Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/U2zxbv-vX_AvHLKknazQwWj9Z_c.roa
File: U2zxbv-vX_AvHLKknazQwWj9Z_c.roa (raw, json)
Hash identifier: LdS2t+p9C3Y/9ObtI7NLNNXj3Pw69GWs/hD6UNoLUZg=
Subject key identifier: 53:6C:F1:6E:FF:AF:5F:F0:2F:1C:B2:A4:9D:AC:D0:C1:68:FD:67:F7
Certificate issuer: /CN=b6fbc63ef5614a7ef95a106188e3d78755c687b9
Certificate serial: 0192B84A687F38BC2EAB9A0BFDC6CCCC4EC6
Authority key identifier: B6:FB:C6:3E:F5:61:4A:7E:F9:5A:10:61:88:E3:D7:87:55:C6:87:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tvvGPvVhSn75WhBhiOPXh1XGh7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/U2zxbv-vX_AvHLKknazQwWj9Z_c.roa
Signing time: Wed 23 Oct 2024 07:32:17 +0000
ROA not before: Wed 23 Oct 2024 07:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204488
IP address blocks: 185.175.63.0/24 maxlen: 24
185.247.168.0/24 maxlen: 24
185.247.169.0/24 maxlen: 24
185.247.170.0/24 maxlen: 24
185.247.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:4a:68:7f:38:bc:2e:ab:9a:0b:fd:c6:cc:cc:4e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6fbc63ef5614a7ef95a106188e3d78755c687b9
Validity
Not Before: Oct 23 07:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=536cf16effaf5ff02f1cb2a49dacd0c168fd67f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:39:d8:54:09:bb:a0:19:0d:17:89:dc:ce:3e:
05:90:ba:ab:4a:53:5f:aa:da:9c:80:bf:15:12:4b:
9b:30:33:24:39:11:e0:1a:d4:5b:a4:17:b6:85:c3:
2d:23:90:46:71:8e:d8:28:86:b8:ae:a6:be:a3:30:
cf:84:82:30:78:f0:f7:dd:2a:b7:22:b2:e1:2e:ea:
0b:ad:cd:b1:8d:1b:88:f2:9c:dd:e8:09:d2:3b:ac:
98:d7:ae:d2:52:64:5a:74:e1:3a:67:cf:40:f7:e3:
e7:a4:14:2a:c7:63:b5:1b:19:90:09:90:e6:c3:dd:
1e:24:bb:a9:00:90:6e:97:b4:51:33:50:2f:e4:8a:
35:e3:40:23:60:c1:2a:6f:10:b2:14:2e:cb:4c:3e:
21:8f:62:58:96:eb:cc:34:1d:9c:09:6f:77:5d:66:
2a:0f:26:c3:08:a9:f2:2f:ab:ce:c0:a5:f2:73:e5:
0f:94:99:5f:28:95:a2:d8:9c:3e:b3:ac:72:92:2f:
14:85:3a:63:de:0e:b3:9e:dd:d6:6d:f9:ba:64:57:
78:ee:aa:61:e8:ae:b1:3a:e4:0c:6c:c3:0b:35:4a:
13:57:20:60:c2:e6:59:6f:e7:96:ef:e4:33:f0:57:
55:d0:3d:e2:81:22:b3:05:bb:d0:9e:92:19:00:ec:
df:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:6C:F1:6E:FF:AF:5F:F0:2F:1C:B2:A4:9D:AC:D0:C1:68:FD:67:F7
X509v3 Authority Key Identifier:
keyid:B6:FB:C6:3E:F5:61:4A:7E:F9:5A:10:61:88:E3:D7:87:55:C6:87:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tvvGPvVhSn75WhBhiOPXh1XGh7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/U2zxbv-vX_AvHLKknazQwWj9Z_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/tvvGPvVhSn75WhBhiOPXh1XGh7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.63.0/24
185.247.168.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:43:78:d9:1c:b9:dc:fd:8c:6b:c5:5a:ac:2e:61:08:f9:59:
e3:f5:ee:0a:41:42:84:32:e0:0e:f0:9e:81:0d:6d:b7:5b:86:
54:42:91:67:aa:14:b1:f2:0f:b5:d7:c3:55:f2:8a:da:62:e0:
fa:6f:56:ab:46:81:91:d3:af:ad:79:af:14:40:cb:9c:98:e8:
30:35:2c:d0:ac:18:0e:46:e3:99:28:e9:6d:c7:38:94:02:57:
8c:8b:8d:99:a1:ac:d6:2e:5a:e5:f5:64:25:99:ab:a4:80:aa:
9b:ee:0f:02:35:bc:fc:45:de:e8:ad:04:38:71:f8:9a:2d:0f:
88:80:cb:a1:29:75:a0:e1:94:d6:60:c4:5a:18:f5:6e:d8:df:
4f:bc:41:46:55:d0:fb:b0:77:85:07:c6:e3:e2:ce:8c:cd:8f:
2a:19:77:c8:b3:6b:fb:75:26:35:e5:49:50:74:f8:77:b5:ce:
1d:c4:0b:60:b1:71:52:79:80:99:b5:a2:a2:8f:75:5c:94:2a:
4f:94:6d:81:af:48:76:c1:6f:1d:c2:8b:63:3a:b6:23:3e:a7:
db:f2:10:c7:a2:ca:72:ed:8e:a1:06:35:7e:c8:0e:87:07:e4:
62:e6:b6:40:7c:98:fc:39:fc:ac:04:ac:b9:12:82:00:33:ce:
6e:dc:89:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZK4Smh/OLwuq5oL/cbMzE7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZmJjNjNlZjU2MTRhN2VmOTVhMTA2MTg4ZTNkNzg3NTVj
Njg3YjkwHhcNMjQxMDIzMDczMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzZjZjE2ZWZmYWY1ZmYwMmYxY2IyYTQ5ZGFjZDBjMTY4ZmQ2N2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjnYVAm7oBkNF4nczj4FkLqrSlNf
qtqcgL8VEkubMDMkORHgGtRbpBe2hcMtI5BGcY7YKIa4rqa+ozDPhIIwePD33Sq3
IrLhLuoLrc2xjRuI8pzd6AnSO6yY167SUmRadOE6Z89A9+PnpBQqx2O1GxmQCZDm
w90eJLupAJBul7RRM1Av5Io140AjYMEqbxCyFC7LTD4hj2JYluvMNB2cCW93XWYq
DybDCKnyL6vOwKXyc+UPlJlfKJWi2Jw+s6xyki8UhTpj3g6znt3Wbfm6ZFd47qph
6K6xOuQMbMMLNUoTVyBgwuZZb+eW7+Qz8FdV0D3igSKzBbvQnpIZAOzfKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFNs8W7/r1/wLxyypJ2s0MFo/Wf3MB8GA1UdIwQY
MBaAFLb7xj71YUp++VoQYYjj14dVxoe5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHZ2R1B2VmhTbjc1V2hCaGlPUFhoMVhHaDdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84NjMxZjUtNTRhMi00ODZmLWI5YTUt
MDgxYTFhZTZlYmQ2LzEvVTJ6eGJ2LXZYX0F2SExLa25helF3V2o5Wl9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84NjMxZjUtNTRhMi00ODZmLWI5YTUtMDgxYTFhZTZlYmQ2
LzEvdHZ2R1B2VmhTbjc1V2hCaGlPUFhoMVhHaDdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAua8/AwQC
ufeoMA0GCSqGSIb3DQEBCwUAA4IBAQB8Q3jZHLnc/YxrxVqsLmEI+Vnj9e4KQUKE
MuAO8J6BDW23W4ZUQpFnqhSx8g+118NV8oraYuD6b1arRoGR06+tea8UQMucmOgw
NSzQrBgORuOZKOltxziUAleMi42ZoazWLlrl9WQlmaukgKqb7g8CNbz8Rd7orQQ4
cfiaLQ+IgMuhKXWg4ZTWYMRaGPVu2N9PvEFGVdD7sHeFB8bj4s6MzY8qGXfIs2v7
dSY15UlQdPh3tc4dxAtgsXFSeYCZtaKij3VclCpPlG2Br0h2wW8dwotjOrYjPqfb
8hDHospy7Y6hBjV+yA6HB+Ri5rZAfJj8OfysBKy5EoIAM85u3Ils
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:12 2025 by rpki-client