Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/64ff0f-e356-48b3-830f-156497bfe93f/1/NIpv5d6vKMqV-nJ3MU4kBF6fuws.roa
File: NIpv5d6vKMqV-nJ3MU4kBF6fuws.roa (raw, json)
Hash identifier: yaY6+NJ6iJx/4rrAV3JwiVYNT8ALeSUw2ycYShg8A1Q=
Subject key identifier: 34:8A:6F:E5:DE:AF:28:CA:95:FA:72:77:31:4E:24:04:5E:9F:BB:0B
Certificate issuer: /CN=20b830833878b6c861269a0e2a45837aa9485be1
Certificate serial: 01920138217D37F200DDD76EE9B21419FE27
Authority key identifier: 20:B8:30:83:38:78:B6:C8:61:26:9A:0E:2A:45:83:7A:A9:48:5B:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILgwgzh4tshhJpoOKkWDeqlIW-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/64ff0f-e356-48b3-830f-156497bfe93f/1/NIpv5d6vKMqV-nJ3MU4kBF6fuws.roa
Signing time: Tue 17 Sep 2024 18:21:48 +0000
ROA not before: Tue 17 Sep 2024 18:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60987
IP address blocks: 185.198.184.0/22 maxlen: 22
185.198.184.0/24 maxlen: 24
185.198.185.0/24 maxlen: 24
185.198.186.0/24 maxlen: 24
185.198.187.0/24 maxlen: 24
193.238.175.0/24 maxlen: 24
193.238.175.0/25 maxlen: 25
193.238.175.128/25 maxlen: 25
2a0a:8d40::/29 maxlen: 29
2a11:880::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 18 Sep 2024 08:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:01:38:21:7d:37:f2:00:dd:d7:6e:e9:b2:14:19:fe:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20b830833878b6c861269a0e2a45837aa9485be1
Validity
Not Before: Sep 17 18:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=348a6fe5deaf28ca95fa7277314e24045e9fbb0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:69:54:39:72:44:9b:98:f1:6f:62:c9:71:53:
0c:d3:b8:89:20:e1:88:e2:b3:f6:df:8d:61:63:5e:
e6:23:fe:83:e7:b2:d9:e5:7c:26:df:8e:50:86:4f:
3c:ab:af:0e:8c:95:b2:f3:09:6e:a1:50:94:e5:b7:
ed:0a:a8:85:d3:08:99:ed:6b:73:17:d7:84:77:74:
25:eb:60:d9:a9:c8:df:e6:83:89:19:47:d7:b7:67:
e8:97:a1:24:4a:ba:08:90:42:87:05:b6:4a:19:b7:
9e:2e:1b:ad:ae:54:77:91:75:67:59:a2:89:17:84:
75:5a:da:f1:a4:1c:da:fb:53:d4:49:e0:30:d9:74:
97:3c:25:a6:7b:14:d4:34:74:08:07:2a:72:49:56:
8a:89:20:69:1f:a1:75:3b:2b:a4:46:8d:98:ef:dd:
a3:bd:81:3b:e0:f8:56:64:8a:f5:8d:37:48:eb:95:
4e:ac:29:c9:01:fc:d1:9a:9e:af:30:ab:0a:df:e9:
d7:d5:d8:e6:c8:82:b0:77:3b:5f:33:bf:c6:c4:3b:
d4:26:a6:c8:84:ee:43:57:e7:53:9d:f0:42:9e:6f:
2d:59:82:59:b1:c5:48:b7:85:0e:1a:5f:97:37:ea:
bc:44:88:96:0a:53:60:09:fe:b2:cf:55:73:1f:a7:
24:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:8A:6F:E5:DE:AF:28:CA:95:FA:72:77:31:4E:24:04:5E:9F:BB:0B
X509v3 Authority Key Identifier:
keyid:20:B8:30:83:38:78:B6:C8:61:26:9A:0E:2A:45:83:7A:A9:48:5B:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILgwgzh4tshhJpoOKkWDeqlIW-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/64ff0f-e356-48b3-830f-156497bfe93f/1/NIpv5d6vKMqV-nJ3MU4kBF6fuws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/64ff0f-e356-48b3-830f-156497bfe93f/1/ILgwgzh4tshhJpoOKkWDeqlIW-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.184.0/22
193.238.175.0/24
IPv6:
2a0a:8d40::/29
2a11:880::/29
Signature Algorithm: sha256WithRSAEncryption
20:06:d0:73:02:a6:88:e0:45:f2:ef:b3:da:9e:bf:40:42:c5:
2f:63:4c:be:e1:87:52:70:df:7d:97:c9:f5:d8:e0:6a:b6:ba:
ae:fa:eb:24:97:a4:da:cc:a9:ca:7c:13:93:71:30:04:f3:51:
fb:92:37:0d:6c:c6:e6:c6:7e:32:a4:96:6a:07:a4:5d:59:18:
13:e2:62:89:a5:e0:27:e3:f5:3c:e3:af:ee:3d:1c:fd:29:ee:
2e:ec:a0:3d:67:da:0e:cc:80:25:c1:13:a1:46:17:10:0a:b8:
ca:11:81:55:ea:e7:3d:3f:7d:a5:5f:31:2f:4b:74:a9:af:0f:
ad:77:97:fe:4c:93:96:ab:3e:da:d4:fa:e3:7d:96:27:38:0b:
d6:e8:bc:e1:44:a4:11:d7:ca:19:f5:0c:cb:e4:e6:58:59:c7:
04:4e:98:cc:9b:62:8f:31:39:52:37:ca:6c:fa:06:f9:84:97:
0b:a1:da:a3:47:a9:80:8d:5d:33:b6:4c:5f:ae:cd:e5:63:84:
6a:4f:e6:18:de:b7:c8:ab:9b:23:24:da:26:d8:aa:7a:f8:08:
d4:45:51:01:ee:64:09:66:b1:f1:41:f5:01:2b:58:a0:d3:10:
eb:77:4d:7d:e4:f3:7e:9b:10:85:bf:38:fd:52:23:b3:f2:a6:
d1:42:de:09
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZIBOCF9N/IA3ddu6bIUGf4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYjgzMDgzMzg3OGI2Yzg2MTI2OWEwZTJhNDU4MzdhYTk0
ODViZTEwHhcNMjQwOTE3MTgyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDhhNmZlNWRlYWYyOGNhOTVmYTcyNzczMTRlMjQwNDVlOWZiYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2lUOXJEm5jxb2LJcVMM07iJIOGI
4rP2341hY17mI/6D57LZ5Xwm345Qhk88q68OjJWy8wluoVCU5bftCqiF0wiZ7Wtz
F9eEd3Ql62DZqcjf5oOJGUfXt2fol6EkSroIkEKHBbZKGbeeLhutrlR3kXVnWaKJ
F4R1WtrxpBza+1PUSeAw2XSXPCWmexTUNHQIBypySVaKiSBpH6F1OyukRo2Y792j
vYE74PhWZIr1jTdI65VOrCnJAfzRmp6vMKsK3+nX1djmyIKwdztfM7/GxDvUJqbI
hO5DV+dTnfBCnm8tWYJZscVIt4UOGl+XN+q8RIiWClNgCf6yz1VzH6ckQQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDSKb+XeryjKlfpydzFOJARen7sLMB8GA1UdIwQY
MBaAFCC4MIM4eLbIYSaaDipFg3qpSFvhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUxnd2d6aDR0c2hoSnBvT0trV0RlcWxJVy1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82NGZmMGYtZTM1Ni00OGIzLTgzMGYt
MTU2NDk3YmZlOTNmLzEvTklwdjVkNnZLTXFWLW5KM01VNGtCRjZmdXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82NGZmMGYtZTM1Ni00OGIzLTgzMGYtMTU2NDk3YmZlOTNm
LzEvSUxnd2d6aDR0c2hoSnBvT0trV0RlcWxJVy1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuca4AwQA
we6vMBQEAgACMA4DBQMqCo1AAwUDKhEIgDANBgkqhkiG9w0BAQsFAAOCAQEAIAbQ
cwKmiOBF8u+z2p6/QELFL2NMvuGHUnDffZfJ9djgara6rvrrJJek2sypynwTk3Ew
BPNR+5I3DWzG5sZ+MqSWagekXVkYE+JiiaXgJ+P1POOv7j0c/SnuLuygPWfaDsyA
JcEToUYXEAq4yhGBVernPT99pV8xL0t0qa8PrXeX/kyTlqs+2tT6432WJzgL1ui8
4USkEdfKGfUMy+TmWFnHBE6YzJtijzE5UjfKbPoG+YSXC6Hao0epgI1dM7ZMX67N
5WOEak/mGN63yKubIyTaJtiqevgI1EVRAe5kCWax8UH1AStYoNMQ63dNfeTzfpsQ
hb84/VIjs/Km0ULeCQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:56:53 2025 by rpki-client