Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/wIX-j9iXgfL_I-eYFr2nJgVS5i8.roa
File: wIX-j9iXgfL_I-eYFr2nJgVS5i8.roa (raw, json)
Hash identifier: nNIQVx4/fiT/uKr/MEZ23ijfTDp7Mek+tQBUZ1kqjhw=
Subject key identifier: C0:85:FE:8F:D8:97:81:F2:FF:23:E7:98:16:BD:A7:26:05:52:E6:2F
Certificate issuer: /CN=167ac5231a0d7bc5824590a0b2f621ede984770c
Certificate serial: 018CC56EADF7D106B100852A9BAEB145DFF3
Authority key identifier: 16:7A:C5:23:1A:0D:7B:C5:82:45:90:A0:B2:F6:21:ED:E9:84:77:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FnrFIxoNe8WCRZCgsvYh7emEdww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/wIX-j9iXgfL_I-eYFr2nJgVS5i8.roa
Signing time: Mon 01 Jan 2024 14:30:14 +0000
ROA not before: Mon 01 Jan 2024 14:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206289
IP address blocks: 185.189.251.0/24 maxlen: 24
185.189.250.0/23 maxlen: 23
185.189.248.0/24 maxlen: 24
185.189.249.0/24 maxlen: 24
185.189.248.0/22 maxlen: 22
185.189.248.0/23 maxlen: 23
185.189.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ad:f7:d1:06:b1:00:85:2a:9b:ae:b1:45:df:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=167ac5231a0d7bc5824590a0b2f621ede984770c
Validity
Not Before: Jan 1 14:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c085fe8fd89781f2ff23e79816bda7260552e62f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6a:d5:b5:2c:0d:03:03:4f:4a:55:21:dd:06:
d6:e7:ed:d6:3e:0f:8b:c7:b6:2a:ac:47:05:44:a5:
bb:53:cd:e6:41:5a:51:3d:5c:58:4d:7d:c3:15:94:
75:f6:36:6f:6a:b6:45:cc:0d:25:f4:e4:e9:e8:80:
66:a1:c2:ba:d2:c8:20:ea:f8:3f:19:86:73:2d:97:
f6:50:91:b3:39:68:18:42:56:60:41:ce:59:d8:30:
75:dd:fb:88:6e:27:57:c2:62:5f:88:19:c6:f0:61:
9a:5d:cb:12:a1:95:c6:ca:bc:e3:96:a3:4c:ce:d5:
6a:4e:71:a2:22:ba:3b:b9:af:94:ff:77:dc:1d:21:
a2:91:d6:a7:27:33:d6:22:53:b9:93:32:28:81:b3:
fa:07:c2:51:86:65:cc:a7:de:87:65:0f:d4:0e:37:
44:87:6d:18:12:3f:04:e4:f7:85:1d:93:87:40:e4:
bd:ff:91:2f:ac:5a:07:0b:e7:da:89:e4:6b:d9:02:
97:1a:ef:57:cc:4b:9b:b6:93:b6:e2:4d:3a:57:a1:
48:38:64:c1:9b:02:1a:4b:7c:fa:08:f9:db:3f:fd:
cc:29:6a:30:8b:cb:be:fe:5f:9c:4f:a3:3c:65:df:
b2:3c:de:15:67:69:db:2a:fe:31:89:89:ed:fa:90:
5a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:85:FE:8F:D8:97:81:F2:FF:23:E7:98:16:BD:A7:26:05:52:E6:2F
X509v3 Authority Key Identifier:
keyid:16:7A:C5:23:1A:0D:7B:C5:82:45:90:A0:B2:F6:21:ED:E9:84:77:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FnrFIxoNe8WCRZCgsvYh7emEdww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/wIX-j9iXgfL_I-eYFr2nJgVS5i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/FnrFIxoNe8WCRZCgsvYh7emEdww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.248.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:8c:f8:11:3e:81:96:9a:b8:54:60:a1:c9:ac:fe:60:af:45:
b0:74:07:08:7f:53:7e:76:ec:20:a0:7a:bb:62:7d:73:c0:6d:
50:ea:5e:90:b3:d4:f2:a9:e0:87:51:c7:fa:1c:ba:00:c4:d0:
70:72:67:a8:65:32:be:91:e0:69:18:11:53:f0:fc:2c:35:1f:
3b:87:1c:f8:a5:ac:f7:80:20:26:0d:3a:a9:3f:6a:09:61:35:
d8:2c:91:86:e2:a3:fc:dc:b7:3d:e3:39:d3:d5:86:05:1c:b4:
e5:e2:d9:ce:ed:88:6b:62:b8:0f:91:a7:20:bc:f0:a2:01:ff:
44:6e:39:63:29:de:f2:da:19:49:97:3d:c7:11:b2:77:4a:65:
eb:ac:80:1a:6e:0d:b2:a7:c6:13:e4:5b:be:44:aa:5e:6a:76:
55:5f:7f:98:ad:58:a8:25:f1:0e:bb:01:07:a0:ef:07:e9:ad:
6a:6e:54:ea:e6:60:39:6a:0b:66:32:ed:da:90:3b:c7:66:08:
8f:55:43:6a:d4:c3:23:45:58:ad:e2:15:cf:ff:21:50:c2:ff:
14:a4:95:6f:49:8a:6a:79:69:97:84:52:4d:8b:75:58:8d:d3:
01:cb:1d:03:39:35:62:88:eb:5a:ff:25:e9:cc:0a:7b:49:c5:
8f:7e:06:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbq330QaxAIUqm66xRd/zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2N2FjNTIzMWEwZDdiYzU4MjQ1OTBhMGIyZjYyMWVkZTk4
NDc3MGMwHhcNMjQwMTAxMTQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDg1ZmU4ZmQ4OTc4MWYyZmYyM2U3OTgxNmJkYTcyNjA1NTJlNjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmrVtSwNAwNPSlUh3QbW5+3WPg+L
x7YqrEcFRKW7U83mQVpRPVxYTX3DFZR19jZvarZFzA0l9OTp6IBmocK60sgg6vg/
GYZzLZf2UJGzOWgYQlZgQc5Z2DB13fuIbidXwmJfiBnG8GGaXcsSoZXGyrzjlqNM
ztVqTnGiIro7ua+U/3fcHSGikdanJzPWIlO5kzIogbP6B8JRhmXMp96HZQ/UDjdE
h20YEj8E5PeFHZOHQOS9/5EvrFoHC+faieRr2QKXGu9XzEubtpO24k06V6FIOGTB
mwIaS3z6CPnbP/3MKWowi8u+/l+cT6M8Zd+yPN4VZ2nbKv4xiYnt+pBa+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMCF/o/Yl4Hy/yPnmBa9pyYFUuYvMB8GA1UdIwQY
MBaAFBZ6xSMaDXvFgkWQoLL2Ie3phHcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm5yRkl4b05lOFdDUlpDZ3N2WWg3ZW1FZHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82MTczOGUtMzk3Ny00OTVlLWJhMWEt
ODAzNWYyZGZjMWY0LzEvd0lYLWo5aVhnZkxfSS1lWUZyMm5KZ1ZTNWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS82MTczOGUtMzk3Ny00OTVlLWJhMWEtODAzNWYyZGZjMWY0
LzEvRm5yRkl4b05lOFdDUlpDZ3N2WWg3ZW1FZHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub34MA0G
CSqGSIb3DQEBCwUAA4IBAQDFjPgRPoGWmrhUYKHJrP5gr0WwdAcIf1N+duwgoHq7
Yn1zwG1Q6l6Qs9TyqeCHUcf6HLoAxNBwcmeoZTK+keBpGBFT8PwsNR87hxz4paz3
gCAmDTqpP2oJYTXYLJGG4qP83Lc94znT1YYFHLTl4tnO7YhrYrgPkacgvPCiAf9E
bjljKd7y2hlJlz3HEbJ3SmXrrIAabg2yp8YT5Fu+RKpeanZVX3+YrVioJfEOuwEH
oO8H6a1qblTq5mA5agtmMu3akDvHZgiPVUNq1MMjRVit4hXP/yFQwv8UpJVvSYpq
eWmXhFJNi3VYjdMByx0DOTViiOta/yXpzAp7ScWPfgYZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:45:02 2025 by rpki-client