Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/iiEwz3S7JzKIGSMmsYCytTIkLT4.roa
File: iiEwz3S7JzKIGSMmsYCytTIkLT4.roa (raw, json)
Hash identifier: T9JqmAd6FjXryweIk/i1JZZvuwr0hFRaWI7+VrsXnf8=
Subject key identifier: 8A:21:30:CF:74:BB:27:32:88:19:23:26:B1:80:B2:B5:32:24:2D:3E
Certificate issuer: /CN=c9633fa6fc66b43639c056d02174f80c2426614b
Certificate serial: 018CC64B25A4C110BEBC89776C65C8385607
Authority key identifier: C9:63:3F:A6:FC:66:B4:36:39:C0:56:D0:21:74:F8:0C:24:26:61:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yWM_pvxmtDY5wFbQIXT4DCQmYUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/iiEwz3S7JzKIGSMmsYCytTIkLT4.roa
Signing time: Mon 01 Jan 2024 18:31:02 +0000
ROA not before: Mon 01 Jan 2024 18:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.166.142.0/24 maxlen: 24
185.166.143.0/24 maxlen: 24
185.166.140.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:25:a4:c1:10:be:bc:89:77:6c:65:c8:38:56:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9633fa6fc66b43639c056d02174f80c2426614b
Validity
Not Before: Jan 1 18:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a2130cf74bb273288192326b180b2b532242d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8c:b6:3a:db:7c:cd:01:33:47:7b:4b:0d:dd:
e6:37:0d:4b:97:5f:36:b6:64:6f:05:3c:52:0a:98:
3d:48:fd:23:b0:15:f1:68:81:9b:22:bd:9b:e8:57:
74:e9:6d:23:92:67:29:18:55:d7:ac:8a:8c:dc:77:
32:53:24:64:5c:37:73:31:79:59:52:87:2b:41:b5:
ab:9d:df:6b:de:bb:59:c9:bd:26:15:14:b9:2c:aa:
df:73:80:77:ac:fb:bb:12:b4:d4:b5:81:3d:14:94:
df:18:b9:20:c3:b9:3c:4a:b0:c9:be:99:21:da:a3:
ec:17:93:ff:0c:2a:b6:db:7d:a0:cb:3b:2f:a2:0b:
94:6a:3b:13:b8:f0:c7:26:28:b5:a3:60:14:a5:43:
02:57:ec:eb:6d:17:c8:0a:f7:a7:ce:7f:45:b9:1f:
b0:0a:aa:96:5f:17:ee:be:e4:27:f5:20:fb:32:b7:
6d:72:30:d5:bb:b5:d6:50:7f:6d:63:d2:5f:d4:4d:
88:d4:0e:31:06:dd:81:16:3e:61:b9:94:47:96:40:
2c:a0:21:63:d6:da:c5:86:40:9f:4c:e2:f1:19:17:
0b:5d:25:af:41:1d:1e:41:7e:98:05:0f:34:bd:83:
51:19:d1:05:69:95:0d:26:b8:d7:6a:3e:1f:4c:3f:
1c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:21:30:CF:74:BB:27:32:88:19:23:26:B1:80:B2:B5:32:24:2D:3E
X509v3 Authority Key Identifier:
keyid:C9:63:3F:A6:FC:66:B4:36:39:C0:56:D0:21:74:F8:0C:24:26:61:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yWM_pvxmtDY5wFbQIXT4DCQmYUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/iiEwz3S7JzKIGSMmsYCytTIkLT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/yWM_pvxmtDY5wFbQIXT4DCQmYUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.140.0/22
Signature Algorithm: sha256WithRSAEncryption
11:a1:b8:2f:93:e4:99:18:7d:8e:10:28:ca:4b:71:3d:db:b1:
77:53:f2:24:40:61:23:99:c4:0c:98:a4:49:5e:4d:29:7a:e0:
bf:89:6e:89:1a:c9:56:f1:42:98:fd:da:97:30:50:e1:16:9d:
da:4b:33:93:a1:8a:79:e4:77:33:30:e4:2f:f1:b5:e4:08:93:
8a:30:c8:94:c2:19:f2:3a:42:68:f9:48:22:5a:4b:bf:6a:0f:
6d:d6:99:57:e5:aa:41:96:0a:f8:74:c4:dd:0f:2c:02:fe:50:
8a:0a:8a:d7:54:bc:2c:01:4d:33:a4:d2:e5:8b:c1:e8:3f:33:
71:c1:3f:23:7d:51:58:d9:5c:83:e9:5d:73:03:92:09:f5:41:
fb:31:39:7a:bb:46:27:1c:bf:2a:37:00:fd:da:06:f4:e2:62:
97:20:ea:43:3d:97:23:ee:d6:9b:4e:a7:7f:f1:c8:b3:6d:5d:
9f:1e:79:0a:2c:34:8e:98:54:d8:fd:ee:75:47:53:33:d4:b1:
82:c1:c2:96:ea:b7:51:e7:51:4a:4e:93:4e:04:35:42:28:f1:
06:12:c5:ea:a2:5a:dc:3d:2c:cf:a5:7e:db:b5:60:e7:7d:ee:
6d:8e:8a:e2:ef:ad:31:4c:f2:5c:60:4c:f4:68:fd:73:f9:22:
27:6c:f2:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSyWkwRC+vIl3bGXIOFYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NjMzZmE2ZmM2NmI0MzYzOWMwNTZkMDIxNzRmODBjMjQy
NjYxNGIwHhcNMjQwMTAxMTgzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTIxMzBjZjc0YmIyNzMyODgxOTIzMjZiMTgwYjJiNTMyMjQyZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooy2Ott8zQEzR3tLDd3mNw1Ll182
tmRvBTxSCpg9SP0jsBXxaIGbIr2b6Fd06W0jkmcpGFXXrIqM3HcyUyRkXDdzMXlZ
UocrQbWrnd9r3rtZyb0mFRS5LKrfc4B3rPu7ErTUtYE9FJTfGLkgw7k8SrDJvpkh
2qPsF5P/DCq2232gyzsvoguUajsTuPDHJii1o2AUpUMCV+zrbRfICvenzn9FuR+w
CqqWXxfuvuQn9SD7MrdtcjDVu7XWUH9tY9Jf1E2I1A4xBt2BFj5huZRHlkAsoCFj
1trFhkCfTOLxGRcLXSWvQR0eQX6YBQ80vYNRGdEFaZUNJrjXaj4fTD8cOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIohMM90uycyiBkjJrGAsrUyJC0+MB8GA1UdIwQY
MBaAFMljP6b8ZrQ2OcBW0CF0+AwkJmFLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVdNX3B2eG10RFk1d0ZiUUlYVDREQ1FtWVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi85Y2IzMjktMGZlOS00ZmZlLWJlNWYt
MDM4YTU0ZTM5MTJmLzEvaWlFd3ozUzdKektJR1NNbXNZQ3l0VElrTFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi85Y2IzMjktMGZlOS00ZmZlLWJlNWYtMDM4YTU0ZTM5MTJm
LzEveVdNX3B2eG10RFk1d0ZiUUlYVDREQ1FtWVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaaMMA0G
CSqGSIb3DQEBCwUAA4IBAQARobgvk+SZGH2OECjKS3E927F3U/IkQGEjmcQMmKRJ
Xk0peuC/iW6JGslW8UKY/dqXMFDhFp3aSzOToYp55HczMOQv8bXkCJOKMMiUwhny
OkJo+UgiWku/ag9t1plX5apBlgr4dMTdDywC/lCKCorXVLwsAU0zpNLli8HoPzNx
wT8jfVFY2VyD6V1zA5IJ9UH7MTl6u0YnHL8qNwD92gb04mKXIOpDPZcj7tabTqd/
8cizbV2fHnkKLDSOmFTY/e51R1Mz1LGCwcKW6rdR51FKTpNOBDVCKPEGEsXqolrc
PSzPpX7btWDnfe5tjori760xTPJcYEz0aP1z+SInbPJA
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:12:57 2025 by rpki-client