Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/1-wx4E1AebzRjpA6shq4pMh62coE.roa
File: 1-wx4E1AebzRjpA6shq4pMh62coE.roa (raw, json)
Hash identifier: tD4rce1IfQwfFFi3Y/qizTBMkKPHhi/T6YlahiCwe9Y=
Subject key identifier: FB:0C:78:13:50:1E:6F:34:63:A4:0E:AC:86:AE:29:32:1E:B6:72:81
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 018CC9BCDA592496CC33C9A832DE8CF52A25
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/1-wx4E1AebzRjpA6shq4pMh62coE.roa
Signing time: Tue 02 Jan 2024 10:34:06 +0000
ROA not before: Tue 02 Jan 2024 10:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31257
IP address blocks: 80.65.16.0/20 maxlen: 24
109.226.192.0/18 maxlen: 24
171.33.248.0/21 maxlen: 24
185.84.172.0/23 maxlen: 23
185.84.172.0/24 maxlen: 24
185.84.173.0/24 maxlen: 24
94.73.192.0/18 maxlen: 24
134.19.128.0/21 maxlen: 24
2a05:7400::/29 maxlen: 29
2a05:7400::/34 maxlen: 34
Validation: Failed, certificate revoked on Tue 05 Mar 2024 03:05:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:da:59:24:96:cc:33:c9:a8:32:de:8c:f5:2a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 2 10:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb0c7813501e6f3463a40eac86ae29321eb67281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1c:a5:0f:16:34:a0:a0:cf:c9:c5:8f:e2:c5:
34:19:70:75:61:ee:83:6f:b1:5f:4d:e4:fe:67:d5:
bb:45:18:d1:26:2e:e2:d3:99:69:e8:31:33:17:c9:
b9:a8:aa:48:c5:60:48:92:47:5a:47:38:48:5f:06:
1a:1e:76:e9:d6:84:57:a7:94:e6:ca:cf:c5:e0:81:
d3:03:34:b1:96:09:13:66:fe:2c:fc:49:ca:7d:5b:
9f:97:29:1b:dc:75:d7:e3:e5:a3:ff:c6:24:04:fa:
a4:e0:5a:f9:86:f9:78:65:50:df:b0:ae:18:b3:e4:
9e:97:93:b0:79:34:0a:ab:c2:43:c9:57:3a:31:96:
77:5e:49:c6:c7:91:22:0a:cd:71:97:c4:ba:cf:d1:
a2:02:b2:86:08:6e:d7:45:24:65:df:ff:d0:c2:a0:
12:fe:09:4e:de:9c:13:0a:ec:3d:cf:37:c4:9e:5f:
31:b7:a0:74:b8:3a:11:fe:30:eb:69:93:0f:5b:f0:
85:f2:10:b7:67:5c:a3:a4:77:9b:aa:21:e0:1c:77:
a4:bb:0f:73:ac:f7:7a:80:9d:6a:ee:ad:dd:f4:62:
55:7a:20:67:1c:97:eb:e5:c9:4e:52:b1:50:53:5f:
e2:a2:51:4c:b3:bf:6f:a4:0f:29:a9:bf:bb:af:47:
42:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:0C:78:13:50:1E:6F:34:63:A4:0E:AC:86:AE:29:32:1E:B6:72:81
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/1-wx4E1AebzRjpA6shq4pMh62coE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.16.0/20
94.73.192.0/18
109.226.192.0/18
134.19.128.0/21
171.33.248.0/21
185.84.172.0/23
IPv6:
2a05:7400::/29
Signature Algorithm: sha256WithRSAEncryption
3f:93:e8:8e:ab:d1:fb:56:aa:1d:12:f9:72:92:dc:e9:60:57:
71:b9:7f:fe:65:ca:66:9d:e4:2d:7f:a3:f9:9b:75:da:b1:a6:
20:5f:ce:c2:48:6c:45:6c:ca:72:8c:a4:71:a3:9d:6d:99:c6:
a2:c1:ca:5e:62:1b:37:40:6c:21:f4:b3:c5:3d:06:c7:e9:b5:
fd:ec:6c:99:b0:bc:61:79:99:df:e3:ab:ae:65:26:5a:25:5b:
3f:26:a4:26:0c:a7:e3:7c:45:00:a3:ac:34:f0:c5:56:d4:b9:
89:6d:8a:cc:b2:40:4c:7a:25:f7:47:fd:85:0a:78:20:bf:19:
b0:79:5f:bc:dc:66:8f:24:d6:74:bf:b5:d1:07:e1:f0:de:06:
e1:e0:a3:20:1e:0d:2a:9f:98:eb:17:65:6a:19:3c:27:3f:9c:
e6:c7:82:66:4f:00:52:66:3e:b9:b4:a2:36:25:09:f2:db:12:
0e:cc:b9:db:3c:ce:b4:a8:e4:42:92:17:a4:2d:50:22:63:da:
f6:00:e7:05:bd:57:0d:92:d5:6d:11:43:3b:77:ca:86:f8:11:
0a:df:84:ac:0f:91:0e:53:ad:c9:1b:57:4e:25:bc:fa:c0:da:
47:ae:b0:99:48:9b:fa:0b:7d:0f:c6:c3:49:cf:e6:ce:2d:9b:
5a:74:e2:7f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzJvNpZJJbMM8moMt6M9SolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQwMTAyMTAzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjBjNzgxMzUwMWU2ZjM0NjNhNDBlYWM4NmFlMjkzMjFlYjY3MjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohylDxY0oKDPycWP4sU0GXB1Ye6D
b7FfTeT+Z9W7RRjRJi7i05lp6DEzF8m5qKpIxWBIkkdaRzhIXwYaHnbp1oRXp5Tm
ys/F4IHTAzSxlgkTZv4s/EnKfVuflykb3HXX4+Wj/8YkBPqk4Fr5hvl4ZVDfsK4Y
s+Sel5OweTQKq8JDyVc6MZZ3XknGx5EiCs1xl8S6z9GiArKGCG7XRSRl3//QwqAS
/glO3pwTCuw9zzfEnl8xt6B0uDoR/jDraZMPW/CF8hC3Z1yjpHebqiHgHHekuw9z
rPd6gJ1q7q3d9GJVeiBnHJfr5clOUrFQU1/iolFMs79vpA8pqb+7r0dCoQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPsMeBNQHm80Y6QOrIauKTIetnKBMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvMS13eDRFMUFlYnpSanBBNnNocTRwTWg2MmNvRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjIvNThhZjI0LWM0NTQtNDRiMC1hN2NhLWM2ZjFlNmFjOWJh
OS8xL3JuOTBmZlh5UTFNVlRjVFV2M0RTM2N0VDZRQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBFBBEAME
Bl5JwAMEBm3iwAMEA4YTgAMEA6sh+AMEAblUrDANBAIAAjAHAwUDKgV0ADANBgkq
hkiG9w0BAQsFAAOCAQEAP5PojqvR+1aqHRL5cpLc6WBXcbl//mXKZp3kLX+j+Zt1
2rGmIF/OwkhsRWzKcoykcaOdbZnGosHKXmIbN0BsIfSzxT0Gx+m1/exsmbC8YXmZ
3+OrrmUmWiVbPyakJgyn43xFAKOsNPDFVtS5iW2KzLJATHol90f9hQp4IL8ZsHlf
vNxmjyTWdL+10Qfh8N4G4eCjIB4NKp+Y6xdlahk8Jz+c5seCZk8AUmY+ubSiNiUJ
8tsSDsy52zzOtKjkQpIXpC1QImPa9gDnBb1XDZLVbRFDO3fKhvgRCt+ErA+RDlOt
yRtXTiW8+sDaR66wmUib+gt9D8bDSc/mzi2bWnTifw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:56 2025 by rpki-client