Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/l-r3vLNeKvvNN7EeFw5U3fjsnBQ.roa
File: l-r3vLNeKvvNN7EeFw5U3fjsnBQ.roa (raw, json)
Hash identifier: RMn0YYUhGnSKJ5IjlEb+GFcql0x1V5Xi5iFbGHC3BX8=
Subject key identifier: 97:EA:F7:BC:B3:5E:2A:FB:CD:37:B1:1E:17:0E:54:DD:F8:EC:9C:14
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018CCA2873C573A2BFEFBB2E3B5ED7C71A24
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/l-r3vLNeKvvNN7EeFw5U3fjsnBQ.roa
Signing time: Tue 02 Jan 2024 12:31:37 +0000
ROA not before: Tue 02 Jan 2024 12:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 185.215.231.0/24 maxlen: 24
37.32.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Jun 2024 15:53:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:73:c5:73:a2:bf:ef:bb:2e:3b:5e:d7:c7:1a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 2 12:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97eaf7bcb35e2afbcd37b11e170e54ddf8ec9c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:95:66:be:7f:29:cd:72:74:29:91:6c:33:2c:
6c:7d:8c:43:22:e3:48:f3:59:b5:27:84:10:60:11:
13:93:c2:b3:11:a6:21:59:45:c6:7d:3e:08:77:32:
9d:d0:77:e5:f5:8f:69:6d:08:d3:a5:16:2f:e1:a0:
f1:c1:e9:6c:7a:b8:b4:ae:db:0a:d7:64:50:21:b1:
0b:b6:0c:82:32:78:bb:e1:94:3c:23:f2:f4:02:ba:
4b:ae:a6:d1:6e:0a:53:f4:75:73:7f:d8:38:8d:5a:
67:14:c7:e3:c0:34:2e:86:1d:81:98:c3:fd:df:59:
46:ae:d2:76:71:4c:42:28:99:b7:fd:33:e6:92:32:
08:43:12:85:ff:f8:8c:0e:30:a7:ef:36:ee:c8:ec:
f0:cd:26:2f:44:26:f8:c6:38:eb:a6:cd:39:b8:5d:
51:b3:16:3b:13:6b:5c:49:b1:06:d9:00:c2:02:13:
e0:e3:51:d6:6f:df:b1:8f:90:ea:2e:eb:fd:51:0c:
a6:63:3a:dc:f4:05:09:cf:5e:44:ef:29:91:6b:34:
2b:b6:13:14:ea:70:cf:7a:75:47:65:21:9b:d7:6a:
b0:ce:78:f5:3c:7b:1f:12:f9:86:98:2e:12:18:85:
1a:07:45:33:b3:41:22:2d:38:91:a8:d7:49:59:ee:
79:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:EA:F7:BC:B3:5E:2A:FB:CD:37:B1:1E:17:0E:54:DD:F8:EC:9C:14
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/l-r3vLNeKvvNN7EeFw5U3fjsnBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.47.0/24
185.215.231.0/24
Signature Algorithm: sha256WithRSAEncryption
02:d1:55:8d:6a:24:8d:bc:89:17:fb:73:42:6e:91:92:41:44:
e7:69:2f:4a:4f:d3:8d:99:4d:15:33:0a:9f:bf:74:4e:40:a7:
61:b9:5b:f2:14:df:c4:74:2a:68:96:38:4e:1b:5a:2f:73:9f:
49:39:0c:90:6a:6b:3c:19:03:71:ea:21:2e:fc:cc:ed:ac:ad:
6c:b4:b6:b3:ed:a2:f9:95:ac:6d:9b:11:c7:d4:64:a9:20:2e:
b3:5e:d0:5e:e2:20:5e:17:b7:90:59:44:42:d3:0c:53:0a:b0:
0b:ba:ad:cc:84:d8:86:57:84:78:b2:c8:77:94:75:b2:2b:bc:
eb:6b:5a:f5:05:81:dc:d8:7f:75:a7:64:95:ce:63:02:2e:22:
96:d6:1f:95:61:b4:b5:d3:9e:0b:d7:0d:31:cf:79:7b:a5:02:
9e:5d:26:7b:5e:00:0a:c2:64:6c:16:33:34:c7:34:b2:c6:33:
fe:59:ba:48:9e:35:5f:74:63:db:0a:31:74:2c:a2:03:11:23:
f5:f8:01:17:bf:08:0d:32:3a:77:2e:34:18:9e:3e:8b:7d:46:
46:a0:db:1c:db:c0:2a:e6:43:53:d5:e8:e5:9d:54:04:6f:d6:
ea:08:0a:18:90:13:ed:55:70:e7:67:24:94:6e:b3:cf:fa:4e:
a8:79:53:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKHPFc6K/77suO17XxxokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwMTAyMTIzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2VhZjdiY2IzNWUyYWZiY2QzN2IxMWUxNzBlNTRkZGY4ZWM5YzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZVmvn8pzXJ0KZFsMyxsfYxDIuNI
81m1J4QQYBETk8KzEaYhWUXGfT4IdzKd0Hfl9Y9pbQjTpRYv4aDxwelseri0rtsK
12RQIbELtgyCMni74ZQ8I/L0ArpLrqbRbgpT9HVzf9g4jVpnFMfjwDQuhh2BmMP9
31lGrtJ2cUxCKJm3/TPmkjIIQxKF//iMDjCn7zbuyOzwzSYvRCb4xjjrps05uF1R
sxY7E2tcSbEG2QDCAhPg41HWb9+xj5DqLuv9UQymYzrc9AUJz15E7ymRazQrthMU
6nDPenVHZSGb12qwznj1PHsfEvmGmC4SGIUaB0Uzs0EiLTiRqNdJWe55KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJfq97yzXir7zTexHhcOVN347JwUMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvbC1yM3ZMTmVLdnZOTjdFZUZ3NVUzZmpzbkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJSAvAwQA
udfnMA0GCSqGSIb3DQEBCwUAA4IBAQAC0VWNaiSNvIkX+3NCbpGSQUTnaS9KT9ON
mU0VMwqfv3ROQKdhuVvyFN/EdCpoljhOG1ovc59JOQyQams8GQNx6iEu/MztrK1s
tLaz7aL5laxtmxHH1GSpIC6zXtBe4iBeF7eQWURC0wxTCrALuq3MhNiGV4R4ssh3
lHWyK7zra1r1BYHc2H91p2SVzmMCLiKW1h+VYbS1054L1w0xz3l7pQKeXSZ7XgAK
wmRsFjM0xzSyxjP+WbpInjVfdGPbCjF0LKIDESP1+AEXvwgNMjp3LjQYnj6LfUZG
oNsc28Aq5kNT1ejlnVQEb9bqCAoYkBPtVXDnZySUbrPP+k6oeVNb
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:23:25 2025 by rpki-client