Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/cv5QsCgAg8wRk7x9ZvO5tx-Vt7U.roa
File: cv5QsCgAg8wRk7x9ZvO5tx-Vt7U.roa (raw, json)
Hash identifier: GQLFLaufmoXEcgOMwCMq7qgmmmzC3q73v2wAfgusvpA=
Subject key identifier: 72:FE:50:B0:28:00:83:CC:11:93:BC:7D:66:F3:B9:B7:1F:95:B7:B5
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 018CC5DC87F0BE75BD4BFCADB4132468D8F1
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/cv5QsCgAg8wRk7x9ZvO5tx-Vt7U.roa
Signing time: Mon 01 Jan 2024 16:30:13 +0000
ROA not before: Mon 01 Jan 2024 16:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203905
IP address blocks: 185.33.169.0/24 maxlen: 24
185.33.170.0/24 maxlen: 24
2a00:6ba0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:87:f0:be:75:bd:4b:fc:ad:b4:13:24:68:d8:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Jan 1 16:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72fe50b0280083cc1193bc7d66f3b9b71f95b7b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:92:7c:0a:52:26:4a:18:3a:d0:82:1d:3d:1d:
88:66:36:77:0e:f3:90:1d:f2:84:ad:14:4d:18:9f:
74:1f:1c:be:54:6e:65:03:13:45:63:6e:79:19:60:
2e:bf:21:7d:38:70:86:29:65:f3:a5:2b:bb:cc:5f:
5a:5d:eb:9e:de:08:b7:4b:b5:6a:40:c3:c6:fa:af:
8e:25:66:72:09:42:9b:8b:02:68:32:89:05:96:8b:
01:2e:23:10:d3:94:65:69:ce:ce:f2:a7:37:5d:cd:
3d:06:dc:1f:84:cd:07:59:97:6c:1b:e0:18:15:ad:
89:bb:02:2d:7c:ed:e8:0e:94:2e:04:e8:d0:6d:f4:
3c:2f:05:a4:10:87:0a:09:f9:f9:ca:00:79:c9:fc:
c7:d5:4a:17:24:3f:8f:f9:05:0f:d5:8c:0f:4d:39:
e8:9b:81:b2:71:6a:1d:b3:71:cf:02:77:00:93:a9:
53:2b:c4:3c:74:cb:69:3f:d1:8c:f2:62:7c:58:ca:
c8:1b:03:4a:d9:d3:5f:a1:b7:94:7e:f1:5a:7a:c4:
ab:ac:cb:eb:9d:d2:2f:43:ad:16:68:1c:09:84:32:
8b:4e:f4:56:60:7c:71:52:d2:6f:8d:c7:0c:1f:f9:
eb:79:5c:09:38:af:0b:d8:58:5d:93:96:a8:93:06:
21:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:FE:50:B0:28:00:83:CC:11:93:BC:7D:66:F3:B9:B7:1F:95:B7:B5
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/cv5QsCgAg8wRk7x9ZvO5tx-Vt7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.169.0-185.33.170.255
IPv6:
2a00:6ba0::/32
Signature Algorithm: sha256WithRSAEncryption
41:39:0f:b1:68:e9:38:2a:e6:cf:df:c6:f8:4d:3e:12:b2:fc:
72:33:81:cb:23:46:50:f4:09:d2:8e:0a:3b:ef:3f:4a:16:7e:
e1:66:a3:5a:e3:78:47:1e:2f:c0:3d:55:5c:90:a5:d9:f7:89:
0b:21:a8:84:2a:28:8d:e0:1c:cf:58:1b:dc:12:8c:18:88:d6:
de:ad:8d:b4:bc:f7:38:08:5c:4b:a6:4b:44:82:f6:63:35:d6:
02:5e:33:de:92:14:a2:a4:11:7f:c9:d2:39:9a:d7:2e:98:e0:
a7:f9:25:60:a3:29:6e:52:1f:88:16:ff:df:80:29:01:1d:54:
0c:7d:b8:3e:36:ea:40:1e:99:21:80:bc:f7:84:3e:9f:5b:bc:
71:4e:dd:0d:14:38:a8:9c:c9:8f:1b:d7:b9:d9:80:e6:3e:35:
0d:66:8f:11:6a:77:21:ee:08:d9:7b:86:16:31:fc:5e:40:7c:
7a:e3:4d:c9:ae:df:f0:29:8b:b8:b0:d3:d9:07:c1:4c:40:69:
2e:bd:3b:88:5c:51:ef:c1:e8:ba:a0:cc:be:dd:7c:29:ed:97:
97:4f:2f:57:f3:87:4e:10:3a:44:44:1d:f4:24:a8:e9:6b:94:
ca:83:d2:f4:00:3e:d8:19:b2:35:52:62:40:76:e6:78:09:b4:
6b:55:a0:e7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzF3IfwvnW9S/yttBMkaNjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjQwMTAxMTYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmZlNTBiMDI4MDA4M2NjMTE5M2JjN2Q2NmYzYjliNzFmOTViN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZJ8ClImShg60IIdPR2IZjZ3DvOQ
HfKErRRNGJ90Hxy+VG5lAxNFY255GWAuvyF9OHCGKWXzpSu7zF9aXeue3gi3S7Vq
QMPG+q+OJWZyCUKbiwJoMokFlosBLiMQ05Rlac7O8qc3Xc09BtwfhM0HWZdsG+AY
Fa2JuwItfO3oDpQuBOjQbfQ8LwWkEIcKCfn5ygB5yfzH1UoXJD+P+QUP1YwPTTno
m4GycWods3HPAncAk6lTK8Q8dMtpP9GM8mJ8WMrIGwNK2dNfobeUfvFaesSrrMvr
ndIvQ60WaBwJhDKLTvRWYHxxUtJvjccMH/nreVwJOK8L2Fhdk5aokwYhrwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHL+ULAoAIPMEZO8fWbzubcflbe1MB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvY3Y1UXNDZ0FnOHdSazd4OVp2TzV0eC1WdDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC5IakD
BAC5IaowDQQCAAIwBwMFACoAa6AwDQYJKoZIhvcNAQELBQADggEBAEE5D7Fo6Tgq
5s/fxvhNPhKy/HIzgcsjRlD0CdKOCjvvP0oWfuFmo1rjeEceL8A9VVyQpdn3iQsh
qIQqKI3gHM9YG9wSjBiI1t6tjbS89zgIXEumS0SC9mM11gJeM96SFKKkEX/J0jma
1y6Y4Kf5JWCjKW5SH4gW/9+AKQEdVAx9uD426kAemSGAvPeEPp9bvHFO3Q0UOKic
yY8b17nZgOY+NQ1mjxFqdyHuCNl7hhYx/F5AfHrjTcmu3/Api7iw09kHwUxAaS69
O4hcUe/B6LqgzL7dfCntl5dPL1fzh04QOkREHfQkqOlrlMqD0vQAPtgZsjVSYkB2
5ngJtGtVoOc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:49 2025 by rpki-client