Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/LgK7DKh0aRCSpJJMarc0Of2wR-c.roa
File: LgK7DKh0aRCSpJJMarc0Of2wR-c.roa (raw, json)
Hash identifier: 5TurxpI12KTZ6KMFeFw/g/Lgf/EXOw+4gmQAyz7YuJw=
Subject key identifier: 2E:02:BB:0C:A8:74:69:10:92:A4:92:4C:6A:B7:34:39:FD:B0:47:E7
Certificate issuer: /CN=b3c935d84316a2cf56a65957b6d79b7af811a707
Certificate serial: 018CC7942E2E1EEDE74962E672A94688C38D
Authority key identifier: B3:C9:35:D8:43:16:A2:CF:56:A6:59:57:B6:D7:9B:7A:F8:11:A7:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s8k12EMWos9WpllXttebevgRpwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/LgK7DKh0aRCSpJJMarc0Of2wR-c.roa
Signing time: Tue 02 Jan 2024 00:30:26 +0000
ROA not before: Tue 02 Jan 2024 00:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200612
IP address blocks: 185.200.232.0/22 maxlen: 22
185.200.232.0/23 maxlen: 23
185.200.232.0/24 maxlen: 24
185.200.233.0/24 maxlen: 24
185.200.235.0/24 maxlen: 24
185.200.234.0/23 maxlen: 23
185.200.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:2e:2e:1e:ed:e7:49:62:e6:72:a9:46:88:c3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3c935d84316a2cf56a65957b6d79b7af811a707
Validity
Not Before: Jan 2 00:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e02bb0ca874691092a4924c6ab73439fdb047e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d6:f3:d8:b7:5b:47:23:8d:4c:47:95:ed:ca:
ab:72:94:b2:53:41:e6:ab:1a:a7:05:e6:42:fb:54:
e1:e8:ac:be:8e:4e:25:98:dd:a5:0a:03:f7:bd:ee:
89:17:65:76:cc:a1:14:4d:8c:0b:a2:0b:12:6f:30:
7c:af:42:8f:51:e2:b7:52:b4:48:04:60:d8:e1:35:
0a:29:be:3d:77:24:12:1b:fd:3e:28:25:f7:cc:b2:
5a:c1:8b:a5:5f:ae:d1:69:6e:01:a7:b4:0d:65:08:
81:1a:a0:87:1c:fa:1e:9a:b4:f8:55:27:54:66:c5:
cb:8b:dc:19:d2:93:4e:b4:bc:40:b7:6c:34:fb:bc:
e5:82:b4:4a:f2:3e:57:7a:13:8b:2b:85:66:15:b2:
6b:e4:e3:b8:22:92:37:d2:d6:3e:a6:d2:19:2b:ea:
c4:c5:ba:32:fa:f4:b6:09:21:0e:22:1f:bc:d9:59:
18:5e:04:09:d5:3d:f2:1d:48:16:8b:30:2e:45:96:
10:d6:19:a3:41:1d:df:69:ed:e6:f0:e8:60:66:71:
01:bc:d0:ce:bf:d1:83:ce:1d:64:9f:bd:f2:53:0f:
72:a0:05:e9:6a:43:6c:64:8d:71:9a:4b:51:5d:93:
a1:b9:90:51:aa:f3:b1:95:df:e8:d2:04:a6:94:67:
5c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:02:BB:0C:A8:74:69:10:92:A4:92:4C:6A:B7:34:39:FD:B0:47:E7
X509v3 Authority Key Identifier:
keyid:B3:C9:35:D8:43:16:A2:CF:56:A6:59:57:B6:D7:9B:7A:F8:11:A7:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8k12EMWos9WpllXttebevgRpwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/LgK7DKh0aRCSpJJMarc0Of2wR-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/557962-051a-46c5-8a93-1cc1a538c3ce/1/s8k12EMWos9WpllXttebevgRpwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.232.0/22
Signature Algorithm: sha256WithRSAEncryption
76:d8:be:07:44:32:64:60:fc:19:c0:0d:2d:86:3c:8d:19:27:
99:9e:99:5a:e7:03:51:2b:97:d3:25:eb:9a:50:bd:1d:5a:70:
05:35:cf:10:80:1a:5f:69:db:7e:5d:70:e2:00:77:b3:00:b5:
ff:f5:17:4f:e5:17:4e:48:19:a0:03:b8:3f:01:10:e5:da:7f:
7d:9d:b0:b1:68:67:30:32:ff:37:6a:ac:0c:90:bb:f8:c1:dd:
47:75:ed:e3:9e:77:4e:ab:6a:7c:b0:40:82:24:7b:f2:73:3a:
d1:18:8c:45:dd:19:fa:7e:96:67:1d:c9:5b:b5:42:ca:10:28:
e9:a7:92:3e:22:09:b1:71:51:8b:ce:b2:4c:92:c7:73:9e:e9:
b0:00:0a:21:76:8a:35:b1:41:9a:cf:62:ea:40:b9:89:87:d7:
dc:50:35:2f:06:a1:3f:2e:0f:50:a6:35:f4:c1:8a:1c:be:34:
82:d2:61:3e:91:e5:db:f5:58:76:df:18:13:0f:4c:86:58:ef:
8b:df:bf:e8:8e:e8:95:80:38:4f:e0:8e:a6:bf:9d:a6:86:3e:
77:79:8c:ce:f6:52:60:28:45:53:d7:58:d8:a4:cc:46:b5:f1:
94:6f:62:ad:11:3a:3b:bc:c4:f9:fd:e4:b8:eb:d0:b8:05:41:
59:62:f1:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlC4uHu3nSWLmcqlGiMONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzkzNWQ4NDMxNmEyY2Y1NmE2NTk1N2I2ZDc5YjdhZjgx
MWE3MDcwHhcNMjQwMTAyMDAzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTAyYmIwY2E4NzQ2OTEwOTJhNDkyNGM2YWI3MzQzOWZkYjA0N2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtbz2LdbRyONTEeV7cqrcpSyU0Hm
qxqnBeZC+1Th6Ky+jk4lmN2lCgP3ve6JF2V2zKEUTYwLogsSbzB8r0KPUeK3UrRI
BGDY4TUKKb49dyQSG/0+KCX3zLJawYulX67RaW4Bp7QNZQiBGqCHHPoemrT4VSdU
ZsXLi9wZ0pNOtLxAt2w0+7zlgrRK8j5XehOLK4VmFbJr5OO4IpI30tY+ptIZK+rE
xboy+vS2CSEOIh+82VkYXgQJ1T3yHUgWizAuRZYQ1hmjQR3fae3m8OhgZnEBvNDO
v9GDzh1kn73yUw9yoAXpakNsZI1xmktRXZOhuZBRqvOxld/o0gSmlGdccwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4CuwyodGkQkqSSTGq3NDn9sEfnMB8GA1UdIwQY
MBaAFLPJNdhDFqLPVqZZV7bXm3r4EacHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhrMTJFTVdvczlXcGxsWHR0ZWJldmdScHdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81NTc5NjItMDUxYS00NmM1LThhOTMt
MWNjMWE1MzhjM2NlLzEvTGdLN0RLaDBhUkNTcEpKTWFyYzBPZjJ3Ui1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81NTc5NjItMDUxYS00NmM1LThhOTMtMWNjMWE1MzhjM2Nl
LzEvczhrMTJFTVdvczlXcGxsWHR0ZWJldmdScHdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucjoMA0G
CSqGSIb3DQEBCwUAA4IBAQB22L4HRDJkYPwZwA0thjyNGSeZnpla5wNRK5fTJeua
UL0dWnAFNc8QgBpfadt+XXDiAHezALX/9RdP5RdOSBmgA7g/ARDl2n99nbCxaGcw
Mv83aqwMkLv4wd1Hde3jnndOq2p8sECCJHvyczrRGIxF3Rn6fpZnHclbtULKECjp
p5I+IgmxcVGLzrJMksdznumwAAohdoo1sUGaz2LqQLmJh9fcUDUvBqE/Lg9QpjX0
wYocvjSC0mE+keXb9Vh23xgTD0yGWO+L37/ojuiVgDhP4I6mv52mhj53eYzO9lJg
KEVT11jYpMxGtfGUb2KtETo7vMT5/eS469C4BUFZYvF6
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:00:58 2025 by rpki-client