Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/6e4db7-45a8-4993-b384-9a6ee486eff7/1/IRWAlPpKgwaGuLUAiXt64X6Z8AU.roa
File: IRWAlPpKgwaGuLUAiXt64X6Z8AU.roa (raw, json)
Hash identifier: dmmUNuoKAqwbe8YIL7XoNXL3qcr+qz6mvxy82Zj77Jo=
Subject key identifier: 21:15:80:94:FA:4A:83:06:86:B8:B5:00:89:7B:7A:E1:7E:99:F0:05
Certificate issuer: /CN=f49ba99114ebdabd6e4cbd36f6cd475b33cf1386
Certificate serial: 018D3FD9F6B13CBB28D44A08FD44E6E4B254
Authority key identifier: F4:9B:A9:91:14:EB:DA:BD:6E:4C:BD:36:F6:CD:47:5B:33:CF:13:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9JupkRTr2r1uTL029s1HWzPPE4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/6e4db7-45a8-4993-b384-9a6ee486eff7/1/IRWAlPpKgwaGuLUAiXt64X6Z8AU.roa
Signing time: Thu 25 Jan 2024 09:01:05 +0000
ROA not before: Thu 25 Jan 2024 09:01:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50875
IP address blocks: 185.86.244.0/22 maxlen: 22
185.86.244.0/24 maxlen: 24
185.86.245.0/24 maxlen: 24
185.86.246.0/24 maxlen: 24
185.86.247.0/24 maxlen: 24
185.251.66.0/23 maxlen: 23
185.251.66.0/24 maxlen: 24
185.251.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 07:40:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3f:d9:f6:b1:3c:bb:28:d4:4a:08:fd:44:e6:e4:b2:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f49ba99114ebdabd6e4cbd36f6cd475b33cf1386
Validity
Not Before: Jan 25 09:01:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21158094fa4a830686b8b500897b7ae17e99f005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8e:e9:7c:b7:22:da:72:be:e6:2a:35:72:99:
e2:3f:7b:62:00:4f:25:69:8b:21:f1:69:d1:38:a9:
02:5b:ac:fe:d0:58:b2:ae:15:56:a1:33:e3:29:f8:
36:90:00:9c:0e:75:8d:02:dc:02:b8:74:0e:0e:4f:
f1:4f:e6:63:39:a5:df:d8:74:34:ed:7a:af:e3:a4:
35:95:26:0c:98:d6:66:52:a5:64:55:72:c0:9a:bd:
75:5d:2d:5c:d6:74:cb:27:58:9b:91:a1:f7:3b:ef:
a8:1f:f8:d4:0c:a9:35:29:90:0d:d7:73:44:f4:6c:
93:b7:52:dc:6a:69:19:75:67:79:4f:78:07:b9:cf:
c9:d4:05:db:a7:2f:64:6f:c8:d5:9c:c1:07:25:79:
b8:99:39:c9:3e:c2:55:4e:e2:5b:38:9e:5f:35:c5:
10:60:e5:8c:ff:88:b6:3e:40:f4:f4:af:44:b1:41:
19:16:e9:28:71:17:0e:68:f9:80:fc:44:21:7b:dc:
47:3c:c8:eb:e2:15:36:f7:a5:a8:fe:2b:dd:c5:40:
0a:23:28:60:c2:83:f4:66:ba:8d:b5:26:ae:79:87:
b9:3c:1e:61:de:0d:e7:da:b5:f0:83:33:c9:85:e5:
26:9b:1d:29:71:c8:50:6c:59:af:6d:32:61:67:a7:
88:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:15:80:94:FA:4A:83:06:86:B8:B5:00:89:7B:7A:E1:7E:99:F0:05
X509v3 Authority Key Identifier:
keyid:F4:9B:A9:91:14:EB:DA:BD:6E:4C:BD:36:F6:CD:47:5B:33:CF:13:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9JupkRTr2r1uTL029s1HWzPPE4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/6e4db7-45a8-4993-b384-9a6ee486eff7/1/IRWAlPpKgwaGuLUAiXt64X6Z8AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/6e4db7-45a8-4993-b384-9a6ee486eff7/1/9JupkRTr2r1uTL029s1HWzPPE4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.244.0/22
185.251.66.0/23
Signature Algorithm: sha256WithRSAEncryption
40:b0:71:93:48:24:af:e5:6e:fe:1b:dc:d0:34:01:c2:3c:50:
77:b0:b1:06:12:3b:3c:39:8f:72:69:15:93:15:55:3f:46:51:
c4:2e:95:58:8a:a9:27:5f:8b:a5:3e:ca:8b:7b:dc:6d:85:a5:
c4:c2:1c:bd:2c:e1:b8:9b:f6:08:77:24:22:5c:c5:c8:f0:7a:
36:a4:9e:3a:d1:7b:80:75:77:b4:79:46:80:37:e5:bc:f8:d4:
be:81:f2:15:3f:24:ca:cd:86:cd:6f:8e:af:fa:60:94:65:3f:
df:11:e7:bf:7f:3d:b8:13:e3:03:71:a0:55:7e:ec:79:8d:5b:
9b:05:ec:c7:1f:7b:64:97:eb:65:11:ce:d0:96:bc:e5:49:76:
ea:da:81:bf:84:89:9c:0e:70:19:bc:e2:7e:f4:2f:1e:43:cc:
fe:50:d5:22:35:14:b9:a2:41:0a:40:4c:c4:03:4e:76:f3:21:
19:cf:5d:91:d3:1b:b4:1a:50:4e:64:ae:8e:33:00:1d:e3:5c:
16:86:52:20:7d:d0:22:40:60:b4:fe:10:61:6f:09:3b:b0:63:
5b:08:bc:8e:0a:ae:fc:fa:c6:72:43:2a:6d:4f:24:c3:b9:07:
49:c4:35:7d:fa:2b:d1:c8:0c:01:3c:70:9b:08:74:5d:ba:b1:
bd:48:05:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0/2faxPLso1EoI/UTm5LJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0OWJhOTkxMTRlYmRhYmQ2ZTRjYmQzNmY2Y2Q0NzViMzNj
ZjEzODYwHhcNMjQwMTI1MDkwMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTE1ODA5NGZhNGE4MzA2ODZiOGI1MDA4OTdiN2FlMTdlOTlmMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjY7pfLci2nK+5io1cpniP3tiAE8l
aYsh8WnROKkCW6z+0FiyrhVWoTPjKfg2kACcDnWNAtwCuHQODk/xT+ZjOaXf2HQ0
7Xqv46Q1lSYMmNZmUqVkVXLAmr11XS1c1nTLJ1ibkaH3O++oH/jUDKk1KZAN13NE
9GyTt1LcamkZdWd5T3gHuc/J1AXbpy9kb8jVnMEHJXm4mTnJPsJVTuJbOJ5fNcUQ
YOWM/4i2PkD09K9EsUEZFukocRcOaPmA/EQhe9xHPMjr4hU296Wo/ivdxUAKIyhg
woP0ZrqNtSaueYe5PB5h3g3n2rXwgzPJheUmmx0pcchQbFmvbTJhZ6eIYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCEVgJT6SoMGhri1AIl7euF+mfAFMB8GA1UdIwQY
MBaAFPSbqZEU69q9bky9NvbNR1szzxOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUp1cGtSVHIycjF1VEwwMjlzMUhXelBQRTRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS82ZTRkYjctNDVhOC00OTkzLWIzODQt
OWE2ZWU0ODZlZmY3LzEvSVJXQWxQcEtnd2FHdUxVQWlYdDY0WDZaOEFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS82ZTRkYjctNDVhOC00OTkzLWIzODQtOWE2ZWU0ODZlZmY3
LzEvOUp1cGtSVHIycjF1VEwwMjlzMUhXelBQRTRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVb0AwQB
uftCMA0GCSqGSIb3DQEBCwUAA4IBAQBAsHGTSCSv5W7+G9zQNAHCPFB3sLEGEjs8
OY9yaRWTFVU/RlHELpVYiqknX4ulPsqLe9xthaXEwhy9LOG4m/YIdyQiXMXI8Ho2
pJ460XuAdXe0eUaAN+W8+NS+gfIVPyTKzYbNb46v+mCUZT/fEee/fz24E+MDcaBV
fux5jVubBezHH3tkl+tlEc7QlrzlSXbq2oG/hImcDnAZvOJ+9C8eQ8z+UNUiNRS5
okEKQEzEA0528yEZz12R0xu0GlBOZK6OMwAd41wWhlIgfdAiQGC0/hBhbwk7sGNb
CLyOCq78+sZyQyptTyTDuQdJxDV9+ivRyAwBPHCbCHRdurG9SAXj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:44 2025 by rpki-client