Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/i7CZQVgNPtp5yuaPmxyCC-IzKe0.roa
File: i7CZQVgNPtp5yuaPmxyCC-IzKe0.roa (raw, json)
Hash identifier: bQ2HIrrqkRhEOBQOkvl5LYUS0bMiMdsoxkQdcK0SsfM=
Subject key identifier: 8B:B0:99:41:58:0D:3E:DA:79:CA:E6:8F:9B:1C:82:0B:E2:33:29:ED
Certificate issuer: /CN=712f9cb3c298b150beb79080376f74bdeac438ac
Certificate serial: 018CC64A89B09741CED56D3F8D03920352F9
Authority key identifier: 71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/i7CZQVgNPtp5yuaPmxyCC-IzKe0.roa
Signing time: Mon 01 Jan 2024 18:30:22 +0000
ROA not before: Mon 01 Jan 2024 18:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60983
IP address blocks: 185.22.128.0/22 maxlen: 24
2a00:6060:ee37::/48 maxlen: 48
2a00:6060::/32 maxlen: 32
2a00:6060:ca00::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jan 2024 19:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:89:b0:97:41:ce:d5:6d:3f:8d:03:92:03:52:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f9cb3c298b150beb79080376f74bdeac438ac
Validity
Not Before: Jan 1 18:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bb09941580d3eda79cae68f9b1c820be23329ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:15:1d:b4:37:e3:b6:5d:0e:db:37:f7:90:60:
1d:84:6c:23:20:8c:c8:46:ba:00:7b:51:19:17:20:
f9:47:08:5b:1a:5f:cc:bc:f4:4a:79:bb:e0:2f:7b:
17:4b:d4:df:95:96:b4:4b:c9:a3:2b:2d:8b:7e:74:
3a:35:fc:72:ae:71:32:27:0e:98:dc:96:a4:69:f5:
18:9c:1b:fe:b9:95:ae:e3:e4:e8:30:9d:63:b5:a4:
3b:12:ed:d9:d9:1c:b4:d6:72:26:2d:f1:51:54:4d:
ba:6d:d9:b9:f7:e2:cd:ba:bc:bc:bb:d0:14:42:a9:
3a:40:18:a9:d6:fd:78:8a:dc:2c:46:1e:8b:c8:81:
8d:ed:e6:2b:84:2c:4d:53:e6:48:e4:63:6c:e3:49:
68:a4:2b:7d:c6:ce:48:21:d9:9d:b4:75:da:7a:e5:
6f:4f:96:52:00:ca:b8:cc:79:27:44:a4:72:c1:e3:
de:d9:09:d5:9c:eb:87:5f:d5:c7:c5:d9:56:28:03:
14:a0:01:72:e9:ad:e9:e5:c9:0c:a8:2a:0b:57:e9:
5b:37:f9:a8:45:7f:07:24:bb:30:44:91:66:c5:98:
3f:fb:20:1e:2f:da:b3:c4:b1:76:56:65:91:33:e1:
87:e0:5c:e3:ea:ce:f8:70:72:e1:02:c6:3a:54:2b:
2a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B0:99:41:58:0D:3E:DA:79:CA:E6:8F:9B:1C:82:0B:E2:33:29:ED
X509v3 Authority Key Identifier:
keyid:71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/i7CZQVgNPtp5yuaPmxyCC-IzKe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.128.0/22
IPv6:
2a00:6060::/32
Signature Algorithm: sha256WithRSAEncryption
a3:49:e5:49:94:dd:bd:29:f4:3e:28:c7:27:72:1a:ac:11:e3:
2d:0a:e4:5c:1e:eb:2e:3d:11:85:88:f2:1a:ea:08:64:0f:f6:
f5:24:79:f3:6a:16:a2:81:cd:65:39:bd:21:d8:49:4c:90:89:
47:a7:6c:dc:0a:3e:56:73:90:8c:77:1f:e9:2e:d9:48:0e:c9:
33:ff:de:92:76:6a:10:17:2e:cc:9d:bf:87:72:52:b2:9c:75:
d4:bb:55:2d:1d:b3:ee:01:f5:0d:7d:b8:32:4a:75:fd:06:f7:
45:94:d2:9c:8f:03:05:86:da:59:33:d3:ff:cd:5a:5e:08:66:
2f:35:60:77:1a:99:37:94:0e:53:10:e9:22:04:a7:c7:3c:d2:
d0:83:f2:4c:77:8a:e8:fe:ea:1e:3d:ac:9b:55:c4:64:83:6f:
79:89:e2:7d:99:d6:de:d5:0e:b0:35:b5:29:56:0e:bc:bc:2f:
84:3a:2b:91:a8:22:45:10:0e:72:d2:6a:7f:7c:46:e7:ae:23:
4f:06:28:33:0b:27:70:c5:63:2f:6a:ff:9c:d2:9e:bd:db:6a:
9f:a8:a3:1a:8d:45:1f:e2:48:d6:b9:05:3b:b9:94:07:31:50:
95:b0:47:c0:1d:6b:fc:e7:08:aa:f6:1d:e1:94:bc:81:27:41:
14:cb:81:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSomwl0HO1W0/jQOSA1L5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmY5Y2IzYzI5OGIxNTBiZWI3OTA4MDM3NmY3NGJkZWFj
NDM4YWMwHhcNMjQwMTAxMTgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmIwOTk0MTU4MGQzZWRhNzljYWU2OGY5YjFjODIwYmUyMzMyOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihUdtDfjtl0O2zf3kGAdhGwjIIzI
RroAe1EZFyD5RwhbGl/MvPRKebvgL3sXS9TflZa0S8mjKy2LfnQ6NfxyrnEyJw6Y
3JakafUYnBv+uZWu4+ToMJ1jtaQ7Eu3Z2Ry01nImLfFRVE26bdm59+LNury8u9AU
Qqk6QBip1v14itwsRh6LyIGN7eYrhCxNU+ZI5GNs40lopCt9xs5IIdmdtHXaeuVv
T5ZSAMq4zHknRKRywePe2QnVnOuHX9XHxdlWKAMUoAFy6a3p5ckMqCoLV+lbN/mo
RX8HJLswRJFmxZg/+yAeL9qzxLF2VmWRM+GH4Fzj6s74cHLhAsY6VCsq2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIuwmUFYDT7aecrmj5scggviMyntMB8GA1UdIwQY
MBaAFHEvnLPCmLFQvreQgDdvdL3qxDisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEt
OTg3ZGE0MzkyMDU2LzEvaTdDWlFWZ05QdHA1eXVhUG14eUNDLUl6S2UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEtOTg3ZGE0MzkyMDU2
LzEvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRaAMA0E
AgACMAcDBQAqAGBgMA0GCSqGSIb3DQEBCwUAA4IBAQCjSeVJlN29KfQ+KMcnchqs
EeMtCuRcHusuPRGFiPIa6ghkD/b1JHnzahaigc1lOb0h2ElMkIlHp2zcCj5Wc5CM
dx/pLtlIDskz/96SdmoQFy7Mnb+HclKynHXUu1UtHbPuAfUNfbgySnX9BvdFlNKc
jwMFhtpZM9P/zVpeCGYvNWB3Gpk3lA5TEOkiBKfHPNLQg/JMd4ro/uoePaybVcRk
g295ieJ9mdbe1Q6wNbUpVg68vC+EOiuRqCJFEA5y0mp/fEbnriNPBigzCydwxWMv
av+c0p6922qfqKMajUUf4kjWuQU7uZQHMVCVsEfAHWv85wiq9h3hlLyBJ0EUy4Ei
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:21:30 2025 by rpki-client