Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/IRlpu7LqAELyw5oyPu2jL_iQOvI.roa
File: IRlpu7LqAELyw5oyPu2jL_iQOvI.roa (raw, json)
Hash identifier: SqOv9Gq8bJnQYzfXnmYE9BsbWHRFyitsP1MvnfmuGJY=
Subject key identifier: 21:19:69:BB:B2:EA:00:42:F2:C3:9A:32:3E:ED:A3:2F:F8:90:3A:F2
Certificate issuer: /CN=97d9ef7bd30324dedf70bace4bbda5760c326b1a
Certificate serial: 018CC348C50B58E94DC415D5A738958FF3A5
Authority key identifier: 97:D9:EF:7B:D3:03:24:DE:DF:70:BA:CE:4B:BD:A5:76:0C:32:6B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l9nve9MDJN7fcLrOS72ldgwyaxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/IRlpu7LqAELyw5oyPu2jL_iQOvI.roa
Signing time: Mon 01 Jan 2024 04:29:35 +0000
ROA not before: Mon 01 Jan 2024 04:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203637
IP address blocks: 185.127.190.0/24 maxlen: 24
185.127.189.0/24 maxlen: 24
185.127.188.0/24 maxlen: 24
185.127.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c5:0b:58:e9:4d:c4:15:d5:a7:38:95:8f:f3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97d9ef7bd30324dedf70bace4bbda5760c326b1a
Validity
Not Before: Jan 1 04:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=211969bbb2ea0042f2c39a323eeda32ff8903af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ef:45:67:d3:d4:17:76:7f:d7:ff:a2:c8:46:
3d:30:3d:66:0b:3c:3a:74:85:e3:e7:a1:76:3d:8c:
02:31:2c:dd:11:4c:f2:5c:6d:61:10:75:20:d6:74:
c6:85:ba:23:af:66:6a:b6:81:8e:14:2a:44:a8:6b:
5e:57:9c:d9:7c:eb:8a:67:a1:b6:94:24:f3:4c:67:
74:44:30:c5:b2:01:d9:85:50:e2:1c:93:29:52:cb:
9e:1d:70:66:02:a5:89:9b:1f:66:3e:45:6d:ed:84:
96:81:6d:58:f8:5c:13:fd:bc:7f:eb:e1:c6:61:30:
6c:97:da:b0:ad:ae:3a:9d:08:4e:8f:c7:0b:6f:20:
df:5d:27:e4:97:3a:d9:79:74:7c:0c:ea:42:15:98:
11:e8:f0:7e:b4:0b:33:c4:25:05:91:58:94:74:0b:
a1:0c:b6:4e:31:48:ba:98:38:4a:cf:7e:83:eb:b9:
e6:ef:58:61:1d:0e:92:52:75:4c:a9:3e:7e:a8:bb:
58:69:31:34:79:48:fb:3e:f0:20:85:e7:07:dc:54:
ab:df:f3:83:4b:eb:f8:87:b1:a3:cc:91:d4:b7:0f:
99:18:52:70:28:db:67:43:5a:90:d4:68:4a:aa:d0:
d8:12:03:08:1c:9c:a7:13:81:bb:94:76:43:dd:23:
ca:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:19:69:BB:B2:EA:00:42:F2:C3:9A:32:3E:ED:A3:2F:F8:90:3A:F2
X509v3 Authority Key Identifier:
keyid:97:D9:EF:7B:D3:03:24:DE:DF:70:BA:CE:4B:BD:A5:76:0C:32:6B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l9nve9MDJN7fcLrOS72ldgwyaxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/IRlpu7LqAELyw5oyPu2jL_iQOvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.188.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:f0:4c:a7:7b:ec:de:ce:cc:46:36:a7:e3:af:7e:24:90:70:
c5:4a:fe:73:6e:10:b8:68:da:e5:49:a2:52:90:bd:89:1f:a8:
2a:b8:8c:36:af:ab:c5:12:64:58:33:58:58:e0:04:9a:fe:c4:
fe:67:7f:4b:88:bd:0f:63:04:c1:30:e3:ac:15:47:20:26:00:
60:42:81:3f:3a:a1:20:5c:fe:1f:82:6d:df:99:41:8e:84:be:
14:08:5e:f0:a8:73:35:81:c2:67:a6:4e:96:5d:7d:6e:3c:e2:
a2:40:50:4a:d9:f5:af:82:ce:87:cf:c1:88:50:ff:54:5b:49:
77:d3:6b:fa:c6:b5:56:88:2f:22:bd:92:d5:3a:34:73:dd:09:
64:33:25:cd:eb:0c:73:c9:f8:10:83:58:07:1b:f5:e3:37:e0:
c0:0b:03:63:ad:c1:4f:b5:39:61:30:59:91:9d:c9:ae:ea:d2:
5c:97:90:72:f7:ac:e1:60:20:fd:bd:25:da:5b:78:7e:7f:aa:
18:b6:e3:a3:90:e3:c4:8d:94:10:67:4f:0a:aa:fc:60:e1:88:
3e:72:e1:48:32:a3:15:8a:2f:2d:f3:3a:ea:4e:2d:2d:ec:29:
7a:81:53:ab:44:5d:e4:eb:12:6a:60:10:63:97:6a:0a:69:53:
6d:a9:de:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSMULWOlNxBXVpziVj/OlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZDllZjdiZDMwMzI0ZGVkZjcwYmFjZTRiYmRhNTc2MGMz
MjZiMWEwHhcNMjQwMTAxMDQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTE5NjliYmIyZWEwMDQyZjJjMzlhMzIzZWVkYTMyZmY4OTAzYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+9FZ9PUF3Z/1/+iyEY9MD1mCzw6
dIXj56F2PYwCMSzdEUzyXG1hEHUg1nTGhbojr2ZqtoGOFCpEqGteV5zZfOuKZ6G2
lCTzTGd0RDDFsgHZhVDiHJMpUsueHXBmAqWJmx9mPkVt7YSWgW1Y+FwT/bx/6+HG
YTBsl9qwra46nQhOj8cLbyDfXSfklzrZeXR8DOpCFZgR6PB+tAszxCUFkViUdAuh
DLZOMUi6mDhKz36D67nm71hhHQ6SUnVMqT5+qLtYaTE0eUj7PvAghecH3FSr3/OD
S+v4h7GjzJHUtw+ZGFJwKNtnQ1qQ1GhKqtDYEgMIHJynE4G7lHZD3SPKUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEZabuy6gBC8sOaMj7toy/4kDryMB8GA1UdIwQY
MBaAFJfZ73vTAyTe33C6zku9pXYMMmsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDludmU5TURKTjdmY0xyT1M3MmxkZ3d5YXhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS80M2Q1MDgtZDE5ZS00ZjY2LWFlODUt
ZjgwNWFiM2EzMjdlLzEvSVJscHU3THFBRUx5dzVveVB1MmpMX2lRT3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS80M2Q1MDgtZDE5ZS00ZjY2LWFlODUtZjgwNWFiM2EzMjdl
LzEvbDludmU5TURKTjdmY0xyT1M3MmxkZ3d5YXhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX+8MA0G
CSqGSIb3DQEBCwUAA4IBAQAL8Eyne+zezsxGNqfjr34kkHDFSv5zbhC4aNrlSaJS
kL2JH6gquIw2r6vFEmRYM1hY4ASa/sT+Z39LiL0PYwTBMOOsFUcgJgBgQoE/OqEg
XP4fgm3fmUGOhL4UCF7wqHM1gcJnpk6WXX1uPOKiQFBK2fWvgs6Hz8GIUP9UW0l3
02v6xrVWiC8ivZLVOjRz3QlkMyXN6wxzyfgQg1gHG/XjN+DACwNjrcFPtTlhMFmR
ncmu6tJcl5By96zhYCD9vSXaW3h+f6oYtuOjkOPEjZQQZ08Kqvxg4Yg+cuFIMqMV
ii8t8zrqTi0t7Cl6gVOrRF3k6xJqYBBjl2oKaVNtqd7X
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:18 2025 by rpki-client