Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/b2b221-2ae9-45cc-ad1e-fcd3de868431/1/SEWBJlZyCG8ioCSEwBjWC2pyMLE.roa
File: SEWBJlZyCG8ioCSEwBjWC2pyMLE.roa (raw, json)
Hash identifier: UIvKCxPgQuPr/ESg+POvplYQIck29XmJqBURI+hVjDU=
Subject key identifier: 48:45:81:26:56:72:08:6F:22:A0:24:84:C0:18:D6:0B:6A:72:30:B1
Certificate issuer: /CN=fe3ecfb35993217c36743bcafaa7b0259d2e476a
Certificate serial: 018CC9BCB0BB0F7D69DF9BCC214A2FFB4FFF
Authority key identifier: FE:3E:CF:B3:59:93:21:7C:36:74:3B:CA:FA:A7:B0:25:9D:2E:47:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_j7Ps1mTIXw2dDvK-qewJZ0uR2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/b2b221-2ae9-45cc-ad1e-fcd3de868431/1/SEWBJlZyCG8ioCSEwBjWC2pyMLE.roa
Signing time: Tue 02 Jan 2024 10:33:55 +0000
ROA not before: Tue 02 Jan 2024 10:33:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203102
IP address blocks: 185.144.64.0/22 maxlen: 22
185.144.66.0/24 maxlen: 24
185.144.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Mar 2024 08:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:b0:bb:0f:7d:69:df:9b:cc:21:4a:2f:fb:4f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe3ecfb35993217c36743bcafaa7b0259d2e476a
Validity
Not Before: Jan 2 10:33:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=484581265672086f22a02484c018d60b6a7230b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:72:20:20:22:c5:5a:6e:4a:02:4f:25:0b:fd:
20:a9:f3:f2:4b:b4:5b:19:44:aa:73:2c:05:a1:e7:
b5:6b:fa:33:74:18:b3:92:fb:ae:d9:25:7e:56:7e:
22:01:9c:6e:23:69:dc:a8:5d:45:40:ce:59:d9:a4:
64:91:f0:2f:15:f9:c7:22:ac:bc:4c:ef:b1:21:2e:
88:2e:ee:88:f0:b6:5e:5a:ab:bd:1b:1c:fb:50:1a:
de:71:21:ba:08:96:0e:cb:bd:39:8e:4e:b9:b4:14:
fb:53:39:2d:02:8d:41:0a:02:4b:cd:17:42:74:5c:
96:17:80:63:02:73:6e:64:f4:59:ba:89:3e:ff:ca:
98:b9:bb:86:ca:9f:6f:1b:f9:24:74:17:2c:bf:26:
e6:52:46:f5:0a:df:55:82:0c:d1:09:9e:e9:0e:3f:
19:4c:e7:12:2b:51:21:61:5c:00:b3:36:47:3c:ad:
45:45:c3:82:aa:cd:cd:1c:de:fc:93:1a:ab:66:24:
f7:d6:8e:86:f9:36:45:88:65:28:0b:47:98:b1:30:
05:04:b5:cd:9e:54:20:ce:24:78:f2:04:46:3e:26:
42:cd:fa:0b:3a:49:6f:e8:dd:f2:8a:41:ca:d1:27:
36:64:e7:7c:58:ac:ce:cf:cf:94:8e:f9:34:76:07:
e2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:45:81:26:56:72:08:6F:22:A0:24:84:C0:18:D6:0B:6A:72:30:B1
X509v3 Authority Key Identifier:
keyid:FE:3E:CF:B3:59:93:21:7C:36:74:3B:CA:FA:A7:B0:25:9D:2E:47:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_j7Ps1mTIXw2dDvK-qewJZ0uR2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b2b221-2ae9-45cc-ad1e-fcd3de868431/1/SEWBJlZyCG8ioCSEwBjWC2pyMLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b2b221-2ae9-45cc-ad1e-fcd3de868431/1/_j7Ps1mTIXw2dDvK-qewJZ0uR2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.64.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:23:16:cb:5c:03:c0:6e:f6:cc:44:03:fe:28:f4:dd:7c:98:
31:ed:8c:c0:b1:77:56:b9:93:d1:7d:00:3a:fd:4a:7e:c5:da:
46:f5:48:35:c0:88:e6:00:0b:d6:ea:ba:5f:80:96:fc:64:f8:
b5:76:d8:6c:b9:d1:82:2c:a9:56:9f:cd:f9:1c:9f:77:38:7e:
76:34:20:f5:1d:61:6d:2d:03:29:41:bf:38:06:6b:35:6c:89:
7b:0b:ed:61:d5:9a:05:e7:ea:9e:97:5a:18:1d:18:8d:a3:29:
ce:81:34:6a:fa:54:60:d3:e6:8d:58:8f:3a:5a:dc:55:63:18:
de:d1:04:2a:4e:ab:a8:56:f7:72:f3:f8:81:a5:6c:9c:de:ae:
9c:3a:30:2a:d6:12:52:ed:4c:8b:89:20:83:a9:08:d7:25:3c:
f6:30:1b:aa:36:04:a9:80:a8:8f:f7:6f:85:51:9e:50:00:d6:
f1:ae:9d:9a:38:20:18:92:4d:07:cc:6a:f2:d1:f7:f1:49:67:
dd:fc:36:d6:ab:d9:d7:84:dc:37:68:55:56:23:ba:bb:3a:cd:
96:38:f1:01:b3:75:b3:0e:f8:fc:f5:73:a9:24:f5:41:e1:7f:
de:e1:1e:09:b2:4c:48:00:2a:73:f9:dd:08:8a:80:c5:82:62:
94:9f:ff:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvLC7D31p35vMIUov+0//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlM2VjZmIzNTk5MzIxN2MzNjc0M2JjYWZhYTdiMDI1OWQy
ZTQ3NmEwHhcNMjQwMTAyMTAzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODQ1ODEyNjU2NzIwODZmMjJhMDI0ODRjMDE4ZDYwYjZhNzIzMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXIgICLFWm5KAk8lC/0gqfPyS7Rb
GUSqcywFoee1a/ozdBizkvuu2SV+Vn4iAZxuI2ncqF1FQM5Z2aRkkfAvFfnHIqy8
TO+xIS6ILu6I8LZeWqu9Gxz7UBrecSG6CJYOy705jk65tBT7UzktAo1BCgJLzRdC
dFyWF4BjAnNuZPRZuok+/8qYubuGyp9vG/kkdBcsvybmUkb1Ct9VggzRCZ7pDj8Z
TOcSK1EhYVwAszZHPK1FRcOCqs3NHN78kxqrZiT31o6G+TZFiGUoC0eYsTAFBLXN
nlQgziR48gRGPiZCzfoLOklv6N3yikHK0Sc2ZOd8WKzOz8+Ujvk0dgfi8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhFgSZWcghvIqAkhMAY1gtqcjCxMB8GA1UdIwQY
MBaAFP4+z7NZkyF8NnQ7yvqnsCWdLkdqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2o3UHMxbVRJWHcyZER2Sy1xZXdKWjB1UjJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9iMmIyMjEtMmFlOS00NWNjLWFkMWUt
ZmNkM2RlODY4NDMxLzEvU0VXQkpsWnlDRzhpb0NTRXdCaldDMnB5TUxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9iMmIyMjEtMmFlOS00NWNjLWFkMWUtZmNkM2RlODY4NDMx
LzEvX2o3UHMxbVRJWHcyZER2Sy1xZXdKWjB1UjJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZBAMA0G
CSqGSIb3DQEBCwUAA4IBAQCqIxbLXAPAbvbMRAP+KPTdfJgx7YzAsXdWuZPRfQA6
/Up+xdpG9Ug1wIjmAAvW6rpfgJb8ZPi1dthsudGCLKlWn835HJ93OH52NCD1HWFt
LQMpQb84Bms1bIl7C+1h1ZoF5+qel1oYHRiNoynOgTRq+lRg0+aNWI86WtxVYxje
0QQqTquoVvdy8/iBpWyc3q6cOjAq1hJS7UyLiSCDqQjXJTz2MBuqNgSpgKiP92+F
UZ5QANbxrp2aOCAYkk0HzGry0ffxSWfd/DbWq9nXhNw3aFVWI7q7Os2WOPEBs3Wz
Dvj89XOpJPVB4X/e4R4JskxIACpz+d0IioDFgmKUn//Z
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:45 2025 by rpki-client