Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/b4wowhrQD0jdhAMRIJ32Ji07q6s.roa
File: b4wowhrQD0jdhAMRIJ32Ji07q6s.roa (raw, json)
Hash identifier: EwoS1XtX1bug9kfEf8XAg0btltUqNaIt2oVCGZQwfiU=
Subject key identifier: 6F:8C:28:C2:1A:D0:0F:48:DD:84:03:11:20:9D:F6:26:2D:3B:AB:AB
Certificate issuer: /CN=74a59b7fb4e034f67775f2875efbfc9eff247e8e
Certificate serial: 018CC56E24462D9131E923FF6C86E5BCE3FA
Authority key identifier: 74:A5:9B:7F:B4:E0:34:F6:77:75:F2:87:5E:FB:FC:9E:FF:24:7E:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/b4wowhrQD0jdhAMRIJ32Ji07q6s.roa
Signing time: Mon 01 Jan 2024 14:29:38 +0000
ROA not before: Mon 01 Jan 2024 14:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210318
IP address blocks: 185.37.233.0/24 maxlen: 24
185.37.232.0/24 maxlen: 24
185.37.234.0/24 maxlen: 24
185.37.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 07:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:24:46:2d:91:31:e9:23:ff:6c:86:e5:bc:e3:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74a59b7fb4e034f67775f2875efbfc9eff247e8e
Validity
Not Before: Jan 1 14:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f8c28c21ad00f48dd840311209df6262d3babab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8c:8f:aa:64:83:1b:af:03:32:97:e0:52:c6:
83:a3:b9:43:97:e0:22:87:af:2d:a4:7c:95:1a:3a:
de:0d:5d:b0:09:2e:d2:e7:3a:df:aa:ca:7e:f0:48:
a8:66:9e:e9:f6:6b:19:a7:f2:14:7f:26:1e:60:9a:
8d:ab:f7:03:87:18:2c:49:6c:cd:f3:25:cd:b8:b7:
24:ce:34:44:03:15:e4:75:24:01:66:4a:72:e1:16:
fd:62:a0:b0:13:f3:58:38:ad:20:1d:11:c6:26:0e:
b8:7e:f2:7f:b7:57:3c:d5:53:c8:bf:b2:6c:d0:36:
f4:7a:cf:e8:3d:e6:dd:33:e5:0c:cc:c3:26:77:ca:
cd:bd:7e:c2:74:e1:a9:3d:be:e7:84:e6:4d:8a:8a:
1a:6e:71:a5:e9:57:c5:77:3b:2e:88:3d:43:a8:c5:
6f:6d:57:59:dd:f1:b4:99:cc:8a:98:3b:45:d4:77:
1b:2b:9c:09:07:a6:1c:69:14:ca:01:0d:8c:5e:37:
4d:f7:bc:22:fe:0b:ed:57:ca:6d:96:98:f3:56:6e:
56:e4:a6:48:f4:a9:da:5f:87:a7:81:bc:00:ca:bb:
2c:34:0a:98:d4:a7:b9:4d:a6:93:34:01:c2:d3:17:
a9:80:c9:c7:9f:1b:3f:82:90:8f:10:2f:59:a6:fa:
e9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:8C:28:C2:1A:D0:0F:48:DD:84:03:11:20:9D:F6:26:2D:3B:AB:AB
X509v3 Authority Key Identifier:
keyid:74:A5:9B:7F:B4:E0:34:F6:77:75:F2:87:5E:FB:FC:9E:FF:24:7E:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/b4wowhrQD0jdhAMRIJ32Ji07q6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.232.0/22
Signature Algorithm: sha256WithRSAEncryption
62:b5:d4:75:90:df:e7:a5:53:9a:2f:d6:91:ab:20:a3:5d:e8:
fd:0b:da:f4:fb:31:f1:7d:a9:7b:4f:d2:aa:a6:26:bc:a5:20:
5f:e0:11:2f:8a:18:90:da:a6:b9:cb:a5:5c:04:10:a5:eb:a3:
5a:69:b3:59:d3:5a:82:b0:f5:d1:95:01:ba:d6:d5:95:a2:d9:
6e:c2:61:2d:37:91:79:24:63:a0:0a:c5:6c:90:ad:5a:f9:56:
66:9a:b9:ac:a7:61:41:b2:bb:fb:56:d0:3d:ef:46:12:c4:ab:
c9:72:26:8c:99:74:dd:5f:67:d3:b0:36:c0:93:19:8a:f3:70:
fe:58:67:ae:f7:48:f8:97:ea:79:4e:6a:d2:bb:bd:3f:3a:e6:
4f:0a:ef:34:e5:da:2f:54:4b:c8:b4:6e:a8:01:bc:8f:98:c2:
c2:21:e8:fe:59:15:aa:36:a6:10:aa:4f:21:31:f4:bc:22:2f:
4c:f4:44:45:8c:96:cf:20:d9:9a:e8:86:14:c5:bd:47:60:70:
21:f3:e3:e5:18:f5:7b:b6:4f:d9:b7:92:1c:21:e3:eb:ed:71:
0e:2c:2b:f5:a4:90:eb:e6:57:b7:87:35:c1:5f:56:15:0a:91:
f2:8b:c4:72:d2:32:9c:f0:ce:1c:cd:2b:c9:b2:c8:e4:ea:19:
6c:1d:1b:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbiRGLZEx6SP/bIblvOP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YTU5YjdmYjRlMDM0ZjY3Nzc1ZjI4NzVlZmJmYzllZmYy
NDdlOGUwHhcNMjQwMTAxMTQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjhjMjhjMjFhZDAwZjQ4ZGQ4NDAzMTEyMDlkZjYyNjJkM2JhYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIyPqmSDG68DMpfgUsaDo7lDl+Ai
h68tpHyVGjreDV2wCS7S5zrfqsp+8EioZp7p9msZp/IUfyYeYJqNq/cDhxgsSWzN
8yXNuLckzjREAxXkdSQBZkpy4Rb9YqCwE/NYOK0gHRHGJg64fvJ/t1c81VPIv7Js
0Db0es/oPebdM+UMzMMmd8rNvX7CdOGpPb7nhOZNiooabnGl6VfFdzsuiD1DqMVv
bVdZ3fG0mcyKmDtF1HcbK5wJB6YcaRTKAQ2MXjdN97wi/gvtV8ptlpjzVm5W5KZI
9KnaX4engbwAyrssNAqY1Ke5TaaTNAHC0xepgMnHnxs/gpCPEC9ZpvrpEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+MKMIa0A9I3YQDESCd9iYtO6urMB8GA1UdIwQY
MBaAFHSlm3+04DT2d3Xyh177/J7/JH6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtXYmY3VGdOUFozZGZLSFh2djhudjhrZm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8yYjE5NWUtMGFiYS00N2Q0LThlM2It
YWQzMmVmNDlkNDE5LzEvYjR3b3doclFEMGpkaEFNUklKMzJKaTA3cTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8yYjE5NWUtMGFiYS00N2Q0LThlM2ItYWQzMmVmNDlkNDE5
LzEvZEtXYmY3VGdOUFozZGZLSFh2djhudjhrZm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSXoMA0G
CSqGSIb3DQEBCwUAA4IBAQBitdR1kN/npVOaL9aRqyCjXej9C9r0+zHxfal7T9Kq
pia8pSBf4BEvihiQ2qa5y6VcBBCl66NaabNZ01qCsPXRlQG61tWVotluwmEtN5F5
JGOgCsVskK1a+VZmmrmsp2FBsrv7VtA970YSxKvJciaMmXTdX2fTsDbAkxmK83D+
WGeu90j4l+p5TmrSu70/OuZPCu805dovVEvItG6oAbyPmMLCIej+WRWqNqYQqk8h
MfS8Ii9M9ERFjJbPINma6IYUxb1HYHAh8+PlGPV7tk/Zt5IcIePr7XEOLCv1pJDr
5le3hzXBX1YVCpHyi8Ry0jKc8M4czSvJssjk6hlsHRuB
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:18:47 2025 by rpki-client