Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/RwLrDubSysPLSSSCO9A3wMYZSXU.roa
File: RwLrDubSysPLSSSCO9A3wMYZSXU.roa (raw, json)
Hash identifier: TPTSZ8qF8oFr5fbeyFERBVZKdFNZ5uzu/j93YItlodM=
Subject key identifier: 47:02:EB:0E:E6:D2:CA:C3:CB:49:24:82:3B:D0:37:C0:C6:19:49:75
Certificate issuer: /CN=6431e960cd061039b3b27fd25d4160771c498bab
Certificate serial: 018CF496501C888C55E9C42302B30B728295
Authority key identifier: 64:31:E9:60:CD:06:10:39:B3:B2:7F:D2:5D:41:60:77:1C:49:8B:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/RwLrDubSysPLSSSCO9A3wMYZSXU.roa
Signing time: Wed 10 Jan 2024 18:15:40 +0000
ROA not before: Wed 10 Jan 2024 18:15:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205229
IP address blocks: 185.224.176.0/22 maxlen: 24
185.224.178.0/24 maxlen: 24
2a14:3900::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 25 Jan 2024 16:09:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f4:96:50:1c:88:8c:55:e9:c4:23:02:b3:0b:72:82:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6431e960cd061039b3b27fd25d4160771c498bab
Validity
Not Before: Jan 10 18:15:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4702eb0ee6d2cac3cb4924823bd037c0c6194975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:29:88:91:71:41:27:e3:5b:ab:fa:ba:c2:9b:
58:3f:cc:14:1d:75:b8:98:88:55:66:35:16:ae:b5:
a7:8a:7b:75:e1:2a:45:10:4b:ef:ce:d9:ad:f8:cf:
5c:43:90:89:82:c9:5b:58:12:b5:b7:c4:35:5f:b1:
6c:68:c4:6f:b8:e9:6c:a1:22:8a:b4:0e:16:a2:c4:
9b:4c:6f:8a:a3:63:b7:8b:38:99:49:2e:8d:6d:8b:
8c:eb:fe:4b:57:fb:6d:67:b5:f8:d6:4f:42:7b:27:
14:58:eb:df:2d:91:6e:ca:ef:6e:f5:e2:a7:be:57:
b2:20:00:18:8f:7c:f1:6f:64:f1:25:4e:b1:48:38:
0d:cf:cd:cf:91:11:9d:44:5a:42:85:06:99:be:f5:
25:68:5d:f1:46:c0:7c:8c:fc:3c:1d:2f:4a:cf:f2:
71:a9:e9:5e:83:3c:2b:e3:a0:fe:84:c4:53:2e:6f:
df:47:7b:73:82:13:68:0e:dc:15:c2:bb:ce:b1:04:
c4:39:1e:9f:5e:64:67:7d:92:93:22:07:82:25:f0:
3b:88:08:e3:98:6e:85:07:d8:46:ae:88:95:45:7b:
7f:09:4e:f7:06:cb:27:b5:21:e4:c7:ff:50:71:fd:
ca:9b:de:41:2d:52:4d:5d:16:de:db:f9:58:1c:d4:
3e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:02:EB:0E:E6:D2:CA:C3:CB:49:24:82:3B:D0:37:C0:C6:19:49:75
X509v3 Authority Key Identifier:
keyid:64:31:E9:60:CD:06:10:39:B3:B2:7F:D2:5D:41:60:77:1C:49:8B:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/RwLrDubSysPLSSSCO9A3wMYZSXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.176.0/22
IPv6:
2a14:3900::/29
Signature Algorithm: sha256WithRSAEncryption
ab:3c:15:e2:32:a2:3c:d4:ac:ce:5d:d9:c3:96:23:52:8a:36:
25:88:a1:1d:d1:47:0b:14:d8:db:63:30:78:48:ec:ee:cf:be:
77:92:34:ab:58:bc:57:d5:26:69:69:02:8e:e9:d1:43:8d:7f:
5b:f8:8e:55:13:f2:e8:2d:c5:3d:0e:d5:27:85:81:7c:ab:a3:
9c:32:5f:77:af:6e:a9:24:b4:86:55:96:35:db:40:42:15:4a:
64:87:78:32:54:59:af:24:32:76:d9:a6:fb:82:bf:3c:01:2b:
ab:8b:12:46:a0:1e:13:a1:e5:61:7e:b6:32:21:d4:4e:da:76:
bf:c3:ac:59:7e:43:e5:68:19:de:5b:27:a8:f6:31:03:bd:a3:
57:a1:36:38:de:cd:2f:ba:b6:9e:1c:7b:5c:b8:05:9b:ce:47:
ca:bf:7b:28:02:4f:35:b1:a6:e9:fb:e1:5b:8a:0b:9b:e0:44:
29:f4:c7:a5:d3:2a:18:36:67:0e:78:39:b1:a9:95:8f:e6:dd:
61:72:b5:ec:58:9c:ee:55:15:eb:d2:64:90:3c:a1:c7:02:cd:
2a:f8:2c:8f:15:3a:bc:b8:12:22:c6:82:d1:78:d7:f4:d2:05:
06:7c:d3:66:77:70:42:05:00:c4:94:a0:e0:ea:b4:04:51:ff:
18:3d:09:58
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYz0llAciIxV6cQjArMLcoKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MzFlOTYwY2QwNjEwMzliM2IyN2ZkMjVkNDE2MDc3MWM0
OThiYWIwHhcNMjQwMTEwMTgxNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzAyZWIwZWU2ZDJjYWMzY2I0OTI0ODIzYmQwMzdjMGM2MTk0OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCmIkXFBJ+Nbq/q6wptYP8wUHXW4
mIhVZjUWrrWnint14SpFEEvvztmt+M9cQ5CJgslbWBK1t8Q1X7FsaMRvuOlsoSKK
tA4WosSbTG+Ko2O3iziZSS6NbYuM6/5LV/ttZ7X41k9CeycUWOvfLZFuyu9u9eKn
vleyIAAYj3zxb2TxJU6xSDgNz83PkRGdRFpChQaZvvUlaF3xRsB8jPw8HS9Kz/Jx
qelegzwr46D+hMRTLm/fR3tzghNoDtwVwrvOsQTEOR6fXmRnfZKTIgeCJfA7iAjj
mG6FB9hGroiVRXt/CU73BssntSHkx/9Qcf3Km95BLVJNXRbe2/lYHNQ+CwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEcC6w7m0srDy0kkgjvQN8DGGUl1MB8GA1UdIwQY
MBaAFGQx6WDNBhA5s7J/0l1BYHccSYurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkRIcFlNMEdFRG16c25fU1hVRmdkeHhKaTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80ZmQ5MzEtOWYyMi00OWYzLWJlNTct
ZTlkYWY3OWViNzVlLzEvUndMckR1YlN5c1BMU1NTQ085QTN3TVlaU1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80ZmQ5MzEtOWYyMi00OWYzLWJlNTctZTlkYWY3OWViNzVl
LzEvWkRIcFlNMEdFRG16c25fU1hVRmdkeHhKaTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueCwMA0E
AgACMAcDBQMqFDkAMA0GCSqGSIb3DQEBCwUAA4IBAQCrPBXiMqI81KzOXdnDliNS
ijYliKEd0UcLFNjbYzB4SOzuz753kjSrWLxX1SZpaQKO6dFDjX9b+I5VE/LoLcU9
DtUnhYF8q6OcMl93r26pJLSGVZY120BCFUpkh3gyVFmvJDJ22ab7gr88ASurixJG
oB4ToeVhfrYyIdRO2na/w6xZfkPlaBneWyeo9jEDvaNXoTY43s0vuraeHHtcuAWb
zkfKv3soAk81sabp++Fbigub4EQp9Mel0yoYNmcOeDmxqZWP5t1hcrXsWJzuVRXr
0mSQPKHHAs0q+CyPFTq8uBIixoLReNf00gUGfNNmd3BCBQDElKDg6rQEUf8YPQlY
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:50:21 2025 by rpki-client