Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/S17ahoNWU2Q4EuGRc4mW6rSUB2c.roa
File: S17ahoNWU2Q4EuGRc4mW6rSUB2c.roa (raw, json)
Hash identifier: DleJ0061xUixJstWqZU6/Zdda/NjNuO5ySIJWo3CUXc=
Subject key identifier: 4B:5E:DA:86:83:56:53:64:38:12:E1:91:73:89:96:EA:B4:94:07:67
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 018CC500DAD18FAC5E6E7DF505187A1A667C
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/S17ahoNWU2Q4EuGRc4mW6rSUB2c.roa
Signing time: Mon 01 Jan 2024 12:30:16 +0000
ROA not before: Mon 01 Jan 2024 12:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211970
IP address blocks: 188.72.56.0/24 maxlen: 24
185.234.245.0/24 maxlen: 24
188.72.3.0/24 maxlen: 24
188.72.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 17:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:da:d1:8f:ac:5e:6e:7d:f5:05:18:7a:1a:66:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Jan 1 12:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b5eda86835653643812e191738996eab4940767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8c:14:11:a2:4e:ab:25:66:f6:c3:1a:ab:65:
58:13:59:77:d9:44:ab:a4:8c:94:c1:6c:ac:76:c2:
41:29:d6:bf:90:4f:fe:52:0b:ad:fd:5d:30:07:3e:
03:74:5b:07:d5:0e:9e:5c:e8:78:f4:a8:e6:ee:ce:
18:d1:57:a7:cf:a5:96:54:7f:50:89:40:80:fc:65:
cc:4d:25:e0:8b:9c:30:67:ea:44:3a:97:92:40:91:
6a:84:49:1c:79:b2:eb:5d:14:a8:65:82:d6:d6:80:
1a:fa:e1:fc:3c:fb:5f:43:48:3e:b8:a8:b3:57:73:
0b:d7:9f:ab:78:69:8d:2d:37:90:94:81:b8:e2:71:
e3:db:93:51:d0:67:7d:8c:68:62:dd:3b:94:5f:48:
4b:76:88:9b:68:09:7a:72:1d:ee:75:40:bd:7c:4a:
9c:ce:11:ed:87:56:0c:43:e3:fe:01:91:34:e6:a4:
1b:a3:3d:8a:de:15:bd:61:67:96:d9:22:8d:62:4e:
1a:b0:1f:c6:00:aa:ea:8f:33:b8:90:ee:e1:41:b1:
a8:a2:fd:0c:83:a7:31:44:00:ef:5b:6a:3a:a2:07:
c7:53:2b:0b:b4:45:e1:c7:5b:5b:48:8b:71:1a:a3:
e9:50:6e:13:ea:99:b5:64:fe:61:fb:90:5b:8f:5c:
9c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5E:DA:86:83:56:53:64:38:12:E1:91:73:89:96:EA:B4:94:07:67
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/S17ahoNWU2Q4EuGRc4mW6rSUB2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.245.0/24
188.72.0.0/24
188.72.3.0/24
188.72.56.0/24
Signature Algorithm: sha256WithRSAEncryption
49:db:0e:87:b8:b8:c2:7d:78:2b:d1:25:ec:ae:49:bb:cb:b1:
08:32:d1:5c:38:73:f8:50:12:b1:1f:9f:2e:98:73:77:ca:44:
a9:1f:45:0e:5c:33:02:d0:53:5d:cc:28:b0:e6:03:fb:92:52:
5c:63:21:32:4a:49:75:aa:80:29:cb:7c:73:04:84:77:ab:48:
13:53:e6:6a:d9:c5:bc:0e:51:4f:51:7e:10:0b:50:c0:d6:48:
30:16:ed:09:05:f9:8c:a6:a0:ae:5f:f1:5e:f1:6c:80:b5:e9:
cc:a1:76:ce:8a:05:2f:92:c5:9f:fd:d8:e1:44:88:27:9b:1a:
88:5e:13:fc:c5:10:7a:f5:be:c5:11:5f:c7:f5:8b:8b:24:ad:
5e:36:77:5a:3a:51:0a:4d:67:e6:41:f9:1c:7e:d8:1a:2c:82:
e0:65:23:46:b1:c1:d6:2b:85:e7:6e:12:da:fe:9b:09:5c:5e:
8b:3a:16:2e:d0:f7:14:83:9a:ff:a8:8c:33:5c:c8:a2:f5:33:
e1:80:2c:b5:52:5a:b7:5c:04:c8:a2:9f:82:bc:5a:b5:ae:6f:
f2:13:8f:1c:0d:55:bf:3c:10:69:4c:84:85:f4:fb:d2:ed:82:
56:44:dd:8c:61:37:d5:df:00:c6:5f:eb:c9:04:a2:dc:27:50:
11:46:a5:8e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFANrRj6xebn31BRh6GmZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjQwMTAxMTIzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjVlZGE4NjgzNTY1MzY0MzgxMmUxOTE3Mzg5OTZlYWI0OTQwNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYwUEaJOqyVm9sMaq2VYE1l32USr
pIyUwWysdsJBKda/kE/+Ugut/V0wBz4DdFsH1Q6eXOh49Kjm7s4Y0Venz6WWVH9Q
iUCA/GXMTSXgi5wwZ+pEOpeSQJFqhEkcebLrXRSoZYLW1oAa+uH8PPtfQ0g+uKiz
V3ML15+reGmNLTeQlIG44nHj25NR0Gd9jGhi3TuUX0hLdoibaAl6ch3udUC9fEqc
zhHth1YMQ+P+AZE05qQboz2K3hW9YWeW2SKNYk4asB/GAKrqjzO4kO7hQbGoov0M
g6cxRADvW2o6ogfHUysLtEXhx1tbSItxGqPpUG4T6pm1ZP5h+5Bbj1ycJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEte2oaDVlNkOBLhkXOJluq0lAdnMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvUzE3YWhvTldVMlE0RXVHUmM0bVc2clNVQjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuer1AwQA
vEgAAwQAvEgDAwQAvEg4MA0GCSqGSIb3DQEBCwUAA4IBAQBJ2w6HuLjCfXgr0SXs
rkm7y7EIMtFcOHP4UBKxH58umHN3ykSpH0UOXDMC0FNdzCiw5gP7klJcYyEySkl1
qoApy3xzBIR3q0gTU+Zq2cW8DlFPUX4QC1DA1kgwFu0JBfmMpqCuX/Fe8WyAtenM
oXbOigUvksWf/djhRIgnmxqIXhP8xRB69b7FEV/H9YuLJK1eNndaOlEKTWfmQfkc
ftgaLILgZSNGscHWK4XnbhLa/psJXF6LOhYu0PcUg5r/qIwzXMii9TPhgCy1Ulq3
XATIop+CvFq1rm/yE48cDVW/PBBpTISF9PvS7YJWRN2MYTfV3wDGX+vJBKLcJ1AR
RqWO
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:15:13 2025 by rpki-client