Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/n7w5GFuhcC7EyBM-7efF-cYnZoI.roa
File: n7w5GFuhcC7EyBM-7efF-cYnZoI.roa (raw, json)
Hash identifier: kbss+X75KN3RVKeUQ2IpgUdhr/BsekLRlM7jNVMYCn0=
Subject key identifier: 9F:BC:39:18:5B:A1:70:2E:C4:C8:13:3E:ED:E7:C5:F9:C6:27:66:82
Certificate issuer: /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Certificate serial: 0193F298917A2CC63E46689AAA10B83597EC
Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/n7w5GFuhcC7EyBM-7efF-cYnZoI.roa
Signing time: Mon 23 Dec 2024 08:18:25 +0000
ROA not before: Mon 23 Dec 2024 08:18:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43668
IP address blocks: 185.218.200.0/24 maxlen: 24
185.255.236.0/24 maxlen: 24
185.255.237.0/24 maxlen: 24
185.255.238.0/24 maxlen: 24
185.255.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f2:98:91:7a:2c:c6:3e:46:68:9a:aa:10:b8:35:97:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Validity
Not Before: Dec 23 08:18:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fbc39185ba1702ec4c8133eede7c5f9c6276682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:21:52:8e:cf:de:80:85:f1:53:7e:72:a1:95:
13:60:d5:2f:90:39:f2:39:38:5c:b2:6a:ef:5b:a2:
fa:af:66:53:62:08:02:87:5c:04:4f:f7:fa:33:00:
63:84:10:12:07:1b:a0:d2:53:b4:26:4e:2e:72:52:
51:a6:bf:d8:e1:4c:24:5c:02:29:ac:9d:a0:20:18:
b8:9e:5a:5c:d9:6d:a5:21:75:d8:32:d3:c1:c5:9f:
13:96:81:b1:06:62:b3:80:20:ca:2a:f6:28:03:b3:
8d:e6:07:a3:68:9e:29:64:cd:4b:5b:34:0d:ba:a9:
6d:4a:87:06:d6:20:2e:a8:98:13:ec:a0:16:1b:4f:
8a:0c:8f:62:31:c0:91:07:a3:69:28:5b:35:ec:41:
5d:7d:6e:ac:06:35:a1:85:5d:8a:36:9f:3b:17:76:
88:25:16:ea:9c:92:65:b1:57:6b:e9:99:2d:b8:a9:
23:16:63:3d:b5:74:56:8b:61:85:bf:0e:6f:06:57:
c8:16:57:c7:28:3c:b1:1c:f7:2d:4c:a1:74:6b:0e:
6e:04:24:1b:a2:64:ef:cf:b6:7e:91:b7:5b:d6:67:
e3:7e:82:6b:83:8d:1d:95:57:00:f7:71:0d:cb:a6:
a2:0d:3f:80:64:29:9c:c7:a3:99:30:c6:a1:9e:36:
39:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:BC:39:18:5B:A1:70:2E:C4:C8:13:3E:ED:E7:C5:F9:C6:27:66:82
X509v3 Authority Key Identifier:
keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/n7w5GFuhcC7EyBM-7efF-cYnZoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.200.0/24
185.255.236.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:50:b7:d5:9f:9b:a3:3e:b2:5d:c4:37:ac:3e:b1:a2:49:88:
b7:f2:6e:76:67:ca:56:a7:43:b4:c0:37:c2:15:cf:e5:5d:04:
f2:e0:db:01:2e:24:fe:56:1b:b4:55:24:32:0d:80:aa:8f:34:
a2:e2:a3:28:66:da:8c:47:80:ae:69:bd:81:15:61:b0:3e:03:
15:ae:72:71:4e:34:0d:55:23:40:0b:18:6f:b8:7a:72:d1:6a:
75:0f:81:22:7d:1e:5d:5a:99:00:ae:8f:90:66:af:50:24:4e:
de:bc:ea:9e:41:f8:69:ba:82:04:f5:ba:de:66:88:dc:7c:18:
c1:8b:d3:ef:a5:16:04:a7:5b:85:e6:c4:4c:ad:9d:f0:f7:93:
3d:be:65:4c:45:5f:aa:52:62:03:fa:ae:92:61:a4:a2:eb:8f:
e7:2d:8b:2e:34:5d:95:62:d1:1e:9f:a3:91:f9:b3:28:96:33:
10:5b:66:db:e2:a2:88:bf:bd:01:7b:73:58:f4:e3:11:b9:c4:
be:a0:19:26:06:f8:1f:31:2d:4c:1c:46:04:2c:a8:16:e3:ad:
01:7b:cb:56:b9:60:f3:57:ad:06:48:4f:46:96:ba:94:ff:02:
0a:a7:9c:c5:fd:78:25:72:15:69:c7:a6:98:85:da:59:35:f4:
92:34:93:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPymJF6LMY+RmiaqhC4NZfsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4
ODE3ZmMwHhcNMjQxMjIzMDgxODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmJjMzkxODViYTE3MDJlYzRjODEzM2VlZGU3YzVmOWM2Mjc2NjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiFSjs/egIXxU35yoZUTYNUvkDny
OThcsmrvW6L6r2ZTYggCh1wET/f6MwBjhBASBxug0lO0Jk4uclJRpr/Y4UwkXAIp
rJ2gIBi4nlpc2W2lIXXYMtPBxZ8TloGxBmKzgCDKKvYoA7ON5gejaJ4pZM1LWzQN
uqltSocG1iAuqJgT7KAWG0+KDI9iMcCRB6NpKFs17EFdfW6sBjWhhV2KNp87F3aI
JRbqnJJlsVdr6ZktuKkjFmM9tXRWi2GFvw5vBlfIFlfHKDyxHPctTKF0aw5uBCQb
omTvz7Z+kbdb1mfjfoJrg40dlVcA93ENy6aiDT+AZCmcx6OZMMahnjY5vQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ+8ORhboXAuxMgTPu3nxfnGJ2aCMB8GA1UdIwQY
MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt
NDZiOTQ5MDkyY2JlLzEvbjd3NUdGdWhjQzdFeUJNLTdlZkYtY1luWm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl
LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudrIAwQC
uf/sMA0GCSqGSIb3DQEBCwUAA4IBAQCNULfVn5ujPrJdxDesPrGiSYi38m52Z8pW
p0O0wDfCFc/lXQTy4NsBLiT+Vhu0VSQyDYCqjzSi4qMoZtqMR4Cuab2BFWGwPgMV
rnJxTjQNVSNACxhvuHpy0Wp1D4EifR5dWpkAro+QZq9QJE7evOqeQfhpuoIE9bre
ZojcfBjBi9PvpRYEp1uF5sRMrZ3w95M9vmVMRV+qUmID+q6SYaSi64/nLYsuNF2V
YtEen6OR+bMoljMQW2bb4qKIv70Be3NY9OMRucS+oBkmBvgfMS1MHEYELKgW460B
e8tWuWDzV60GSE9GlrqU/wIKp5zF/XglchVpx6aYhdpZNfSSNJMB
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:32:51 2025 by rpki-client