTfuToYWxp+fz4CwfBBjacNCXCH3
8zIF5b2twAAY7N47XkKnv6fHgqawYn0dGN2t38CipvTc12YuEty5OymOJNpV/HKU
RTgL7OUSCzztyt7PsjVHwJ2tLfZeKc3nw9Ep8Dac6U+xI+eoQgu6YLP/77LdZDiu
Xy5ArFpLwz0U4oydP4mbzbNe4R6r/jD3MEDKRQdMDtkPPYEoVsFGwl5A2HFe0IND
IMe/fQ1m5Sw1
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:18:56 2025 by rpki-client