Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/uNR7k5qvVXVpCHlo1UW41HBBxtw.roa
File: uNR7k5qvVXVpCHlo1UW41HBBxtw.roa (raw, json)
Hash identifier: v65DPlTQLKvxSm5wTLOhNgzl6BFx/h4aWbm7Da9L4a0=
Subject key identifier: B8:D4:7B:93:9A:AF:55:75:69:08:79:68:D5:45:B8:D4:70:41:C6:DC
Certificate issuer: /CN=123c3de61011de07101e14dc0727395171cb03ab
Certificate serial: 018CC80124B877B1708586BBFD6276C73B83
Authority key identifier: 12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/uNR7k5qvVXVpCHlo1UW41HBBxtw.roa
Signing time: Tue 02 Jan 2024 02:29:27 +0000
ROA not before: Tue 02 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203459
IP address blocks: 185.133.225.0/24 maxlen: 24
185.133.226.0/24 maxlen: 24
185.133.224.0/24 maxlen: 24
185.133.227.0/24 maxlen: 24
2a06:7fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 05 Apr 2024 17:06:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:24:b8:77:b1:70:85:86:bb:fd:62:76:c7:3b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123c3de61011de07101e14dc0727395171cb03ab
Validity
Not Before: Jan 2 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8d47b939aaf557569087968d545b8d47041c6dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d4:71:ee:c3:3e:d9:6b:1b:cb:cb:60:19:aa:
76:04:4a:a9:c1:3b:37:87:e7:a7:6b:da:9d:b4:42:
59:02:a7:4c:29:8c:24:27:f1:21:ea:92:b8:c5:b1:
04:e2:04:d1:14:88:7c:f4:16:b0:a6:d4:d2:d9:40:
b1:fe:b5:3e:0b:84:6e:8e:f1:71:63:e3:ab:88:d8:
a6:66:a9:3f:e8:8f:c9:ca:5a:b8:7a:58:80:07:9b:
c6:8e:42:f8:4a:e5:75:fe:85:60:ca:26:2a:e0:ae:
44:9c:01:0c:23:b5:5f:24:58:45:62:54:6a:fb:6d:
c5:94:1d:7f:f5:fa:78:c7:7f:a0:0b:e8:6e:01:35:
6f:80:4c:d5:a9:7c:0e:04:3c:aa:7f:d1:0b:64:30:
aa:3f:98:76:aa:a9:f5:d5:33:94:60:4e:8b:9b:f3:
8a:ae:68:67:ff:26:86:b4:c7:c2:10:61:d7:88:33:
96:be:fb:07:6f:af:d4:ec:47:2b:d2:a7:58:ef:70:
16:e1:58:52:86:67:e3:1b:2c:2f:b7:82:15:b8:df:
4b:2a:91:4a:a2:41:30:bf:1b:36:ab:cd:ec:a3:0d:
fb:dc:5a:8b:f7:42:87:53:31:b7:7b:14:3b:24:a9:
bf:93:a7:f1:e7:e9:8d:4b:ff:18:3d:a8:8b:e1:29:
99:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D4:7B:93:9A:AF:55:75:69:08:79:68:D5:45:B8:D4:70:41:C6:DC
X509v3 Authority Key Identifier:
keyid:12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/uNR7k5qvVXVpCHlo1UW41HBBxtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.224.0/22
IPv6:
2a06:7fc0::/29
Signature Algorithm: sha256WithRSAEncryption
c9:26:4d:84:a3:9d:bf:30:5a:72:a2:1a:87:39:73:be:5a:9c:
a7:d4:44:91:69:39:d8:90:83:40:3f:24:5e:98:7c:9f:da:9c:
14:a4:bb:ff:2c:37:90:3e:c7:1e:76:b2:4a:d4:20:3a:18:25:
58:85:42:51:bc:67:2f:76:73:23:6c:8f:86:d7:70:b7:30:30:
9b:49:fa:ed:71:7a:dd:1e:06:ed:cc:c7:b0:9f:4f:92:33:77:
86:03:f2:78:9c:f6:d5:07:40:2a:f1:18:7e:02:ad:cd:25:f2:
3b:19:01:b3:ac:e9:9b:fc:ca:f4:2f:4c:c6:d2:a0:c5:7e:27:
26:e0:32:03:64:54:5d:3c:68:97:82:c1:21:60:54:96:a5:97:
97:c5:ab:71:7e:81:83:91:55:f9:dd:38:b5:e6:7d:c9:a0:7e:
96:60:09:f0:db:cb:a4:27:5e:e7:47:5d:ae:5c:b3:c9:98:95:
b3:72:95:e4:4a:04:24:b3:73:7e:df:36:ab:2f:41:85:a6:be:
fa:00:29:33:a8:06:e3:0d:2e:ea:f8:d4:34:b1:c1:7f:ef:49:
85:54:6c:4e:f3:0d:9f:0a:78:75:b6:21:0d:7f:34:10:0e:ba:
c2:31:3d:98:c6:a7:a3:23:ba:a5:d6:fb:eb:9e:aa:f4:d8:8d:
75:b3:5f:52
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIASS4d7FwhYa7/WJ2xzuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2MzZGU2MTAxMWRlMDcxMDFlMTRkYzA3MjczOTUxNzFj
YjAzYWIwHhcNMjQwMTAyMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQ0N2I5MzlhYWY1NTc1NjkwODc5NjhkNTQ1YjhkNDcwNDFjNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudRx7sM+2Wsby8tgGap2BEqpwTs3
h+ena9qdtEJZAqdMKYwkJ/Eh6pK4xbEE4gTRFIh89BawptTS2UCx/rU+C4RujvFx
Y+OriNimZqk/6I/Jylq4eliAB5vGjkL4SuV1/oVgyiYq4K5EnAEMI7VfJFhFYlRq
+23FlB1/9fp4x3+gC+huATVvgEzVqXwOBDyqf9ELZDCqP5h2qqn11TOUYE6Lm/OK
rmhn/yaGtMfCEGHXiDOWvvsHb6/U7Ecr0qdY73AW4VhShmfjGywvt4IVuN9LKpFK
okEwvxs2q83sow373FqL90KHUzG3exQ7JKm/k6fx5+mNS/8YPaiL4SmZfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLjUe5Oar1V1aQh5aNVFuNRwQcbcMB8GA1UdIwQY
MBaAFBI8PeYQEd4HEB4U3AcnOVFxywOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUt
YjUwNGM5YWU5YmJjLzEvdU5SN2s1cXZWWFZwQ0hsbzFVVzQxSEJCeHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUtYjUwNGM5YWU5YmJj
LzEvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYXgMA0E
AgACMAcDBQMqBn/AMA0GCSqGSIb3DQEBCwUAA4IBAQDJJk2Eo52/MFpyohqHOXO+
Wpyn1ESRaTnYkINAPyRemHyf2pwUpLv/LDeQPscedrJK1CA6GCVYhUJRvGcvdnMj
bI+G13C3MDCbSfrtcXrdHgbtzMewn0+SM3eGA/J4nPbVB0Aq8Rh+Aq3NJfI7GQGz
rOmb/Mr0L0zG0qDFficm4DIDZFRdPGiXgsEhYFSWpZeXxatxfoGDkVX53Ti15n3J
oH6WYAnw28ukJ17nR12uXLPJmJWzcpXkSgQks3N+3zarL0GFpr76ACkzqAbjDS7q
+NQ0scF/70mFVGxO8w2fCnh1tiENfzQQDrrCMT2YxqejI7ql1vvrnqr02I11s19S
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:46 2025 by rpki-client