Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/LXvG8mYO80PnHCmz9k7gw5dOUZo.roa
File: LXvG8mYO80PnHCmz9k7gw5dOUZo.roa (raw, json)
Hash identifier: ItqxOIhTraAxJeEfk+EH/IArPt7iBD217hZ3YrGhpaw=
Subject key identifier: 2D:7B:C6:F2:66:0E:F3:43:E7:1C:29:B3:F6:4E:E0:C3:97:4E:51:9A
Certificate issuer: /CN=8536146119b044539082e326cca903200b8d4b1a
Certificate serial: 018CC5006C1180D5F4E2652A73F128A2DF0F
Authority key identifier: 85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/LXvG8mYO80PnHCmz9k7gw5dOUZo.roa
Signing time: Mon 01 Jan 2024 12:29:48 +0000
ROA not before: Mon 01 Jan 2024 12:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202269
IP address blocks: 185.208.172.0/24 maxlen: 24
185.208.173.0/24 maxlen: 24
185.110.191.0/24 maxlen: 24
185.110.188.0/24 maxlen: 24
185.110.190.0/24 maxlen: 24
185.110.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 12:11:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:6c:11:80:d5:f4:e2:65:2a:73:f1:28:a2:df:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8536146119b044539082e326cca903200b8d4b1a
Validity
Not Before: Jan 1 12:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d7bc6f2660ef343e71c29b3f64ee0c3974e519a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bb:9b:9a:f3:3b:75:76:07:70:b6:57:93:e5:
ae:2c:4f:7c:e9:43:20:9e:4f:68:b2:d5:3a:f5:e3:
cf:19:c4:bb:04:e3:f6:9f:75:84:6c:f3:f7:65:cd:
8a:c3:aa:e4:fd:ef:1b:ad:6f:b6:61:7c:c1:d9:25:
99:d1:de:a1:ff:d0:20:40:66:77:91:7a:ef:fd:9d:
6f:97:25:45:b2:35:46:14:56:0d:5e:c4:5c:2c:e2:
6b:2a:15:8f:0f:d2:6d:1e:7c:62:93:4f:fc:7d:e3:
4a:07:c0:0f:f6:53:5e:6f:19:64:fd:6e:ce:c6:f1:
0e:04:74:69:5c:b0:fd:bc:8e:87:db:20:84:68:e8:
36:5c:6b:bc:85:b6:28:08:e8:c9:d9:a7:2b:3c:5d:
93:fc:10:fd:fc:11:8e:71:85:4a:fd:08:fe:8e:b1:
98:fe:9a:57:cb:21:42:86:96:f7:a5:df:af:36:85:
c7:a0:47:bf:78:6a:c9:f9:de:0d:83:c8:1d:f8:df:
b8:ee:e9:13:0f:8c:c6:df:a7:01:0b:64:c9:ff:e4:
a8:8d:19:64:1d:c0:18:a4:e2:6f:5c:72:57:5a:32:
eb:8e:de:ef:98:24:2f:b8:f6:14:a5:60:da:b6:aa:
c4:d8:cb:20:30:d6:45:7d:75:19:60:88:c5:0e:5f:
aa:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7B:C6:F2:66:0E:F3:43:E7:1C:29:B3:F6:4E:E0:C3:97:4E:51:9A
X509v3 Authority Key Identifier:
keyid:85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/LXvG8mYO80PnHCmz9k7gw5dOUZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.188.0/22
185.208.172.0/23
Signature Algorithm: sha256WithRSAEncryption
99:e3:95:1e:d9:fe:59:55:ba:4f:95:09:59:e3:69:83:6e:57:
21:0e:83:c3:25:d0:c8:3f:9e:45:7e:5a:91:3d:bb:d6:6e:85:
f6:20:c6:33:cc:03:ea:12:c8:25:b9:88:b6:0c:02:73:7a:68:
e1:c9:ab:81:e6:a0:ae:ca:f0:9d:03:7f:1b:fd:26:06:c5:36:
3d:88:11:54:57:b7:2c:67:5d:dc:16:cd:73:26:7c:0d:5e:53:
49:4b:33:84:64:9f:8f:85:0b:05:87:dc:b2:e5:90:09:a5:5e:
6b:9d:7a:e1:60:a9:17:2a:91:d9:1d:f2:9d:c1:6d:b3:65:d2:
14:2c:11:50:e4:95:5c:03:95:44:f3:32:b6:20:49:8e:64:41:
72:fa:06:4f:3b:e8:a4:12:8e:35:57:c7:80:57:6e:e8:31:ad:
31:66:62:24:9b:37:6f:55:7e:93:ba:fe:5e:cf:61:bc:08:a7:
ca:a6:25:84:aa:2c:f5:4f:d9:61:d0:27:f4:f5:d2:4e:80:c6:
11:10:5e:a3:51:72:63:d1:09:0f:8a:17:b7:84:09:87:84:b3:
45:8d:ec:e5:04:0b:5b:5c:38:ae:ba:92:71:0c:29:cd:0c:ed:
f4:35:8c:55:4f:03:9a:1b:a5:8d:0f:63:ec:a6:ee:c1:ef:0a:
d7:3a:da:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAGwRgNX04mUqc/Eoot8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzYxNDYxMTliMDQ0NTM5MDgyZTMyNmNjYTkwMzIwMGI4
ZDRiMWEwHhcNMjQwMTAxMTIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDdiYzZmMjY2MGVmMzQzZTcxYzI5YjNmNjRlZTBjMzk3NGU1MTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbubmvM7dXYHcLZXk+WuLE986UMg
nk9ostU69ePPGcS7BOP2n3WEbPP3Zc2Kw6rk/e8brW+2YXzB2SWZ0d6h/9AgQGZ3
kXrv/Z1vlyVFsjVGFFYNXsRcLOJrKhWPD9JtHnxik0/8feNKB8AP9lNebxlk/W7O
xvEOBHRpXLD9vI6H2yCEaOg2XGu8hbYoCOjJ2acrPF2T/BD9/BGOcYVK/Qj+jrGY
/ppXyyFChpb3pd+vNoXHoEe/eGrJ+d4Ng8gd+N+47ukTD4zG36cBC2TJ/+SojRlk
HcAYpOJvXHJXWjLrjt7vmCQvuPYUpWDatqrE2MsgMNZFfXUZYIjFDl+qzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC17xvJmDvND5xwps/ZO4MOXTlGaMB8GA1UdIwQY
MBaAFIU2FGEZsERTkILjJsypAyALjUsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMt
MGM2NzIxN2NjOTZiLzEvTFh2RzhtWU84MFBuSENtejlrN2d3NWRPVVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMtMGM2NzIxN2NjOTZi
LzEvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuW68AwQB
udCsMA0GCSqGSIb3DQEBCwUAA4IBAQCZ45Ue2f5ZVbpPlQlZ42mDblchDoPDJdDI
P55FflqRPbvWboX2IMYzzAPqEsgluYi2DAJzemjhyauB5qCuyvCdA38b/SYGxTY9
iBFUV7csZ13cFs1zJnwNXlNJSzOEZJ+PhQsFh9yy5ZAJpV5rnXrhYKkXKpHZHfKd
wW2zZdIULBFQ5JVcA5VE8zK2IEmOZEFy+gZPO+ikEo41V8eAV27oMa0xZmIkmzdv
VX6Tuv5ez2G8CKfKpiWEqiz1T9lh0Cf09dJOgMYREF6jUXJj0QkPihe3hAmHhLNF
jezlBAtbXDiuupJxDCnNDO30NYxVTwOaG6WND2Pspu7B7wrXOtqD
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:08:42 2025 by rpki-client