Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/rYC3jtCWjTE1_eifJwNBxiJmWgI.roa
File: rYC3jtCWjTE1_eifJwNBxiJmWgI.roa (raw, json)
Hash identifier: 18UkcBrtwFNepeuEYFTsG26kpbtVbxETboNFoBglbnw=
Subject key identifier: AD:80:B7:8E:D0:96:8D:31:35:FD:E8:9F:27:03:41:C6:22:66:5A:02
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 0194221FDB3E13BD0BA7E9475E25759E6CE5
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/rYC3jtCWjTE1_eifJwNBxiJmWgI.roa
Signing time: Wed 01 Jan 2025 13:48:20 +0000
ROA not before: Wed 01 Jan 2025 13:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199270
IP address blocks: 141.226.249.0/24 maxlen: 24
185.23.172.0/23 maxlen: 23
185.23.172.0/24 maxlen: 24
185.23.174.0/24 maxlen: 24
2a00:66a0::/35 maxlen: 35
Validation: Failed, certificate revoked on Mon 17 Feb 2025 13:17:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:db:3e:13:bd:0b:a7:e9:47:5e:25:75:9e:6c:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Jan 1 13:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad80b78ed0968d3135fde89f270341c622665a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:05:06:52:0e:b6:3d:ec:a1:80:30:31:7b:f5:
e6:06:e4:ec:92:fa:5c:df:0c:db:4f:d9:55:49:38:
47:bf:e1:da:bb:b7:80:2c:fb:be:06:8d:30:95:e5:
9e:09:b9:52:2b:d2:6c:8f:10:80:f2:d2:05:e0:4f:
1d:96:a6:ae:9c:5d:d4:29:36:62:17:e4:2c:98:0c:
a8:31:9e:14:ed:db:6c:79:93:62:39:95:c8:4a:b8:
5d:22:9b:2c:07:49:70:05:eb:b7:32:18:08:8a:aa:
32:db:1d:bc:b0:e2:78:88:f0:53:9c:bd:f3:69:37:
3a:28:75:5e:bd:4c:49:ad:65:d8:98:56:56:62:38:
d7:ec:ae:68:fb:10:3e:fa:aa:c2:b2:53:ba:cd:db:
c9:ff:25:b9:2d:48:9e:63:91:c6:00:c4:1b:b0:e3:
a0:5c:aa:ee:2e:06:6b:fd:c4:34:17:1d:06:d2:53:
4b:9d:7b:04:cc:28:87:43:a1:c7:b7:db:be:8a:15:
16:25:90:db:46:49:09:41:10:23:6a:87:d6:43:7e:
dc:31:8b:69:da:60:e4:4d:71:84:65:d3:95:9c:8d:
0f:45:c0:a8:ca:a1:d0:16:ef:1e:6e:ef:39:0f:de:
f7:f3:dc:56:c6:1b:89:44:bc:53:bd:e9:54:e0:5f:
80:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:80:B7:8E:D0:96:8D:31:35:FD:E8:9F:27:03:41:C6:22:66:5A:02
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/rYC3jtCWjTE1_eifJwNBxiJmWgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.249.0/24
185.23.172.0-185.23.174.255
IPv6:
2a00:66a0::/35
Signature Algorithm: sha256WithRSAEncryption
20:53:75:0a:4b:84:72:1a:55:64:db:c5:ff:2a:2e:75:ac:06:
34:35:5b:c4:ec:32:c2:73:3a:b3:81:d7:60:1c:dc:85:29:a5:
f5:f6:80:ff:bd:1d:2c:48:9c:86:cc:e3:84:47:ba:cd:8c:49:
07:09:28:ab:3f:a0:57:50:45:29:35:38:84:f4:84:44:39:64:
cb:31:a5:97:bc:bc:4a:91:cb:9d:b5:1e:46:15:af:69:59:1c:
d6:40:cb:cd:c0:6d:c0:3a:93:60:d8:7d:60:2b:36:08:6d:6f:
df:0e:4f:b0:23:20:e7:f9:09:0d:55:f7:d3:25:7c:a4:9c:08:
9a:b3:eb:01:fc:15:1e:9b:db:10:68:d4:a0:dd:9f:43:1c:ff:
41:83:ff:c9:94:d8:15:77:66:40:e5:7a:75:21:93:6d:8a:27:
61:62:dc:7d:33:f7:ad:fa:6b:3a:67:d3:dc:46:ba:0d:ab:f2:
5e:a5:f5:69:2c:17:52:30:fd:79:b8:a0:a0:cb:9a:ec:1a:d4:
45:4d:c0:9f:ec:84:4f:1b:d5:f0:60:4d:0c:6e:8e:0d:15:f5:
04:9a:3d:08:9f:88:80:be:d1:30:3c:5b:cd:9b:ec:56:a9:7b:
29:bb:40:21:f8:59:39:1e:d9:8b:cc:75:c0:23:08:82:6c:83:
ed:5b:8e:a2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQiH9s+E70Lp+lHXiV1nmzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjUwMTAxMTM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDgwYjc4ZWQwOTY4ZDMxMzVmZGU4OWYyNzAzNDFjNjIyNjY1YTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QUGUg62PeyhgDAxe/XmBuTskvpc
3wzbT9lVSThHv+Hau7eALPu+Bo0wleWeCblSK9JsjxCA8tIF4E8dlqaunF3UKTZi
F+QsmAyoMZ4U7dtseZNiOZXISrhdIpssB0lwBeu3MhgIiqoy2x28sOJ4iPBTnL3z
aTc6KHVevUxJrWXYmFZWYjjX7K5o+xA++qrCslO6zdvJ/yW5LUieY5HGAMQbsOOg
XKruLgZr/cQ0Fx0G0lNLnXsEzCiHQ6HHt9u+ihUWJZDbRkkJQRAjaofWQ37cMYtp
2mDkTXGEZdOVnI0PRcCoyqHQFu8ebu85D97389xWxhuJRLxTvelU4F+AmwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK2At47Qlo0xNf3onycDQcYiZloCMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvcllDM2p0Q1dqVEUxX2VpZkp3TkJ4aUptV2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUAwQAjeL5MAwD
BAK5F6wDBAC5F64wDgQCAAIwCAMGBSoAZqAAMA0GCSqGSIb3DQEBCwUAA4IBAQAg
U3UKS4RyGlVk28X/Ki51rAY0NVvE7DLCczqzgddgHNyFKaX19oD/vR0sSJyGzOOE
R7rNjEkHCSirP6BXUEUpNTiE9IREOWTLMaWXvLxKkcudtR5GFa9pWRzWQMvNwG3A
OpNg2H1gKzYIbW/fDk+wIyDn+QkNVffTJXyknAias+sB/BUem9sQaNSg3Z9DHP9B
g//JlNgVd2ZA5Xp1IZNtiidhYtx9M/et+ms6Z9PcRroNq/JepfVpLBdSMP15uKCg
y5rsGtRFTcCf7IRPG9XwYE0Mbo4NFfUEmj0In4iAvtEwPFvNm+xWqXspu0Ah+Fk5
HtmLzHXAIwiCbIPtW46i
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:33 2025 by rpki-client