Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/659f2c-c289-4699-87d7-21d6100383e0/1/msdFCQEYjuwUBfgECRjNvsFzJSs.roa
File: msdFCQEYjuwUBfgECRjNvsFzJSs.roa (raw, json)
Hash identifier: ESR33wkeQTiIHkHLDlCXDdOs6oBBrGahdPzld9WQ7PE=
Subject key identifier: 9A:C7:45:09:01:18:8E:EC:14:05:F8:04:09:18:CD:BE:C1:73:25:2B
Certificate issuer: /CN=be07895736ed92860f3135008a85813f98bbd7c1
Certificate serial: 018CC4245A98E43C6CFBE0FCA969CE02C81E
Authority key identifier: BE:07:89:57:36:ED:92:86:0F:31:35:00:8A:85:81:3F:98:BB:D7:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vgeJVzbtkoYPMTUAioWBP5i718E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/659f2c-c289-4699-87d7-21d6100383e0/1/msdFCQEYjuwUBfgECRjNvsFzJSs.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205250
IP address blocks: 185.224.74.0/23 maxlen: 23
185.224.72.0/23 maxlen: 23
2a0c:fc00::/32 maxlen: 32
2a0c:fc01::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:5a:98:e4:3c:6c:fb:e0:fc:a9:69:ce:02:c8:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be07895736ed92860f3135008a85813f98bbd7c1
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ac7450901188eec1405f8040918cdbec173252b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:62:25:3c:06:60:64:b7:6e:02:7f:3b:55:b2:
77:17:32:ae:63:7d:d5:72:5b:e5:f5:ad:2b:a5:93:
c6:98:41:ea:4c:08:a5:93:b9:b5:32:77:f4:ff:4f:
cc:be:04:cb:d7:b2:8b:b8:e5:18:da:fd:6d:df:41:
08:32:62:f3:22:d8:63:34:d5:2c:c6:7d:23:bb:21:
7b:dc:ad:f2:0e:84:a8:c4:99:4a:f7:a0:ae:db:22:
13:85:0b:a3:c9:08:b7:da:f4:8e:3a:3a:b9:5b:f5:
34:ac:29:4e:d4:0c:be:1b:0b:29:a8:19:52:22:1c:
98:4a:cb:d3:e8:5f:5d:49:d4:5b:36:27:9c:08:62:
c7:e1:f8:af:40:52:00:7e:09:30:b9:3e:2c:c5:d6:
f9:91:7e:f6:9b:96:4d:c4:c5:3a:59:ba:3c:06:0f:
18:bd:b0:95:54:34:e8:6d:d8:87:e9:04:4c:ef:18:
a3:c5:b0:15:83:37:d6:ee:93:6c:42:e9:a9:01:ee:
2d:09:a1:e7:99:97:be:8d:57:71:7b:56:26:32:4e:
b1:c0:b8:9d:79:95:bf:ed:90:78:bb:93:fc:53:80:
86:30:01:20:b9:49:c2:2e:d0:c5:b9:81:d6:8b:91:
4f:cd:64:47:87:e1:35:2b:ac:28:af:59:ec:54:38:
5c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C7:45:09:01:18:8E:EC:14:05:F8:04:09:18:CD:BE:C1:73:25:2B
X509v3 Authority Key Identifier:
keyid:BE:07:89:57:36:ED:92:86:0F:31:35:00:8A:85:81:3F:98:BB:D7:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgeJVzbtkoYPMTUAioWBP5i718E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/659f2c-c289-4699-87d7-21d6100383e0/1/msdFCQEYjuwUBfgECRjNvsFzJSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/659f2c-c289-4699-87d7-21d6100383e0/1/vgeJVzbtkoYPMTUAioWBP5i718E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.72.0/22
IPv6:
2a0c:fc00::/31
Signature Algorithm: sha256WithRSAEncryption
60:42:e4:a7:e5:fe:35:b6:de:7f:f7:d4:01:28:28:f1:ad:67:
42:5c:c0:7f:7e:ae:53:04:a8:52:f7:f6:bc:17:e6:f7:30:b0:
2b:e0:c8:40:54:f7:45:94:71:4a:91:6d:c4:14:1a:94:2a:3d:
53:10:88:8c:49:0d:50:21:42:94:21:b7:57:49:b7:54:26:c2:
7b:17:6f:57:a1:f3:c3:8d:25:c8:52:1a:b1:5c:f5:5f:8a:83:
93:45:90:77:6e:53:4c:e3:e2:72:3d:1f:c1:3f:6e:93:60:14:
b0:cc:29:ba:b1:a5:83:87:d3:c0:fe:08:be:59:83:8d:a8:6b:
b5:1d:ec:bc:94:f9:1e:1b:db:e0:18:b0:13:f3:24:47:f7:49:
63:0d:71:b1:3e:39:bd:fc:89:a9:df:3a:19:8e:64:4f:89:2c:
f1:12:37:e6:4f:e6:3f:b2:1b:bc:1a:c5:ba:32:a9:e7:28:03:
bb:07:06:19:8d:fb:83:8c:15:43:30:16:c9:fd:8f:f9:33:f7:
ef:d0:d2:e4:51:9c:01:9a:7c:c2:48:31:8d:9f:62:04:a3:08:
68:35:52:c2:b2:63:67:b5:44:67:de:82:68:cf:4d:56:68:f2:
a0:8a:e2:85:57:17:7a:19:91:99:78:22:a8:fe:77:9a:19:6d:
04:b1:0d:2c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJFqY5Dxs++D8qWnOAsgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMDc4OTU3MzZlZDkyODYwZjMxMzUwMDhhODU4MTNmOThi
YmQ3YzEwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWM3NDUwOTAxMTg4ZWVjMTQwNWY4MDQwOTE4Y2RiZWMxNzMyNTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomIlPAZgZLduAn87VbJ3FzKuY33V
clvl9a0rpZPGmEHqTAilk7m1Mnf0/0/MvgTL17KLuOUY2v1t30EIMmLzIthjNNUs
xn0juyF73K3yDoSoxJlK96Cu2yIThQujyQi32vSOOjq5W/U0rClO1Ay+GwspqBlS
IhyYSsvT6F9dSdRbNiecCGLH4fivQFIAfgkwuT4sxdb5kX72m5ZNxMU6Wbo8Bg8Y
vbCVVDTobdiH6QRM7xijxbAVgzfW7pNsQumpAe4tCaHnmZe+jVdxe1YmMk6xwLid
eZW/7ZB4u5P8U4CGMAEguUnCLtDFuYHWi5FPzWRHh+E1K6wor1nsVDhcIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJrHRQkBGI7sFAX4BAkYzb7BcyUrMB8GA1UdIwQY
MBaAFL4HiVc27ZKGDzE1AIqFgT+Yu9fBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmdlSlZ6YnRrb1lQTVRVQWlvV0JQNWk3MThFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi82NTlmMmMtYzI4OS00Njk5LTg3ZDct
MjFkNjEwMDM4M2UwLzEvbXNkRkNRRVlqdXdVQmZnRUNSak52c0Z6SlNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi82NTlmMmMtYzI4OS00Njk5LTg3ZDctMjFkNjEwMDM4M2Uw
LzEvdmdlSlZ6YnRrb1lQTVRVQWlvV0JQNWk3MThFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueBIMA0E
AgACMAcDBQEqDPwAMA0GCSqGSIb3DQEBCwUAA4IBAQBgQuSn5f41tt5/99QBKCjx
rWdCXMB/fq5TBKhS9/a8F+b3MLAr4MhAVPdFlHFKkW3EFBqUKj1TEIiMSQ1QIUKU
IbdXSbdUJsJ7F29XofPDjSXIUhqxXPVfioOTRZB3blNM4+JyPR/BP26TYBSwzCm6
saWDh9PA/gi+WYONqGu1Hey8lPkeG9vgGLAT8yRH90ljDXGxPjm9/Imp3zoZjmRP
iSzxEjfmT+Y/shu8GsW6MqnnKAO7BwYZjfuDjBVDMBbJ/Y/5M/fv0NLkUZwBmnzC
SDGNn2IEowhoNVLCsmNntURn3oJoz01WaPKgiuKFVxd6GZGZeCKo/neaGW0EsQ0s
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:26 2025 by rpki-client