Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/rpr9nvB9yk3FSa7FYoJBfqjfz-w.roa
File: rpr9nvB9yk3FSa7FYoJBfqjfz-w.roa (raw, json)
Hash identifier: 9LflJTCR41YlH+Owh+fS/yYNT/cs2RETn25meekomGY=
Subject key identifier: AE:9A:FD:9E:F0:7D:CA:4D:C5:49:AE:C5:62:82:41:7E:A8:DF:CF:EC
Certificate issuer: /CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Certificate serial: 018D5F81D0F189544EB5397E5EBB96C8299B
Authority key identifier: 5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/rpr9nvB9yk3FSa7FYoJBfqjfz-w.roa
Signing time: Wed 31 Jan 2024 12:32:39 +0000
ROA not before: Wed 31 Jan 2024 12:32:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 185.214.136.0/24 maxlen: 24
185.214.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 11:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:81:d0:f1:89:54:4e:b5:39:7e:5e:bb:96:c8:29:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Validity
Not Before: Jan 31 12:32:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae9afd9ef07dca4dc549aec56282417ea8dfcfec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8a:07:1b:4e:a4:76:7b:58:fd:0a:10:37:fe:
5e:13:7e:ee:a0:d4:04:57:b1:09:f0:52:16:75:53:
8f:f1:27:cf:c3:6b:fb:9d:55:cb:ba:58:16:cf:cc:
ab:04:ee:a3:7e:fa:6f:fb:b0:3f:d4:f4:54:82:f2:
7c:cf:d5:f0:06:f4:28:32:ad:ad:d0:56:cf:e9:94:
ad:07:cc:7f:40:7b:b3:64:66:b9:77:50:73:1a:69:
6b:55:54:9c:1c:27:0d:52:60:60:7c:53:3d:99:ec:
52:24:bf:44:79:da:9a:51:36:78:5c:8c:36:58:80:
2b:58:c3:07:b8:ed:4a:96:a9:f0:72:f3:6f:ac:3a:
9c:30:5f:1e:34:3a:6d:d5:e9:9d:e6:d0:7a:66:9c:
10:37:e6:31:84:fa:b9:aa:f3:e9:c5:c4:91:07:23:
56:c7:cf:75:98:6f:ed:04:e4:dd:d1:49:c1:a3:8f:
fe:7e:3b:3a:f9:e2:df:10:d4:2e:75:b5:35:89:b4:
2b:2c:18:c2:49:af:8e:38:a1:e0:81:08:32:e1:c6:
ab:dd:da:0c:4f:86:55:01:b8:5c:1c:c3:86:bb:59:
88:88:3d:b0:ef:20:c2:59:9a:8b:b4:2d:85:e3:76:
27:4b:07:71:4d:48:7d:7a:92:d1:42:b6:42:59:8a:
43:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:9A:FD:9E:F0:7D:CA:4D:C5:49:AE:C5:62:82:41:7E:A8:DF:CF:EC
X509v3 Authority Key Identifier:
keyid:5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/rpr9nvB9yk3FSa7FYoJBfqjfz-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.136.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:50:62:b4:28:be:df:c4:0a:d3:22:b0:d3:62:a8:54:8f:68:
20:0a:3e:2d:4b:20:fb:ee:01:50:bf:e6:bf:88:bf:12:c6:29:
9d:04:95:1e:19:0c:43:5c:9b:68:a2:d2:ac:87:2d:57:e8:df:
94:4c:62:86:6e:65:ab:82:8c:4e:f4:0d:65:c7:97:19:65:00:
5a:15:48:6d:cb:83:50:d4:8d:65:ee:eb:4b:e1:9a:9d:7d:72:
ed:2e:36:35:25:c9:41:4c:82:aa:d7:66:fe:43:0c:be:4a:2e:
9d:7e:1a:47:47:4c:9f:e9:af:e7:c1:b6:db:2b:d4:9f:5a:4c:
fb:44:cf:a5:15:f4:93:c6:44:34:cc:4e:ec:2f:c5:a6:b0:63:
99:9b:54:d7:e3:20:b8:b9:42:0f:ff:21:94:69:7c:61:58:5b:
36:cc:c1:c0:a1:99:21:26:8a:5f:45:24:1e:76:ba:12:f7:5a:
45:36:0f:5b:7d:3d:86:f6:fa:9b:bd:a2:dc:2b:52:d5:ef:b3:
2f:00:09:bf:41:b1:f2:73:fa:28:80:1e:64:e8:a7:3c:da:af:
97:0f:7c:b3:71:3b:3a:4d:34:d5:ac:5d:d5:26:72:98:81:d7:
8d:8e:cc:41:1f:95:9a:73:4a:7d:60:74:17:68:48:e9:90:fe:
d8:02:85:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1fgdDxiVROtTl+XruWyCmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTM5YjBjZWQzOGQ3NWNjNjNlZDUwZDZlNWNlNzJiYmI1
YjRiMTAwHhcNMjQwMTMxMTIzMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTlhZmQ5ZWYwN2RjYTRkYzU0OWFlYzU2MjgyNDE3ZWE4ZGZjZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYoHG06kdntY/QoQN/5eE37uoNQE
V7EJ8FIWdVOP8SfPw2v7nVXLulgWz8yrBO6jfvpv+7A/1PRUgvJ8z9XwBvQoMq2t
0FbP6ZStB8x/QHuzZGa5d1BzGmlrVVScHCcNUmBgfFM9mexSJL9EedqaUTZ4XIw2
WIArWMMHuO1KlqnwcvNvrDqcMF8eNDpt1emd5tB6ZpwQN+YxhPq5qvPpxcSRByNW
x891mG/tBOTd0UnBo4/+fjs6+eLfENQudbU1ibQrLBjCSa+OOKHggQgy4car3doM
T4ZVAbhcHMOGu1mIiD2w7yDCWZqLtC2F43YnSwdxTUh9epLRQrZCWYpDBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6a/Z7wfcpNxUmuxWKCQX6o38/sMB8GA1UdIwQY
MBaAFFqTmwztONdcxj7VDW5c5yu7W0sQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgt
ZDYwYjNiNmNjYTZlLzEvcnByOW52Qjl5azNGU2E3RllvSkJmcWpmei13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgtZDYwYjNiNmNjYTZl
LzEvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudaIMA0G
CSqGSIb3DQEBCwUAA4IBAQCjUGK0KL7fxArTIrDTYqhUj2ggCj4tSyD77gFQv+a/
iL8SximdBJUeGQxDXJtootKshy1X6N+UTGKGbmWrgoxO9A1lx5cZZQBaFUhty4NQ
1I1l7utL4ZqdfXLtLjY1JclBTIKq12b+Qwy+Si6dfhpHR0yf6a/nwbbbK9SfWkz7
RM+lFfSTxkQ0zE7sL8WmsGOZm1TX4yC4uUIP/yGUaXxhWFs2zMHAoZkhJopfRSQe
droS91pFNg9bfT2G9vqbvaLcK1LV77MvAAm/QbHyc/oogB5k6Kc82q+XD3yzcTs6
TTTVrF3VJnKYgdeNjsxBH5Wac0p9YHQXaEjpkP7YAoWY
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:04:18 2025 by rpki-client