Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/OSSPrQPOpqbgx35iBml80U_qaIo.roa
File: OSSPrQPOpqbgx35iBml80U_qaIo.roa (raw, json)
Hash identifier: rvz697EpNg0I7O8ZrVj64HruzTMcwtQf6gBpab/eHyY=
Subject key identifier: 39:24:8F:AD:03:CE:A6:A6:E0:C7:7E:62:06:69:7C:D1:4F:EA:68:8A
Certificate issuer: /CN=65226ee5ea0406592df975c6f4c84f10f14d15cb
Certificate serial: 018CC493057A62FAC61A8F892A8348313EDB
Authority key identifier: 65:22:6E:E5:EA:04:06:59:2D:F9:75:C6:F4:C8:4F:10:F1:4D:15:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/OSSPrQPOpqbgx35iBml80U_qaIo.roa
Signing time: Mon 01 Jan 2024 10:30:18 +0000
ROA not before: Mon 01 Jan 2024 10:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59397
IP address blocks: 185.75.130.0/24 maxlen: 24
185.75.129.0/24 maxlen: 24
185.75.131.0/24 maxlen: 24
185.75.128.0/22 maxlen: 22
2a03:4d22::/32 maxlen: 32
2a03:4d25::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:05:7a:62:fa:c6:1a:8f:89:2a:83:48:31:3e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65226ee5ea0406592df975c6f4c84f10f14d15cb
Validity
Not Before: Jan 1 10:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39248fad03cea6a6e0c77e6206697cd14fea688a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:41:e6:0d:22:23:8d:fb:76:db:a0:71:63:e7:
03:90:63:7d:ff:f0:e2:0b:bc:26:63:26:ea:3e:0f:
9d:ed:80:c2:74:38:2e:7a:2d:e2:79:7a:3c:4a:a6:
a9:44:e3:78:c0:20:cb:37:5c:00:1f:d0:de:4c:07:
92:53:38:21:b7:63:61:f1:c6:2f:04:09:73:c4:3f:
bc:7d:67:6d:5e:a5:2a:85:5d:a2:f4:92:e7:7e:c0:
de:76:c5:d3:79:2f:a0:60:c6:c1:08:30:12:31:1d:
0d:b4:2a:af:af:f6:a5:4b:ea:9f:e8:fa:eb:e3:d5:
57:34:08:06:58:7f:2e:c9:98:87:3d:87:44:64:a6:
18:56:9c:f2:d9:55:6d:96:56:21:a4:da:13:1c:dd:
60:dd:1a:00:8d:5d:73:8a:6e:d9:a4:d4:3f:08:44:
05:c1:b6:cf:01:51:05:fc:92:e1:44:15:c7:a5:2e:
c2:d9:c9:3e:c7:6e:de:d9:32:36:18:ea:6d:72:32:
03:f0:b5:bc:00:25:0e:c7:36:40:dc:9e:66:8f:eb:
6a:c0:33:a9:1b:8b:ae:20:84:7b:4a:d8:b8:34:b6:
cf:15:fd:99:4b:db:bd:e9:45:f8:8c:60:3b:a5:94:
a6:fb:8e:a5:00:8a:fe:24:d8:02:56:12:e3:6d:2d:
3b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:24:8F:AD:03:CE:A6:A6:E0:C7:7E:62:06:69:7C:D1:4F:EA:68:8A
X509v3 Authority Key Identifier:
keyid:65:22:6E:E5:EA:04:06:59:2D:F9:75:C6:F4:C8:4F:10:F1:4D:15:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/OSSPrQPOpqbgx35iBml80U_qaIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.128.0/22
IPv6:
2a03:4d22::/32
2a03:4d25::/32
Signature Algorithm: sha256WithRSAEncryption
94:79:92:d0:99:58:d7:30:3c:0b:2d:15:3d:9a:e5:ac:9c:dd:
f6:58:93:e9:4d:3e:1b:f8:ad:8d:ee:90:69:d1:b0:af:82:33:
7c:ce:dc:4e:1b:ac:7d:72:60:17:73:5f:ff:4d:ea:99:7f:6c:
88:46:b8:8a:3a:6f:49:bb:e0:34:44:89:0b:0f:2c:f2:c3:a4:
a0:0a:3e:60:59:da:1e:34:fc:4f:a4:e2:9e:b7:fd:ba:54:45:
e7:31:03:4b:cf:1f:93:eb:ff:29:a4:a2:df:54:3b:c7:31:b6:
11:81:32:33:64:99:e3:89:68:0f:62:a3:a3:61:e9:9a:7d:73:
dc:43:f4:17:1e:46:a1:e5:26:63:3e:7f:31:c7:66:86:cd:aa:
5a:d0:f5:be:a4:78:1a:bd:28:9d:54:cb:90:6f:31:5d:1d:b9:
9c:18:dc:76:bf:9e:82:02:b4:01:88:19:1a:e2:e8:73:b5:bd:
6f:2b:c4:6e:e1:0d:56:3a:e5:41:f2:84:eb:ab:7c:42:9e:3d:
0a:82:f3:f3:64:65:23:69:0c:f9:d8:35:fb:bf:c5:6c:02:12:
87:1d:7e:91:f3:a3:dd:07:31:f0:fa:cd:a6:86:d6:86:a9:93:
75:9c:53:1b:c6:c2:23:97:0c:d4:c5:4a:d4:84:bc:f3:37:db:
55:2e:89:71
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzEkwV6YvrGGo+JKoNIMT7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MjI2ZWU1ZWEwNDA2NTkyZGY5NzVjNmY0Yzg0ZjEwZjE0
ZDE1Y2IwHhcNMjQwMTAxMTAzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTI0OGZhZDAzY2VhNmE2ZTBjNzdlNjIwNjY5N2NkMTRmZWE2ODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EHmDSIjjft226BxY+cDkGN9//Di
C7wmYybqPg+d7YDCdDguei3ieXo8SqapRON4wCDLN1wAH9DeTAeSUzght2Nh8cYv
BAlzxD+8fWdtXqUqhV2i9JLnfsDedsXTeS+gYMbBCDASMR0NtCqvr/alS+qf6Prr
49VXNAgGWH8uyZiHPYdEZKYYVpzy2VVtllYhpNoTHN1g3RoAjV1zim7ZpNQ/CEQF
wbbPAVEF/JLhRBXHpS7C2ck+x27e2TI2GOptcjID8LW8ACUOxzZA3J5mj+tqwDOp
G4uuIIR7Sti4NLbPFf2ZS9u96UX4jGA7pZSm+46lAIr+JNgCVhLjbS077wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDkkj60Dzqam4Md+YgZpfNFP6miKMB8GA1UdIwQY
MBaAFGUibuXqBAZZLfl1xvTITxDxTRXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNKdTVlb0VCbGt0LVhYRzlNaFBFUEZORmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81OTRmYTgtZDMxNS00YTM4LWE2MzEt
ZGVjMDI0ODhjMzdjLzEvT1NTUHJRUE9wcWJneDM1aUJtbDgwVV9xYUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81OTRmYTgtZDMxNS00YTM4LWE2MzEtZGVjMDI0ODhjMzdj
LzEvWlNKdTVlb0VCbGt0LVhYRzlNaFBFUEZORmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCuUuAMBQE
AgACMA4DBQAqA00iAwUAKgNNJTANBgkqhkiG9w0BAQsFAAOCAQEAlHmS0JlY1zA8
Cy0VPZrlrJzd9liT6U0+G/itje6QadGwr4IzfM7cThusfXJgF3Nf/03qmX9siEa4
ijpvSbvgNESJCw8s8sOkoAo+YFnaHjT8T6Tinrf9ulRF5zEDS88fk+v/KaSi31Q7
xzG2EYEyM2SZ44loD2Kjo2Hpmn1z3EP0Fx5GoeUmYz5/Mcdmhs2qWtD1vqR4Gr0o
nVTLkG8xXR25nBjcdr+eggK0AYgZGuLoc7W9byvEbuENVjrlQfKE66t8Qp49CoLz
82RlI2kM+dg1+7/FbAIShx1+kfOj3Qcx8PrNpobWhqmTdZxTG8bCI5cM1MVK1IS8
8zfbVS6JcQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:18 2025 by rpki-client