Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/febeb6-79e6-4d97-9c92-b79968e0e174/1/IJXcgFEKwqpfVAG8Vlt_gxPW5Ew.roa
File: IJXcgFEKwqpfVAG8Vlt_gxPW5Ew.roa (raw, json)
Hash identifier: mwhQ1k25yynrQzX7nFyh4aw048GJ+kc4pMHdFO6r+LY=
Subject key identifier: 20:95:DC:80:51:0A:C2:AA:5F:54:01:BC:56:5B:7F:83:13:D6:E4:4C
Certificate issuer: /CN=30e6a5c3136bd2fdd36c84a0cc725bf7cb0feab5
Certificate serial: 018CC5DCD43A343DEA4B71A22F2F078EB45B
Authority key identifier: 30:E6:A5:C3:13:6B:D2:FD:D3:6C:84:A0:CC:72:5B:F7:CB:0F:EA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MOalwxNr0v3TbISgzHJb98sP6rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/febeb6-79e6-4d97-9c92-b79968e0e174/1/IJXcgFEKwqpfVAG8Vlt_gxPW5Ew.roa
Signing time: Mon 01 Jan 2024 16:30:32 +0000
ROA not before: Mon 01 Jan 2024 16:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211625
IP address blocks: 185.75.4.0/22 maxlen: 22
185.235.9.0/24 maxlen: 24
2a10:b7c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:d4:3a:34:3d:ea:4b:71:a2:2f:2f:07:8e:b4:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30e6a5c3136bd2fdd36c84a0cc725bf7cb0feab5
Validity
Not Before: Jan 1 16:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2095dc80510ac2aa5f5401bc565b7f8313d6e44c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1a:07:99:a3:af:30:76:29:99:25:1d:ce:e7:
9d:e8:26:63:e3:6c:3a:f0:0b:fc:8b:38:94:0c:0a:
61:05:e3:fe:ad:35:81:85:7e:5a:74:a4:40:dc:c8:
bb:09:30:e3:29:d5:ef:c1:4f:42:e0:b2:d6:15:7b:
4f:8b:d9:36:61:5d:1f:e2:36:7f:9d:2e:dd:7e:7a:
86:4c:58:b3:33:1a:5f:c4:59:ec:48:8a:b4:a8:80:
65:c0:35:09:90:bb:80:73:f3:de:29:94:6a:0f:3c:
20:02:e1:5f:b2:c7:c7:86:03:b2:8d:85:0c:34:8a:
57:9f:76:71:06:79:d9:56:ae:9a:31:bd:d6:5e:6d:
f3:9f:45:f6:4b:e2:ac:14:af:e4:ee:23:b5:d4:be:
f8:2e:ca:d1:98:65:e7:7c:e5:c5:2a:d4:a4:be:ea:
0f:8d:63:cf:4e:e9:f5:c0:5d:ca:05:0a:3a:34:44:
6c:27:a8:7d:0c:61:f3:51:e9:d2:d0:4b:58:a2:3a:
b7:09:03:d8:60:f0:ce:a4:5b:af:f6:e1:35:5d:73:
bb:14:29:b1:2e:01:91:83:c5:34:aa:1e:e0:40:f7:
e6:18:ea:ff:79:a6:fb:8c:5e:5c:32:6c:43:c3:7f:
59:66:eb:33:28:f2:06:5e:93:43:b6:8b:c8:97:a3:
61:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:95:DC:80:51:0A:C2:AA:5F:54:01:BC:56:5B:7F:83:13:D6:E4:4C
X509v3 Authority Key Identifier:
keyid:30:E6:A5:C3:13:6B:D2:FD:D3:6C:84:A0:CC:72:5B:F7:CB:0F:EA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MOalwxNr0v3TbISgzHJb98sP6rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/febeb6-79e6-4d97-9c92-b79968e0e174/1/IJXcgFEKwqpfVAG8Vlt_gxPW5Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/febeb6-79e6-4d97-9c92-b79968e0e174/1/MOalwxNr0v3TbISgzHJb98sP6rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.4.0/22
185.235.9.0/24
IPv6:
2a10:b7c0::/29
Signature Algorithm: sha256WithRSAEncryption
07:a1:ac:f3:ff:3e:1b:39:03:8b:f8:88:60:d7:7c:9b:e7:7c:
02:09:f8:be:06:9d:fb:e1:5d:db:25:c5:23:d4:ff:18:42:27:
f1:53:5b:e0:43:1f:52:81:36:2a:89:61:0b:cd:b4:36:c2:35:
72:22:99:a3:a4:ed:b6:d5:ed:64:8b:40:ba:45:99:fe:28:86:
51:16:ee:b4:4f:55:3f:c6:66:36:35:90:57:dc:93:9b:b9:71:
25:a8:40:94:bb:19:96:31:bb:ef:6f:6d:7f:23:df:d4:5a:4a:
86:57:7c:56:5c:27:92:60:97:68:43:08:7d:d5:d2:f9:95:86:
2b:ef:d7:e3:2f:7f:60:d5:14:f1:c3:43:21:ea:53:be:ad:c1:
68:b2:74:15:da:d2:ed:da:ca:68:44:f3:66:8a:82:80:40:ce:
74:98:50:60:06:94:f5:01:51:08:7c:0b:63:70:dd:b0:16:4c:
aa:fb:e4:cd:b1:37:7a:30:41:6a:84:b1:5d:32:57:d0:4c:88:
d3:b8:82:fc:d0:d5:e7:db:46:24:35:80:43:42:b6:43:56:e6:
ad:63:b4:9f:0d:9b:7d:50:34:25:e3:7b:fa:05:1c:12:ee:74:
a1:29:23:f7:c3:9a:8b:75:f6:66:d9:91:bd:c9:dd:90:d1:79:
95:9c:21:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3NQ6ND3qS3GiLy8HjrRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZTZhNWMzMTM2YmQyZmRkMzZjODRhMGNjNzI1YmY3Y2Iw
ZmVhYjUwHhcNMjQwMTAxMTYzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDk1ZGM4MDUxMGFjMmFhNWY1NDAxYmM1NjViN2Y4MzEzZDZlNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhoHmaOvMHYpmSUdzued6CZj42w6
8Av8iziUDAphBeP+rTWBhX5adKRA3Mi7CTDjKdXvwU9C4LLWFXtPi9k2YV0f4jZ/
nS7dfnqGTFizMxpfxFnsSIq0qIBlwDUJkLuAc/PeKZRqDzwgAuFfssfHhgOyjYUM
NIpXn3ZxBnnZVq6aMb3WXm3zn0X2S+KsFK/k7iO11L74LsrRmGXnfOXFKtSkvuoP
jWPPTun1wF3KBQo6NERsJ6h9DGHzUenS0EtYojq3CQPYYPDOpFuv9uE1XXO7FCmx
LgGRg8U0qh7gQPfmGOr/eab7jF5cMmxDw39ZZuszKPIGXpNDtovIl6NhZwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCCV3IBRCsKqX1QBvFZbf4MT1uRMMB8GA1UdIwQY
MBaAFDDmpcMTa9L902yEoMxyW/fLD+q1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU9hbHd4TnIwdjNUYklTZ3pISmI5OHNQNnJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9mZWJlYjYtNzllNi00ZDk3LTljOTIt
Yjc5OTY4ZTBlMTc0LzEvSUpYY2dGRUt3cXBmVkFHOFZsdF9neFBXNUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9mZWJlYjYtNzllNi00ZDk3LTljOTItYjc5OTY4ZTBlMTc0
LzEvTU9hbHd4TnIwdjNUYklTZ3pISmI5OHNQNnJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUsEAwQA
uesJMA0EAgACMAcDBQMqELfAMA0GCSqGSIb3DQEBCwUAA4IBAQAHoazz/z4bOQOL
+Ihg13yb53wCCfi+Bp374V3bJcUj1P8YQifxU1vgQx9SgTYqiWELzbQ2wjVyIpmj
pO221e1ki0C6RZn+KIZRFu60T1U/xmY2NZBX3JObuXElqECUuxmWMbvvb21/I9/U
WkqGV3xWXCeSYJdoQwh91dL5lYYr79fjL39g1RTxw0Mh6lO+rcFosnQV2tLt2spo
RPNmioKAQM50mFBgBpT1AVEIfAtjcN2wFkyq++TNsTd6MEFqhLFdMlfQTIjTuIL8
0NXn20YkNYBDQrZDVuatY7SfDZt9UDQl43v6BRwS7nShKSP3w5qLdfZm2ZG9yd2Q
0XmVnCHL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:54 2025 by rpki-client