Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/d6327f-803e-47fc-8e25-44311f9cb856/1/9iOelXrsj2P6jIgOTvT1qauDzJc.roa
File: 9iOelXrsj2P6jIgOTvT1qauDzJc.roa (raw, json)
Hash identifier: Jmu33ZU3fOXHQp6eA6xg203rCZOopDTmEk0KXS81tHE=
Subject key identifier: F6:23:9E:95:7A:EC:8F:63:FA:8C:88:0E:4E:F4:F5:A9:AB:83:CC:97
Certificate issuer: /CN=dd189621d2fa872166e6a05ee47a7d756243e919
Certificate serial: 018CC79544586086975199C6A42DC1EA12D1
Authority key identifier: DD:18:96:21:D2:FA:87:21:66:E6:A0:5E:E4:7A:7D:75:62:43:E9:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3RiWIdL6hyFm5qBe5Hp9dWJD6Rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/d6327f-803e-47fc-8e25-44311f9cb856/1/9iOelXrsj2P6jIgOTvT1qauDzJc.roa
Signing time: Tue 02 Jan 2024 00:31:37 +0000
ROA not before: Tue 02 Jan 2024 00:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15751
IP address blocks: 185.51.72.0/22 maxlen: 23
109.125.0.0/18 maxlen: 18
212.129.64.0/24 maxlen: 24
212.129.68.0/22 maxlen: 22
212.129.66.0/23 maxlen: 23
212.129.72.0/21 maxlen: 21
212.129.80.0/20 maxlen: 20
2a01:b340::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:44:58:60:86:97:51:99:c6:a4:2d:c1:ea:12:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd189621d2fa872166e6a05ee47a7d756243e919
Validity
Not Before: Jan 2 00:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6239e957aec8f63fa8c880e4ef4f5a9ab83cc97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e6:c6:45:03:2e:4d:7f:aa:78:7f:9b:ed:d7:
b9:65:07:e1:b5:6d:8f:29:d5:9b:4c:c0:90:df:68:
e5:d9:3e:cd:2b:90:5c:8f:2f:c1:b3:5a:dd:20:f4:
95:fb:c4:66:bc:7d:e3:af:6f:88:00:f1:2c:8b:fe:
f1:dd:40:9e:09:1b:d5:95:96:d4:b6:d9:75:70:2b:
68:ea:6e:9d:35:6b:8e:dd:ca:9f:8b:ea:54:0d:37:
1b:e1:ca:15:27:8a:36:3b:ed:77:6e:99:32:e9:4d:
c5:de:f6:9e:57:e1:2f:fd:1c:91:eb:1a:62:82:b9:
9f:76:c9:86:21:b8:88:98:c2:32:5d:90:48:68:b1:
03:df:fc:39:e6:f0:8e:d9:32:84:c5:da:42:11:dc:
e2:b5:fb:cf:ee:a9:b9:53:d9:d0:2f:26:b6:08:d6:
02:6f:3f:db:4e:ed:1d:aa:67:5f:78:27:bb:1c:9f:
ca:67:21:3d:e9:ba:3d:6c:89:9d:d5:fe:e9:e4:a9:
2a:83:c8:de:96:39:d9:83:0d:98:f9:7d:0f:f9:90:
b7:12:50:f7:4e:56:34:97:1e:af:42:7d:d7:8e:15:
9e:b2:80:26:d5:a0:39:70:1b:cd:fe:5c:a3:2b:1e:
c6:68:6e:d3:d4:87:97:a9:58:e3:c6:a9:4a:2e:01:
3f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:23:9E:95:7A:EC:8F:63:FA:8C:88:0E:4E:F4:F5:A9:AB:83:CC:97
X509v3 Authority Key Identifier:
keyid:DD:18:96:21:D2:FA:87:21:66:E6:A0:5E:E4:7A:7D:75:62:43:E9:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3RiWIdL6hyFm5qBe5Hp9dWJD6Rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/d6327f-803e-47fc-8e25-44311f9cb856/1/9iOelXrsj2P6jIgOTvT1qauDzJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/d6327f-803e-47fc-8e25-44311f9cb856/1/3RiWIdL6hyFm5qBe5Hp9dWJD6Rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.125.0.0/18
185.51.72.0/22
212.129.64.0/24
212.129.66.0-212.129.95.255
IPv6:
2a01:b340::/32
Signature Algorithm: sha256WithRSAEncryption
a1:34:da:4e:3b:d2:94:2e:c0:98:0b:6d:2e:a8:c4:70:9b:d8:
02:33:ae:39:41:5b:65:f7:29:3e:e8:09:0f:2c:67:d9:26:bf:
1e:84:ba:14:2f:76:d9:73:39:75:5c:85:aa:2d:4d:27:73:b6:
b4:40:1e:9a:3b:42:e3:34:ef:ad:17:81:ba:c1:e2:07:aa:01:
c8:a3:90:e9:9b:c4:50:a9:eb:a8:d1:f0:64:2c:60:79:70:0f:
81:ad:91:fe:96:3b:f9:80:f9:1a:3e:68:68:a7:7e:f0:61:c9:
eb:b0:85:87:4a:5a:d0:3d:50:70:a6:6d:8b:02:c3:5f:1d:0e:
d5:3b:b2:fa:2d:3f:58:bb:9f:9c:5e:56:67:45:47:e6:61:ee:
26:64:57:51:ca:2d:65:2e:ad:db:f7:3a:5b:2a:3c:b5:ab:c9:
d6:26:c7:09:b0:ca:a9:6f:29:8e:b8:cc:64:9b:27:85:85:29:
dc:95:70:9c:99:69:00:b0:18:6f:3b:f9:29:b5:4d:42:bc:2e:
03:e6:2a:5b:4c:d6:a0:40:ed:0c:cc:dc:8f:07:2c:e7:bf:7b:
f0:eb:4f:da:ed:d3:47:c2:40:7c:14:04:5f:24:81:10:9c:25:
9b:3d:d9:ab:96:f2:99:dc:3b:58:7c:f8:4b:20:cc:fd:3b:1b:
9c:a5:97:1a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzHlURYYIaXUZnGpC3B6hLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTg5NjIxZDJmYTg3MjE2NmU2YTA1ZWU0N2E3ZDc1NjI0
M2U5MTkwHhcNMjQwMTAyMDAzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjIzOWU5NTdhZWM4ZjYzZmE4Yzg4MGU0ZWY0ZjVhOWFiODNjYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+bGRQMuTX+qeH+b7de5ZQfhtW2P
KdWbTMCQ32jl2T7NK5Bcjy/Bs1rdIPSV+8RmvH3jr2+IAPEsi/7x3UCeCRvVlZbU
ttl1cCto6m6dNWuO3cqfi+pUDTcb4coVJ4o2O+13bpky6U3F3vaeV+Ev/RyR6xpi
grmfdsmGIbiImMIyXZBIaLED3/w55vCO2TKExdpCEdzitfvP7qm5U9nQLya2CNYC
bz/bTu0dqmdfeCe7HJ/KZyE96bo9bImd1f7p5Kkqg8jeljnZgw2Y+X0P+ZC3ElD3
TlY0lx6vQn3XjhWesoAm1aA5cBvN/lyjKx7GaG7T1IeXqVjjxqlKLgE/1wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFPYjnpV67I9j+oyIDk709amrg8yXMB8GA1UdIwQY
MBaAFN0YliHS+ochZuagXuR6fXViQ+kZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JpV0lkTDZoeUZtNXFCZTVIcDlkV0pENlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kNjMyN2YtODAzZS00N2ZjLThlMjUt
NDQzMTFmOWNiODU2LzEvOWlPZWxYcnNqMlA2aklnT1R2VDFxYXVEekpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kNjMyN2YtODAzZS00N2ZjLThlMjUtNDQzMTFmOWNiODU2
LzEvM1JpV0lkTDZoeUZtNXFCZTVIcDlkV0pENlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQGbX0AAwQC
uTNIAwQA1IFAMAwDBAHUgUIDBAXUgUAwDQQCAAIwBwMFACoBs0AwDQYJKoZIhvcN
AQELBQADggEBAKE02k470pQuwJgLbS6oxHCb2AIzrjlBW2X3KT7oCQ8sZ9kmvx6E
uhQvdtlzOXVchaotTSdztrRAHpo7QuM0760XgbrB4geqAcijkOmbxFCp66jR8GQs
YHlwD4Gtkf6WO/mA+Ro+aGinfvBhyeuwhYdKWtA9UHCmbYsCw18dDtU7svotP1i7
n5xeVmdFR+Zh7iZkV1HKLWUurdv3OlsqPLWrydYmxwmwyqlvKY64zGSbJ4WFKdyV
cJyZaQCwGG87+Sm1TUK8LgPmKltM1qBA7QzM3I8HLOe/e/DrT9rt00fCQHwUBF8k
gRCcJZs92auW8pncO1h8+EsgzP07G5yllxo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:41 2025 by rpki-client