Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff3b6c-6db3-4821-9a40-e3c7d4e6598f/1/Ov3gjJ6W-dbwS4PXLMVQiSqFnNQ.roa
File: Ov3gjJ6W-dbwS4PXLMVQiSqFnNQ.roa (raw, json)
Hash identifier: o4iE9tRsZeaUQiDaowkSOTalxZRZJ/iDwiD354nCzGY=
Subject key identifier: 3A:FD:E0:8C:9E:96:F9:D6:F0:4B:83:D7:2C:C5:50:89:2A:85:9C:D4
Certificate issuer: /CN=25e1b659862d15a51cb5ff34de7223c69e48126a
Certificate serial: 018CCA2A044F6CE20F2A2333F2E3F2483E78
Authority key identifier: 25:E1:B6:59:86:2D:15:A5:1C:B5:FF:34:DE:72:23:C6:9E:48:12:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeG2WYYtFaUctf803nIjxp5IEmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff3b6c-6db3-4821-9a40-e3c7d4e6598f/1/Ov3gjJ6W-dbwS4PXLMVQiSqFnNQ.roa
Signing time: Tue 02 Jan 2024 12:33:20 +0000
ROA not before: Tue 02 Jan 2024 12:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204638
IP address blocks: 185.75.58.0/24 maxlen: 24
185.75.57.0/24 maxlen: 24
185.75.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jul 2024 10:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:04:4f:6c:e2:0f:2a:23:33:f2:e3:f2:48:3e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e1b659862d15a51cb5ff34de7223c69e48126a
Validity
Not Before: Jan 2 12:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3afde08c9e96f9d6f04b83d72cc550892a859cd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d9:1d:03:a2:e5:8d:2f:6d:2a:a0:db:60:0d:
ca:d1:ab:a2:86:fb:9f:9f:0d:41:45:34:fe:0f:e7:
f2:97:2e:0c:16:9a:5e:2c:a9:b7:c6:c0:97:4b:60:
a2:80:3c:2b:5b:50:dd:4a:fe:f9:d5:b6:b7:1b:e6:
3b:01:4b:fc:e8:21:c0:bf:ab:c0:47:39:93:69:b6:
61:08:4e:a0:7a:ab:14:0a:8c:45:f7:2e:ee:e6:28:
7d:88:22:51:96:9f:71:bb:23:90:00:d3:47:6c:f3:
9e:21:d3:bd:62:fa:d2:ad:ec:08:ee:d1:e9:32:ca:
64:d5:d3:31:07:a9:5f:3f:b5:2a:25:de:9a:b7:3c:
29:37:fa:38:43:ed:a4:b2:08:0f:7c:34:10:7b:0c:
d0:8c:13:4e:f0:7a:81:af:61:83:3a:fe:68:39:b7:
55:98:6e:99:02:7a:9a:a1:3f:e4:f4:4a:5a:9a:2e:
3e:8c:b6:9a:c1:6b:0c:d6:01:4f:65:fa:48:0b:34:
e3:a4:9e:6e:a2:b6:11:f1:cc:0c:43:af:92:e3:ea:
74:8a:c5:da:a7:13:b7:39:39:18:bf:03:c8:7d:42:
d2:21:d3:d6:32:42:ac:8d:a5:f2:7a:db:2b:9c:d2:
cd:81:c7:36:d3:d3:76:9a:b2:e0:8e:38:6e:4c:25:
b9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:FD:E0:8C:9E:96:F9:D6:F0:4B:83:D7:2C:C5:50:89:2A:85:9C:D4
X509v3 Authority Key Identifier:
keyid:25:E1:B6:59:86:2D:15:A5:1C:B5:FF:34:DE:72:23:C6:9E:48:12:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeG2WYYtFaUctf803nIjxp5IEmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff3b6c-6db3-4821-9a40-e3c7d4e6598f/1/Ov3gjJ6W-dbwS4PXLMVQiSqFnNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff3b6c-6db3-4821-9a40-e3c7d4e6598f/1/JeG2WYYtFaUctf803nIjxp5IEmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.56.0-185.75.58.255
Signature Algorithm: sha256WithRSAEncryption
22:1c:53:d2:84:fb:c6:db:1f:ad:9c:b8:18:31:b0:e0:28:67:
eb:de:02:7d:4c:f5:b5:de:18:e6:d0:54:40:b6:3d:67:95:1c:
7d:62:35:7c:65:16:46:2e:b4:ad:2f:9d:63:fe:5b:9a:64:e5:
a3:61:62:94:dd:a9:2a:7f:99:32:63:d5:a5:b6:bd:a8:96:2d:
6c:cf:24:ba:52:cd:c8:9c:85:3b:ce:bf:e5:b3:85:8a:39:fb:
51:ff:3d:fb:3d:ae:c1:f3:1d:8d:8c:39:c2:d6:c8:2d:79:fc:
22:43:b0:c6:6f:a0:ec:61:53:2f:2f:d3:cc:86:7b:c3:40:53:
a4:19:e2:eb:17:6a:45:d4:b9:5b:8e:a1:f0:d5:d1:f8:60:8f:
ae:11:81:b6:d1:33:4d:37:a1:6d:77:83:71:89:84:33:b5:4f:
d4:93:5d:58:ae:89:97:84:93:31:38:72:f8:fe:e2:3e:81:74:
67:71:c1:b2:d0:ef:58:76:e6:0e:87:68:13:9f:4b:95:18:b5:
f6:5c:d5:d3:e6:04:3b:35:32:5f:a3:66:a1:c6:39:2d:78:51:
8f:a2:b4:c3:4d:34:f5:8a:e9:99:b5:62:31:90:33:1e:94:eb:
0a:73:8a:17:f8:e5:01:26:84:fa:1f:e7:f5:e2:11:52:7f:f9:
ac:f2:28:df
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKKgRPbOIPKiMz8uPySD54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTFiNjU5ODYyZDE1YTUxY2I1ZmYzNGRlNzIyM2M2OWU0
ODEyNmEwHhcNMjQwMTAyMTIzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWZkZTA4YzllOTZmOWQ2ZjA0YjgzZDcyY2M1NTA4OTJhODU5Y2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9kdA6LljS9tKqDbYA3K0auihvuf
nw1BRTT+D+fyly4MFppeLKm3xsCXS2CigDwrW1DdSv751ba3G+Y7AUv86CHAv6vA
RzmTabZhCE6geqsUCoxF9y7u5ih9iCJRlp9xuyOQANNHbPOeIdO9YvrSrewI7tHp
Mspk1dMxB6lfP7UqJd6atzwpN/o4Q+2ksggPfDQQewzQjBNO8HqBr2GDOv5oObdV
mG6ZAnqaoT/k9Epami4+jLaawWsM1gFPZfpICzTjpJ5uorYR8cwMQ6+S4+p0isXa
pxO3OTkYvwPIfULSIdPWMkKsjaXyetsrnNLNgcc209N2mrLgjjhuTCW5GQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDr94IyelvnW8EuD1yzFUIkqhZzUMB8GA1UdIwQY
MBaAFCXhtlmGLRWlHLX/NN5yI8aeSBJqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVHMldZWXRGYVVjdGY4MDNuSWp4cDVJRW1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjNiNmMtNmRiMy00ODIxLTlhNDAt
ZTNjN2Q0ZTY1OThmLzEvT3YzZ2pKNlctZGJ3UzRQWExNVlFpU3FGbk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjNiNmMtNmRiMy00ODIxLTlhNDAtZTNjN2Q0ZTY1OThm
LzEvSmVHMldZWXRGYVVjdGY4MDNuSWp4cDVJRW1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5SzgD
BAC5SzowDQYJKoZIhvcNAQELBQADggEBACIcU9KE+8bbH62cuBgxsOAoZ+veAn1M
9bXeGObQVEC2PWeVHH1iNXxlFkYutK0vnWP+W5pk5aNhYpTdqSp/mTJj1aW2vaiW
LWzPJLpSzcichTvOv+WzhYo5+1H/Pfs9rsHzHY2MOcLWyC15/CJDsMZvoOxhUy8v
08yGe8NAU6QZ4usXakXUuVuOofDV0fhgj64RgbbRM003oW13g3GJhDO1T9STXViu
iZeEkzE4cvj+4j6BdGdxwbLQ71h25g6HaBOfS5UYtfZc1dPmBDs1Ml+jZqHGOS14
UY+itMNNNPWK6Zm1YjGQMx6U6wpzihf45QEmhPof5/XiEVJ/+azyKN8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:39 2025 by rpki-client