Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/iy8RGwWEOoY0OK_KJOONxBJs-rA.roa
File: iy8RGwWEOoY0OK_KJOONxBJs-rA.roa (raw, json)
Hash identifier: Wl/ODDP+OjXQRoYxhVEUVKUpxTjcOReVKrJyoRHsrSs=
Subject key identifier: 8B:2F:11:1B:05:84:3A:86:34:38:AF:CA:24:E3:8D:C4:12:6C:FA:B0
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 0190E0642A285BCDED46E1E21A743EE4B419
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/iy8RGwWEOoY0OK_KJOONxBJs-rA.roa
Signing time: Tue 23 Jul 2024 16:19:39 +0000
ROA not before: Tue 23 Jul 2024 16:19:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 37.58.128.0/17 maxlen: 24
91.206.156.0/23 maxlen: 24
91.229.230.0/23 maxlen: 24
185.15.128.0/22 maxlen: 24
194.177.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e0:64:2a:28:5b:cd:ed:46:e1:e2:1a:74:3e:e4:b4:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Jul 23 16:19:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b2f111b05843a863438afca24e38dc4126cfab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a2:9b:6e:77:b8:a8:49:4e:e7:cf:f5:1f:13:
26:fc:0a:6d:d9:a3:62:7c:ab:31:f9:10:a0:61:57:
41:7a:f3:88:3b:52:ec:b5:69:f5:36:ba:2a:f1:59:
59:c3:62:59:f5:f3:6b:1f:d4:9d:6f:10:2d:a6:fb:
93:0a:d9:ea:a1:f1:46:3b:0b:13:16:b5:c4:62:f0:
45:f3:ac:59:33:e9:bf:4f:ed:ae:0f:b0:b6:54:b1:
47:58:9d:1d:98:c2:20:24:00:51:4f:f7:c4:14:4c:
d7:6d:52:5e:00:80:ea:1f:e4:be:3a:ff:0b:f6:ac:
17:e4:83:83:d6:56:80:dc:e2:0d:f8:d8:fc:39:17:
9e:0c:ff:4f:40:f8:6f:ec:4b:b3:66:42:a6:3c:c1:
13:c3:69:29:c5:0f:fb:d3:ee:3f:ee:5e:4e:15:6c:
aa:37:dc:d8:3a:9b:e7:eb:7e:0d:2e:7d:43:55:bf:
37:f8:c8:28:7a:18:06:4c:6d:16:6b:da:0f:0c:ec:
6f:32:f4:9f:45:cf:3b:2e:ff:10:ff:d8:c8:9e:22:
ac:e0:bf:f6:ed:cc:c2:09:08:5d:09:1a:fe:67:d8:
ef:e3:ea:ff:a4:78:ee:23:51:a7:33:cb:1d:3a:3d:
ce:a9:9b:5e:0e:71:df:4d:44:3d:fd:6d:3e:f4:b4:
fe:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:2F:11:1B:05:84:3A:86:34:38:AF:CA:24:E3:8D:C4:12:6C:FA:B0
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/iy8RGwWEOoY0OK_KJOONxBJs-rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.58.128.0/17
91.206.156.0/23
91.229.230.0/23
185.15.128.0/22
194.177.32.0/19
Signature Algorithm: sha256WithRSAEncryption
64:5f:ae:07:17:0e:22:be:7b:fe:91:3b:09:cc:c9:2c:eb:67:
a8:b6:c3:2f:8f:84:f1:ea:a9:3a:51:54:7e:c5:5a:e5:9c:bf:
1c:13:8d:5a:79:33:40:15:ba:f1:f6:5a:58:9a:e4:40:51:ee:
15:a0:95:7a:05:ff:53:51:31:bf:33:db:2e:5a:6a:41:7e:1a:
79:ed:99:e9:26:6c:87:73:fe:64:70:11:62:d8:76:a4:91:a4:
11:00:54:0c:da:6b:87:ce:51:1d:60:a7:f7:e2:3b:61:93:86:
f3:36:e2:22:87:24:bc:81:40:54:c9:09:f4:0e:fd:88:f9:ca:
91:3d:31:e8:c1:92:e3:c5:d3:29:c5:38:33:8b:6c:1e:f5:e5:
2e:f0:6c:52:f4:18:20:95:7a:c1:f4:45:6a:7c:fc:29:42:88:
96:62:45:46:2b:61:d0:6e:80:2f:ba:2d:03:82:dc:a0:86:a2:
54:6b:af:ea:37:4b:9b:55:5a:df:20:37:6e:b2:6b:40:39:4e:
e3:81:3b:98:d8:ab:00:9a:e8:13:3a:ad:e7:de:23:93:dc:48:
1d:70:99:81:34:40:49:04:f7:2a:53:3a:f3:05:6a:c6:eb:46:
09:a0:31:e0:00:11:52:73:ee:35:7f:a8:bc:d3:b1:c8:cf:77:
5d:dd:9e:67
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZDgZCooW83tRuHiGnQ+5LQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjQwNzIzMTYxOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjJmMTExYjA1ODQzYTg2MzQzOGFmY2EyNGUzOGRjNDEyNmNmYWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaKbbne4qElO58/1HxMm/Apt2aNi
fKsx+RCgYVdBevOIO1LstWn1Nroq8VlZw2JZ9fNrH9SdbxAtpvuTCtnqofFGOwsT
FrXEYvBF86xZM+m/T+2uD7C2VLFHWJ0dmMIgJABRT/fEFEzXbVJeAIDqH+S+Ov8L
9qwX5IOD1laA3OIN+Nj8OReeDP9PQPhv7EuzZkKmPMETw2kpxQ/70+4/7l5OFWyq
N9zYOpvn634NLn1DVb83+MgoehgGTG0Wa9oPDOxvMvSfRc87Lv8Q/9jIniKs4L/2
7czCCQhdCRr+Z9jv4+r/pHjuI1GnM8sdOj3OqZteDnHfTUQ9/W0+9LT++QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIsvERsFhDqGNDivyiTjjcQSbPqwMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvaXk4Ukd3V0VPb1kwT0tfS0pPT054QkpzLXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQHJTqAAwQB
W86cAwQBW+XmAwQCuQ+AAwQFwrEgMA0GCSqGSIb3DQEBCwUAA4IBAQBkX64HFw4i
vnv+kTsJzMks62eotsMvj4Tx6qk6UVR+xVrlnL8cE41aeTNAFbrx9lpYmuRAUe4V
oJV6Bf9TUTG/M9suWmpBfhp57ZnpJmyHc/5kcBFi2HakkaQRAFQM2muHzlEdYKf3
4jthk4bzNuIihyS8gUBUyQn0Dv2I+cqRPTHowZLjxdMpxTgzi2we9eUu8GxS9Bgg
lXrB9EVqfPwpQoiWYkVGK2HQboAvui0DgtyghqJUa6/qN0ubVVrfIDdusmtAOU7j
gTuY2KsAmugTOq3n3iOT3EgdcJmBNEBJBPcqUzrzBWrG60YJoDHgABFSc+41f6i8
07HIz3dd3Z5n
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:22:40 2025 by rpki-client