Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/745768-ba80-4e76-a1d8-bdbe16806616/1/dmMWGqC7zsnxOPswT0fdkAh5v-Y.roa
File: dmMWGqC7zsnxOPswT0fdkAh5v-Y.roa (raw, json)
Hash identifier: BcOhygvdVdbLJppiDSrThg6ObDKjYjYs9x+YzUVo7sI=
Subject key identifier: 76:63:16:1A:A0:BB:CE:C9:F1:38:FB:30:4F:47:DD:90:08:79:BF:E6
Certificate issuer: /CN=e4767b51e6b482b9e7a7483662a5dbee1b8d85a0
Certificate serial: 018CC6B79659F3072A58BB4EC974D762AC7A
Authority key identifier: E4:76:7B:51:E6:B4:82:B9:E7:A7:48:36:62:A5:DB:EE:1B:8D:85:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HZ7Uea0grnnp0g2YqXb7huNhaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/745768-ba80-4e76-a1d8-bdbe16806616/1/dmMWGqC7zsnxOPswT0fdkAh5v-Y.roa
Signing time: Mon 01 Jan 2024 20:29:29 +0000
ROA not before: Mon 01 Jan 2024 20:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200813
IP address blocks: 185.94.161.0/24 maxlen: 24
185.94.160.0/22 maxlen: 22
185.94.160.0/24 maxlen: 24
185.94.163.0/24 maxlen: 24
185.94.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:96:59:f3:07:2a:58:bb:4e:c9:74:d7:62:ac:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4767b51e6b482b9e7a7483662a5dbee1b8d85a0
Validity
Not Before: Jan 1 20:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7663161aa0bbcec9f138fb304f47dd900879bfe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e9:e0:14:7c:5e:56:63:0f:88:7e:22:7d:4c:
1e:f4:26:b0:5c:2f:4b:5a:a5:66:8f:be:c4:a4:05:
f2:99:a4:09:e6:e2:92:b3:1c:48:1a:02:4d:b4:20:
42:6c:ae:76:72:b6:cc:ad:6c:3c:07:7f:15:c2:ae:
65:61:4f:00:31:6c:47:6d:85:5a:d1:10:7a:38:f4:
fe:f5:be:02:5e:1a:ec:03:d4:28:ea:dc:bf:75:b8:
8e:bf:98:e8:5d:a1:ff:cd:8d:be:90:3f:87:be:88:
09:4b:f7:79:6e:ee:e1:34:38:67:05:90:17:35:87:
45:72:ab:c5:a2:6d:2c:76:6e:1d:27:83:54:9d:26:
94:38:c4:35:ef:0b:be:ef:a9:f8:2d:27:75:16:d1:
08:21:c2:4c:54:0e:85:22:a4:44:d5:da:f4:dd:b9:
47:12:f5:dd:c9:79:3a:3e:bf:3a:12:93:1f:97:56:
c7:39:3b:3f:ff:9f:ca:93:23:0e:25:3c:1a:8b:3b:
c8:f4:70:bd:4d:e1:7a:f0:55:7a:fc:0d:fe:66:d8:
ed:fc:8f:d3:ed:61:1a:5f:c7:6a:d0:7b:f8:19:fa:
dd:5a:18:27:23:d5:c0:92:d3:73:f3:4f:c8:b6:e5:
59:47:ae:8c:32:27:16:ce:55:04:ce:20:f1:fd:2a:
17:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:63:16:1A:A0:BB:CE:C9:F1:38:FB:30:4F:47:DD:90:08:79:BF:E6
X509v3 Authority Key Identifier:
keyid:E4:76:7B:51:E6:B4:82:B9:E7:A7:48:36:62:A5:DB:EE:1B:8D:85:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HZ7Uea0grnnp0g2YqXb7huNhaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/745768-ba80-4e76-a1d8-bdbe16806616/1/dmMWGqC7zsnxOPswT0fdkAh5v-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/745768-ba80-4e76-a1d8-bdbe16806616/1/5HZ7Uea0grnnp0g2YqXb7huNhaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.160.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:d0:9c:df:9c:52:82:4a:c7:75:8d:e0:47:d5:e7:c8:81:e0:
d5:6b:6a:ce:48:0f:95:a0:2c:15:cb:e9:d1:24:aa:c6:6b:9d:
68:9d:9d:c3:74:b2:84:ec:c0:7f:d6:16:5c:0e:bf:da:f4:6e:
7f:5c:32:bd:79:16:e4:26:5b:c9:94:ec:82:aa:38:42:81:24:
d5:02:b6:25:84:4c:a5:7f:38:4d:c1:ab:76:2b:c5:39:45:75:
4e:7f:9a:b6:21:8c:03:08:52:c7:39:57:76:3c:69:b9:14:fe:
cd:5c:32:1d:80:84:ec:8f:76:f8:f2:c9:80:1b:39:e2:15:a3:
53:d1:f3:ea:52:67:4c:c2:00:06:1d:31:28:f1:bf:3b:63:fb:
1c:d2:92:93:2c:a2:17:0a:34:47:13:d6:82:05:b3:a3:21:5c:
24:0d:91:35:90:47:c6:c1:cb:71:cb:79:c0:75:3f:0d:cb:8b:
07:72:b1:44:5d:48:b5:8a:70:45:ad:8d:95:88:34:7e:c9:d6:
ab:eb:bf:01:d2:cb:77:d4:05:fb:73:bd:08:3a:d7:cc:10:49:
67:fc:29:b8:24:47:13:3e:f7:5e:bd:a9:6f:84:58:ab:4f:ce:
c7:1b:fd:9b:01:ce:70:f4:51:ee:4a:88:b9:32:b6:39:6f:21:
80:6f:38:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt5ZZ8wcqWLtOyXTXYqx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NzY3YjUxZTZiNDgyYjllN2E3NDgzNjYyYTVkYmVlMWI4
ZDg1YTAwHhcNMjQwMTAxMjAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjYzMTYxYWEwYmJjZWM5ZjEzOGZiMzA0ZjQ3ZGQ5MDA4NzliZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlungFHxeVmMPiH4ifUwe9CawXC9L
WqVmj77EpAXymaQJ5uKSsxxIGgJNtCBCbK52crbMrWw8B38Vwq5lYU8AMWxHbYVa
0RB6OPT+9b4CXhrsA9Qo6ty/dbiOv5joXaH/zY2+kD+HvogJS/d5bu7hNDhnBZAX
NYdFcqvFom0sdm4dJ4NUnSaUOMQ17wu+76n4LSd1FtEIIcJMVA6FIqRE1dr03blH
EvXdyXk6Pr86EpMfl1bHOTs//5/KkyMOJTwaizvI9HC9TeF68FV6/A3+Ztjt/I/T
7WEaX8dq0Hv4GfrdWhgnI9XAktNz80/ItuVZR66MMicWzlUEziDx/SoXZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZjFhqgu87J8Tj7ME9H3ZAIeb/mMB8GA1UdIwQY
MBaAFOR2e1HmtIK556dINmKl2+4bjYWgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUhaN1VlYTBncm5ucDBnMllxWGI3aHVOaGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy83NDU3NjgtYmE4MC00ZTc2LWExZDgt
YmRiZTE2ODA2NjE2LzEvZG1NV0dxQzd6c254T1Bzd1QwZmRrQWg1di1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy83NDU3NjgtYmE4MC00ZTc2LWExZDgtYmRiZTE2ODA2NjE2
LzEvNUhaN1VlYTBncm5ucDBnMllxWGI3aHVOaGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV6gMA0G
CSqGSIb3DQEBCwUAA4IBAQCw0JzfnFKCSsd1jeBH1efIgeDVa2rOSA+VoCwVy+nR
JKrGa51onZ3DdLKE7MB/1hZcDr/a9G5/XDK9eRbkJlvJlOyCqjhCgSTVArYlhEyl
fzhNwat2K8U5RXVOf5q2IYwDCFLHOVd2PGm5FP7NXDIdgITsj3b48smAGzniFaNT
0fPqUmdMwgAGHTEo8b87Y/sc0pKTLKIXCjRHE9aCBbOjIVwkDZE1kEfGwctxy3nA
dT8Ny4sHcrFEXUi1inBFrY2ViDR+ydar678B0st31AX7c70IOtfMEEln/Cm4JEcT
PvdevalvhFirT87HG/2bAc5w9FHuSoi5MrY5byGAbzht
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:53 2025 by rpki-client