Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/cmxPMPjxhdr_A9FDkafD6Z6BXwo.roa
File: cmxPMPjxhdr_A9FDkafD6Z6BXwo.roa (raw, json)
Hash identifier: P4dde531RW7Z3qARJwLC9PDmkBTQSurBERhXzVonxIc=
Subject key identifier: 72:6C:4F:30:F8:F1:85:DA:FF:03:D1:43:91:A7:C3:E9:9E:81:5F:0A
Certificate issuer: /CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Certificate serial: 01929ACECCCE32200217ECF7CEB2976C01E9
Authority key identifier: 34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/cmxPMPjxhdr_A9FDkafD6Z6BXwo.roa
Signing time: Thu 17 Oct 2024 14:08:16 +0000
ROA not before: Thu 17 Oct 2024 14:08:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204877
IP address blocks: 185.141.120.0/22 maxlen: 32
185.141.121.243/32 maxlen: 32
2a0d:ff00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 17 Oct 2024 16:58:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9a:ce:cc:ce:32:20:02:17:ec:f7:ce:b2:97:6c:01:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Validity
Not Before: Oct 17 14:08:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=726c4f30f8f185daff03d14391a7c3e99e815f0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5d:24:ac:db:5f:de:cd:32:75:93:85:c8:66:
68:b4:14:4f:0c:dc:ee:fa:59:79:cb:e3:00:8f:8e:
05:80:d5:63:bf:ef:ed:34:ce:8b:2f:b3:67:70:4d:
80:8d:52:7f:46:21:6d:ca:98:1a:07:73:93:88:66:
e6:ba:37:df:33:15:cf:b3:f0:7f:4e:fb:a2:77:bd:
7a:be:12:25:c1:4d:17:86:63:37:e5:ab:58:55:3e:
ff:08:da:8a:f2:c4:17:64:5b:38:15:9e:c4:91:09:
69:7f:01:89:99:3c:27:47:65:3b:e4:91:8a:74:99:
33:e6:b8:6a:f8:7e:8d:0b:6c:ca:c1:dd:d8:da:49:
1b:66:a4:50:3a:46:32:01:dd:68:d6:a3:c0:4c:6e:
3c:c4:0e:3b:cd:03:55:c8:6c:be:ef:c9:14:40:93:
2b:76:4f:68:7c:7d:54:16:78:94:b0:53:51:44:2d:
71:11:5e:0a:0c:a1:6b:22:ea:ef:90:da:d8:dc:b6:
33:e2:af:d7:29:2b:bf:04:d7:49:22:bb:02:d7:e1:
e7:d7:01:32:4f:21:49:ce:66:cf:2f:21:18:92:db:
7a:a0:2c:b0:74:2e:8b:8a:0d:4f:e8:80:52:a3:57:
fa:eb:d3:a7:0f:15:73:7b:02:1a:dc:79:2c:41:29:
cb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6C:4F:30:F8:F1:85:DA:FF:03:D1:43:91:A7:C3:E9:9E:81:5F:0A
X509v3 Authority Key Identifier:
keyid:34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/cmxPMPjxhdr_A9FDkafD6Z6BXwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/NLqcIjJB64DivHGFO7fS5YKGvdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.120.0/22
IPv6:
2a0d:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
13:35:bf:d9:cb:f4:22:50:91:f8:ef:de:96:c2:dd:0b:40:7a:
3e:2d:b8:2c:44:24:bd:7e:fd:2a:8a:c7:14:07:23:5a:05:8c:
8e:aa:5b:2a:9a:67:ef:31:f1:39:ae:00:da:62:99:2f:8a:9f:
88:31:de:9e:c5:c5:a6:48:14:f5:fa:19:83:74:f8:d9:e7:69:
5b:9b:0d:a3:d8:a8:fd:e1:18:51:68:f7:c2:61:e8:71:cc:c1:
57:02:2e:1c:90:4d:58:6c:10:66:cd:87:15:55:61:57:dc:75:
62:6f:70:e1:bf:b4:d7:37:90:47:6a:f1:83:2c:42:09:bb:5b:
c2:6c:f5:5c:ef:f7:1f:21:eb:2b:de:18:f0:51:73:ce:8a:49:
1a:bc:3f:2e:c7:dd:4a:9f:78:53:de:68:41:de:e9:b1:92:3b:
3c:c1:14:28:f1:fe:76:73:bb:2c:fb:89:b7:77:93:19:18:13:
b5:6d:aa:65:ed:6e:df:43:b3:2b:4a:03:06:46:5a:50:3d:3c:
a0:77:06:5d:7d:cd:1f:be:8e:9f:43:27:45:86:eb:a3:42:6c:
01:c2:97:0d:6e:2b:89:07:45:dc:eb:03:9a:9d:81:b0:6b:b3:
5d:66:3b:c9:17:0f:f8:3f:16:5f:70:65:95:48:e4:4a:13:26:
70:b8:36:fb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKazszOMiACF+z3zrKXbAHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmE5YzIyMzI0MWViODBlMmJjNzE4NTNiYjdkMmU1ODI4
NmJkZDMwHhcNMjQxMDE3MTQwODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjZjNGYzMGY4ZjE4NWRhZmYwM2QxNDM5MWE3YzNlOTllODE1ZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApV0krNtf3s0ydZOFyGZotBRPDNzu
+ll5y+MAj44FgNVjv+/tNM6LL7NncE2AjVJ/RiFtypgaB3OTiGbmujffMxXPs/B/
Tvuid716vhIlwU0XhmM35atYVT7/CNqK8sQXZFs4FZ7EkQlpfwGJmTwnR2U75JGK
dJkz5rhq+H6NC2zKwd3Y2kkbZqRQOkYyAd1o1qPATG48xA47zQNVyGy+78kUQJMr
dk9ofH1UFniUsFNRRC1xEV4KDKFrIurvkNrY3LYz4q/XKSu/BNdJIrsC1+Hn1wEy
TyFJzmbPLyEYktt6oCywdC6Lig1P6IBSo1f669OnDxVzewIa3HksQSnLfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHJsTzD48YXa/wPRQ5Gnw+megV8KMB8GA1UdIwQY
MBaAFDS6nCIyQeuA4rxxhTu30uWChr3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzIt
MTNlZTRjOGQzMDgyLzEvY214UE1QanhoZHJfQTlGRGthZkQ2WjZCWHdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzItMTNlZTRjOGQzMDgy
LzEvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY14MA0E
AgACMAcDBQMqDf8AMA0GCSqGSIb3DQEBCwUAA4IBAQATNb/Zy/QiUJH4796Wwt0L
QHo+LbgsRCS9fv0qiscUByNaBYyOqlsqmmfvMfE5rgDaYpkvip+IMd6excWmSBT1
+hmDdPjZ52lbmw2j2Kj94RhRaPfCYehxzMFXAi4ckE1YbBBmzYcVVWFX3HVib3Dh
v7TXN5BHavGDLEIJu1vCbPVc7/cfIesr3hjwUXPOikkavD8ux91Kn3hT3mhB3umx
kjs8wRQo8f52c7ss+4m3d5MZGBO1bapl7W7fQ7MrSgMGRlpQPTygdwZdfc0fvo6f
QydFhuujQmwBwpcNbiuJB0Xc6wOanYGwa7NdZjvJFw/4PxZfcGWVSORKEyZwuDb7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:02 2025 by rpki-client