Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/ixrwAI4BjL07xOmUU6j6v6lzUmI.roa
File: ixrwAI4BjL07xOmUU6j6v6lzUmI.roa (raw, json)
Hash identifier: 6il4hc3+92oIko6DmefThPsvahyiEstL0acGJuUG4n0=
Subject key identifier: 8B:1A:F0:00:8E:01:8C:BD:3B:C4:E9:94:53:A8:FA:BF:A9:73:52:62
Certificate issuer: /CN=70dc927808b9a67e7cba1ba74efb5bf6c12c895b
Certificate serial: 018CC4937E967B5CE6C57537C9F2AA2176D4
Authority key identifier: 70:DC:92:78:08:B9:A6:7E:7C:BA:1B:A7:4E:FB:5B:F6:C1:2C:89:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cNySeAi5pn58uhunTvtb9sEsiVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/ixrwAI4BjL07xOmUU6j6v6lzUmI.roa
Signing time: Mon 01 Jan 2024 10:30:49 +0000
ROA not before: Mon 01 Jan 2024 10:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39671
IP address blocks: 185.229.70.0/24 maxlen: 24
185.229.69.0/24 maxlen: 24
185.229.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:7e:96:7b:5c:e6:c5:75:37:c9:f2:aa:21:76:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70dc927808b9a67e7cba1ba74efb5bf6c12c895b
Validity
Not Before: Jan 1 10:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b1af0008e018cbd3bc4e99453a8fabfa9735262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9d:e6:cd:d7:2e:ae:bf:51:44:91:0a:e3:7d:
0e:79:0a:c1:ee:93:eb:66:d1:76:c4:7c:74:d8:ab:
09:a3:2d:82:0f:2a:bc:f4:36:14:b2:6f:41:96:ca:
9b:fc:9b:1a:e5:a9:56:69:08:b5:f4:5a:cd:60:e7:
03:12:48:db:d6:a9:50:14:84:24:1d:64:7f:3d:51:
70:ad:1d:df:c6:ac:a7:e9:24:d5:6e:e2:f9:c8:ce:
50:b1:1e:98:ed:96:b7:90:a5:1c:0b:a7:e2:4b:d4:
6b:d4:ca:7a:a1:72:d4:4f:56:51:42:50:86:cb:ee:
5d:b4:ef:04:00:d9:12:3b:26:65:5f:b9:14:48:a3:
f0:42:fb:05:88:77:42:72:cb:e5:95:71:29:46:bc:
b5:54:25:a4:e6:c5:75:3d:98:e4:ac:6f:83:62:c6:
3e:e2:39:13:6d:a8:e5:13:40:24:8f:18:d3:e8:17:
38:da:d5:1c:31:ac:bf:02:7c:90:c7:27:b3:b2:d6:
2f:6f:32:50:ec:a0:8a:4e:bd:4f:f8:47:f6:30:8d:
ab:0b:b0:9b:ee:45:81:9e:3c:2c:25:ca:b5:a9:67:
7d:f1:cc:d8:23:40:7e:7b:16:95:12:e2:de:b1:56:
d6:42:f1:0c:09:8d:80:eb:0d:c0:92:cf:3f:b9:dd:
e3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:1A:F0:00:8E:01:8C:BD:3B:C4:E9:94:53:A8:FA:BF:A9:73:52:62
X509v3 Authority Key Identifier:
keyid:70:DC:92:78:08:B9:A6:7E:7C:BA:1B:A7:4E:FB:5B:F6:C1:2C:89:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cNySeAi5pn58uhunTvtb9sEsiVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/ixrwAI4BjL07xOmUU6j6v6lzUmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/cNySeAi5pn58uhunTvtb9sEsiVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.68.0-185.229.70.255
Signature Algorithm: sha256WithRSAEncryption
74:bb:09:9a:0a:65:a2:21:0b:45:65:7f:fb:61:9b:c0:b6:7e:
ac:14:20:12:0c:9e:79:f6:ee:f9:a1:35:ba:92:9d:6c:36:ed:
ad:0a:08:b4:e9:22:73:3e:30:ac:19:8c:77:a2:3e:ba:c2:9f:
03:f3:29:46:40:02:3d:99:28:cf:3e:c3:f2:fe:93:ae:c6:cf:
1d:65:a0:28:7b:01:92:d8:8c:e5:d2:3e:e2:cb:84:dc:2a:1f:
58:d6:a1:37:ff:3a:58:c5:ee:ba:8d:00:1a:2f:10:ed:4b:09:
75:5c:ba:27:e8:88:91:e0:67:5a:50:73:0e:cc:a5:38:38:3f:
62:45:b1:61:e9:b8:52:06:be:e4:46:9f:20:aa:f7:47:21:f4:
d8:f1:ec:b8:1f:c9:46:b9:34:79:4b:9c:de:f9:27:95:99:39:
01:b2:2c:7e:c5:ad:0d:25:87:b4:c8:84:b0:96:54:9e:44:47:
7b:d8:a1:61:69:6c:6f:ef:66:4e:48:19:78:16:76:eb:05:a4:
eb:c9:71:97:af:7c:6d:b3:3d:06:cd:f9:e5:ac:09:1c:77:84:
6c:c6:4a:6b:cc:c4:1a:e3:be:1f:04:50:30:9e:8e:35:46:66:
0b:ef:22:fa:9f:cf:78:d5:22:db:4c:b4:c1:71:2d:72:38:fe:
c1:5f:65:d7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEk36We1zmxXU3yfKqIXbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZGM5Mjc4MDhiOWE2N2U3Y2JhMWJhNzRlZmI1YmY2YzEy
Yzg5NWIwHhcNMjQwMTAxMTAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjFhZjAwMDhlMDE4Y2JkM2JjNGU5OTQ1M2E4ZmFiZmE5NzM1MjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ3mzdcurr9RRJEK430OeQrB7pPr
ZtF2xHx02KsJoy2CDyq89DYUsm9Blsqb/Jsa5alWaQi19FrNYOcDEkjb1qlQFIQk
HWR/PVFwrR3fxqyn6STVbuL5yM5QsR6Y7Za3kKUcC6fiS9Rr1Mp6oXLUT1ZRQlCG
y+5dtO8EANkSOyZlX7kUSKPwQvsFiHdCcsvllXEpRry1VCWk5sV1PZjkrG+DYsY+
4jkTbajlE0AkjxjT6Bc42tUcMay/AnyQxyezstYvbzJQ7KCKTr1P+Ef2MI2rC7Cb
7kWBnjwsJcq1qWd98czYI0B+exaVEuLesVbWQvEMCY2A6w3Aks8/ud3j6QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIsa8ACOAYy9O8TplFOo+r+pc1JiMB8GA1UdIwQY
MBaAFHDckngIuaZ+fLobp077W/bBLIlbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY055U2VBaTVwbjU4dWh1blR2dGI5c0VzaVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGE1ODAtNWRjMS00Yzg2LTkyYzUt
NWVlYmIxMjU5ZGM5LzEvaXhyd0FJNEJqTDA3eE9tVVU2ajZ2Nmx6VW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGE1ODAtNWRjMS00Yzg2LTkyYzUtNWVlYmIxMjU5ZGM5
LzEvY055U2VBaTVwbjU4dWh1blR2dGI5c0VzaVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK55UQD
BAC55UYwDQYJKoZIhvcNAQELBQADggEBAHS7CZoKZaIhC0Vlf/thm8C2fqwUIBIM
nnn27vmhNbqSnWw27a0KCLTpInM+MKwZjHeiPrrCnwPzKUZAAj2ZKM8+w/L+k67G
zx1loCh7AZLYjOXSPuLLhNwqH1jWoTf/OljF7rqNABovEO1LCXVcuifoiJHgZ1pQ
cw7MpTg4P2JFsWHpuFIGvuRGnyCq90ch9Njx7LgfyUa5NHlLnN75J5WZOQGyLH7F
rQ0lh7TIhLCWVJ5ER3vYoWFpbG/vZk5IGXgWdusFpOvJcZevfG2zPQbN+eWsCRx3
hGzGSmvMxBrjvh8EUDCejjVGZgvvIvqfz3jVIttMtMFxLXI4/sFfZdc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:02 2025 by rpki-client