Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/yuN7PmGMXJKkqDu4L4wQpmNN0BE.roa
File: yuN7PmGMXJKkqDu4L4wQpmNN0BE.roa (raw, json)
Hash identifier: R009An3sqUL9YQc+yKSkAk+MQKMxpx/+25lWa/GmnRs=
Subject key identifier: CA:E3:7B:3E:61:8C:5C:92:A4:A8:3B:B8:2F:8C:10:A6:63:4D:D0:11
Certificate issuer: /CN=d9773d733d1845c41d3f9a362b55b74e686f9c02
Certificate serial: 018CC8DF5673BB1532C358832812F234D67D
Authority key identifier: D9:77:3D:73:3D:18:45:C4:1D:3F:9A:36:2B:55:B7:4E:68:6F:9C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/yuN7PmGMXJKkqDu4L4wQpmNN0BE.roa
Signing time: Tue 02 Jan 2024 06:32:09 +0000
ROA not before: Tue 02 Jan 2024 06:32:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43456
IP address blocks: 185.164.48.0/24 maxlen: 24
185.164.51.0/24 maxlen: 24
185.164.50.0/24 maxlen: 24
185.164.49.0/24 maxlen: 24
185.171.17.0/24 maxlen: 24
185.171.16.0/24 maxlen: 24
185.171.19.0/24 maxlen: 24
185.171.18.0/24 maxlen: 24
185.93.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:56:73:bb:15:32:c3:58:83:28:12:f2:34:d6:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9773d733d1845c41d3f9a362b55b74e686f9c02
Validity
Not Before: Jan 2 06:32:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cae37b3e618c5c92a4a83bb82f8c10a6634dd011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f5:6a:64:8d:32:6c:e4:80:64:e4:ef:cf:41:
28:88:5d:8c:c2:37:d4:09:54:41:60:cd:9d:9f:a3:
3c:4b:ae:d5:3e:f5:c7:ac:9d:23:f8:7c:d2:05:23:
48:10:1a:17:18:33:d0:86:fb:49:b4:db:27:13:f8:
a6:67:87:9e:cf:1f:13:0a:e1:1f:27:f4:75:67:63:
13:4a:68:fb:3a:b3:f3:18:89:11:55:21:a4:00:3b:
f1:6d:ea:34:67:58:99:0d:66:4c:5b:34:b6:51:f5:
1d:77:4d:87:ac:2b:8c:7d:74:a3:bf:f0:ca:2c:a4:
b8:cd:bc:ee:70:7b:05:7a:d0:f5:6c:7d:9b:3e:35:
02:9f:f0:6b:83:42:25:4c:5d:2d:93:d1:4d:41:51:
f1:5b:0e:fc:71:7f:40:b2:4e:5a:f0:fe:11:cd:14:
ee:2e:27:e5:bf:e5:b1:48:2b:9c:42:72:3b:00:55:
60:17:43:05:d6:a1:ad:51:34:82:77:f6:aa:e0:63:
21:1d:b3:17:39:27:69:70:64:90:36:e1:8a:16:fe:
3b:28:61:c2:5a:bf:73:15:90:54:1c:9c:f3:5d:a4:
a8:63:b6:c5:36:d0:68:f8:c0:66:cc:e7:d1:5b:17:
3b:4a:39:04:7e:9f:2f:fa:67:9f:8b:e7:4e:60:e5:
23:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E3:7B:3E:61:8C:5C:92:A4:A8:3B:B8:2F:8C:10:A6:63:4D:D0:11
X509v3 Authority Key Identifier:
keyid:D9:77:3D:73:3D:18:45:C4:1D:3F:9A:36:2B:55:B7:4E:68:6F:9C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/yuN7PmGMXJKkqDu4L4wQpmNN0BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.172.0/24
185.164.48.0/22
185.171.16.0/22
Signature Algorithm: sha256WithRSAEncryption
92:44:a6:bb:32:d2:82:b8:37:3b:8c:b6:5e:d3:4a:8e:73:e2:
2b:57:f2:f9:e2:d8:79:cf:db:31:b6:af:f5:68:94:67:8a:0b:
2e:c7:7e:34:af:73:f3:89:b6:ec:8f:10:f6:95:a9:e4:15:b6:
70:9c:90:56:0f:38:8a:ba:fa:b1:5b:98:c0:db:4f:00:95:30:
f7:e2:f0:3f:49:fe:cb:31:c6:02:0a:97:b3:c0:28:0a:62:7f:
00:a0:54:63:06:78:55:56:35:01:bf:93:53:d3:24:bf:fb:4c:
c9:b0:b3:4d:8f:39:6a:8b:f1:5c:af:72:94:1f:91:2b:45:8f:
c8:c4:c6:09:73:bc:ec:3e:d2:26:b2:f2:bb:49:e7:c4:b8:f8:
3b:5a:14:e6:fa:22:79:ec:71:b9:b1:85:b9:c6:80:d3:d4:bf:
c8:79:13:e6:29:89:3c:25:d8:8d:7f:eb:5a:3f:c8:5e:07:8a:
90:ca:11:8c:ff:86:8d:76:42:c6:46:ae:b2:b7:d7:5b:98:63:
e7:3f:47:13:3d:43:37:7d:af:f6:30:8a:ff:46:a8:32:cd:d5:
80:34:b4:94:33:14:f4:ca:bb:cb:a0:06:d0:de:70:6c:2d:22:
42:12:b9:b4:43:47:51:b4:25:4d:34:8b:83:d2:f5:a4:80:67:
2b:cd:b0:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI31ZzuxUyw1iDKBLyNNZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NzczZDczM2QxODQ1YzQxZDNmOWEzNjJiNTViNzRlNjg2
ZjljMDIwHhcNMjQwMTAyMDYzMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWUzN2IzZTYxOGM1YzkyYTRhODNiYjgyZjhjMTBhNjYzNGRkMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPVqZI0ybOSAZOTvz0EoiF2MwjfU
CVRBYM2dn6M8S67VPvXHrJ0j+HzSBSNIEBoXGDPQhvtJtNsnE/imZ4eezx8TCuEf
J/R1Z2MTSmj7OrPzGIkRVSGkADvxbeo0Z1iZDWZMWzS2UfUdd02HrCuMfXSjv/DK
LKS4zbzucHsFetD1bH2bPjUCn/Brg0IlTF0tk9FNQVHxWw78cX9Ask5a8P4RzRTu
Liflv+WxSCucQnI7AFVgF0MF1qGtUTSCd/aq4GMhHbMXOSdpcGSQNuGKFv47KGHC
Wr9zFZBUHJzzXaSoY7bFNtBo+MBmzOfRWxc7SjkEfp8v+mefi+dOYOUjbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMrjez5hjFySpKg7uC+MEKZjTdARMB8GA1UdIwQY
MBaAFNl3PXM9GEXEHT+aNitVt05ob5wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlhjOWN6MFlSY1FkUDVvMksxVzNUbWh2bkFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8zNzQxMWUtMmI4OS00MDc5LThjZmMt
MDFhMjlmNWY2ZGRlLzEveXVON1BtR01YSktrcUR1NEw0d1FwbU5OMEJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8zNzQxMWUtMmI4OS00MDc5LThjZmMtMDFhMjlmNWY2ZGRl
LzEvMlhjOWN6MFlSY1FkUDVvMksxVzNUbWh2bkFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuV2sAwQC
uaQwAwQCuasQMA0GCSqGSIb3DQEBCwUAA4IBAQCSRKa7MtKCuDc7jLZe00qOc+Ir
V/L54th5z9sxtq/1aJRnigsux340r3PzibbsjxD2lankFbZwnJBWDziKuvqxW5jA
208AlTD34vA/Sf7LMcYCCpezwCgKYn8AoFRjBnhVVjUBv5NT0yS/+0zJsLNNjzlq
i/Fcr3KUH5ErRY/IxMYJc7zsPtImsvK7SefEuPg7WhTm+iJ57HG5sYW5xoDT1L/I
eRPmKYk8JdiNf+taP8heB4qQyhGM/4aNdkLGRq6yt9dbmGPnP0cTPUM3fa/2MIr/
RqgyzdWANLSUMxT0yrvLoAbQ3nBsLSJCErm0Q0dRtCVNNIuD0vWkgGcrzbAk
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:04 2025 by rpki-client