Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/519634-923d-4f98-838a-7e38dbd5664f/1/a3aR5UWOhHzqYmtOxBFn87Ef2Gc.roa
File: a3aR5UWOhHzqYmtOxBFn87Ef2Gc.roa (raw, json)
Hash identifier: pBKpj83rl9guQ4+noNp12OLImzch0ohwGoXAu5SFgC8=
Subject key identifier: 6B:76:91:E5:45:8E:84:7C:EA:62:6B:4E:C4:11:67:F3:B1:1F:D8:67
Certificate issuer: /CN=167d54d8cb6a8309c512605657c2563e3a1aaa69
Certificate serial: 018CC72768DC860F4561725731217B704E46
Authority key identifier: 16:7D:54:D8:CB:6A:83:09:C5:12:60:56:57:C2:56:3E:3A:1A:AA:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fn1U2MtqgwnFEmBWV8JWPjoaqmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/519634-923d-4f98-838a-7e38dbd5664f/1/a3aR5UWOhHzqYmtOxBFn87Ef2Gc.roa
Signing time: Mon 01 Jan 2024 22:31:37 +0000
ROA not before: Mon 01 Jan 2024 22:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203503
IP address blocks: 185.132.91.0/24 maxlen: 24
185.132.89.0/24 maxlen: 24
185.132.88.0/24 maxlen: 24
2a06:e140::/30 maxlen: 30
2a06:e144::/30 maxlen: 30
2a06:e140::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:68:dc:86:0f:45:61:72:57:31:21:7b:70:4e:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=167d54d8cb6a8309c512605657c2563e3a1aaa69
Validity
Not Before: Jan 1 22:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b7691e5458e847cea626b4ec41167f3b11fd867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:34:01:0a:72:94:5d:2c:67:9d:ba:59:1c:4f:
2d:da:bc:07:38:0e:3e:7d:2b:f2:80:06:53:25:24:
72:08:b9:28:47:b9:fb:ba:c1:1d:53:fe:56:ea:29:
63:7e:b1:1a:0e:55:2d:3e:f2:5f:d8:e4:2c:bb:60:
a6:da:79:b3:6f:54:f8:2f:81:c8:e0:60:b4:0f:c9:
25:1a:ca:cb:ee:ea:df:a4:6c:cb:84:94:ce:10:94:
c6:08:c7:b4:2f:0f:71:d0:32:4e:12:ae:b6:d7:9a:
5d:4d:1a:d0:7d:50:63:08:41:82:30:2f:f7:32:97:
17:f3:d9:e0:bf:38:ed:23:53:64:47:6e:ad:ec:d0:
fd:30:73:c1:6c:ed:fc:5f:df:cd:15:16:cd:65:e5:
f5:ba:4c:da:22:52:99:3d:25:be:2a:64:83:ce:9e:
e2:79:5a:c0:5c:c9:2c:1d:92:a7:11:1e:e1:83:91:
79:5e:6b:6b:01:f7:0c:de:8f:5b:5c:d0:70:7e:31:
5c:08:fe:05:90:25:2f:66:d8:8b:36:50:6a:81:45:
a8:e8:b8:16:99:b4:04:e6:bb:de:11:05:e7:40:7e:
e0:22:38:90:72:91:41:1c:79:41:ec:f3:07:26:c2:
73:7a:2d:91:2c:b6:46:20:93:41:3f:29:98:26:6c:
d9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:76:91:E5:45:8E:84:7C:EA:62:6B:4E:C4:11:67:F3:B1:1F:D8:67
X509v3 Authority Key Identifier:
keyid:16:7D:54:D8:CB:6A:83:09:C5:12:60:56:57:C2:56:3E:3A:1A:AA:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fn1U2MtqgwnFEmBWV8JWPjoaqmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/519634-923d-4f98-838a-7e38dbd5664f/1/a3aR5UWOhHzqYmtOxBFn87Ef2Gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/519634-923d-4f98-838a-7e38dbd5664f/1/Fn1U2MtqgwnFEmBWV8JWPjoaqmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.88.0/23
185.132.91.0/24
IPv6:
2a06:e140::/29
Signature Algorithm: sha256WithRSAEncryption
9d:56:22:07:7a:d7:14:32:37:a6:76:96:0b:71:e7:e9:c7:78:
79:74:f5:3f:08:e8:d0:ec:03:7a:a2:c0:6e:0f:26:4b:08:9a:
3f:e4:af:ef:f4:2b:d0:91:51:df:cc:f7:e9:a5:45:c8:b8:8f:
51:a4:b2:7f:46:cb:b3:93:71:ed:b3:df:f5:c3:b7:54:b6:0f:
5c:65:a8:e9:3f:f1:9c:10:d9:55:48:4f:9d:ef:22:ca:0d:0d:
92:92:b6:91:b9:8b:ca:f9:1f:72:26:a3:4b:b0:b2:a8:96:3c:
ac:a7:73:c2:8f:dc:4f:1f:c0:d7:fc:e9:50:41:c4:e4:15:5c:
ed:db:a7:b0:41:75:9c:48:f4:94:ad:ed:52:70:a5:5e:3e:f3:
a7:2e:26:ee:9b:36:2e:33:b9:22:83:28:62:81:08:7d:fb:49:
5a:06:7f:db:b8:91:78:d5:23:22:93:1b:bb:b0:0a:30:9d:eb:
fa:11:22:76:89:a4:0c:20:c2:33:4a:2f:d9:77:26:d4:ec:a2:
02:96:e8:c9:c0:b2:58:6a:b3:e4:54:d8:e9:e1:2a:27:84:74:
55:b9:69:1f:f6:53:9f:c4:30:d4:5b:0a:25:17:29:7c:b8:eb:
f5:36:34:89:9f:00:53:33:a2:ba:df:76:21:b8:82:66:6b:f5:
4e:4d:e1:05
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJ2jchg9FYXJXMSF7cE5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2N2Q1NGQ4Y2I2YTgzMDljNTEyNjA1NjU3YzI1NjNlM2Ex
YWFhNjkwHhcNMjQwMTAxMjIzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjc2OTFlNTQ1OGU4NDdjZWE2MjZiNGVjNDExNjdmM2IxMWZkODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzQBCnKUXSxnnbpZHE8t2rwHOA4+
fSvygAZTJSRyCLkoR7n7usEdU/5W6iljfrEaDlUtPvJf2OQsu2Cm2nmzb1T4L4HI
4GC0D8klGsrL7urfpGzLhJTOEJTGCMe0Lw9x0DJOEq6215pdTRrQfVBjCEGCMC/3
MpcX89ngvzjtI1NkR26t7ND9MHPBbO38X9/NFRbNZeX1ukzaIlKZPSW+KmSDzp7i
eVrAXMksHZKnER7hg5F5XmtrAfcM3o9bXNBwfjFcCP4FkCUvZtiLNlBqgUWo6LgW
mbQE5rveEQXnQH7gIjiQcpFBHHlB7PMHJsJzei2RLLZGIJNBPymYJmzZbQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGt2keVFjoR86mJrTsQRZ/OxH9hnMB8GA1UdIwQY
MBaAFBZ9VNjLaoMJxRJgVlfCVj46GqppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm4xVTJNdHFnd25GRW1CV1Y4SldQam9hcW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTk2MzQtOTIzZC00Zjk4LTgzOGEt
N2UzOGRiZDU2NjRmLzEvYTNhUjVVV09oSHpxWW10T3hCRm44N0VmMkdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTk2MzQtOTIzZC00Zjk4LTgzOGEtN2UzOGRiZDU2NjRm
LzEvRm4xVTJNdHFnd25GRW1CV1Y4SldQam9hcW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuYRYAwQA
uYRbMA0EAgACMAcDBQMqBuFAMA0GCSqGSIb3DQEBCwUAA4IBAQCdViIHetcUMjem
dpYLcefpx3h5dPU/COjQ7AN6osBuDyZLCJo/5K/v9CvQkVHfzPfppUXIuI9RpLJ/
Rsuzk3Hts9/1w7dUtg9cZajpP/GcENlVSE+d7yLKDQ2SkraRuYvK+R9yJqNLsLKo
ljysp3PCj9xPH8DX/OlQQcTkFVzt26ewQXWcSPSUre1ScKVePvOnLibumzYuM7ki
gyhigQh9+0laBn/buJF41SMikxu7sAownev6ESJ2iaQMIMIzSi/ZdybU7KIClujJ
wLJYarPkVNjp4SonhHRVuWkf9lOfxDDUWwolFyl8uOv1NjSJnwBTM6K633YhuIJm
a/VOTeEF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:17 2025 by rpki-client