Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/8ipsVMYhGTWVXVR-lj_dtUFxtww.roa
File: 8ipsVMYhGTWVXVR-lj_dtUFxtww.roa (raw, json)
Hash identifier: wj8ahk26uf/+g5wZ3CRPb8KzhzqbkkRM5RltaXIFWXo=
Subject key identifier: F2:2A:6C:54:C6:21:19:35:95:5D:54:7E:96:3F:DD:B5:41:71:B7:0C
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 01933EE5D76A752F8B6D35932316C26C7FA8
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/8ipsVMYhGTWVXVR-lj_dtUFxtww.roa
Signing time: Mon 18 Nov 2024 10:51:10 +0000
ROA not before: Mon 18 Nov 2024 10:51:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50427
IP address blocks: 109.226.248.0/24 maxlen: 24
185.84.174.0/23 maxlen: 23
185.84.174.0/24 maxlen: 24
185.84.175.0/24 maxlen: 24
193.106.168.0/22 maxlen: 22
193.106.168.0/24 maxlen: 24
193.106.169.0/24 maxlen: 24
193.106.170.0/24 maxlen: 24
193.106.171.0/24 maxlen: 24
2a05:7400:8000::/34 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:e5:d7:6a:75:2f:8b:6d:35:93:23:16:c2:6c:7f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Nov 18 10:51:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f22a6c54c6211935955d547e963fddb54171b70c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c5:c3:7c:ce:49:12:a2:62:4c:92:52:74:03:
ec:f9:c2:ef:93:10:5a:f5:ac:5f:b9:11:bf:93:a0:
0a:20:fe:78:d5:2d:69:ba:71:4e:52:7a:f1:08:a6:
59:0d:3f:81:76:e8:fb:b3:6b:9f:ac:6f:68:64:b3:
b2:fb:3b:7c:a0:e4:a9:1c:9d:1a:8f:f6:42:8a:59:
6a:b9:b5:4b:b0:f0:cb:ee:99:32:f6:c7:6d:8c:3b:
02:30:49:1a:ac:82:65:9d:33:fe:0e:05:d9:96:f6:
e8:99:11:cc:a7:e4:77:cc:24:1a:04:4a:04:b3:75:
05:a1:a2:80:7c:96:38:cc:69:5e:20:46:00:e1:ee:
3e:aa:5f:a1:b5:ae:3d:d5:1e:f1:d1:b5:af:8a:e8:
8e:44:09:a4:76:af:b8:ac:8f:2d:f0:b5:e1:d1:15:
fa:1e:52:ad:b5:8d:4a:42:fe:53:d8:96:2e:42:01:
22:6a:bf:38:d7:47:6d:53:f6:da:65:f8:47:0d:d9:
11:90:f2:00:70:8c:e4:4c:a7:2b:f9:a7:60:e4:54:
38:9a:e1:87:41:e4:08:5b:ef:6b:97:e6:a8:17:63:
b3:2a:29:fb:8b:a6:4f:5a:e5:66:63:c5:0b:81:d5:
40:14:86:c7:a3:0b:fd:af:1a:28:53:21:be:c0:8a:
6e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2A:6C:54:C6:21:19:35:95:5D:54:7E:96:3F:DD:B5:41:71:B7:0C
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/8ipsVMYhGTWVXVR-lj_dtUFxtww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.248.0/24
185.84.174.0/23
193.106.168.0/22
IPv6:
2a05:7400:8000::/34
Signature Algorithm: sha256WithRSAEncryption
8f:1a:e6:46:7f:1f:cb:84:23:30:fd:63:a5:d3:8d:e2:83:fb:
a5:63:9a:52:df:7a:46:9c:c9:98:5e:1a:04:2c:ea:53:63:2a:
03:4a:69:ef:db:92:8b:8e:8a:9c:db:59:4c:7a:f8:a3:e1:25:
b3:40:a7:cf:a9:8f:4c:da:40:a8:62:e1:9a:21:e9:97:72:8e:
e4:58:22:1e:33:ab:df:cb:df:6e:d9:2e:77:e2:27:f3:e8:18:
b1:61:ba:83:b9:ab:ea:ba:64:be:07:be:a1:0a:c2:0d:fa:cb:
ab:be:88:14:17:a8:01:f8:bd:d6:ac:0c:34:e7:4f:3b:79:48:
bd:4f:0d:4a:52:1a:ed:6d:73:ab:fd:5c:5f:c3:66:7f:aa:37:
2b:d5:3d:fa:37:75:70:df:32:4d:9d:86:00:2c:de:20:a8:fa:
8b:3a:7c:7d:f5:f1:1d:1f:7b:7b:5a:6b:52:88:9f:ad:7b:b2:
fd:08:51:92:dd:d5:68:eb:4b:99:6e:f1:bd:76:c0:2f:31:52:
1b:ed:d1:3f:c5:b9:9e:4a:c1:d9:c7:13:aa:81:61:3c:09:f1:
33:20:d9:a4:2d:30:82:c9:ce:3c:41:ef:ac:79:23:89:40:eb:
33:ff:48:b9:1d:a7:b2:11:20:63:9d:10:39:95:2e:1b:50:7d:
c5:1f:59:7c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZM+5ddqdS+LbTWTIxbCbH+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQxMTE4MTA1MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjJhNmM1NGM2MjExOTM1OTU1ZDU0N2U5NjNmZGRiNTQxNzFiNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMXDfM5JEqJiTJJSdAPs+cLvkxBa
9axfuRG/k6AKIP541S1punFOUnrxCKZZDT+Bduj7s2ufrG9oZLOy+zt8oOSpHJ0a
j/ZCillqubVLsPDL7pky9sdtjDsCMEkarIJlnTP+DgXZlvbomRHMp+R3zCQaBEoE
s3UFoaKAfJY4zGleIEYA4e4+ql+hta491R7x0bWviuiORAmkdq+4rI8t8LXh0RX6
HlKttY1KQv5T2JYuQgEiar8410dtU/baZfhHDdkRkPIAcIzkTKcr+adg5FQ4muGH
QeQIW+9rl+aoF2OzKin7i6ZPWuVmY8ULgdVAFIbHowv9rxooUyG+wIpuQQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPIqbFTGIRk1lV1UfpY/3bVBcbcMMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvOGlwc1ZNWWhHVFdWWFZSLWxqX2R0VUZ4dHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAbeL4AwQB
uVSuAwQCwWqoMA4EAgACMAgDBgYqBXQAgDANBgkqhkiG9w0BAQsFAAOCAQEAjxrm
Rn8fy4QjMP1jpdON4oP7pWOaUt96RpzJmF4aBCzqU2MqA0pp79uSi46KnNtZTHr4
o+Els0Cnz6mPTNpAqGLhmiHpl3KO5FgiHjOr38vfbtkud+In8+gYsWG6g7mr6rpk
vge+oQrCDfrLq76IFBeoAfi91qwMNOdPO3lIvU8NSlIa7W1zq/1cX8Nmf6o3K9U9
+jd1cN8yTZ2GACzeIKj6izp8ffXxHR97e1prUoifrXuy/QhRkt3VaOtLmW7xvXbA
LzFSG+3RP8W5nkrB2ccTqoFhPAnxMyDZpC0wgsnOPEHvrHkjiUDrM/9IuR2nshEg
Y50QOZUuG1B9xR9ZfA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:44 2025 by rpki-client