Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/5eecf3-637f-450c-8489-34ba0738a341/1/cJPu1yZaXNjNVzwGZ1v-VWLIp7k.roa
File: cJPu1yZaXNjNVzwGZ1v-VWLIp7k.roa (raw, json)
Hash identifier: o5tlkLnjUQWB7eZWeZ5CYiLbE63nepmYktmxhg4jBA4=
Subject key identifier: 70:93:EE:D7:26:5A:5C:D8:CD:57:3C:06:67:5B:FE:55:62:C8:A7:B9
Certificate issuer: /CN=932e8078ea420afc1a78bf922a9a2f274679c8a8
Certificate serial: 018CC348A77C5DE9910948456D07CAD02D66
Authority key identifier: 93:2E:80:78:EA:42:0A:FC:1A:78:BF:92:2A:9A:2F:27:46:79:C8:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ky6AeOpCCvwaeL-SKpovJ0Z5yKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/5eecf3-637f-450c-8489-34ba0738a341/1/cJPu1yZaXNjNVzwGZ1v-VWLIp7k.roa
Signing time: Mon 01 Jan 2024 04:29:27 +0000
ROA not before: Mon 01 Jan 2024 04:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42989
IP address blocks: 185.231.4.0/24 maxlen: 24
185.231.7.0/24 maxlen: 24
2a0c:3500:2::/48 maxlen: 48
2a0c:3500::/48 maxlen: 48
2a0c:3500:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a7:7c:5d:e9:91:09:48:45:6d:07:ca:d0:2d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=932e8078ea420afc1a78bf922a9a2f274679c8a8
Validity
Not Before: Jan 1 04:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7093eed7265a5cd8cd573c06675bfe5562c8a7b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e7:e9:71:a1:df:37:d6:ca:4a:1f:29:ad:f6:
e5:96:03:d5:98:32:9d:4f:ef:62:65:74:28:d2:48:
75:48:a3:f7:31:b5:7e:88:0a:7f:b1:7a:b6:d5:c5:
f5:da:36:0a:97:4f:b7:ff:3b:20:d9:37:3b:24:99:
fc:4e:67:b2:c2:bb:7c:55:32:1b:71:42:c7:b5:5b:
7c:11:d0:48:31:2e:d3:a9:12:bb:ac:a7:16:48:4e:
77:62:cb:c8:2e:15:1f:65:01:c3:0a:8f:4c:84:bb:
68:ca:bc:59:20:8f:5e:17:cf:19:4e:51:01:94:5d:
f6:46:b7:a6:10:4b:94:5f:29:a0:75:95:b0:ae:e7:
d3:53:ec:e2:68:9c:09:3b:30:0a:9a:c1:e9:92:fb:
9c:c4:bc:e2:aa:83:40:e4:b1:c4:2e:1d:a6:45:ab:
41:79:82:eb:2d:5c:76:ab:19:c6:ae:cc:65:cc:72:
d5:65:0b:c7:34:c5:71:84:7b:a3:63:b5:c0:6c:90:
0d:67:87:90:4d:68:ab:ac:e8:93:0d:41:b1:ba:4f:
7e:fe:03:63:f3:3e:45:65:bd:d8:7f:88:b2:f8:11:
88:39:a4:fa:95:09:cb:b7:94:8c:32:92:a4:a1:fb:
29:3f:a9:0d:10:3d:73:28:00:38:62:68:c0:02:68:
df:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:93:EE:D7:26:5A:5C:D8:CD:57:3C:06:67:5B:FE:55:62:C8:A7:B9
X509v3 Authority Key Identifier:
keyid:93:2E:80:78:EA:42:0A:FC:1A:78:BF:92:2A:9A:2F:27:46:79:C8:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ky6AeOpCCvwaeL-SKpovJ0Z5yKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/5eecf3-637f-450c-8489-34ba0738a341/1/cJPu1yZaXNjNVzwGZ1v-VWLIp7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/5eecf3-637f-450c-8489-34ba0738a341/1/ky6AeOpCCvwaeL-SKpovJ0Z5yKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.4.0/24
185.231.7.0/24
IPv6:
2a0c:3500::/48
2a0c:3500:2::/47
Signature Algorithm: sha256WithRSAEncryption
86:59:f6:0b:74:3e:58:9a:b8:eb:c8:ec:d8:89:98:c8:0a:b5:
2c:fa:b3:1b:ed:8b:a1:9b:d3:93:05:7f:96:04:6b:11:03:e6:
7d:02:8f:a0:87:4f:e0:af:4d:0e:11:45:7c:4f:93:11:f0:d5:
bb:46:7f:a4:a8:01:d4:62:e7:f8:ad:41:33:3a:d5:03:b8:a8:
8c:e5:46:06:5a:e9:bb:3f:46:3a:4a:a0:68:a9:11:ee:28:47:
45:cd:3d:f4:bb:6e:d3:06:62:51:9a:2c:fe:88:a1:74:c5:7a:
fc:7a:ff:4d:87:67:03:98:60:dc:e6:1c:f3:42:b0:e5:e2:a7:
c2:95:c3:6d:86:be:ad:71:22:39:a1:04:8a:c2:47:38:db:50:
91:4e:46:3b:28:73:51:48:2c:2c:19:ae:dc:64:b4:6c:24:81:
88:01:f4:c9:af:34:88:b3:22:81:d2:e2:ed:ef:2e:15:85:2b:
30:e7:61:43:8a:47:e4:35:83:51:8a:d2:53:f4:30:d9:b3:26:
5e:ca:c4:dc:57:f2:32:32:a7:6c:5e:e2:a6:bb:be:10:17:f3:
df:8c:11:3b:5c:cd:7e:07:d7:a5:1d:2b:b9:d7:a3:7e:a3:8c:
44:cd:11:f7:c4:38:bd:80:09:b9:64:6a:dc:ac:0b:ce:a8:58:
29:6c:91:15
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzDSKd8XemRCUhFbQfK0C1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMmU4MDc4ZWE0MjBhZmMxYTc4YmY5MjJhOWEyZjI3NDY3
OWM4YTgwHhcNMjQwMTAxMDQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDkzZWVkNzI2NWE1Y2Q4Y2Q1NzNjMDY2NzViZmU1NTYyYzhhN2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+fpcaHfN9bKSh8prfbllgPVmDKd
T+9iZXQo0kh1SKP3MbV+iAp/sXq21cX12jYKl0+3/zsg2Tc7JJn8Tmeywrt8VTIb
cULHtVt8EdBIMS7TqRK7rKcWSE53YsvILhUfZQHDCo9MhLtoyrxZII9eF88ZTlEB
lF32RremEEuUXymgdZWwrufTU+ziaJwJOzAKmsHpkvucxLziqoNA5LHELh2mRatB
eYLrLVx2qxnGrsxlzHLVZQvHNMVxhHujY7XAbJANZ4eQTWirrOiTDUGxuk9+/gNj
8z5FZb3Yf4iy+BGIOaT6lQnLt5SMMpKkofspP6kNED1zKAA4YmjAAmjfoQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHCT7tcmWlzYzVc8Bmdb/lViyKe5MB8GA1UdIwQY
MBaAFJMugHjqQgr8Gni/kiqaLydGecioMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3k2QWVPcENDdndhZUwtU0twb3ZKMFo1eUtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81ZWVjZjMtNjM3Zi00NTBjLTg0ODkt
MzRiYTA3MzhhMzQxLzEvY0pQdTF5WmFYTmpOVnp3R1oxdi1WV0xJcDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81ZWVjZjMtNjM3Zi00NTBjLTg0ODktMzRiYTA3MzhhMzQx
LzEva3k2QWVPcENDdndhZUwtU0twb3ZKMFo1eUtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuecEAwQA
uecHMBgEAgACMBIDBwAqDDUAAAADBwEqDDUAAAIwDQYJKoZIhvcNAQELBQADggEB
AIZZ9gt0PliauOvI7NiJmMgKtSz6sxvti6Gb05MFf5YEaxED5n0Cj6CHT+CvTQ4R
RXxPkxHw1btGf6SoAdRi5/itQTM61QO4qIzlRgZa6bs/RjpKoGipEe4oR0XNPfS7
btMGYlGaLP6IoXTFevx6/02HZwOYYNzmHPNCsOXip8KVw22Gvq1xIjmhBIrCRzjb
UJFORjsoc1FILCwZrtxktGwkgYgB9MmvNIizIoHS4u3vLhWFKzDnYUOKR+Q1g1GK
0lP0MNmzJl7KxNxX8jIyp2xe4qa7vhAX89+METtczX4H16UdK7nXo36jjETNEffE
OL2ACblkatysC86oWClskRU=
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:06:48 2025 by rpki-client