Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/oaoM0lgoCs9JEQ4sDiv_EHOyA5M.roa
File: oaoM0lgoCs9JEQ4sDiv_EHOyA5M.roa (raw, json)
Hash identifier: ish33jJdBFOL7rg+si6XkrZSjjukdVGpZnYzwWx6ISk=
Subject key identifier: A1:AA:0C:D2:58:28:0A:CF:49:11:0E:2C:0E:2B:FF:10:73:B2:03:93
Certificate issuer: /CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Certificate serial: 018CC2DAF83F624EE87C8329E63C7BE87F97
Authority key identifier: 09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/oaoM0lgoCs9JEQ4sDiv_EHOyA5M.roa
Signing time: Mon 01 Jan 2024 02:29:39 +0000
ROA not before: Mon 01 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203443
IP address blocks: 185.132.12.0/23 maxlen: 23
185.132.14.0/23 maxlen: 23
185.126.164.0/23 maxlen: 23
185.126.166.0/23 maxlen: 23
185.127.68.0/23 maxlen: 23
185.127.70.0/23 maxlen: 23
185.127.76.0/23 maxlen: 23
185.127.78.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f8:3f:62:4e:e8:7c:83:29:e6:3c:7b:e8:7f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Validity
Not Before: Jan 1 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1aa0cd258280acf49110e2c0e2bff1073b20393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c2:d1:82:f5:fa:09:d8:4f:f2:b5:55:0f:85:
08:1f:2f:32:da:54:7f:fe:57:0f:45:b2:48:d1:b2:
7b:56:6d:17:b5:fa:c9:1a:36:4a:c1:4a:af:c3:6f:
6d:47:37:aa:f6:80:a9:77:c5:56:c8:e7:30:c1:46:
58:63:3e:61:30:f1:d2:53:b5:0b:d8:08:bf:7b:a0:
db:0b:79:69:f9:bd:b2:90:aa:72:8c:a2:f8:2d:76:
1f:69:aa:64:b1:ce:3b:53:1e:4a:db:25:a1:90:73:
cc:47:f5:70:92:67:79:d3:0d:21:3e:a9:fc:92:2a:
17:32:59:8e:be:b9:75:bc:66:bf:35:d8:e6:49:a0:
38:50:a7:b6:8d:62:c1:8d:64:7a:97:7d:7c:b2:99:
e4:ae:09:f4:34:7c:96:16:cd:2d:63:b4:17:b5:a1:
a5:fb:0e:dd:fb:49:94:bb:19:56:91:0b:31:5c:8a:
95:cd:c5:df:54:23:ab:69:0b:bb:00:f6:77:bd:24:
13:d4:bc:72:48:bd:03:e9:36:0b:3b:61:12:47:51:
73:4c:7d:cf:c5:03:ed:90:b3:7a:38:9b:e2:9d:72:
15:43:c8:36:0f:83:4c:6e:4d:7a:51:dc:be:ac:3a:
47:42:b0:72:b3:fa:76:b9:1d:bc:bf:b9:07:ab:7d:
82:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:AA:0C:D2:58:28:0A:CF:49:11:0E:2C:0E:2B:FF:10:73:B2:03:93
X509v3 Authority Key Identifier:
keyid:09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/oaoM0lgoCs9JEQ4sDiv_EHOyA5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.164.0/22
185.127.68.0/22
185.127.76.0/22
185.132.12.0/22
Signature Algorithm: sha256WithRSAEncryption
70:4e:7b:c0:0c:7b:63:40:80:79:7e:c1:b8:25:1c:41:28:dd:
84:25:9d:a5:38:8a:1e:05:84:b2:39:60:47:0d:73:ed:9f:29:
a9:47:3f:ce:97:a7:fe:b0:8c:ee:21:f8:93:07:ca:f2:14:94:
86:5b:1b:b5:07:fc:69:f9:2d:73:9e:d5:af:a8:66:12:f7:f5:
1e:24:ad:c1:4f:28:87:ea:e3:11:28:1c:4d:fd:8b:e9:5b:7d:
a0:63:4d:ba:31:ec:08:c1:31:96:73:7b:d2:a0:d5:df:7a:5b:
97:18:93:e6:99:59:51:b3:78:51:96:41:54:81:5e:f6:03:7c:
69:57:3e:62:2c:f9:57:48:ca:56:95:ed:3f:ba:12:6c:88:94:
52:be:85:70:0f:d0:1c:c7:f3:54:83:d3:aa:60:9a:57:e7:f2:
ba:e5:07:06:73:3f:88:44:0e:89:c3:20:dd:c8:af:e7:92:36:
59:06:ba:ac:08:73:27:48:50:cf:a9:a5:57:15:3e:39:a4:9b:
fd:e3:dc:0c:ce:f7:79:6c:a2:b4:76:ff:39:41:b0:92:f0:3c:
e4:f5:9e:76:89:67:b1:67:a1:4a:8c:9e:95:67:be:97:9f:1e:
8a:a4:d6:b0:61:33:14:35:1d:9c:99:ad:96:a8:92:43:62:1d:
08:fe:48:2c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2vg/Yk7ofIMp5jx76H+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTJhZjA4Y2Y2ZTEyZTIzMDRmYjNiZGVjNjRjZmJjZWRh
YTg1MjIwHhcNMjQwMTAxMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWFhMGNkMjU4MjgwYWNmNDkxMTBlMmMwZTJiZmYxMDczYjIwMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsLRgvX6CdhP8rVVD4UIHy8y2lR/
/lcPRbJI0bJ7Vm0XtfrJGjZKwUqvw29tRzeq9oCpd8VWyOcwwUZYYz5hMPHSU7UL
2Ai/e6DbC3lp+b2ykKpyjKL4LXYfaapksc47Ux5K2yWhkHPMR/Vwkmd50w0hPqn8
kioXMlmOvrl1vGa/NdjmSaA4UKe2jWLBjWR6l318spnkrgn0NHyWFs0tY7QXtaGl
+w7d+0mUuxlWkQsxXIqVzcXfVCOraQu7APZ3vSQT1LxySL0D6TYLO2ESR1FzTH3P
xQPtkLN6OJvinXIVQ8g2D4NMbk16Udy+rDpHQrBys/p2uR28v7kHq32CUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKGqDNJYKArPSREOLA4r/xBzsgOTMB8GA1UdIwQY
MBaAFAnirwjPbhLiME+zvexkz7ztqoUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWIt
NzBhMWFmNTFkZmJlLzEvb2FvTTBsZ29DczlKRVE0c0Rpdl9FSE95QTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWItNzBhMWFmNTFkZmJl
LzEvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuX6kAwQC
uX9EAwQCuX9MAwQCuYQMMA0GCSqGSIb3DQEBCwUAA4IBAQBwTnvADHtjQIB5fsG4
JRxBKN2EJZ2lOIoeBYSyOWBHDXPtnympRz/Ol6f+sIzuIfiTB8ryFJSGWxu1B/xp
+S1zntWvqGYS9/UeJK3BTyiH6uMRKBxN/YvpW32gY026MewIwTGWc3vSoNXfeluX
GJPmmVlRs3hRlkFUgV72A3xpVz5iLPlXSMpWle0/uhJsiJRSvoVwD9Acx/NUg9Oq
YJpX5/K65QcGcz+IRA6JwyDdyK/nkjZZBrqsCHMnSFDPqaVXFT45pJv949wMzvd5
bKK0dv85QbCS8Dzk9Z52iWexZ6FKjJ6VZ76Xnx6KpNawYTMUNR2cma2WqJJDYh0I
/kgs
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:50:21 2025 by rpki-client