Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/1dy_5oIRfBH9jr9Uq32oCI5RVuU.roa
File: 1dy_5oIRfBH9jr9Uq32oCI5RVuU.roa (raw, json)
Hash identifier: HvySJI6uPNMO/1yxbVmVpr+dOkUrN9gdiuvoQ5zhefs=
Subject key identifier: D5:DC:BF:E6:82:11:7C:11:FD:8E:BF:54:AB:7D:A8:08:8E:51:56:E5
Certificate issuer: /CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Certificate serial: 018CC8DEF4B7B35D07CF35FA92A2024CA74B
Authority key identifier: 29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/1dy_5oIRfBH9jr9Uq32oCI5RVuU.roa
Signing time: Tue 02 Jan 2024 06:31:43 +0000
ROA not before: Tue 02 Jan 2024 06:31:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205371
IP address blocks: 185.220.112.0/24 maxlen: 24
185.220.115.0/24 maxlen: 24
185.220.113.0/24 maxlen: 24
185.220.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f4:b7:b3:5d:07:cf:35:fa:92:a2:02:4c:a7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Validity
Not Before: Jan 2 06:31:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5dcbfe682117c11fd8ebf54ab7da8088e5156e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cc:0a:e8:16:41:f8:24:ae:bf:c0:2a:93:38:
ec:5a:9c:b0:e5:c6:7e:d7:ee:aa:54:67:4b:59:b5:
6a:cb:c3:30:af:56:59:07:74:31:77:16:84:26:31:
b6:b0:c0:8e:15:73:44:7b:3c:ce:0a:13:2a:2d:80:
b2:d1:64:40:22:48:ca:1b:ef:2a:c2:95:9a:a5:58:
1e:95:83:0c:22:83:77:98:a3:31:63:f1:de:6c:6b:
26:80:1b:08:02:7e:5f:a0:e7:90:e9:91:68:b3:95:
03:51:3e:6a:ae:72:f7:a6:41:76:87:29:a5:8f:c6:
da:f4:67:f0:93:4c:d1:94:03:29:76:70:c5:96:e3:
b2:b8:e5:40:6d:2d:b0:d0:b2:65:2e:28:dd:17:0e:
39:5d:8d:f8:d7:65:59:12:67:9d:ff:00:ba:01:ff:
d5:a9:bd:00:47:67:5f:41:bc:6c:6d:e0:da:fc:ec:
97:ac:f3:a5:56:16:84:4e:1e:87:12:31:21:1a:b3:
3c:40:74:bd:be:35:80:5a:ce:8c:f5:f7:57:57:85:
79:6a:08:0a:a6:9f:22:f6:20:d9:02:6b:6f:aa:07:
72:c4:e9:b5:99:a4:9b:51:64:ea:ba:4b:7f:65:7b:
b7:f6:10:9a:0f:3e:3b:67:64:06:3e:c7:b3:6f:74:
b1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:DC:BF:E6:82:11:7C:11:FD:8E:BF:54:AB:7D:A8:08:8E:51:56:E5
X509v3 Authority Key Identifier:
keyid:29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/1dy_5oIRfBH9jr9Uq32oCI5RVuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/KVtqNKIQm6fE2X92x0Rm8UwzM-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.112.0/22
Signature Algorithm: sha256WithRSAEncryption
74:32:34:59:51:7f:94:a5:d3:59:8c:94:a6:91:47:83:b8:19:
2f:28:8b:60:b2:63:01:30:82:70:8c:d1:53:b2:c4:c4:3b:2a:
76:34:16:af:b9:44:d0:c3:68:0d:1c:fb:d2:21:1a:90:ed:1b:
20:2b:46:33:b0:3f:c6:01:50:b3:78:91:55:90:50:65:86:d3:
e4:a7:3e:3d:71:a2:5c:00:ad:d8:71:8f:8b:5f:09:46:e1:dd:
04:16:b4:b2:69:ed:09:72:bd:69:c7:fb:5d:29:e3:e7:b4:08:
7e:79:e3:78:57:db:f4:ac:f6:21:75:02:fc:95:73:a7:98:0a:
4f:00:5d:92:3c:07:f6:b3:5b:73:ed:aa:c2:4e:53:56:c1:e0:
41:db:d6:c1:a8:c3:18:05:28:49:f9:49:dc:bb:41:e5:d8:c3:
4a:41:09:e4:3f:b6:b9:67:87:a2:3f:f2:28:68:c1:e2:aa:4a:
fd:cc:c8:7c:0f:7b:2d:5a:73:c3:c1:af:52:6e:c6:92:30:e9:
df:b2:3e:80:a9:ff:3c:a5:0c:15:b2:f3:c1:16:54:dd:74:80:
12:e6:8a:2c:ce:66:9f:e1:86:15:f1:d2:c5:a0:c2:c8:8c:a9:
d1:67:ad:89:3c:44:00:16:4c:a0:84:8c:8e:37:a0:a2:e3:b0:
53:f6:8a:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3vS3s10HzzX6kqICTKdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NWI2YTM0YTIxMDliYTdjNGQ5N2Y3NmM3NDQ2NmYxNGMz
MzMzZTAwHhcNMjQwMTAyMDYzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWRjYmZlNjgyMTE3YzExZmQ4ZWJmNTRhYjdkYTgwODhlNTE1NmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8wK6BZB+CSuv8AqkzjsWpyw5cZ+
1+6qVGdLWbVqy8Mwr1ZZB3QxdxaEJjG2sMCOFXNEezzOChMqLYCy0WRAIkjKG+8q
wpWapVgelYMMIoN3mKMxY/HebGsmgBsIAn5foOeQ6ZFos5UDUT5qrnL3pkF2hyml
j8ba9Gfwk0zRlAMpdnDFluOyuOVAbS2w0LJlLijdFw45XY3412VZEmed/wC6Af/V
qb0AR2dfQbxsbeDa/OyXrPOlVhaETh6HEjEhGrM8QHS9vjWAWs6M9fdXV4V5aggK
pp8i9iDZAmtvqgdyxOm1maSbUWTqukt/ZXu39hCaDz47Z2QGPsezb3SxlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXcv+aCEXwR/Y6/VKt9qAiOUVblMB8GA1UdIwQY
MBaAFClbajSiEJunxNl/dsdEZvFMMzPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Z0cU5LSVFtNmZFMlg5MngwUm04VXd6TS1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lOWIxNzMtOTJiNi00MjEwLWE4ZTAt
Yjc5N2E0NDA2ZjMwLzEvMWR5XzVvSVJmQkg5anI5VXEzMm9DSTVSVnVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lOWIxNzMtOTJiNi00MjEwLWE4ZTAtYjc5N2E0NDA2ZjMw
LzEvS1Z0cU5LSVFtNmZFMlg5MngwUm04VXd6TS1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudxwMA0G
CSqGSIb3DQEBCwUAA4IBAQB0MjRZUX+UpdNZjJSmkUeDuBkvKItgsmMBMIJwjNFT
ssTEOyp2NBavuUTQw2gNHPvSIRqQ7RsgK0YzsD/GAVCzeJFVkFBlhtPkpz49caJc
AK3YcY+LXwlG4d0EFrSyae0Jcr1px/tdKePntAh+eeN4V9v0rPYhdQL8lXOnmApP
AF2SPAf2s1tz7arCTlNWweBB29bBqMMYBShJ+Uncu0Hl2MNKQQnkP7a5Z4eiP/Io
aMHiqkr9zMh8D3stWnPDwa9SbsaSMOnfsj6Aqf88pQwVsvPBFlTddIAS5ooszmaf
4YYV8dLFoMLIjKnRZ62JPEQAFkyghIyON6Ci47BT9oqx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:48 2025 by rpki-client