Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/V1ZMwh5DYk-W8Qcbg6ESSyPM3qE.roa
File: V1ZMwh5DYk-W8Qcbg6ESSyPM3qE.roa (raw, json)
Hash identifier: ooOgqUv6FiGtQ3sTBVcd0c/LRA5PBMS/gMAVW5D+QFU=
Subject key identifier: 57:56:4C:C2:1E:43:62:4F:96:F1:07:1B:83:A1:12:4B:23:CC:DE:A1
Certificate issuer: /CN=aff4242c10e438537e169ab002bf6be81fa2a5ed
Certificate serial: 018CC8DEFC1AFCB9059EA2EFF6EAD249C3CD
Authority key identifier: AF:F4:24:2C:10:E4:38:53:7E:16:9A:B0:02:BF:6B:E8:1F:A2:A5:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/V1ZMwh5DYk-W8Qcbg6ESSyPM3qE.roa
Signing time: Tue 02 Jan 2024 06:31:45 +0000
ROA not before: Tue 02 Jan 2024 06:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57152
IP address blocks: 185.135.220.0/24 maxlen: 24
185.135.223.0/24 maxlen: 24
185.135.222.0/24 maxlen: 24
185.135.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 09:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:fc:1a:fc:b9:05:9e:a2:ef:f6:ea:d2:49:c3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff4242c10e438537e169ab002bf6be81fa2a5ed
Validity
Not Before: Jan 2 06:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57564cc21e43624f96f1071b83a1124b23ccdea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9f:c2:12:1c:de:0e:e9:fb:d8:c2:0d:5b:f6:
a0:89:4f:79:8b:c1:16:03:cb:b0:e5:61:c1:0b:c2:
5f:f1:ed:ad:fd:f6:8e:0f:1f:9e:16:30:48:f6:d2:
38:07:56:cd:27:58:4d:8d:57:95:01:53:a1:9c:08:
c9:f2:14:ff:99:c6:f0:9d:33:9a:d2:ff:b6:1d:67:
a0:0d:7e:cc:6b:35:14:b3:7d:fa:43:9a:8d:6b:f2:
53:de:86:54:7f:0e:91:ce:e4:31:cd:8b:e1:2b:ab:
00:48:b9:2b:2d:b6:90:34:91:1a:92:33:aa:43:9b:
38:35:49:77:c3:f7:22:eb:bf:b6:d8:f5:1c:43:66:
4b:e3:30:e2:ee:fd:e7:3e:8b:28:94:61:67:0b:06:
24:d4:02:23:31:d2:ad:52:1d:22:db:e0:fb:69:4c:
98:3e:f4:ad:10:3c:6d:e8:f8:3d:5c:eb:b8:4b:41:
75:d1:12:f1:3e:dd:d8:e7:1c:77:e2:1d:bc:ed:5e:
f0:5a:99:69:43:9a:d0:d5:24:b5:7e:1d:6b:8a:7b:
dd:8f:5e:72:dc:76:e2:14:05:ba:41:6f:57:06:0d:
22:fd:bb:c0:9d:64:c8:8c:5c:ad:81:28:c6:0c:ab:
86:8a:e3:8c:f1:c6:8e:62:d4:9f:ab:19:dd:b2:19:
ba:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:56:4C:C2:1E:43:62:4F:96:F1:07:1B:83:A1:12:4B:23:CC:DE:A1
X509v3 Authority Key Identifier:
keyid:AF:F4:24:2C:10:E4:38:53:7E:16:9A:B0:02:BF:6B:E8:1F:A2:A5:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/V1ZMwh5DYk-W8Qcbg6ESSyPM3qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/r_QkLBDkOFN-FpqwAr9r6B-ipe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.220.0/22
Signature Algorithm: sha256WithRSAEncryption
37:95:d1:bb:73:50:16:51:72:c0:28:5f:23:40:fe:9f:ec:d8:
1a:e9:83:a3:ec:4d:a6:92:34:36:12:ff:58:f6:80:c1:b8:a2:
7f:44:10:67:aa:ba:90:bd:3f:8d:74:0c:52:6d:ea:cb:d5:a3:
9d:33:b0:37:06:14:09:d1:b2:c8:0f:85:0d:83:60:5e:c0:ad:
23:a1:2b:3c:f7:9b:6a:ff:7b:40:c4:53:61:ed:58:2d:3f:e2:
f0:bc:4b:f0:c8:de:e8:85:8f:af:d4:bf:53:84:4b:46:08:5b:
00:bd:49:69:67:32:9d:a0:80:ba:3b:bb:44:6c:1a:c9:f4:8b:
44:3f:ee:ff:b9:72:6d:1b:0e:b6:e2:80:4a:4a:4e:91:96:c3:
6b:ed:f3:55:90:89:d2:cd:3c:ae:eb:22:74:ba:2d:82:99:91:
dd:ed:98:7b:94:da:33:fd:40:b6:ec:d0:e4:09:c2:67:21:12:
a2:55:86:06:71:02:89:82:f1:fc:8b:73:1a:e2:92:1e:87:5b:
24:85:9d:18:51:43:d8:f0:97:fc:0f:6f:14:11:08:d4:d3:46:
b1:6f:9b:70:08:7d:2f:ff:4f:f6:7b:5f:6f:dd:af:00:dd:f3:
ce:f8:0f:86:c3:8e:de:7e:50:2c:e3:bb:76:b9:2c:4a:ab:b7:
d6:9f:01:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3vwa/LkFnqLv9urSScPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjQyNDJjMTBlNDM4NTM3ZTE2OWFiMDAyYmY2YmU4MWZh
MmE1ZWQwHhcNMjQwMTAyMDYzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzU2NGNjMjFlNDM2MjRmOTZmMTA3MWI4M2ExMTI0YjIzY2NkZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ/CEhzeDun72MINW/agiU95i8EW
A8uw5WHBC8Jf8e2t/faODx+eFjBI9tI4B1bNJ1hNjVeVAVOhnAjJ8hT/mcbwnTOa
0v+2HWegDX7MazUUs336Q5qNa/JT3oZUfw6RzuQxzYvhK6sASLkrLbaQNJEakjOq
Q5s4NUl3w/ci67+22PUcQ2ZL4zDi7v3nPosolGFnCwYk1AIjMdKtUh0i2+D7aUyY
PvStEDxt6Pg9XOu4S0F10RLxPt3Y5xx34h287V7wWplpQ5rQ1SS1fh1rinvdj15y
3HbiFAW6QW9XBg0i/bvAnWTIjFytgSjGDKuGiuOM8caOYtSfqxndshm6GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFdWTMIeQ2JPlvEHG4OhEksjzN6hMB8GA1UdIwQY
MBaAFK/0JCwQ5DhTfhaasAK/a+gfoqXtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9Ra0xCRGtPRk4tRnBxd0FyOXI2Qi1pcGUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iOWEyODMtNWM4ZC00NjI4LTgwYmMt
ZWU3YmEwZTlmN2NhLzEvVjFaTXdoNURZay1XOFFjYmc2RVNTeVBNM3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iOWEyODMtNWM4ZC00NjI4LTgwYmMtZWU3YmEwZTlmN2Nh
LzEvcl9Ra0xCRGtPRk4tRnBxd0FyOXI2Qi1pcGUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYfcMA0G
CSqGSIb3DQEBCwUAA4IBAQA3ldG7c1AWUXLAKF8jQP6f7Nga6YOj7E2mkjQ2Ev9Y
9oDBuKJ/RBBnqrqQvT+NdAxSberL1aOdM7A3BhQJ0bLID4UNg2BewK0joSs895tq
/3tAxFNh7VgtP+LwvEvwyN7ohY+v1L9ThEtGCFsAvUlpZzKdoIC6O7tEbBrJ9ItE
P+7/uXJtGw624oBKSk6RlsNr7fNVkInSzTyu6yJ0ui2CmZHd7Zh7lNoz/UC27NDk
CcJnIRKiVYYGcQKJgvH8i3Ma4pIeh1skhZ0YUUPY8Jf8D28UEQjU00axb5twCH0v
/0/2e19v3a8A3fPO+A+Gw47eflAs47t2uSxKq7fWnwHf
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:51:39 2025 by rpki-client