Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/S1yoz4jmftOlWo2L5Z2BZowkaoo.roa
File: S1yoz4jmftOlWo2L5Z2BZowkaoo.roa (raw, json)
Hash identifier: mOkVj0Z3W0+IwplnFHTKuVfV6/1CExHYU5s7LRrfwF4=
Subject key identifier: 4B:5C:A8:CF:88:E6:7E:D3:A5:5A:8D:8B:E5:9D:81:66:8C:24:6A:8A
Certificate issuer: /CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Certificate serial: 018CC9BAA5085E09116226E2907CAE4C9EDB
Authority key identifier: A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/S1yoz4jmftOlWo2L5Z2BZowkaoo.roa
Signing time: Tue 02 Jan 2024 10:31:41 +0000
ROA not before: Tue 02 Jan 2024 10:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20836
IP address blocks: 185.47.228.0/22 maxlen: 24
95.157.96.0/19 maxlen: 24
178.249.184.0/21 maxlen: 24
178.249.189.0/24 maxlen: 24
217.171.32.0/20 maxlen: 24
95.157.64.0/19 maxlen: 24
2001:b60::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jan 2024 11:42:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:a5:08:5e:09:11:62:26:e2:90:7c:ae:4c:9e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Validity
Not Before: Jan 2 10:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b5ca8cf88e67ed3a55a8d8be59d81668c246a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ff:f8:44:2d:2d:73:c2:3e:70:70:b3:02:cf:
ec:d8:e2:c3:a1:cd:22:a6:46:8b:5b:01:20:1c:ef:
e6:27:c4:30:e8:e2:e5:19:b0:c2:a9:63:3a:ff:01:
c4:83:2e:b8:7d:5d:81:4b:4b:a9:e2:f4:f3:18:d9:
68:62:d7:e7:f8:a8:ed:3a:5d:3c:60:86:22:52:52:
fc:80:f4:d5:ff:78:42:e8:82:65:c7:16:b5:8e:75:
34:e1:17:a4:5d:01:3e:35:1b:4f:d4:eb:cc:e0:de:
e4:94:4e:12:c0:7c:3b:91:16:d1:06:ed:20:d5:93:
3d:92:1e:8c:14:79:09:fa:98:c8:dd:f9:b9:bf:29:
1f:dd:f7:cb:f3:c7:d1:f3:01:e1:23:01:96:17:45:
ce:80:a8:3d:e9:de:81:8f:d6:e3:08:a3:3e:ec:45:
ab:7e:fd:d2:8f:bb:f8:4c:55:31:28:cc:22:e1:a5:
d8:42:6e:4a:d3:a1:ba:11:cd:26:69:e6:fb:79:84:
15:29:e4:20:d8:af:33:2b:a3:f6:9b:93:41:e0:0a:
99:46:e7:95:5f:d8:08:80:bf:e2:02:08:64:35:d8:
7d:ac:db:bf:63:df:0f:ec:8e:ba:88:9f:a4:3f:3e:
96:ac:6a:05:0a:d5:19:b0:b5:fc:65:60:95:98:f1:
67:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5C:A8:CF:88:E6:7E:D3:A5:5A:8D:8B:E5:9D:81:66:8C:24:6A:8A
X509v3 Authority Key Identifier:
keyid:A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/S1yoz4jmftOlWo2L5Z2BZowkaoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.157.64.0/18
178.249.184.0/21
185.47.228.0/22
217.171.32.0/20
IPv6:
2001:b60::/32
Signature Algorithm: sha256WithRSAEncryption
1c:d0:9e:b5:57:78:2b:6b:f9:0e:04:a3:16:bd:68:b3:18:f8:
f1:eb:c4:16:eb:3f:9c:c9:73:b1:ea:40:ea:19:48:64:9c:66:
11:0c:69:47:bd:36:ef:07:0b:72:0c:db:e8:73:e8:4f:71:4b:
5a:bb:fe:40:69:c7:27:6b:c2:ab:78:41:a0:9b:15:91:11:d5:
d7:82:b8:c0:8f:e9:ac:af:f3:67:9d:8a:1e:f0:4a:ad:5d:90:
f6:e8:e6:d6:a3:8e:6f:df:bc:1c:88:d3:ea:71:9e:81:7e:4b:
64:2c:29:e1:b5:71:52:a2:ab:be:c3:14:56:bb:02:a9:06:2b:
5d:2f:bd:96:f3:8c:86:9b:65:8e:4c:0d:cb:78:67:4d:25:31:
92:12:28:28:ea:7a:13:f5:19:9b:83:c8:72:9a:78:12:61:cc:
84:c7:e1:c4:04:b7:e6:0d:fd:01:5b:5f:ea:87:f3:ea:ce:ad:
11:22:c9:41:9b:8e:2e:63:e0:5c:dd:ec:d2:a2:18:b6:be:3e:
b8:29:95:7d:69:65:89:9a:0f:8d:61:17:e6:de:33:d4:7a:46:
2a:dd:d7:65:f8:76:f7:52:e5:da:9a:b9:67:ef:47:cf:f7:5a:
68:b9:a7:98:dd:78:47:16:ae:b8:80:61:c0:f0:47:31:ff:e4:
d1:19:c6:7f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJuqUIXgkRYibikHyuTJ7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNmIwZDhhYjQ5NDM2NTUwYjZhYmY0NWI3OTAzNWFlYzZh
ZmYyM2MwHhcNMjQwMTAyMTAzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjVjYThjZjg4ZTY3ZWQzYTU1YThkOGJlNTlkODE2NjhjMjQ2YThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl//4RC0tc8I+cHCzAs/s2OLDoc0i
pkaLWwEgHO/mJ8Qw6OLlGbDCqWM6/wHEgy64fV2BS0up4vTzGNloYtfn+KjtOl08
YIYiUlL8gPTV/3hC6IJlxxa1jnU04RekXQE+NRtP1OvM4N7klE4SwHw7kRbRBu0g
1ZM9kh6MFHkJ+pjI3fm5vykf3ffL88fR8wHhIwGWF0XOgKg96d6Bj9bjCKM+7EWr
fv3Sj7v4TFUxKMwi4aXYQm5K06G6Ec0maeb7eYQVKeQg2K8zK6P2m5NB4AqZRueV
X9gIgL/iAghkNdh9rNu/Y98P7I66iJ+kPz6WrGoFCtUZsLX8ZWCVmPFnxwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEtcqM+I5n7TpVqNi+WdgWaMJGqKMB8GA1UdIwQY
MBaAFKFrDYq0lDZVC2q/RbeQNa7Gr/I8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUt
MTVjYzlkYzdiZDg3LzEvUzF5b3o0am1mdE9sV28yTDVaMkJab3drYW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUtMTVjYzlkYzdiZDg3
LzEvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGX51AAwQD
svm4AwQCuS/kAwQE2asgMA0EAgACMAcDBQAgAQtgMA0GCSqGSIb3DQEBCwUAA4IB
AQAc0J61V3gra/kOBKMWvWizGPjx68QW6z+cyXOx6kDqGUhknGYRDGlHvTbvBwty
DNvoc+hPcUtau/5Aaccna8KreEGgmxWREdXXgrjAj+msr/NnnYoe8EqtXZD26ObW
o45v37wciNPqcZ6BfktkLCnhtXFSoqu+wxRWuwKpBitdL72W84yGm2WOTA3LeGdN
JTGSEigo6noT9Rmbg8hymngSYcyEx+HEBLfmDf0BW1/qh/Pqzq0RIslBm44uY+Bc
3ezSohi2vj64KZV9aWWJmg+NYRfm3jPUekYq3ddl+Hb3UuXamrln70fP91pouaeY
3XhHFq64gGHA8Ecx/+TRGcZ/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:10 2025 by rpki-client