Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/C5lG7bx0JeveIt3xno3eiHcG-54.roa
File: C5lG7bx0JeveIt3xno3eiHcG-54.roa (raw, json)
Hash identifier: 8NBlgWMLheEd0VWnzgwVSWsetIJzRhf8/vxfO8luj2k=
Subject key identifier: 0B:99:46:ED:BC:74:25:EB:DE:22:DD:F1:9E:8D:DE:88:77:06:FB:9E
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 018E668C39E6F4F4E72910E1B63F29366E3C
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/C5lG7bx0JeveIt3xno3eiHcG-54.roa
Signing time: Fri 22 Mar 2024 14:24:09 +0000
ROA not before: Fri 22 Mar 2024 14:24:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215380
IP address blocks: 185.229.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 19:35:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:8c:39:e6:f4:f4:e7:29:10:e1:b6:3f:29:36:6e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Mar 22 14:24:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b9946edbc7425ebde22ddf19e8dde887706fb9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a6:5f:36:5b:13:84:29:84:52:b9:ef:14:9f:
b8:c3:e7:01:14:09:30:0b:b6:33:04:5b:57:a7:a0:
69:39:13:72:0d:aa:ea:d9:88:cf:ce:b4:84:8c:b1:
37:83:5e:f5:9c:2c:4f:ce:78:5c:c6:ec:c5:26:72:
8b:1a:78:3b:7b:5e:19:2e:ac:11:da:80:27:a9:8b:
7e:17:81:c0:a8:23:c0:6a:a1:61:f9:78:60:3b:4a:
d5:f3:49:a4:2d:1a:8b:d4:75:19:c9:20:b6:e9:2c:
5b:89:8d:83:13:5a:9b:4c:4a:c3:59:96:07:5d:1d:
35:1b:f0:41:48:bf:c7:2c:55:ea:12:e0:13:2c:91:
82:04:c3:18:03:bd:0e:09:67:91:13:e5:fd:f4:47:
99:e4:fe:05:2d:6a:a7:1b:2d:73:fa:d5:31:ef:ed:
e4:88:02:0c:c8:35:54:97:09:fd:6c:07:a8:10:fb:
b7:9b:3d:43:8a:75:8d:50:d4:99:08:eb:74:41:06:
96:c4:9e:46:77:a5:0d:35:24:f4:63:1b:27:f0:b0:
52:03:05:61:46:9f:47:bb:6e:16:9a:96:88:ef:df:
eb:26:80:c3:8e:0f:2d:a8:0f:df:37:c7:57:14:79:
a0:2a:52:f7:c5:60:99:b1:e4:30:0a:ce:e8:12:ac:
0e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:99:46:ED:BC:74:25:EB:DE:22:DD:F1:9E:8D:DE:88:77:06:FB:9E
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/C5lG7bx0JeveIt3xno3eiHcG-54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.32.0/24
Signature Algorithm: sha256WithRSAEncryption
37:a0:f3:8c:36:6e:3b:be:9b:f2:1b:35:0f:16:a3:8a:71:0f:
df:eb:df:ba:38:ac:3a:02:8a:eb:cc:49:37:84:60:b8:ce:00:
ca:4c:0d:c1:e9:2a:8e:3e:57:2c:ed:fc:d2:f6:9d:46:93:5e:
4b:cc:2e:38:e8:1a:7c:e8:cd:3e:f8:63:56:6f:3c:0d:44:41:
de:13:a3:c0:6b:68:85:07:2d:b5:19:2a:06:5c:57:10:8a:76:
63:21:ed:42:ff:75:33:6a:cb:24:c5:5d:11:a5:a5:2b:e8:20:
50:39:a3:33:85:1a:d8:b4:49:a9:96:9a:47:02:65:6f:4e:b7:
00:be:ab:67:01:8f:df:b6:2e:f3:d0:8b:78:35:27:db:be:ba:
63:f6:85:73:73:84:05:18:98:df:df:5f:52:02:8f:fc:be:7a:
36:0e:ee:db:a3:eb:93:ce:b4:07:f1:ad:aa:01:53:b5:c8:8a:
3d:51:a5:1d:7e:25:b3:3f:44:7d:b6:bf:d9:06:22:3e:48:cf:
8e:38:ea:23:1e:7d:1c:4c:89:9e:75:57:14:2c:4f:c1:e1:a1:
df:e7:c3:d8:65:ec:cf:86:fd:14:33:ad:92:1e:fd:a5:df:37:
5c:b6:ae:d6:81:04:24:d1:92:60:92:ef:d7:d3:25:1b:6a:87:
c1:13:6c:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5mjDnm9PTnKRDhtj8pNm48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjQwMzIyMTQyNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjk5NDZlZGJjNzQyNWViZGUyMmRkZjE5ZThkZGU4ODc3MDZmYjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36ZfNlsThCmEUrnvFJ+4w+cBFAkw
C7YzBFtXp6BpORNyDarq2YjPzrSEjLE3g171nCxPznhcxuzFJnKLGng7e14ZLqwR
2oAnqYt+F4HAqCPAaqFh+XhgO0rV80mkLRqL1HUZySC26SxbiY2DE1qbTErDWZYH
XR01G/BBSL/HLFXqEuATLJGCBMMYA70OCWeRE+X99EeZ5P4FLWqnGy1z+tUx7+3k
iAIMyDVUlwn9bAeoEPu3mz1DinWNUNSZCOt0QQaWxJ5Gd6UNNST0Yxsn8LBSAwVh
Rp9Hu24WmpaI79/rJoDDjg8tqA/fN8dXFHmgKlL3xWCZseQwCs7oEqwOtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAuZRu28dCXr3iLd8Z6N3oh3BvueMB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvQzVsRzdieDBKZXZlSXQzeG5vM2VpSGNHLTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueUgMA0G
CSqGSIb3DQEBCwUAA4IBAQA3oPOMNm47vpvyGzUPFqOKcQ/f69+6OKw6AorrzEk3
hGC4zgDKTA3B6SqOPlcs7fzS9p1Gk15LzC446Bp86M0++GNWbzwNREHeE6PAa2iF
By21GSoGXFcQinZjIe1C/3UzasskxV0RpaUr6CBQOaMzhRrYtEmplppHAmVvTrcA
vqtnAY/fti7z0It4NSfbvrpj9oVzc4QFGJjf319SAo/8vno2Du7bo+uTzrQH8a2q
AVO1yIo9UaUdfiWzP0R9tr/ZBiI+SM+OOOojHn0cTImedVcULE/B4aHf58PYZezP
hv0UM62SHv2l3zdctq7WgQQk0ZJgku/X0yUbaofBE2yy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:33 2025 by rpki-client