Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/NHyZDGHwzQngWSHqQm_m4Cqok10.roa
File: NHyZDGHwzQngWSHqQm_m4Cqok10.roa (raw, json)
Hash identifier: hjgebo5njj7o+P5qLVzx2W/WUEG0ki1xYQFG+hGvqkw=
Subject key identifier: 34:7C:99:0C:61:F0:CD:09:E0:59:21:EA:42:6F:E6:E0:2A:A8:93:5D
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 0192FDAD3B00EB2DF5D7303081130BC64BEA
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/NHyZDGHwzQngWSHqQm_m4Cqok10.roa
Signing time: Tue 05 Nov 2024 18:54:01 +0000
ROA not before: Tue 05 Nov 2024 18:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.197.135.0/24 maxlen: 24
2a06:e881:650f::/48 maxlen: 48
2a06:e881:7340::/42 maxlen: 48
2a06:e881:73ff::/48 maxlen: 48
2a06:e881:9200::/45 maxlen: 48
2a06:e881:9600::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:ad:3b:00:eb:2d:f5:d7:30:30:81:13:0b:c6:4b:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Nov 5 18:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=347c990c61f0cd09e05921ea426fe6e02aa8935d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5a:71:73:92:34:07:af:09:4c:fa:68:6f:06:
ba:8d:ef:cf:f8:ad:ad:7c:6e:3c:1c:76:85:fa:5c:
01:26:6b:92:6f:d4:9d:88:ae:2f:c9:fb:fd:fc:6a:
57:db:34:7b:a9:c0:b3:e5:27:b0:e0:30:5c:39:5f:
d9:ed:6f:b8:22:0a:75:5c:72:41:de:7f:46:cf:50:
4f:8d:07:8e:ea:0c:7b:25:59:4e:0a:53:de:c0:c2:
e4:fb:a0:84:42:75:f8:7a:e2:f5:1a:f7:42:0b:86:
2d:4f:ad:c3:89:3f:5c:63:e9:aa:41:b8:a0:51:32:
a4:85:0a:ba:05:8b:2c:71:0d:9e:b5:cc:37:6c:96:
46:44:49:ff:21:cb:88:f4:23:e4:a0:40:97:7d:3b:
51:a3:18:44:99:53:99:33:e7:02:a0:a6:ab:62:8d:
c7:ae:3f:78:d7:d8:3d:ad:e3:ba:90:15:d8:4e:16:
67:99:a4:2a:1f:ff:16:e5:da:ec:38:ce:40:f9:f3:
ef:f7:50:44:c8:1a:be:c3:4b:61:95:ef:9c:ee:83:
2a:24:32:2e:8e:fc:f1:67:0d:5a:90:2d:72:57:f3:
7c:72:84:b8:5f:40:1f:44:15:52:f9:78:c8:3a:0a:
e1:7a:df:de:02:7e:d0:07:35:5f:64:fa:e0:9c:f3:
fe:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7C:99:0C:61:F0:CD:09:E0:59:21:EA:42:6F:E6:E0:2A:A8:93:5D
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/NHyZDGHwzQngWSHqQm_m4Cqok10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.135.0/24
IPv6:
2a06:e881:650f::/48
2a06:e881:7340::/42
2a06:e881:73ff::/48
2a06:e881:9200::/45
2a06:e881:9600::/48
Signature Algorithm: sha256WithRSAEncryption
d8:53:be:18:58:5e:ee:53:9b:2c:a9:07:6f:01:ed:b6:ff:df:
f8:01:83:12:fe:f6:a7:08:61:60:06:7c:67:5e:2f:56:39:b9:
cc:78:89:00:eb:09:0a:68:b5:60:3e:93:55:ea:55:15:c0:be:
c2:77:60:a1:da:b3:66:a8:83:90:ba:2e:4e:d2:31:f8:7c:a9:
fa:56:c0:9e:48:5c:f9:28:64:d1:80:32:e2:ca:80:8c:b6:f1:
4f:93:e1:49:b0:5b:ab:d8:89:ad:5a:4a:ee:89:be:b9:c0:37:
5c:d4:f1:d7:f7:52:45:a6:62:29:f6:e3:4c:92:23:c0:e1:a8:
73:3f:48:02:81:5b:a5:ef:b9:d7:31:cb:2d:b1:f9:a0:1e:10:
39:82:a7:37:64:56:d4:8b:c9:e3:97:dc:3d:4a:26:32:31:cd:
57:a6:44:6e:37:34:b5:a3:15:b6:15:8f:78:f9:d3:e1:48:fa:
01:ac:fe:4a:5a:e9:3e:70:81:57:86:3d:37:79:66:ce:55:82:
80:9c:76:7c:0d:cd:ca:64:2a:2c:cb:3f:97:13:50:ef:83:88:
34:75:b9:d8:80:89:86:d5:41:91:de:53:b5:02:36:4a:bd:48:
8a:77:9b:d4:32:77:b5:c5:51:e9:f9:a9:6d:05:22:52:40:ac:
f9:86:56:6b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZL9rTsA6y311zAwgRMLxkvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQxMTA1MTg1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdjOTkwYzYxZjBjZDA5ZTA1OTIxZWE0MjZmZTZlMDJhYTg5MzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslpxc5I0B68JTPpobwa6je/P+K2t
fG48HHaF+lwBJmuSb9SdiK4vyfv9/GpX2zR7qcCz5Sew4DBcOV/Z7W+4Igp1XHJB
3n9Gz1BPjQeO6gx7JVlOClPewMLk+6CEQnX4euL1GvdCC4YtT63DiT9cY+mqQbig
UTKkhQq6BYsscQ2etcw3bJZGREn/IcuI9CPkoECXfTtRoxhEmVOZM+cCoKarYo3H
rj9419g9reO6kBXYThZnmaQqH/8W5drsOM5A+fPv91BEyBq+w0thle+c7oMqJDIu
jvzxZw1akC1yV/N8coS4X0AfRBVS+XjIOgrhet/eAn7QBzVfZPrgnPP+OQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFDR8mQxh8M0J4Fkh6kJv5uAqqJNdMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvTkh5WkRHSHd6UW5nV1NIcVFtX200Q3FvazEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAMBAIAATAGAwQAucWHMDME
AgACMC0DBwAqBuiBZQ8DBwYqBuiBc0ADBwAqBuiBc/8DBwMqBuiBkgADBwAqBuiB
lgAwDQYJKoZIhvcNAQELBQADggEBANhTvhhYXu5TmyypB28B7bb/3/gBgxL+9qcI
YWAGfGdeL1Y5ucx4iQDrCQpotWA+k1XqVRXAvsJ3YKHas2aog5C6Lk7SMfh8qfpW
wJ5IXPkoZNGAMuLKgIy28U+T4UmwW6vYia1aSu6JvrnAN1zU8df3UkWmYin240yS
I8DhqHM/SAKBW6Xvudcxyy2x+aAeEDmCpzdkVtSLyeOX3D1KJjIxzVemRG43NLWj
FbYVj3j50+FI+gGs/kpa6T5wgVeGPTd5Zs5VgoCcdnwNzcpkKizLP5cTUO+DiDR1
udiAiYbVQZHeU7UCNkq9SIp3m9Qyd7XFUen5qW0FIlJArPmGVms=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:01 2025 by rpki-client