Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/9Ks3j2Ftnywmpo-BhOed9pvhRZ4.roa
File: 9Ks3j2Ftnywmpo-BhOed9pvhRZ4.roa (raw, json)
Hash identifier: 1lNQzBYRvpFDpHRKkjbyKqSgu6iFQrICvTO8jJsGndw=
Subject key identifier: F4:AB:37:8F:61:6D:9F:2C:26:A6:8F:81:84:E7:9D:F6:9B:E1:45:9E
Certificate issuer: /CN=1329cd3ee2fe126a82ca2a58c87ed5838fe2af57
Certificate serial: 01928F7E9A1109F556F873FAD2AA746F479A
Authority key identifier: 13:29:CD:3E:E2:FE:12:6A:82:CA:2A:58:C8:7E:D5:83:8F:E2:AF:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EynNPuL-EmqCyipYyH7Vg4_ir1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/9Ks3j2Ftnywmpo-BhOed9pvhRZ4.roa
Signing time: Tue 15 Oct 2024 09:24:51 +0000
ROA not before: Tue 15 Oct 2024 09:24:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59497
IP address blocks: 185.189.184.0/22 maxlen: 22
185.189.184.0/24 maxlen: 24
185.189.185.0/24 maxlen: 24
185.189.186.0/24 maxlen: 24
185.189.187.0/24 maxlen: 24
2a09:87c0::/29 maxlen: 29
2a09:87c0::/48 maxlen: 48
2a09:87c0:10::/47 maxlen: 47
2a09:87c0:12::/48 maxlen: 48
2a09:87c0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:7e:9a:11:09:f5:56:f8:73:fa:d2:aa:74:6f:47:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1329cd3ee2fe126a82ca2a58c87ed5838fe2af57
Validity
Not Before: Oct 15 09:24:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4ab378f616d9f2c26a68f8184e79df69be1459e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:09:fc:8d:3e:2b:b2:d7:f9:61:48:4f:24:f2:
9e:f4:3c:26:a7:9c:75:87:66:fc:18:64:a8:9f:9e:
3d:d8:e9:a5:cf:80:fe:33:19:4e:63:ad:6c:35:26:
70:ae:77:8e:8d:73:4b:fb:7a:ec:d5:8c:3b:53:5b:
8d:cf:eb:4a:f3:d9:a9:af:b6:af:1b:37:8d:f2:48:
f4:c9:a3:b1:5f:2b:48:1d:cc:70:6a:19:8d:a5:44:
98:50:d0:91:1f:80:ea:6e:89:38:43:35:61:10:5a:
29:ec:de:ab:80:62:d7:6a:2c:c3:7a:ba:ac:3c:11:
0d:d0:c7:05:c3:7b:ff:7d:2d:4f:9d:c7:cd:bb:28:
14:fe:9a:43:cf:f4:1b:4f:08:62:35:b4:cd:6e:2f:
a1:9a:ad:98:df:3c:35:06:d6:d4:f3:e5:57:7f:ea:
4e:af:32:7d:c8:f8:34:76:86:ff:4d:7b:14:dc:7a:
24:0d:9f:36:70:58:e5:26:f5:f8:b2:3f:46:ef:75:
fa:96:6b:08:0b:4b:34:d4:08:5d:8f:ba:b4:99:16:
1b:9f:3c:b3:06:19:00:b7:4d:88:a1:9c:60:74:98:
f6:17:c4:bd:c3:eb:7b:0b:a3:35:33:80:25:42:e7:
97:5f:55:22:4f:3e:93:87:d6:89:54:ab:62:2f:f4:
10:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AB:37:8F:61:6D:9F:2C:26:A6:8F:81:84:E7:9D:F6:9B:E1:45:9E
X509v3 Authority Key Identifier:
keyid:13:29:CD:3E:E2:FE:12:6A:82:CA:2A:58:C8:7E:D5:83:8F:E2:AF:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EynNPuL-EmqCyipYyH7Vg4_ir1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/9Ks3j2Ftnywmpo-BhOed9pvhRZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/EynNPuL-EmqCyipYyH7Vg4_ir1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.184.0/22
IPv6:
2a09:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:00:29:9c:1e:df:e2:27:17:ad:3e:02:18:99:10:b2:3a:1d:
01:57:94:b8:89:32:3c:8f:e6:01:2e:50:8c:9b:01:20:29:57:
a7:94:cd:b4:ed:8c:aa:43:38:46:07:e0:13:1e:45:c1:14:34:
ee:c5:bb:67:bf:ca:e9:d9:1b:90:01:7b:1e:83:f1:e6:0f:a4:
c1:ba:f5:92:3a:18:e1:29:99:46:d4:9e:a6:5f:02:27:46:33:
6d:12:ea:e5:3f:df:59:e7:b1:45:07:fa:a1:93:2f:9f:ec:82:
60:32:8c:94:7c:e3:c0:5e:ae:23:96:70:4e:3d:4d:b1:7c:e4:
ef:3a:a3:a8:6c:71:57:a5:10:f1:d1:f4:8a:8c:4a:ae:82:c9:
83:a7:1a:d6:1b:8e:5d:5b:1d:c7:15:1c:5e:a8:a4:83:19:35:
a5:e0:43:dc:26:14:f2:45:68:f8:35:76:34:94:4a:e2:d6:e4:
f1:4c:9c:d9:d6:f3:91:85:6a:ed:84:f0:e4:9e:b6:ad:b9:6f:
48:d6:d4:83:12:50:f7:09:0a:0c:95:6c:20:32:c4:ba:1c:25:
79:e2:ae:89:7b:fc:ca:0d:66:f8:61:ae:81:52:73:b7:c5:67:
de:75:c8:3c:3d:8b:72:4f:f7:ca:a4:e9:21:84:0f:ef:53:89:
1c:ae:9c:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKPfpoRCfVW+HP60qp0b0eaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMjljZDNlZTJmZTEyNmE4MmNhMmE1OGM4N2VkNTgzOGZl
MmFmNTcwHhcNMjQxMDE1MDkyNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFiMzc4ZjYxNmQ5ZjJjMjZhNjhmODE4NGU3OWRmNjliZTE0NTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5An8jT4rstf5YUhPJPKe9Dwmp5x1
h2b8GGSon5492Omlz4D+MxlOY61sNSZwrneOjXNL+3rs1Yw7U1uNz+tK89mpr7av
GzeN8kj0yaOxXytIHcxwahmNpUSYUNCRH4Dqbok4QzVhEFop7N6rgGLXaizDerqs
PBEN0McFw3v/fS1PncfNuygU/ppDz/QbTwhiNbTNbi+hmq2Y3zw1BtbU8+VXf+pO
rzJ9yPg0dob/TXsU3HokDZ82cFjlJvX4sj9G73X6lmsIC0s01Ahdj7q0mRYbnzyz
BhkAt02IoZxgdJj2F8S9w+t7C6M1M4AlQueXX1UiTz6Th9aJVKtiL/QQuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPSrN49hbZ8sJqaPgYTnnfab4UWeMB8GA1UdIwQY
MBaAFBMpzT7i/hJqgsoqWMh+1YOP4q9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXluTlB1TC1FbXFDeWlwWXlIN1ZnNF9pcjFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hZjU4YjYtOWU4Zi00MDZlLWFjMWMt
MmZjMDMwYTYwY2VhLzEvOUtzM2oyRnRueXdtcG8tQmhPZWQ5cHZoUlo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hZjU4YjYtOWU4Zi00MDZlLWFjMWMtMmZjMDMwYTYwY2Vh
LzEvRXluTlB1TC1FbXFDeWlwWXlIN1ZnNF9pcjFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub24MA0E
AgACMAcDBQMqCYfAMA0GCSqGSIb3DQEBCwUAA4IBAQAqACmcHt/iJxetPgIYmRCy
Oh0BV5S4iTI8j+YBLlCMmwEgKVenlM207YyqQzhGB+ATHkXBFDTuxbtnv8rp2RuQ
AXseg/HmD6TBuvWSOhjhKZlG1J6mXwInRjNtEurlP99Z57FFB/qhky+f7IJgMoyU
fOPAXq4jlnBOPU2xfOTvOqOobHFXpRDx0fSKjEqugsmDpxrWG45dWx3HFRxeqKSD
GTWl4EPcJhTyRWj4NXY0lEri1uTxTJzZ1vORhWrthPDknratuW9I1tSDElD3CQoM
lWwgMsS6HCV54q6Je/zKDWb4Ya6BUnO3xWfedcg8PYtyT/fKpOkhhA/vU4kcrpyr
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:52:03 2025 by rpki-client