Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/i5gxgXiZ8Zjrg3KOfokeB0RwPpU.roa
File: i5gxgXiZ8Zjrg3KOfokeB0RwPpU.roa (raw, json)
Hash identifier: ApFTMo6snQDax3dcI4Gma5H/8WtTNKz+KdtKfkqSQZU=
Subject key identifier: 8B:98:31:81:78:99:F1:98:EB:83:72:8E:7E:89:1E:07:44:70:3E:95
Certificate issuer: /CN=1627573c68929ab2a4590e92a51abc40ea9e5817
Certificate serial: 018CC5DD0E2B4F797F35AEEF228CCFD532A9
Authority key identifier: 16:27:57:3C:68:92:9A:B2:A4:59:0E:92:A5:1A:BC:40:EA:9E:58:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FidXPGiSmrKkWQ6SpRq8QOqeWBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/i5gxgXiZ8Zjrg3KOfokeB0RwPpU.roa
Signing time: Mon 01 Jan 2024 16:30:47 +0000
ROA not before: Mon 01 Jan 2024 16:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44808
IP address blocks: 185.175.96.0/22 maxlen: 22
2a0b:e300::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:0e:2b:4f:79:7f:35:ae:ef:22:8c:cf:d5:32:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1627573c68929ab2a4590e92a51abc40ea9e5817
Validity
Not Before: Jan 1 16:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b9831817899f198eb83728e7e891e0744703e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b6:4a:dc:09:d3:de:a6:72:d0:60:e2:92:ab:
aa:1b:2f:bb:bf:e8:95:03:41:f3:7f:d1:2e:f8:c4:
c3:4d:9c:5c:7b:75:08:d6:fb:6a:67:39:b7:ea:8c:
ac:2d:c7:1c:d8:99:60:dd:3c:43:70:61:44:2d:75:
f1:47:83:a8:0d:3e:3c:d9:7c:f0:6e:97:c6:f3:51:
21:a2:bf:f6:3b:98:17:c3:63:db:34:9e:a5:c8:19:
36:ae:62:7c:10:10:0a:e6:54:65:73:37:b0:5f:38:
5a:30:de:89:ae:e7:93:47:87:68:c0:f6:fb:5a:e8:
f6:90:b7:bb:a9:2a:a1:ca:49:75:15:98:d8:88:db:
f3:7c:60:05:aa:82:32:71:05:ef:82:fa:b3:35:84:
e8:75:e1:cb:64:ec:47:87:ec:99:0a:91:d4:48:a1:
5f:33:d6:6c:63:48:e2:68:87:83:38:40:bf:5f:17:
7f:ff:f3:85:56:11:b2:2e:38:1b:3a:76:66:bf:ab:
45:82:b8:4e:e9:ab:ef:5b:9c:8d:4d:dd:39:cc:3f:
92:12:91:7c:fa:78:9d:92:30:f2:cd:12:c3:5b:d4:
b1:92:45:79:42:9c:37:b5:ff:47:f2:eb:8f:1a:03:
8e:ab:4f:7b:55:f2:e2:7b:91:94:91:32:ce:5d:24:
c8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:98:31:81:78:99:F1:98:EB:83:72:8E:7E:89:1E:07:44:70:3E:95
X509v3 Authority Key Identifier:
keyid:16:27:57:3C:68:92:9A:B2:A4:59:0E:92:A5:1A:BC:40:EA:9E:58:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FidXPGiSmrKkWQ6SpRq8QOqeWBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/i5gxgXiZ8Zjrg3KOfokeB0RwPpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/FidXPGiSmrKkWQ6SpRq8QOqeWBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.96.0/22
IPv6:
2a0b:e300::/32
Signature Algorithm: sha256WithRSAEncryption
77:46:fd:79:31:d2:a5:43:ab:12:ba:8e:12:22:a2:ba:ba:78:
dd:7b:5f:4c:6c:17:84:1a:36:cc:6b:18:97:2c:77:47:34:45:
a7:e3:64:18:b9:f8:d2:7f:f5:b8:bf:50:e0:16:64:09:23:1c:
b2:b1:01:a6:19:f5:6d:dc:9d:59:6c:0d:b7:29:68:8e:60:08:
52:c4:a3:44:ad:3f:5e:ae:f0:e0:dd:16:c9:ce:dc:63:15:53:
1c:2b:62:5e:00:15:0e:d0:5a:5e:e2:79:1d:2c:09:0c:e6:31:
71:5c:dd:76:0b:8e:07:37:7c:ff:c0:24:71:1a:66:06:e7:99:
5c:07:74:63:eb:20:51:5c:fe:d8:8e:91:d5:11:a4:39:64:4f:
81:2e:7d:9f:ed:0f:d0:50:7e:d4:29:1d:96:1d:9e:b5:78:44:
36:69:66:38:8b:d1:f8:65:f6:c2:ff:92:80:60:8a:c8:3f:72:
e2:5a:63:58:08:ed:22:1b:99:35:fa:f1:66:63:a8:12:27:61:
7f:65:4a:e3:fe:c7:6c:93:5d:bb:3b:01:95:d8:f7:59:52:19:
70:7a:7a:76:40:9d:e5:d8:08:61:c5:2c:c4:58:ee:d8:13:c5:
04:f8:a5:f2:8b:ab:43:7c:9c:51:f2:32:5f:a1:46:4d:1d:d2:
86:37:15:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3Q4rT3l/Na7vIozP1TKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2Mjc1NzNjNjg5MjlhYjJhNDU5MGU5MmE1MWFiYzQwZWE5
ZTU4MTcwHhcNMjQwMTAxMTYzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk4MzE4MTc4OTlmMTk4ZWI4MzcyOGU3ZTg5MWUwNzQ0NzAzZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrZK3AnT3qZy0GDikquqGy+7v+iV
A0Hzf9Eu+MTDTZxce3UI1vtqZzm36oysLccc2Jlg3TxDcGFELXXxR4OoDT482Xzw
bpfG81Ehor/2O5gXw2PbNJ6lyBk2rmJ8EBAK5lRlczewXzhaMN6JrueTR4dowPb7
Wuj2kLe7qSqhykl1FZjYiNvzfGAFqoIycQXvgvqzNYTodeHLZOxHh+yZCpHUSKFf
M9ZsY0jiaIeDOEC/Xxd///OFVhGyLjgbOnZmv6tFgrhO6avvW5yNTd05zD+SEpF8
+nidkjDyzRLDW9SxkkV5Qpw3tf9H8uuPGgOOq097VfLie5GUkTLOXSTI4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIuYMYF4mfGY64Nyjn6JHgdEcD6VMB8GA1UdIwQY
MBaAFBYnVzxokpqypFkOkqUavEDqnlgXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmlkWFBHaVNtcktrV1E2U3BScThRT3FlV0JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wZTBjOTAtNzE3Zi00MGVhLWIxN2Ut
ZTZmOWRiNzQxMzlkLzEvaTVneGdYaVo4WmpyZzNLT2Zva2VCMFJ3UHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wZTBjOTAtNzE3Zi00MGVhLWIxN2UtZTZmOWRiNzQxMzlk
LzEvRmlkWFBHaVNtcktrV1E2U3BScThRT3FlV0JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua9gMA0E
AgACMAcDBQAqC+MAMA0GCSqGSIb3DQEBCwUAA4IBAQB3Rv15MdKlQ6sSuo4SIqK6
unjde19MbBeEGjbMaxiXLHdHNEWn42QYufjSf/W4v1DgFmQJIxyysQGmGfVt3J1Z
bA23KWiOYAhSxKNErT9ervDg3RbJztxjFVMcK2JeABUO0Fpe4nkdLAkM5jFxXN12
C44HN3z/wCRxGmYG55lcB3Rj6yBRXP7YjpHVEaQ5ZE+BLn2f7Q/QUH7UKR2WHZ61
eEQ2aWY4i9H4ZfbC/5KAYIrIP3LiWmNYCO0iG5k1+vFmY6gSJ2F/ZUrj/sdsk127
OwGV2PdZUhlwenp2QJ3l2AhhxSzEWO7YE8UE+KXyi6tDfJxR8jJfoUZNHdKGNxUX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:06 2025 by rpki-client