Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/j7LvyzxcAe00QHmEwU_IqQyb_GQ.roa
File: j7LvyzxcAe00QHmEwU_IqQyb_GQ.roa (raw, json)
Hash identifier: NbIHDukFL8rH8ZpuZ7rHBOLcYzhtfiQTltdmZUAPGmU=
Subject key identifier: 8F:B2:EF:CB:3C:5C:01:ED:34:40:79:84:C1:4F:C8:A9:0C:9B:FC:64
Certificate issuer: /CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Certificate serial: 018CC72745B79C83A55897638820106F4B35
Authority key identifier: BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/j7LvyzxcAe00QHmEwU_IqQyb_GQ.roa
Signing time: Mon 01 Jan 2024 22:31:28 +0000
ROA not before: Mon 01 Jan 2024 22:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48159
IP address blocks: 185.66.229.0/24 maxlen: 24
185.66.228.0/24 maxlen: 24
185.66.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:45:b7:9c:83:a5:58:97:63:88:20:10:6f:4b:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Validity
Not Before: Jan 1 22:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fb2efcb3c5c01ed34407984c14fc8a90c9bfc64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2f:d9:72:5f:78:35:3d:01:32:3a:68:33:9b:
d7:e1:1d:45:d8:8e:3f:c3:84:7a:de:7e:30:5f:51:
70:03:16:91:2b:77:52:35:10:dc:f8:aa:72:41:f8:
7c:84:02:c0:ba:14:a5:71:0e:b6:00:58:11:ce:18:
52:3a:14:57:d4:9c:41:d6:6b:d3:2d:8f:91:96:1f:
00:79:99:5f:cc:01:a8:b8:4e:e4:0f:b6:f9:d5:f1:
c6:83:f8:d7:06:53:18:13:c9:68:1b:73:14:68:2f:
17:1e:d4:7c:03:4b:c9:a4:e6:75:dd:f1:df:bd:ac:
d9:ed:09:72:d6:d0:4e:41:59:dc:27:f0:b8:e8:46:
2d:82:35:1f:e8:ec:22:35:51:36:ca:ab:f8:f7:2d:
b3:86:ab:32:21:50:60:34:83:20:14:0a:e8:7e:97:
3c:89:47:46:d5:40:4e:29:65:34:49:5a:d5:c8:25:
fb:eb:b4:29:f7:b6:17:6b:c4:73:5a:14:73:6f:1a:
2e:17:67:9c:cd:e0:cb:72:97:23:17:6c:c0:9d:a2:
ed:7b:61:7c:0b:25:74:25:4b:e1:c2:cf:6f:db:3b:
61:cf:2e:17:ea:39:57:bd:36:21:fd:b2:8f:f2:01:
4c:d6:3e:43:8d:69:45:bd:98:4d:8d:c0:9f:28:e3:
e7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B2:EF:CB:3C:5C:01:ED:34:40:79:84:C1:4F:C8:A9:0C:9B:FC:64
X509v3 Authority Key Identifier:
keyid:BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/j7LvyzxcAe00QHmEwU_IqQyb_GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.228.0/23
185.66.231.0/24
Signature Algorithm: sha256WithRSAEncryption
74:57:fa:2f:83:39:2d:56:02:7c:14:53:6c:d7:28:e1:4e:2d:
d6:d5:d8:1b:51:5e:59:55:78:f5:ac:77:f9:bf:ce:a8:53:09:
e1:41:a0:5c:8c:68:b6:da:d8:57:97:b5:99:58:8a:c8:bb:99:
b1:c6:a3:73:ef:af:a0:0c:57:09:d6:5a:ed:fd:2d:69:a3:68:
88:d5:ff:9c:c3:d5:f1:55:42:62:e4:90:6d:08:87:e4:34:e3:
66:07:f6:ee:42:d1:30:34:6a:8f:32:83:f2:31:c0:15:92:10:
7c:2e:e0:23:c9:aa:ba:fb:9e:10:e4:e6:52:e2:20:9e:4e:4f:
ba:5e:c9:eb:25:42:b4:62:65:b4:1c:98:a8:8e:99:54:3d:43:
49:5a:63:dc:c0:df:ad:66:2c:73:9a:3d:2a:bc:6a:d8:d1:25:
ef:72:fb:e8:63:61:52:91:b0:83:c2:33:1a:73:14:03:50:7a:
7d:a3:3e:97:ad:55:90:f3:28:bf:bd:c3:d8:fb:98:0d:98:72:
25:5a:cc:57:3f:a2:f3:a4:21:80:41:79:e2:43:dc:b5:cf:25:
68:e1:d5:40:1e:58:e7:82:ac:b2:ef:40:46:25:96:ed:8a:8d:
a4:88:a8:e3:1d:b4:ac:ed:80:a0:a9:06:89:f7:f1:95:31:61:
ad:9b:5c:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJ0W3nIOlWJdjiCAQb0s1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNWRiODExYjVkNWQwNWJlYzM3ZWU5ZDA5YTRlYzUyZWVl
ZDFhZDUwHhcNMjQwMTAxMjIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmIyZWZjYjNjNWMwMWVkMzQ0MDc5ODRjMTRmYzhhOTBjOWJmYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0y/Zcl94NT0BMjpoM5vX4R1F2I4/
w4R63n4wX1FwAxaRK3dSNRDc+KpyQfh8hALAuhSlcQ62AFgRzhhSOhRX1JxB1mvT
LY+Rlh8AeZlfzAGouE7kD7b51fHGg/jXBlMYE8loG3MUaC8XHtR8A0vJpOZ13fHf
vazZ7Qly1tBOQVncJ/C46EYtgjUf6OwiNVE2yqv49y2zhqsyIVBgNIMgFArofpc8
iUdG1UBOKWU0SVrVyCX767Qp97YXa8RzWhRzbxouF2eczeDLcpcjF2zAnaLte2F8
CyV0JUvhws9v2zthzy4X6jlXvTYh/bKP8gFM1j5DjWlFvZhNjcCfKOPnpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI+y78s8XAHtNEB5hMFPyKkMm/xkMB8GA1UdIwQY
MBaAFL9duBG11dBb7DfunQmk7FLu7RrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2Mt
NzE1ZjA5ODE3MzQxLzEvajdMdnl6eGNBZTAwUUhtRXdVX0lxUXliX0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2MtNzE1ZjA5ODE3MzQx
LzEvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuULkAwQA
uULnMA0GCSqGSIb3DQEBCwUAA4IBAQB0V/ovgzktVgJ8FFNs1yjhTi3W1dgbUV5Z
VXj1rHf5v86oUwnhQaBcjGi22thXl7WZWIrIu5mxxqNz76+gDFcJ1lrt/S1po2iI
1f+cw9XxVUJi5JBtCIfkNONmB/buQtEwNGqPMoPyMcAVkhB8LuAjyaq6+54Q5OZS
4iCeTk+6XsnrJUK0YmW0HJiojplUPUNJWmPcwN+tZixzmj0qvGrY0SXvcvvoY2FS
kbCDwjMacxQDUHp9oz6XrVWQ8yi/vcPY+5gNmHIlWsxXP6LzpCGAQXniQ9y1zyVo
4dVAHljngqyy70BGJZbtio2kiKjjHbSs7YCgqQaJ9/GVMWGtm1zG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:16 2025 by rpki-client