Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/7Mzhjmu7aFBObUT4m28A2lxSuxw.roa
File: 7Mzhjmu7aFBObUT4m28A2lxSuxw.roa (raw, json)
Hash identifier: xBCuxlHUs71PV1/aMihTE40bxh8xHtXWil1Q3AZyNkI=
Subject key identifier: EC:CC:E1:8E:6B:BB:68:50:4E:6D:44:F8:9B:6F:00:DA:5C:52:BB:1C
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 0192BEBC2FD02BFF533EAE1D042B9304E30D
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/7Mzhjmu7aFBObUT4m28A2lxSuxw.roa
Signing time: Thu 24 Oct 2024 13:34:16 +0000
ROA not before: Thu 24 Oct 2024 13:34:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.129.16.0/24 maxlen: 24
185.129.17.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
2a0f:aac0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 24 Oct 2024 18:25:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:bc:2f:d0:2b:ff:53:3e:ae:1d:04:2b:93:04:e3:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Oct 24 13:34:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eccce18e6bbb68504e6d44f89b6f00da5c52bb1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3f:66:b3:75:e4:d5:99:7b:e0:1c:c6:5b:bb:
fd:21:4d:ca:47:a2:57:19:67:d4:04:fd:13:38:02:
f3:81:75:a0:55:21:14:cf:ef:20:45:08:a7:bf:a5:
a1:cc:95:49:7b:8f:ea:e8:ed:0e:81:80:2c:38:2e:
70:44:d2:81:92:9b:53:13:53:46:ae:a7:5d:c9:06:
e4:76:4d:bb:ea:6b:c7:b1:0e:b1:76:cb:c1:27:eb:
95:e4:f8:9a:86:a6:72:39:f1:3d:0f:2a:a3:a5:d8:
c9:88:0a:46:2e:03:18:88:34:da:ab:41:39:ab:a2:
05:b2:94:ac:49:6f:85:aa:26:d5:cd:ba:b5:4c:1e:
c0:15:9c:8d:40:60:0e:40:05:aa:b2:27:d1:bf:52:
83:46:34:f6:b9:c0:17:5d:40:9b:04:6a:0e:c6:b8:
6f:aa:f9:34:57:73:88:e6:1e:37:53:c0:96:06:9d:
a5:cb:f5:34:2b:69:d1:fc:e9:70:44:a5:98:f1:ad:
92:64:28:f0:51:71:60:ce:79:f9:b3:e4:10:a3:b6:
34:e9:16:8c:b7:9e:02:4d:82:29:64:cb:3d:33:69:
9b:41:70:8c:a5:67:2a:e8:cc:f5:3e:93:7d:f7:77:
7d:ae:46:64:6f:c0:fb:e4:11:5d:cd:33:95:33:a9:
bf:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CC:E1:8E:6B:BB:68:50:4E:6D:44:F8:9B:6F:00:DA:5C:52:BB:1C
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/7Mzhjmu7aFBObUT4m28A2lxSuxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
IPv6:
2a0f:aac0::-2a0f:aac0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7d:21:9d:53:d1:0e:ba:0e:20:eb:c7:8d:e1:e5:f8:3e:d6:73:
79:76:3f:fe:2a:49:90:62:f3:ae:65:c4:9f:52:32:d0:ce:08:
11:ca:63:9b:d5:17:72:ac:05:92:01:45:be:90:74:98:2b:f7:
81:e8:ee:9d:56:f1:df:42:3e:2f:ff:08:ee:ca:43:1b:05:7b:
62:52:f8:0c:96:12:bc:f6:c6:2f:a5:44:ff:f3:60:7f:80:4d:
bb:93:57:e8:10:37:8c:fb:74:52:0f:e8:4d:d2:80:e5:c4:ba:
4c:8a:25:9f:5a:dc:bf:dd:40:c4:ba:05:30:d7:ce:93:0d:92:
9d:b4:dd:01:e9:9d:6d:50:1f:6d:dc:2a:22:d6:5d:f1:62:d0:
43:f6:14:49:45:29:bb:8a:87:a3:95:79:65:66:a0:d0:9a:f1:
70:d5:b8:19:f5:6d:99:91:a9:5b:d0:88:7c:fc:5b:a3:fd:78:
98:5c:71:8c:a2:dc:14:f9:92:6d:bb:84:4f:3a:dd:b2:88:9a:
d2:7c:97:2b:ce:85:83:5f:05:c5:87:79:30:cb:64:3b:21:1f:
f1:8e:c6:ac:08:90:06:71:09:ad:0d:2f:6b:a4:75:80:ad:91:
ed:7e:64:a6:3d:dc:74:11:75:ee:7c:4c:d6:3b:9e:27:a1:6a:
cb:80:d7:75
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZK+vC/QK/9TPq4dBCuTBOMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjQxMDI0MTMzNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2NjZTE4ZTZiYmI2ODUwNGU2ZDQ0Zjg5YjZmMDBkYTVjNTJiYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj9ms3Xk1Zl74BzGW7v9IU3KR6JX
GWfUBP0TOALzgXWgVSEUz+8gRQinv6WhzJVJe4/q6O0OgYAsOC5wRNKBkptTE1NG
rqddyQbkdk276mvHsQ6xdsvBJ+uV5PiahqZyOfE9DyqjpdjJiApGLgMYiDTaq0E5
q6IFspSsSW+FqibVzbq1TB7AFZyNQGAOQAWqsifRv1KDRjT2ucAXXUCbBGoOxrhv
qvk0V3OI5h43U8CWBp2ly/U0K2nR/OlwRKWY8a2SZCjwUXFgznn5s+QQo7Y06RaM
t54CTYIpZMs9M2mbQXCMpWcq6Mz1PpN993d9rkZkb8D75BFdzTOVM6m/HQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOzM4Y5ru2hQTm1E+JtvANpcUrscMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvN016aGptdTdhRkJPYlVUNG0yOEEybHhTdXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBuYEQMBgE
AgACMBIwEAMFBioPqsADBwAqD6rAAAIwDQYJKoZIhvcNAQELBQADggEBAH0hnVPR
DroOIOvHjeHl+D7Wc3l2P/4qSZBi865lxJ9SMtDOCBHKY5vVF3KsBZIBRb6QdJgr
94Ho7p1W8d9CPi//CO7KQxsFe2JS+AyWErz2xi+lRP/zYH+ATbuTV+gQN4z7dFIP
6E3SgOXEukyKJZ9a3L/dQMS6BTDXzpMNkp203QHpnW1QH23cKiLWXfFi0EP2FElF
KbuKh6OVeWVmoNCa8XDVuBn1bZmRqVvQiHz8W6P9eJhccYyi3BT5km27hE863bKI
mtJ8lyvOhYNfBcWHeTDLZDshH/GOxqwIkAZxCa0NL2ukdYCtke1+ZKY93HQRde58
TNY7niehasuA13U=
-----END CERTIFICATE-----
Generated at Thu Oct 24 22:21:55 2024 by rpki-client on console-ams.rpki-client.org