Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/1-dUivgw5crs8Aawyl4n51c8PFtA.roa
File: 1-dUivgw5crs8Aawyl4n51c8PFtA.roa (raw, json)
Hash identifier: S5Ni4aWLoBTETsBT5mhDSOVIopfHPNFH7kl8H27iHFU=
Subject key identifier: F9:D5:22:BE:0C:39:72:BB:3C:01:AC:32:97:89:F9:D5:CF:0F:16:D0
Certificate issuer: /CN=935c42857e302feb14017301e43c39fe45e7f629
Certificate serial: 019357BFD69E6EA957104294FA0F2077CEFA
Authority key identifier: 93:5C:42:85:7E:30:2F:EB:14:01:73:01:E4:3C:39:FE:45:E7:F6:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1xChX4wL-sUAXMB5Dw5_kXn9ik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/1-dUivgw5crs8Aawyl4n51c8PFtA.roa
Signing time: Sat 23 Nov 2024 06:40:10 +0000
ROA not before: Sat 23 Nov 2024 06:40:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34766
IP address blocks: 185.214.24.0/22 maxlen: 22
185.214.24.0/24 maxlen: 24
185.214.25.0/24 maxlen: 24
185.214.26.0/24 maxlen: 24
2a0b:9440::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:57:bf:d6:9e:6e:a9:57:10:42:94:fa:0f:20:77:ce:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=935c42857e302feb14017301e43c39fe45e7f629
Validity
Not Before: Nov 23 06:40:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9d522be0c3972bb3c01ac329789f9d5cf0f16d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:13:90:5e:34:36:25:58:95:46:d6:a4:e4:00:
b0:cc:d3:9a:68:d1:ea:52:7f:92:85:57:47:53:ea:
2c:e8:01:62:ff:f1:9a:00:e0:2b:af:86:49:93:8b:
ec:b5:a5:b8:36:68:97:21:76:92:ed:d8:e2:27:41:
ff:76:73:01:cb:4c:9c:44:c3:93:d8:8e:db:0a:e6:
39:f8:41:ae:87:1c:a9:6c:e2:1d:b8:df:1b:68:1a:
a9:17:7d:75:c6:bb:14:86:a8:c0:59:88:04:06:84:
6c:16:6d:61:ad:32:46:f6:a6:3e:94:72:51:01:60:
5b:86:88:76:89:1b:d9:6c:c3:06:97:51:98:74:50:
37:77:62:8b:df:79:01:c4:f4:27:9c:29:78:08:5e:
96:a4:d2:4e:52:10:5c:cc:cb:ce:61:b1:df:37:2d:
f3:2d:28:4a:ac:89:82:97:f3:43:de:52:2d:01:e3:
90:75:b6:95:9c:fe:8d:20:85:2f:cb:5e:52:46:dc:
eb:65:02:05:72:44:0b:f5:f4:a3:7b:49:b9:aa:a4:
88:a4:69:f5:98:e4:07:20:00:68:15:f7:6c:31:2e:
00:bf:5b:11:a1:ba:e6:b9:5f:39:2d:8f:73:48:20:
f9:c1:51:23:53:59:13:81:da:62:aa:08:e4:80:3f:
5f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D5:22:BE:0C:39:72:BB:3C:01:AC:32:97:89:F9:D5:CF:0F:16:D0
X509v3 Authority Key Identifier:
keyid:93:5C:42:85:7E:30:2F:EB:14:01:73:01:E4:3C:39:FE:45:E7:F6:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1xChX4wL-sUAXMB5Dw5_kXn9ik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/1-dUivgw5crs8Aawyl4n51c8PFtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/k1xChX4wL-sUAXMB5Dw5_kXn9ik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.24.0/22
IPv6:
2a0b:9440::/29
Signature Algorithm: sha256WithRSAEncryption
11:61:17:3a:13:f0:f5:16:96:ab:5b:69:32:3e:b0:84:6c:21:
0e:b2:47:90:85:a2:20:f5:c6:1b:26:f1:41:db:04:52:a5:e7:
4e:94:aa:1b:00:1e:20:2d:57:f2:a3:8c:c6:e7:cd:f4:8c:a6:
8c:ca:04:75:3d:c2:a3:fa:ee:b4:8c:08:8f:67:3e:e2:3d:58:
29:87:27:dd:96:fb:8e:b8:20:b4:d1:e8:75:ef:80:55:83:fe:
ec:36:d6:bf:c4:4a:25:5e:ab:60:f0:16:ea:78:6f:d6:9e:2a:
1a:e1:3d:4a:fe:a7:bb:81:04:e1:64:00:9d:6c:4b:e9:24:ab:
bc:ed:7f:29:47:4c:52:4c:6d:5e:cd:29:e9:1a:b8:08:c3:50:
fd:b1:87:cd:af:e0:08:ef:b6:17:95:72:a2:77:97:8f:e2:fc:
03:a2:19:26:27:98:21:0e:99:9f:1b:c5:36:8a:e9:25:aa:b8:
01:31:f4:08:79:30:c7:60:80:7e:4e:c0:85:a6:8a:76:31:16:
62:d3:08:b5:af:1b:33:f9:57:f3:81:d7:dc:75:c3:22:77:70:
d6:87:04:86:11:ce:68:ad:48:3e:01:8f:df:d1:d3:92:aa:9c:
5b:27:23:de:1d:fb:e1:f6:36:9f:52:24:36:04:7b:71:10:cb:
7d:95:21:23
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZNXv9aebqlXEEKU+g8gd876MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNWM0Mjg1N2UzMDJmZWIxNDAxNzMwMWU0M2MzOWZlNDVl
N2Y2MjkwHhcNMjQxMTIzMDY0MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWQ1MjJiZTBjMzk3MmJiM2MwMWFjMzI5Nzg5ZjlkNWNmMGYxNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxOQXjQ2JViVRtak5ACwzNOaaNHq
Un+ShVdHU+os6AFi//GaAOArr4ZJk4vstaW4NmiXIXaS7djiJ0H/dnMBy0ycRMOT
2I7bCuY5+EGuhxypbOIduN8baBqpF311xrsUhqjAWYgEBoRsFm1hrTJG9qY+lHJR
AWBbhoh2iRvZbMMGl1GYdFA3d2KL33kBxPQnnCl4CF6WpNJOUhBczMvOYbHfNy3z
LShKrImCl/ND3lItAeOQdbaVnP6NIIUvy15SRtzrZQIFckQL9fSje0m5qqSIpGn1
mOQHIABoFfdsMS4Av1sRobrmuV85LY9zSCD5wVEjU1kTgdpiqgjkgD9fNQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPnVIr4MOXK7PAGsMpeJ+dXPDxbQMB8GA1UdIwQY
MBaAFJNcQoV+MC/rFAFzAeQ8Of5F5/YpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazF4Q2hYNHdMLXNVQVhNQjVEdzVfa1huOWlrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS81NWU1MjktYjgzOS00NDRmLTg3MmQt
MWJmZDEwYTg4NDVhLzEvMS1kVWl2Z3c1Y3JzOEFhd3lsNG41MWM4UEZ0QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvNTVlNTI5LWI4MzktNDQ0Zi04NzJkLTFiZmQxMGE4ODQ1
YS8xL2sxeENoWDR3TC1zVUFYTUI1RHc1X2tYbjlpay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnWGDAN
BAIAAjAHAwUDKguUQDANBgkqhkiG9w0BAQsFAAOCAQEAEWEXOhPw9RaWq1tpMj6w
hGwhDrJHkIWiIPXGGybxQdsEUqXnTpSqGwAeIC1X8qOMxufN9IymjMoEdT3Co/ru
tIwIj2c+4j1YKYcn3Zb7jrggtNHode+AVYP+7DbWv8RKJV6rYPAW6nhv1p4qGuE9
Sv6nu4EE4WQAnWxL6SSrvO1/KUdMUkxtXs0p6Rq4CMNQ/bGHza/gCO+2F5VyoneX
j+L8A6IZJieYIQ6ZnxvFNorpJaq4ATH0CHkwx2CAfk7AhaaKdjEWYtMIta8bM/lX
84HX3HXDIndw1ocEhhHOaK1IPgGP39HTkqqcWycj3h374fY2n1IkNgR7cRDLfZUh
Iw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:22 2025 by rpki-client