Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/84a5dd-5cf2-4857-bd93-3c711a15fa5c/1/sh1E3u5BM4u8n30xzwi4QY_-p1U.roa
File: sh1E3u5BM4u8n30xzwi4QY_-p1U.roa (raw, json)
Hash identifier: tkYvU3kd1n+LpE3Aa9fyGn5A5SQ6aBEWiC/F7MZyeMo=
Subject key identifier: B2:1D:44:DE:EE:41:33:8B:BC:9F:7D:31:CF:08:B8:41:8F:FE:A7:55
Certificate issuer: /CN=b6d68436a76339f671441cfbd50ad401d3c00fff
Certificate serial: 018CC801727B12E5F33E2E1F208E9EEEE4F5
Authority key identifier: B6:D6:84:36:A7:63:39:F6:71:44:1C:FB:D5:0A:D4:01:D3:C0:0F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttaENqdjOfZxRBz71QrUAdPAD_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/84a5dd-5cf2-4857-bd93-3c711a15fa5c/1/sh1E3u5BM4u8n30xzwi4QY_-p1U.roa
Signing time: Tue 02 Jan 2024 02:29:47 +0000
ROA not before: Tue 02 Jan 2024 02:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204411
IP address blocks: 185.235.162.0/24 maxlen: 24
185.235.160.0/24 maxlen: 24
185.235.160.0/22 maxlen: 22
185.235.163.0/24 maxlen: 24
185.235.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:72:7b:12:e5:f3:3e:2e:1f:20:8e:9e:ee:e4:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d68436a76339f671441cfbd50ad401d3c00fff
Validity
Not Before: Jan 2 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b21d44deee41338bbc9f7d31cf08b8418ffea755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:27:87:70:8e:95:f7:30:3f:8d:09:2a:35:b4:
98:f8:16:02:80:ff:99:91:a1:98:24:01:ad:35:eb:
c3:b6:b3:8e:52:64:55:10:d4:7c:aa:e3:ae:e0:13:
60:10:e5:94:e5:a6:e6:9e:69:a1:ab:d6:47:0c:00:
37:ab:ad:40:00:51:02:89:ac:94:10:fb:56:d2:76:
b1:1b:99:8b:65:b2:4a:1f:d2:16:ad:60:2b:49:27:
ba:84:44:df:9e:5b:b6:e7:16:c1:db:07:35:78:d6:
60:db:db:49:80:83:e2:c3:3e:04:f9:62:7d:68:3c:
b4:9c:8f:a7:e9:ee:98:c6:1c:96:91:ee:60:66:b0:
37:94:51:8f:da:0c:85:e8:b0:45:78:22:64:e3:19:
ce:79:03:cd:da:7a:e3:7a:ca:81:de:87:51:e8:b7:
11:dd:4f:52:6d:b8:17:e6:49:97:91:e0:e1:38:d1:
23:2d:da:ef:c0:3f:09:87:85:f3:81:03:bb:d0:82:
a2:d1:fc:64:3c:7c:8f:b2:e8:43:94:40:de:ee:98:
22:fd:f3:79:b8:98:78:d5:ef:61:ee:38:98:03:22:
b3:bf:8b:a7:5f:e5:b7:56:f1:72:e5:b1:7b:b1:04:
46:6a:94:cf:95:71:bd:b0:d3:58:39:55:63:f7:e5:
a9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1D:44:DE:EE:41:33:8B:BC:9F:7D:31:CF:08:B8:41:8F:FE:A7:55
X509v3 Authority Key Identifier:
keyid:B6:D6:84:36:A7:63:39:F6:71:44:1C:FB:D5:0A:D4:01:D3:C0:0F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttaENqdjOfZxRBz71QrUAdPAD_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/84a5dd-5cf2-4857-bd93-3c711a15fa5c/1/sh1E3u5BM4u8n30xzwi4QY_-p1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/84a5dd-5cf2-4857-bd93-3c711a15fa5c/1/ttaENqdjOfZxRBz71QrUAdPAD_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.160.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:4c:0c:c5:48:0f:dd:e3:a0:82:9c:76:16:57:35:c7:f3:c0:
49:15:74:4e:d5:3a:27:6d:43:ae:05:22:5a:bf:71:63:72:82:
b2:aa:7b:71:5f:8c:9c:f1:d9:f9:7c:75:87:5c:65:c8:34:a4:
95:0d:31:5d:85:f3:a5:74:19:92:c6:7f:c7:eb:2d:b1:f1:e4:
93:56:5e:82:32:bd:71:e4:4d:f6:f8:0e:3c:fb:d4:eb:98:cb:
a0:0f:34:70:e7:8d:ac:9c:5a:77:20:0a:14:37:3b:52:31:91:
ec:fb:f6:fa:2b:fe:91:d2:0d:39:b4:d0:8e:6f:40:bd:2c:06:
a4:cd:93:d0:e4:e9:bd:fb:6a:0f:24:9d:78:d2:84:fa:67:55:
b2:d9:0d:42:64:22:fd:ac:8f:e4:9f:58:2b:16:b1:d6:dc:3d:
ab:c0:98:42:3f:09:44:aa:fe:03:9e:36:12:c7:77:c9:87:fb:
b1:14:b5:69:25:d2:2f:76:82:0c:7e:f3:61:9a:39:11:eb:35:
66:10:d6:cb:66:3b:92:fe:44:60:9d:38:61:4f:47:5c:55:67:
85:15:7a:e3:3b:b7:47:39:c1:36:90:4c:2a:a3:12:d4:81:9e:
97:fa:87:84:06:eb:a0:c2:c5:7c:37:80:fc:6a:6a:6a:c0:4d:
07:21:a5:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAXJ7EuXzPi4fII6e7uT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDY4NDM2YTc2MzM5ZjY3MTQ0MWNmYmQ1MGFkNDAxZDNj
MDBmZmYwHhcNMjQwMTAyMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjFkNDRkZWVlNDEzMzhiYmM5ZjdkMzFjZjA4Yjg0MThmZmVhNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSeHcI6V9zA/jQkqNbSY+BYCgP+Z
kaGYJAGtNevDtrOOUmRVENR8quOu4BNgEOWU5abmnmmhq9ZHDAA3q61AAFECiayU
EPtW0naxG5mLZbJKH9IWrWArSSe6hETfnlu25xbB2wc1eNZg29tJgIPiwz4E+WJ9
aDy0nI+n6e6YxhyWke5gZrA3lFGP2gyF6LBFeCJk4xnOeQPN2nrjesqB3odR6LcR
3U9SbbgX5kmXkeDhONEjLdrvwD8Jh4XzgQO70IKi0fxkPHyPsuhDlEDe7pgi/fN5
uJh41e9h7jiYAyKzv4unX+W3VvFy5bF7sQRGapTPlXG9sNNYOVVj9+WpuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIdRN7uQTOLvJ99Mc8IuEGP/qdVMB8GA1UdIwQY
MBaAFLbWhDanYzn2cUQc+9UK1AHTwA//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRhRU5xZGpPZlp4UkJ6NzFRclVBZFBBRF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84NGE1ZGQtNWNmMi00ODU3LWJkOTMt
M2M3MTFhMTVmYTVjLzEvc2gxRTN1NUJNNHU4bjMweHp3aTRRWV8tcDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84NGE1ZGQtNWNmMi00ODU3LWJkOTMtM2M3MTFhMTVmYTVj
LzEvdHRhRU5xZGpPZlp4UkJ6NzFRclVBZFBBRF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueugMA0G
CSqGSIb3DQEBCwUAA4IBAQBNTAzFSA/d46CCnHYWVzXH88BJFXRO1TonbUOuBSJa
v3FjcoKyqntxX4yc8dn5fHWHXGXINKSVDTFdhfOldBmSxn/H6y2x8eSTVl6CMr1x
5E32+A48+9TrmMugDzRw542snFp3IAoUNztSMZHs+/b6K/6R0g05tNCOb0C9LAak
zZPQ5Om9+2oPJJ140oT6Z1Wy2Q1CZCL9rI/kn1grFrHW3D2rwJhCPwlEqv4DnjYS
x3fJh/uxFLVpJdIvdoIMfvNhmjkR6zVmENbLZjuS/kRgnThhT0dcVWeFFXrjO7dH
OcE2kEwqoxLUgZ6X+oeEBuugwsV8N4D8ampqwE0HIaUy
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:41:30 2025 by rpki-client