Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/CUqB0MGS4ZNBzza2hMgl6oLxAoY.roa
File: CUqB0MGS4ZNBzza2hMgl6oLxAoY.roa (raw, json)
Hash identifier: mkMj4cmYh2pDLNFPJCHpzB0XOqj/Z1+5OrJujQoH7Fc=
Subject key identifier: 09:4A:81:D0:C1:92:E1:93:41:CF:36:B6:84:C8:25:EA:82:F1:02:86
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 0191585DAD036E92F37E26BA9299F87DE494
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/CUqB0MGS4ZNBzza2hMgl6oLxAoY.roa
Signing time: Thu 15 Aug 2024 23:26:59 +0000
ROA not before: Thu 15 Aug 2024 23:26:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.71.228.0/24 maxlen: 24
185.71.229.0/24 maxlen: 24
185.125.84.0/24 maxlen: 24
193.0.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:58:5d:ad:03:6e:92:f3:7e:26:ba:92:99:f8:7d:e4:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Aug 15 23:26:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=094a81d0c192e19341cf36b684c825ea82f10286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:70:d6:65:31:b4:eb:e4:96:0a:f3:76:28:17:
27:13:66:07:b4:54:0c:3d:79:ba:6d:0b:eb:b4:13:
c7:3c:70:71:60:b2:33:09:9e:39:d2:f7:94:57:26:
e8:c0:60:af:66:cc:8c:08:e4:49:f5:02:93:b5:2b:
ad:2a:b6:fc:91:50:ab:f4:5d:ab:37:fb:37:77:64:
2d:07:80:6f:68:dd:10:8e:7a:b9:ea:e6:fe:a4:33:
f6:bb:ea:bb:de:ae:5c:ff:07:71:46:2b:d4:b2:77:
91:f1:c7:dc:c1:03:9c:7e:eb:ba:60:ad:83:5a:a7:
0d:c1:c1:1e:4d:aa:f3:b4:5a:79:8d:83:ce:73:69:
eb:66:5b:ef:2d:1c:4d:af:2e:1e:2d:4d:c6:7b:55:
3b:68:44:6a:39:09:9b:24:e8:45:32:f2:1a:c1:b7:
f1:04:c6:1f:8a:e8:54:67:db:6f:4d:ea:ef:64:92:
f4:b2:98:fa:5e:88:1a:77:84:d4:28:53:0d:2e:5a:
57:0f:67:22:47:3c:2f:0e:18:34:c0:c2:8c:a9:91:
df:e5:3c:d5:51:e6:78:c8:4f:94:7d:fa:fb:ed:af:
88:74:09:48:bb:1c:fa:5f:15:23:11:d6:72:f3:22:
53:06:40:48:05:dc:77:ac:02:48:11:68:8d:67:5b:
f0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:4A:81:D0:C1:92:E1:93:41:CF:36:B6:84:C8:25:EA:82:F1:02:86
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/CUqB0MGS4ZNBzza2hMgl6oLxAoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0/23
185.125.84.0/24
193.0.181.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:c8:88:30:a1:16:31:7d:cd:da:be:a8:6c:f6:ee:51:03:f2:
72:02:c2:e6:87:0d:09:0b:14:34:80:92:7c:f6:3c:2a:d5:30:
db:7d:19:f8:66:dc:e4:3d:04:d1:79:b5:d9:ce:15:66:11:4c:
7a:90:d0:3c:a5:21:4a:08:74:ac:84:38:94:ef:d8:b4:8a:9a:
6f:de:19:d8:24:7b:5d:40:be:83:25:57:b0:85:02:d7:53:87:
66:e1:48:9b:ee:a2:85:72:ad:23:94:3c:dd:e2:67:a8:a2:3f:
45:f9:47:c3:2d:b7:07:8b:48:a7:04:e0:8c:be:e1:4f:24:8c:
f9:6f:83:fb:78:0b:3c:fc:dc:94:24:a8:76:0d:96:ae:9a:b3:
89:b2:fd:93:8b:f3:1a:ad:b2:bf:0b:2f:7f:99:f4:8b:3f:ed:
93:fd:24:4f:38:13:21:ff:43:6f:6a:9d:6f:ad:92:7d:a0:6e:
98:a2:da:9c:dc:4e:66:4e:a5:17:4e:aa:f0:dd:b0:39:8a:02:
d9:43:de:97:a8:a1:1c:c2:55:85:29:ab:ce:64:46:d0:01:f2:
67:a7:59:0f:a8:fb:22:ec:ec:4c:f0:e0:57:10:db:45:9d:8f:
1e:46:21:ec:82:a3:26:0a:f5:dc:4c:12:45:65:93:39:6b:04:
93:3f:56:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFYXa0DbpLzfia6kpn4feSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjRjN2VjZmEzN2QyNDg3MTUyZmI5YmJiYWI1MGJlNzlk
ZTI2MTkwHhcNMjQwODE1MjMyNjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTRhODFkMGMxOTJlMTkzNDFjZjM2YjY4NGM4MjVlYTgyZjEwMjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3DWZTG06+SWCvN2KBcnE2YHtFQM
PXm6bQvrtBPHPHBxYLIzCZ450veUVybowGCvZsyMCORJ9QKTtSutKrb8kVCr9F2r
N/s3d2QtB4BvaN0Qjnq56ub+pDP2u+q73q5c/wdxRivUsneR8cfcwQOcfuu6YK2D
WqcNwcEeTarztFp5jYPOc2nrZlvvLRxNry4eLU3Ge1U7aERqOQmbJOhFMvIawbfx
BMYfiuhUZ9tvTervZJL0spj6Xogad4TUKFMNLlpXD2ciRzwvDhg0wMKMqZHf5TzV
UeZ4yE+Uffr77a+IdAlIuxz6XxUjEdZy8yJTBkBIBdx3rAJIEWiNZ1vwcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAlKgdDBkuGTQc82toTIJeqC8QKGMB8GA1UdIwQY
MBaAFD4kx+z6N9JIcVL7m7urUL553iYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMt
NDkzZDc3NGFhMWZmLzEvQ1VxQjBNR1M0Wk5CenphMmhNZ2w2b0x4QW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMtNDkzZDc3NGFhMWZm
LzEvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuUfkAwQA
uX1UAwQAwQC1MA0GCSqGSIb3DQEBCwUAA4IBAQB6yIgwoRYxfc3avqhs9u5RA/Jy
AsLmhw0JCxQ0gJJ89jwq1TDbfRn4ZtzkPQTRebXZzhVmEUx6kNA8pSFKCHSshDiU
79i0ippv3hnYJHtdQL6DJVewhQLXU4dm4Uib7qKFcq0jlDzd4meooj9F+UfDLbcH
i0inBOCMvuFPJIz5b4P7eAs8/NyUJKh2DZaumrOJsv2Ti/MarbK/Cy9/mfSLP+2T
/SRPOBMh/0Nvap1vrZJ9oG6Yotqc3E5mTqUXTqrw3bA5igLZQ96XqKEcwlWFKavO
ZEbQAfJnp1kPqPsi7OxM8OBXENtFnY8eRiHsgqMmCvXcTBJFZZM5awSTP1br
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:40 2025 by rpki-client