Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/7b7bd6-b538-4960-8559-dd49ecc26095/1/mwEVgfiS4JtpfvX36WSzZ-IFuS0.roa
File: mwEVgfiS4JtpfvX36WSzZ-IFuS0.roa (raw, json)
Hash identifier: gipzg9427eXnyZFkkkpvPZe/8IJcfhBMozrTUI2Fyls=
Subject key identifier: 9B:01:15:81:F8:92:E0:9B:69:7E:F5:F7:E9:64:B3:67:E2:05:B9:2D
Certificate issuer: /CN=ca1df2bbccc02e4e7f464d69faaf3d6c3723495e
Certificate serial: 018CC8DF3807FF6A8273F7E074730878C0F1
Authority key identifier: CA:1D:F2:BB:CC:C0:2E:4E:7F:46:4D:69:FA:AF:3D:6C:37:23:49:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yh3yu8zALk5_Rk1p-q89bDcjSV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/7b7bd6-b538-4960-8559-dd49ecc26095/1/mwEVgfiS4JtpfvX36WSzZ-IFuS0.roa
Signing time: Tue 02 Jan 2024 06:32:01 +0000
ROA not before: Tue 02 Jan 2024 06:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206912
IP address blocks: 185.166.64.0/22 maxlen: 22
185.170.232.0/22 maxlen: 22
185.105.172.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:38:07:ff:6a:82:73:f7:e0:74:73:08:78:c0:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1df2bbccc02e4e7f464d69faaf3d6c3723495e
Validity
Not Before: Jan 2 06:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b011581f892e09b697ef5f7e964b367e205b92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2c:eb:e4:ac:57:a4:b8:af:a7:0a:be:88:55:
90:44:6f:4e:25:e3:b7:90:9a:5a:8c:75:65:fa:b7:
47:12:aa:a4:5d:82:fa:e0:ee:ab:84:a6:00:fa:36:
48:b8:8b:ad:31:58:35:09:83:87:48:da:23:0b:0a:
47:17:89:a2:a5:60:db:4a:b2:83:91:52:3b:20:b4:
83:85:5f:73:de:67:bd:b2:ab:f4:ab:15:7c:99:af:
92:e4:cb:00:f0:30:4b:8b:25:12:0b:c5:bc:a5:e3:
29:74:10:f9:ef:ee:13:44:1c:1f:a7:59:19:a9:73:
cc:d3:df:6e:f9:3a:48:05:a2:a6:e7:5d:6c:24:de:
36:c7:b1:b7:25:d2:96:db:16:e7:91:ed:ad:36:24:
e3:72:fc:e2:fc:fd:93:c3:a9:13:f1:08:c0:51:b0:
3b:16:b3:7d:6a:57:5b:0c:e8:79:b5:6b:bd:ed:1b:
88:20:94:02:96:ba:05:e2:6a:a3:e2:65:cf:d3:da:
75:cc:9c:68:b4:dc:b5:5a:a2:77:98:42:a9:a3:71:
e6:c1:2b:f3:84:0b:94:3f:4e:f4:b3:87:f4:bb:b0:
19:39:ef:5c:cc:0b:51:94:d2:ea:b6:3b:5a:3d:7e:
db:e6:bc:8e:0a:8d:4f:fc:6e:59:ff:b8:5f:56:c6:
58:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:01:15:81:F8:92:E0:9B:69:7E:F5:F7:E9:64:B3:67:E2:05:B9:2D
X509v3 Authority Key Identifier:
keyid:CA:1D:F2:BB:CC:C0:2E:4E:7F:46:4D:69:FA:AF:3D:6C:37:23:49:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3yu8zALk5_Rk1p-q89bDcjSV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7b7bd6-b538-4960-8559-dd49ecc26095/1/mwEVgfiS4JtpfvX36WSzZ-IFuS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7b7bd6-b538-4960-8559-dd49ecc26095/1/yh3yu8zALk5_Rk1p-q89bDcjSV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.172.0/22
185.166.64.0/22
185.170.232.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:e6:1e:bb:51:03:10:83:aa:02:ba:ec:8d:c5:86:7f:0f:71:
c0:6d:ba:41:72:ec:68:c4:86:9a:81:dc:cb:4b:3a:8e:9a:28:
69:73:12:ea:ad:61:bd:07:3f:ed:83:93:34:75:0c:78:a3:c0:
b1:1d:c0:cd:78:a3:f3:2d:cb:66:6a:fd:ff:66:ba:16:43:88:
0f:e4:db:a2:34:7c:07:43:32:bd:89:8c:10:47:e5:04:ce:07:
b8:22:d5:33:18:f0:3d:e3:b9:ab:8a:f4:a7:38:48:eb:6d:04:
76:07:1f:a1:29:30:ba:79:ac:55:db:27:d5:ed:12:80:3d:8b:
55:5d:08:a0:85:1d:ec:d1:9e:93:24:55:37:63:03:62:0c:28:
91:af:63:9b:71:d3:97:40:8d:4c:46:ec:89:28:3a:52:e1:50:
80:b5:8a:39:a6:7a:59:69:40:67:fb:81:b4:4f:08:3b:f3:aa:
67:e2:89:32:49:21:4d:c3:ef:30:ff:b6:f1:1e:87:c6:99:40:
77:db:16:20:37:a1:99:c6:7d:eb:98:e2:f0:b2:f9:4e:70:69:
81:03:9a:c1:48:52:36:dd:15:9e:63:20:49:a1:4e:68:ec:c0:
15:db:95:c0:34:75:b0:e5:d6:9c:ba:dc:f7:f5:df:3b:4a:27:
e1:b5:79:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3zgH/2qCc/fgdHMIeMDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWRmMmJiY2NjMDJlNGU3ZjQ2NGQ2OWZhYWYzZDZjMzcy
MzQ5NWUwHhcNMjQwMTAyMDYzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjAxMTU4MWY4OTJlMDliNjk3ZWY1ZjdlOTY0YjM2N2UyMDViOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCzr5KxXpLivpwq+iFWQRG9OJeO3
kJpajHVl+rdHEqqkXYL64O6rhKYA+jZIuIutMVg1CYOHSNojCwpHF4mipWDbSrKD
kVI7ILSDhV9z3me9sqv0qxV8ma+S5MsA8DBLiyUSC8W8peMpdBD57+4TRBwfp1kZ
qXPM099u+TpIBaKm511sJN42x7G3JdKW2xbnke2tNiTjcvzi/P2Tw6kT8QjAUbA7
FrN9aldbDOh5tWu97RuIIJQClroF4mqj4mXP09p1zJxotNy1WqJ3mEKpo3HmwSvz
hAuUP070s4f0u7AZOe9czAtRlNLqtjtaPX7b5ryOCo1P/G5Z/7hfVsZYOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJsBFYH4kuCbaX719+lks2fiBbktMB8GA1UdIwQY
MBaAFMod8rvMwC5Of0ZNafqvPWw3I0leMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWgzeXU4ekFMazVfUmsxcC1xODliRGNqU1Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni83YjdiZDYtYjUzOC00OTYwLTg1NTkt
ZGQ0OWVjYzI2MDk1LzEvbXdFVmdmaVM0SnRwZnZYMzZXU3paLUlGdVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni83YjdiZDYtYjUzOC00OTYwLTg1NTktZGQ0OWVjYzI2MDk1
LzEveWgzeXU4ekFMazVfUmsxcC1xODliRGNqU1Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuWmsAwQC
uaZAAwQCuaroMA0GCSqGSIb3DQEBCwUAA4IBAQCw5h67UQMQg6oCuuyNxYZ/D3HA
bbpBcuxoxIaagdzLSzqOmihpcxLqrWG9Bz/tg5M0dQx4o8CxHcDNeKPzLctmav3/
ZroWQ4gP5NuiNHwHQzK9iYwQR+UEzge4ItUzGPA947mrivSnOEjrbQR2Bx+hKTC6
eaxV2yfV7RKAPYtVXQighR3s0Z6TJFU3YwNiDCiRr2ObcdOXQI1MRuyJKDpS4VCA
tYo5pnpZaUBn+4G0Twg786pn4okySSFNw+8w/7bxHofGmUB32xYgN6GZxn3rmOLw
svlOcGmBA5rBSFI23RWeYyBJoU5o7MAV25XANHWw5dacutz39d87SifhtXkb
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:17:52 2025 by rpki-client