Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ChfzeiBRzoKa2_XvYB_O3D0H-Bw.roa
File: ChfzeiBRzoKa2_XvYB_O3D0H-Bw.roa (raw, json)
Hash identifier: +sjM3hkofbCG2pqz2ZFxTDc7HZSf2v+nRNEM2/OGPsM=
Subject key identifier: 0A:17:F3:7A:20:51:CE:82:9A:DB:F5:EF:60:1F:CE:DC:3D:07:F8:1C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019455084202F4F75ECA9D2BAE1CB0E1222D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ChfzeiBRzoKa2_XvYB_O3D0H-Bw.roa
Signing time: Sat 11 Jan 2025 11:03:12 +0000
ROA not before: Sat 11 Jan 2025 11:03:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50053
IP address blocks: 185.121.13.0/24 maxlen: 24
185.121.14.0/24 maxlen: 24
185.232.204.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
185.239.142.0/23 maxlen: 23
185.239.142.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Jan 2025 17:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:55:08:42:02:f4:f7:5e:ca:9d:2b:ae:1c:b0:e1:22:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 11 11:03:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a17f37a2051ce829adbf5ef601fcedc3d07f81c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:70:53:50:b5:61:31:0b:70:f3:05:a7:d0:54:
75:67:b6:d3:11:b2:38:6d:35:15:ab:39:bf:19:87:
54:81:30:1f:bf:bf:3a:4c:8e:7b:ea:c3:90:f7:d0:
77:21:c1:8d:ab:7f:b6:c2:2a:80:34:2c:c6:72:de:
66:a9:54:51:3c:d0:7c:d2:c3:ba:ea:37:8c:aa:d3:
73:47:36:d2:1e:11:9a:1f:f4:13:5f:f2:64:fc:f8:
70:b3:a1:9a:36:54:3e:91:39:0f:f1:25:18:68:c6:
7b:87:ee:2b:b9:65:00:8e:58:fb:5b:95:eb:8e:5c:
fd:13:c3:43:45:2b:3b:a7:1a:cd:c9:9d:1b:5f:83:
d2:08:cb:59:1e:23:50:0b:4d:59:9b:1b:13:7b:a1:
38:c7:cc:69:52:ad:a2:c1:d3:98:7d:fd:b8:62:2d:
8c:34:a6:71:45:16:2f:a1:d7:fd:dc:c3:e7:89:ab:
fa:35:a7:84:59:51:fc:3b:56:00:55:70:21:6a:a4:
f8:22:93:3d:25:04:33:c4:30:e7:94:78:d1:fb:e8:
34:3d:b1:95:66:84:cd:d4:f0:27:3f:76:cd:80:c2:
de:85:6f:2d:9e:c5:f0:77:cf:53:c6:51:9d:b9:9e:
80:d8:7f:79:4b:d1:8e:9a:c3:1b:3f:cf:6e:42:be:
1f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:17:F3:7A:20:51:CE:82:9A:DB:F5:EF:60:1F:CE:DC:3D:07:F8:1C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ChfzeiBRzoKa2_XvYB_O3D0H-Bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.13.0-185.121.14.255
185.232.204.0/24
185.239.141.0-185.239.143.255
185.254.158.0/24
Signature Algorithm: sha256WithRSAEncryption
66:6f:37:5c:a7:1c:79:6c:1c:55:78:6a:45:04:fe:c9:dc:74:
2d:52:de:d6:71:72:64:31:60:67:6c:37:90:47:75:5d:60:f7:
28:55:3a:98:83:df:04:43:7a:dc:83:5f:a2:48:79:57:fd:ff:
0d:c0:bb:d0:c1:aa:04:3e:13:56:ff:d0:25:e2:c1:e4:69:b7:
95:56:68:c9:32:c5:2f:f2:d8:8d:ef:45:c2:45:ae:a7:b1:da:
4d:92:ad:94:54:1f:b4:fb:17:75:02:eb:ad:6f:d9:25:dd:9d:
d2:96:d1:ab:5a:09:8e:8e:2d:bf:6e:b0:fc:11:6c:94:bf:37:
ad:1e:b4:5b:07:ed:b6:79:69:2c:2d:a4:62:cf:9a:a5:bf:df:
91:04:e7:27:b6:06:fe:f4:7a:f9:23:2e:c4:36:5f:cd:20:6f:
4f:4a:b3:39:4d:fa:b0:ab:56:17:21:3b:1f:23:ab:56:bc:92:
9f:8a:f0:90:30:3d:4f:19:aa:0c:67:49:84:40:fa:4b:54:f3:
4a:f0:54:ec:b7:5b:bc:f7:fb:50:b0:64:9a:94:35:80:71:f8:
08:9c:47:60:5c:33:36:15:5f:b7:84:f4:1d:d8:a6:5c:7e:a5:
a1:8d:70:4f:40:5a:72:86:46:44:1b:a8:f8:70:33:a0:68:ef:
56:a6:52:72
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZRVCEIC9Pdeyp0rrhyw4SItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTExMTEwMzEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE3ZjM3YTIwNTFjZTgyOWFkYmY1ZWY2MDFmY2VkYzNkMDdmODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3BTULVhMQtw8wWn0FR1Z7bTEbI4
bTUVqzm/GYdUgTAfv786TI576sOQ99B3IcGNq3+2wiqANCzGct5mqVRRPNB80sO6
6jeMqtNzRzbSHhGaH/QTX/Jk/Phws6GaNlQ+kTkP8SUYaMZ7h+4ruWUAjlj7W5Xr
jlz9E8NDRSs7pxrNyZ0bX4PSCMtZHiNQC01ZmxsTe6E4x8xpUq2iwdOYff24Yi2M
NKZxRRYvodf93MPniav6NaeEWVH8O1YAVXAhaqT4IpM9JQQzxDDnlHjR++g0PbGV
ZoTN1PAnP3bNgMLehW8tnsXwd89TxlGduZ6A2H95S9GOmsMbP89uQr4f1QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFAoX83ogUc6Cmtv172Afztw9B/gcMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQ2hmemVpQlJ6b0thMl9YdllCX08zRDBILUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAC5eQ0D
BAC5eQ4DBAC56MwwDAMEALnvjQMEBLnvgAMEALn+njANBgkqhkiG9w0BAQsFAAOC
AQEAZm83XKcceWwcVXhqRQT+ydx0LVLe1nFyZDFgZ2w3kEd1XWD3KFU6mIPfBEN6
3INfokh5V/3/DcC70MGqBD4TVv/QJeLB5Gm3lVZoyTLFL/LYje9FwkWup7HaTZKt
lFQftPsXdQLrrW/ZJd2d0pbRq1oJjo4tv26w/BFslL83rR60WwfttnlpLC2kYs+a
pb/fkQTnJ7YG/vR6+SMuxDZfzSBvT0qzOU36sKtWFyE7HyOrVrySn4rwkDA9Txmq
DGdJhED6S1TzSvBU7LdbvPf7ULBkmpQ1gHH4CJxHYFwzNhVft4T0HdimXH6loY1w
T0BacoZGRBuo+HAzoGjvVqZScg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:33:25 2025 by rpki-client