Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/CeCpER7-duCk_MRtuORC4k5aa4U.roa
File: CeCpER7-duCk_MRtuORC4k5aa4U.roa (raw, json)
Hash identifier: OkdoqqYBAF6GRiETveX0XUYKk2D2c+9pMb5Et/hoOug=
Subject key identifier: 09:E0:A9:11:1E:FE:76:E0:A4:FC:C4:6D:B8:E4:42:E2:4E:5A:6B:85
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 018CCA2A5A2C1A2FB3B1124EE9550E6F6A7E
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/CeCpER7-duCk_MRtuORC4k5aa4U.roa
Signing time: Tue 02 Jan 2024 12:33:42 +0000
ROA not before: Tue 02 Jan 2024 12:33:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8257
IP address blocks: 188.112.64.0/19 maxlen: 19
188.112.64.0/18 maxlen: 18
176.61.192.0/20 maxlen: 20
176.61.192.0/18 maxlen: 18
176.61.208.0/20 maxlen: 20
188.112.96.0/19 maxlen: 19
176.61.224.0/21 maxlen: 21
178.253.128.0/18 maxlen: 18
178.253.128.0/19 maxlen: 19
185.37.240.0/22 maxlen: 22
178.253.160.0/19 maxlen: 19
85.135.128.0/17 maxlen: 20
176.61.232.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:5a:2c:1a:2f:b3:b1:12:4e:e9:55:0e:6f:6a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 2 12:33:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09e0a9111efe76e0a4fcc46db8e442e24e5a6b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:36:ef:08:2c:60:97:95:0b:93:a6:7f:65:4a:
41:25:10:f4:85:fa:7c:a9:46:2d:7d:7d:6a:dd:57:
e6:36:8d:29:a9:0f:51:4b:48:52:43:27:15:dd:fc:
f0:8b:2c:3d:8b:cf:ef:61:66:ac:8c:59:fb:4e:68:
09:99:f5:4c:32:8d:a8:ae:e4:ef:8a:c9:73:5c:fa:
07:2e:1d:6d:9f:30:4a:e0:1a:c5:a1:39:1a:c7:9a:
35:21:f3:a2:e7:9a:49:1e:b8:3a:8e:56:4c:86:0b:
c9:a5:21:83:50:9e:73:fe:d5:6c:48:68:2a:1f:04:
b2:7c:b2:14:33:b2:32:95:c0:77:e2:31:d0:0f:83:
e8:1a:9a:fe:fa:01:e4:a1:e1:1d:cd:46:50:aa:bd:
d4:8a:70:ab:69:f2:bd:f2:ba:13:bd:be:6a:69:e6:
8f:62:04:1c:c1:fd:0f:45:30:cb:ce:e9:2a:e2:cb:
7e:99:43:ff:62:75:89:0a:7b:a2:c8:b8:ef:a7:b5:
78:11:76:1b:e5:5d:d7:27:eb:9b:5e:14:d1:5f:0b:
fa:85:e6:91:be:d5:a2:f1:6a:17:a1:29:1b:49:63:
7f:9c:c7:b8:09:1b:ea:eb:0c:15:93:e5:5b:b5:9b:
99:e0:62:ea:0e:b4:cf:ad:0e:9f:f1:28:9b:a9:ae:
46:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E0:A9:11:1E:FE:76:E0:A4:FC:C4:6D:B8:E4:42:E2:4E:5A:6B:85
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/CeCpER7-duCk_MRtuORC4k5aa4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.135.128.0/17
176.61.192.0/18
178.253.128.0/18
185.37.240.0/22
188.112.64.0/18
Signature Algorithm: sha256WithRSAEncryption
95:11:5e:30:f7:2c:3f:df:94:e5:c3:96:6e:6f:be:7a:f0:84:
f4:57:47:f8:db:c7:fc:bd:a4:12:71:85:81:8a:77:a6:58:d7:
3d:1b:88:7b:73:9f:31:d2:b6:af:a6:94:73:56:35:f3:5e:47:
67:cd:14:1d:71:bc:e9:7a:4c:56:a3:b8:47:9c:6f:35:4b:de:
e2:de:59:c8:40:bc:44:8c:ae:c8:3c:db:1e:e1:39:77:a5:d3:
a5:67:6a:31:79:88:7e:3c:b2:f2:06:14:5c:cf:3b:c6:dc:ce:
b3:c4:3a:83:31:ff:5b:88:50:37:12:3d:71:3a:1e:1d:43:4d:
47:99:60:13:d9:77:76:37:62:ec:12:e2:c2:05:91:65:59:19:
e1:6e:98:7b:c5:d0:86:63:2e:f3:99:4a:88:8b:b6:b5:c5:7b:
33:b4:8d:28:6a:96:75:f8:65:54:8d:c7:ab:29:17:b3:b5:9b:
a6:6c:01:98:41:68:ac:18:bd:30:a5:3e:92:40:7e:ee:e2:a4:
e7:66:30:43:9c:54:58:5f:9b:a8:00:04:a7:8b:89:ab:d4:2b:
4c:39:d4:2a:1b:1d:a9:80:44:3b:af:42:e5:23:2c:40:8f:a0:
05:c4:83:19:31:91:1e:ec:1c:84:31:d5:d3:70:7a:f8:02:8e:
fd:14:dc:5a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzKKlosGi+zsRJO6VUOb2p+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjQwMTAyMTIzMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWUwYTkxMTFlZmU3NmUwYTRmY2M0NmRiOGU0NDJlMjRlNWE2Yjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTbvCCxgl5ULk6Z/ZUpBJRD0hfp8
qUYtfX1q3VfmNo0pqQ9RS0hSQycV3fzwiyw9i8/vYWasjFn7TmgJmfVMMo2oruTv
islzXPoHLh1tnzBK4BrFoTkax5o1IfOi55pJHrg6jlZMhgvJpSGDUJ5z/tVsSGgq
HwSyfLIUM7IylcB34jHQD4PoGpr++gHkoeEdzUZQqr3UinCrafK98roTvb5qaeaP
YgQcwf0PRTDLzukq4st+mUP/YnWJCnuiyLjvp7V4EXYb5V3XJ+ubXhTRXwv6heaR
vtWi8WoXoSkbSWN/nMe4CRvq6wwVk+VbtZuZ4GLqDrTPrQ6f8Sibqa5G2wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAngqREe/nbgpPzEbbjkQuJOWmuFMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvQ2VDcEVSNy1kdUNrX01SdHVPUkM0azVhYTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQHVYeAAwQG
sD3AAwQGsv2AAwQCuSXwAwQGvHBAMA0GCSqGSIb3DQEBCwUAA4IBAQCVEV4w9yw/
35Tlw5Zub7568IT0V0f428f8vaQScYWBinemWNc9G4h7c58x0ravppRzVjXzXkdn
zRQdcbzpekxWo7hHnG81S97i3lnIQLxEjK7IPNse4Tl3pdOlZ2oxeYh+PLLyBhRc
zzvG3M6zxDqDMf9biFA3Ej1xOh4dQ01HmWAT2Xd2N2LsEuLCBZFlWRnhbph7xdCG
Yy7zmUqIi7a1xXsztI0oapZ1+GVUjcerKReztZumbAGYQWisGL0wpT6SQH7u4qTn
ZjBDnFRYX5uoAASni4mr1CtMOdQqGx2pgEQ7r0LlIyxAj6AFxIMZMZEe7ByEMdXT
cHr4Ao79FNxa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:43 2025 by rpki-client