Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ddf559-433b-408f-a5b2-3fb5adde6040/1/6d5q7MQdCsYozSw43FTrib0n2Hg.roa
File: 6d5q7MQdCsYozSw43FTrib0n2Hg.roa (raw, json)
Hash identifier: 8fT7cXq4OuroJt9fSYtDiXjPvmEphn3vFqkmn1tqmAA=
Subject key identifier: E9:DE:6A:EC:C4:1D:0A:C6:28:CD:2C:38:DC:54:EB:89:BD:27:D8:78
Certificate issuer: /CN=23a7b593c804a683f0c8fa3eda9335af92a89044
Certificate serial: 0194236A1B1AA52E232DB1FCD2A1D3E97DB4
Authority key identifier: 23:A7:B5:93:C8:04:A6:83:F0:C8:FA:3E:DA:93:35:AF:92:A8:90:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I6e1k8gEpoPwyPo-2pM1r5KokEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ddf559-433b-408f-a5b2-3fb5adde6040/1/6d5q7MQdCsYozSw43FTrib0n2Hg.roa
Signing time: Wed 01 Jan 2025 19:49:03 +0000
ROA not before: Wed 01 Jan 2025 19:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47164
IP address blocks: 185.174.180.0/22 maxlen: 24
185.174.180.0/24 maxlen: 24
185.174.181.0/24 maxlen: 24
185.174.182.0/24 maxlen: 24
185.174.183.0/24 maxlen: 24
185.227.104.0/22 maxlen: 24
185.227.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 11:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1b:1a:a5:2e:23:2d:b1:fc:d2:a1:d3:e9:7d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23a7b593c804a683f0c8fa3eda9335af92a89044
Validity
Not Before: Jan 1 19:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9de6aecc41d0ac628cd2c38dc54eb89bd27d878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:eb:42:53:41:d2:e5:6b:8a:5e:a6:26:34:ed:
d1:1e:4f:68:e4:fd:5b:55:82:a4:8f:a7:e4:f7:35:
84:af:7d:c6:72:e0:f4:be:e6:6d:75:2b:66:15:ef:
fe:6f:a7:37:bf:69:69:f5:dd:0e:af:aa:a4:45:09:
6a:be:f6:61:11:3b:30:c1:0e:ef:54:d9:76:6c:df:
1d:45:0d:02:fb:29:76:a4:2a:b2:3f:31:32:c1:9e:
b4:b5:3e:08:9e:b8:84:d1:50:7d:1d:b3:d5:df:7a:
f2:13:ed:25:fc:54:7d:fb:99:25:a5:89:2e:94:46:
5c:e4:16:5b:5a:19:31:f3:6b:2a:29:cb:48:64:aa:
e2:3e:9b:20:9c:e5:62:a4:bb:01:b2:ee:57:03:85:
1f:81:61:ca:a0:2f:83:2e:13:93:41:5a:7a:4d:e1:
db:8f:fa:94:ac:b0:0b:15:d9:cf:6d:da:97:d0:66:
e3:16:73:7f:84:5e:47:5d:e7:1f:e7:7e:33:97:28:
4e:62:43:a6:03:80:88:07:50:d6:fd:be:79:dd:00:
ff:50:89:fd:cd:f5:ee:0f:24:1f:a5:ff:d3:61:c3:
2f:71:84:1e:cb:48:b5:10:38:7a:e6:bf:e0:b6:a0:
f7:68:1b:21:dd:c1:2e:35:df:01:60:66:f3:20:00:
86:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:DE:6A:EC:C4:1D:0A:C6:28:CD:2C:38:DC:54:EB:89:BD:27:D8:78
X509v3 Authority Key Identifier:
keyid:23:A7:B5:93:C8:04:A6:83:F0:C8:FA:3E:DA:93:35:AF:92:A8:90:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6e1k8gEpoPwyPo-2pM1r5KokEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ddf559-433b-408f-a5b2-3fb5adde6040/1/6d5q7MQdCsYozSw43FTrib0n2Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ddf559-433b-408f-a5b2-3fb5adde6040/1/I6e1k8gEpoPwyPo-2pM1r5KokEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.180.0/22
185.227.104.0/22
Signature Algorithm: sha256WithRSAEncryption
52:5e:7e:61:ab:12:84:0f:8b:e9:a8:1e:05:95:0d:18:67:4e:
41:26:df:57:c5:54:c6:96:96:23:94:f6:93:42:84:08:ee:fc:
12:1e:d5:6c:8d:b9:40:e1:ff:e6:0b:18:d1:9e:9f:35:74:7c:
59:bf:2f:47:99:b1:4f:65:99:6b:31:85:21:ef:6f:7e:05:4e:
a7:cc:f9:06:6b:27:af:13:c9:2f:e5:25:0e:27:bd:fb:db:0e:
9d:26:ff:62:8d:94:a3:20:9e:0e:11:61:5d:c6:b1:00:0f:d1:
47:5f:19:05:ec:93:95:2c:bd:45:eb:46:08:9e:ad:3b:48:7c:
f4:31:a7:f7:61:8a:d4:ca:ee:20:8d:46:ab:e3:15:08:d0:28:
78:c5:3f:02:1e:d2:7d:e3:64:e4:83:8f:57:f1:0d:ff:90:22:
79:ce:3d:24:e0:2d:6f:f1:61:0d:41:99:40:de:38:30:5b:97:
ee:ed:c8:d6:30:bb:11:23:cf:0c:77:bc:f6:92:5f:8e:81:70:
dd:a7:cf:31:c9:83:4c:9e:79:f4:0e:7e:ae:78:2e:8c:98:d8:
28:75:14:b6:34:e2:e1:72:69:f0:6c:b9:7d:ec:13:a0:11:73:
25:23:c4:38:d7:c5:e9:1d:c6:43:d6:d8:fb:eb:72:08:79:d7:
0d:bf:47:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjahsapS4jLbH80qHT6X20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTdiNTkzYzgwNGE2ODNmMGM4ZmEzZWRhOTMzNWFmOTJh
ODkwNDQwHhcNMjUwMTAxMTk0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWRlNmFlY2M0MWQwYWM2MjhjZDJjMzhkYzU0ZWI4OWJkMjdkODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyutCU0HS5WuKXqYmNO3RHk9o5P1b
VYKkj6fk9zWEr33GcuD0vuZtdStmFe/+b6c3v2lp9d0Or6qkRQlqvvZhETswwQ7v
VNl2bN8dRQ0C+yl2pCqyPzEywZ60tT4InriE0VB9HbPV33ryE+0l/FR9+5klpYku
lEZc5BZbWhkx82sqKctIZKriPpsgnOVipLsBsu5XA4UfgWHKoC+DLhOTQVp6TeHb
j/qUrLALFdnPbdqX0GbjFnN/hF5HXecf534zlyhOYkOmA4CIB1DW/b553QD/UIn9
zfXuDyQfpf/TYcMvcYQey0i1EDh65r/gtqD3aBsh3cEuNd8BYGbzIACGvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOneauzEHQrGKM0sONxU64m9J9h4MB8GA1UdIwQY
MBaAFCOntZPIBKaD8Mj6PtqTNa+SqJBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZlMWs4Z0Vwb1B3eVBvLTJwTTFyNUtva0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9kZGY1NTktNDMzYi00MDhmLWE1YjIt
M2ZiNWFkZGU2MDQwLzEvNmQ1cTdNUWRDc1lvelN3NDNGVHJpYjBuMkhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9kZGY1NTktNDMzYi00MDhmLWE1YjItM2ZiNWFkZGU2MDQw
LzEvSTZlMWs4Z0Vwb1B3eVBvLTJwTTFyNUtva0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCua60AwQC
ueNoMA0GCSqGSIb3DQEBCwUAA4IBAQBSXn5hqxKED4vpqB4FlQ0YZ05BJt9XxVTG
lpYjlPaTQoQI7vwSHtVsjblA4f/mCxjRnp81dHxZvy9HmbFPZZlrMYUh729+BU6n
zPkGayevE8kv5SUOJ7372w6dJv9ijZSjIJ4OEWFdxrEAD9FHXxkF7JOVLL1F60YI
nq07SHz0Maf3YYrUyu4gjUar4xUI0Ch4xT8CHtJ942Tkg49X8Q3/kCJ5zj0k4C1v
8WENQZlA3jgwW5fu7cjWMLsRI88Md7z2kl+OgXDdp88xyYNMnnn0Dn6ueC6MmNgo
dRS2NOLhcmnwbLl97BOgEXMlI8Q418XpHcZD1tj763IIedcNv0eL
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:15:14 2025 by rpki-client