Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/6WuJDLqkK5Z2xYhmx8u-BtyhDdY.roa
File: 6WuJDLqkK5Z2xYhmx8u-BtyhDdY.roa (raw, json)
Hash identifier: Z9if4/2cziiCIHbICv5He2M3Y8yqRKqweMqrZaw0Dls=
Subject key identifier: E9:6B:89:0C:BA:A4:2B:96:76:C5:88:66:C7:CB:BE:06:DC:A1:0D:D6
Certificate issuer: /CN=ee37d34869bc60b7d9e78335f4a32381fb7210e5
Certificate serial: 018CC87124BEE1A74F5D7FEC09FCB719F27F
Authority key identifier: EE:37:D3:48:69:BC:60:B7:D9:E7:83:35:F4:A3:23:81:FB:72:10:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jfTSGm8YLfZ54M19KMjgftyEOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/6WuJDLqkK5Z2xYhmx8u-BtyhDdY.roa
Signing time: Tue 02 Jan 2024 04:31:47 +0000
ROA not before: Tue 02 Jan 2024 04:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47187
IP address blocks: 185.29.144.0/24 maxlen: 24
185.29.145.0/24 maxlen: 24
185.29.146.0/24 maxlen: 24
185.29.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:24:be:e1:a7:4f:5d:7f:ec:09:fc:b7:19:f2:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee37d34869bc60b7d9e78335f4a32381fb7210e5
Validity
Not Before: Jan 2 04:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e96b890cbaa42b9676c58866c7cbbe06dca10dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:98:7e:8e:3c:43:0f:b5:e8:30:b0:9b:46:d2:
83:0d:81:df:87:a5:e0:2f:f4:c8:5e:6c:e3:3d:98:
37:e6:66:f1:1f:8d:a7:a7:87:f2:8c:62:bd:44:af:
76:b7:e7:25:4d:f9:74:09:bb:16:35:bb:d7:c0:63:
c8:3c:03:5c:3f:1e:76:8b:6c:1c:ee:7b:a0:f2:a4:
ce:af:be:40:0e:a0:42:f9:93:e7:d0:04:29:45:71:
7f:99:c3:44:af:39:01:c4:2b:71:1e:3d:3b:32:d7:
48:2e:62:9a:96:c3:88:53:de:46:92:01:33:8c:22:
8a:54:fc:b1:f0:59:8b:56:75:ef:31:32:2c:29:53:
71:da:37:e8:cd:47:82:93:48:0d:d8:97:6f:9a:24:
91:83:20:68:28:84:b0:73:01:dc:49:cb:b7:97:e6:
12:75:1f:d6:82:5a:7e:d4:75:70:be:0a:26:a0:0b:
f6:ca:1f:fa:30:2b:6d:a6:63:a1:d6:e0:61:18:69:
f5:f6:33:31:98:6b:7e:6d:db:2d:b1:fa:36:3e:ee:
b1:75:10:a8:7b:85:a2:30:88:17:0e:23:9b:bc:a1:
f0:ba:85:75:34:48:99:c4:65:74:4c:a7:c7:67:88:
f3:76:c0:aa:a0:89:ee:2f:79:6c:50:48:ba:86:0c:
e7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:6B:89:0C:BA:A4:2B:96:76:C5:88:66:C7:CB:BE:06:DC:A1:0D:D6
X509v3 Authority Key Identifier:
keyid:EE:37:D3:48:69:BC:60:B7:D9:E7:83:35:F4:A3:23:81:FB:72:10:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jfTSGm8YLfZ54M19KMjgftyEOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/6WuJDLqkK5Z2xYhmx8u-BtyhDdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/7jfTSGm8YLfZ54M19KMjgftyEOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.144.0/22
Signature Algorithm: sha256WithRSAEncryption
57:d9:28:c9:e8:80:41:53:51:d2:f0:06:fe:1e:72:02:61:7a:
36:87:94:63:29:53:1d:36:79:d0:99:81:bf:62:da:eb:67:d0:
99:e0:2e:85:fe:84:4b:98:32:3d:e6:57:8c:d1:17:52:14:35:
09:98:ce:2d:de:05:bd:ca:c7:fb:8c:4f:d3:11:65:3f:c5:77:
b5:7b:ff:11:6f:54:81:7e:88:29:d2:64:ad:9e:87:db:79:36:
93:78:4c:ff:3e:ba:84:bf:f7:72:f5:64:73:65:0f:7e:11:e5:
8b:56:6c:3f:9e:5a:27:6b:84:bc:d8:d7:b9:f3:e0:69:b9:f5:
5f:43:10:e6:73:37:41:09:e5:5c:ad:7d:27:a0:ac:dc:48:8d:
e5:6a:59:00:18:68:27:d5:ac:17:e2:a6:07:9e:6a:cc:63:ec:
1b:95:52:2a:2e:8a:26:2b:33:e7:60:65:99:f7:ea:6c:6e:b4:
42:2d:26:be:23:21:34:49:fb:3a:55:9c:2a:1e:3f:46:35:9d:
f9:61:8a:ac:70:fc:6e:44:1d:a1:8f:15:0b:70:35:98:ea:4b:
e6:af:f9:6b:1b:e9:94:82:09:9a:de:f5:f1:da:da:fe:b3:de:
32:d4:63:27:2e:b6:3b:41:51:58:59:27:9c:3f:3c:8a:6c:11:
cd:ad:4b:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcSS+4adPXX/sCfy3GfJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzdkMzQ4NjliYzYwYjdkOWU3ODMzNWY0YTMyMzgxZmI3
MjEwZTUwHhcNMjQwMTAyMDQzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTZiODkwY2JhYTQyYjk2NzZjNTg4NjZjN2NiYmUwNmRjYTEwZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5h+jjxDD7XoMLCbRtKDDYHfh6Xg
L/TIXmzjPZg35mbxH42np4fyjGK9RK92t+clTfl0CbsWNbvXwGPIPANcPx52i2wc
7nug8qTOr75ADqBC+ZPn0AQpRXF/mcNErzkBxCtxHj07MtdILmKalsOIU95GkgEz
jCKKVPyx8FmLVnXvMTIsKVNx2jfozUeCk0gN2JdvmiSRgyBoKISwcwHcScu3l+YS
dR/Wglp+1HVwvgomoAv2yh/6MCttpmOh1uBhGGn19jMxmGt+bdstsfo2Pu6xdRCo
e4WiMIgXDiObvKHwuoV1NEiZxGV0TKfHZ4jzdsCqoInuL3lsUEi6hgzntwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOlriQy6pCuWdsWIZsfLvgbcoQ3WMB8GA1UdIwQY
MBaAFO4300hpvGC32eeDNfSjI4H7chDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pmVFNHbThZTGZaNTRNMTlLTWpnZnR5RU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jOGM1ZTQtMjI1YS00ODllLTkxMDAt
YWIyY2U5NGMxNDIzLzEvNld1SkRMcWtLNVoyeFlobXg4dS1CdHloRGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9jOGM1ZTQtMjI1YS00ODllLTkxMDAtYWIyY2U5NGMxNDIz
LzEvN2pmVFNHbThZTGZaNTRNMTlLTWpnZnR5RU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuR2QMA0G
CSqGSIb3DQEBCwUAA4IBAQBX2SjJ6IBBU1HS8Ab+HnICYXo2h5RjKVMdNnnQmYG/
YtrrZ9CZ4C6F/oRLmDI95leM0RdSFDUJmM4t3gW9ysf7jE/TEWU/xXe1e/8Rb1SB
fogp0mStnofbeTaTeEz/PrqEv/dy9WRzZQ9+EeWLVmw/nlona4S82Ne58+BpufVf
QxDmczdBCeVcrX0noKzcSI3lalkAGGgn1awX4qYHnmrMY+wblVIqLoomKzPnYGWZ
9+psbrRCLSa+IyE0Sfs6VZwqHj9GNZ35YYqscPxuRB2hjxULcDWY6kvmr/lrG+mU
ggma3vXx2tr+s94y1GMnLrY7QVFYWSecPzyKbBHNrUtt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:02 2025 by rpki-client