Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/suA5MsZWU8PusdChltUSmXWkCrk.roa
File: suA5MsZWU8PusdChltUSmXWkCrk.roa (raw, json)
Hash identifier: wkXZxQNuMZ3EmXYjy1STg4LcTVZ7KOf/UX5B0qaTHwA=
Subject key identifier: B2:E0:39:32:C6:56:53:C3:EE:B1:D0:A1:96:D5:12:99:75:A4:0A:B9
Certificate issuer: /CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Certificate serial: 01942068075570E1EFE1798CD62FB4A39C07
Authority key identifier: 0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/suA5MsZWU8PusdChltUSmXWkCrk.roa
Signing time: Wed 01 Jan 2025 05:47:56 +0000
ROA not before: Wed 01 Jan 2025 05:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206360
IP address blocks: 185.220.136.0/24 maxlen: 24
185.220.136.0/30 maxlen: 30
185.220.136.4/30 maxlen: 30
185.220.136.16/29 maxlen: 29
185.220.136.32/28 maxlen: 28
185.220.137.0/24 maxlen: 24
185.220.137.4/30 maxlen: 30
185.220.137.8/29 maxlen: 29
185.220.138.0/24 maxlen: 24
185.220.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Jan 2025 10:28:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:07:55:70:e1:ef:e1:79:8c:d6:2f:b4:a3:9c:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Validity
Not Before: Jan 1 05:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2e03932c65653c3eeb1d0a196d5129975a40ab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:91:79:86:79:4b:f3:0b:49:95:55:60:d2:1d:
64:b3:33:c1:c4:39:d0:4e:d5:ec:e5:ca:dc:8a:18:
15:78:14:cd:96:91:da:78:d8:b2:81:ef:43:52:f8:
6b:e2:b7:c6:12:d2:6d:ae:62:bc:a2:f8:5f:45:89:
ae:81:dc:5f:b6:7d:e8:8f:62:bb:44:82:15:61:85:
16:b9:da:92:00:9b:80:2e:05:e6:cc:0a:73:52:c0:
9b:1f:6d:87:21:73:cb:26:c8:f7:25:b2:d4:5d:a5:
99:0c:69:90:66:4f:e0:c3:c9:28:d8:b0:4e:b7:d9:
2b:52:89:2c:1f:74:b3:f1:a4:4c:ac:0c:68:90:49:
cc:fa:cc:3a:6e:d9:83:83:4d:54:ff:c5:1d:5e:c3:
68:aa:20:f0:42:21:78:6f:d9:d7:72:b7:c2:7f:a0:
72:7c:52:1c:fe:94:84:a0:1b:24:1b:49:3f:d7:21:
b0:c0:4f:c4:a8:84:4e:31:92:cc:80:c4:e2:c6:04:
c1:34:40:5c:56:90:ef:eb:d8:88:e6:63:89:60:78:
36:53:57:c8:69:d1:44:53:97:0f:4b:5a:4c:ac:17:
31:49:3f:cc:21:05:ba:4a:c7:1d:9a:19:4c:1e:7d:
f1:08:2d:6f:12:e3:f2:ba:74:de:2c:3c:90:84:0b:
a4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E0:39:32:C6:56:53:C3:EE:B1:D0:A1:96:D5:12:99:75:A4:0A:B9
X509v3 Authority Key Identifier:
keyid:0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/suA5MsZWU8PusdChltUSmXWkCrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/C0L7SDHB2vLZY8R2ONcDCG7sqN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.136.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:78:02:d2:02:fa:48:e0:50:ad:c6:5b:28:27:75:36:d1:69:
12:74:12:0c:c7:66:19:c3:bd:43:43:7c:33:7c:01:c4:3c:eb:
ae:1f:40:66:4a:2a:85:28:e4:38:08:f0:b3:a8:a4:7c:b4:ff:
98:3e:dd:47:c0:69:64:e3:e5:8a:cc:c3:a5:b4:f7:aa:e4:0b:
d3:66:fc:91:36:55:83:d5:e9:f3:34:69:93:67:1c:56:81:b4:
8c:c1:5d:62:78:46:53:c7:6d:ef:ea:78:43:57:70:5d:0d:47:
f8:ab:ee:45:b6:2d:0e:5e:35:be:dc:a4:29:6d:01:fc:fc:d9:
3d:3a:e6:f1:a5:d0:18:df:b6:5c:45:07:7e:3e:42:3a:9c:a5:
a9:05:56:e1:83:f6:57:13:8e:12:21:e0:c6:c3:d9:18:f7:7a:
9f:3a:c8:e7:22:95:ee:67:0f:b1:b0:3b:f3:f9:60:5a:77:61:
93:81:f5:c6:d5:5a:e1:7f:d3:36:43:a8:2e:c8:c1:8c:dc:69:
49:ad:c8:01:97:49:e8:7e:47:5b:b6:d9:9d:dc:2d:19:b9:86:
60:b2:15:06:6e:3e:54:93:ca:07:55:e4:d6:7b:8d:f0:82:10:
35:43:24:ec:1a:71:91:59:61:6d:2e:05:95:ea:82:b1:f2:6f:
12:6a:7c:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaAdVcOHv4XmM1i+0o5wHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNDJmYjQ4MzFjMWRhZjJkOTYzYzQ3NjM4ZDcwMzA4NmVl
Y2E4ZGUwHhcNMjUwMTAxMDU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmUwMzkzMmM2NTY1M2MzZWViMWQwYTE5NmQ1MTI5OTc1YTQwYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5F5hnlL8wtJlVVg0h1kszPBxDnQ
TtXs5crcihgVeBTNlpHaeNiyge9DUvhr4rfGEtJtrmK8ovhfRYmugdxftn3oj2K7
RIIVYYUWudqSAJuALgXmzApzUsCbH22HIXPLJsj3JbLUXaWZDGmQZk/gw8ko2LBO
t9krUoksH3Sz8aRMrAxokEnM+sw6btmDg01U/8UdXsNoqiDwQiF4b9nXcrfCf6By
fFIc/pSEoBskG0k/1yGwwE/EqIROMZLMgMTixgTBNEBcVpDv69iI5mOJYHg2U1fI
adFEU5cPS1pMrBcxST/MIQW6SscdmhlMHn3xCC1vEuPyunTeLDyQhAukFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLLgOTLGVlPD7rHQoZbVEpl1pAq5MB8GA1UdIwQY
MBaAFAtC+0gxwdry2WPEdjjXAwhu7KjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEt
YjM2NjNhMzQ1NTE4LzEvc3VBNU1zWldVOFB1c2RDaGx0VVNtWFdrQ3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEtYjM2NjNhMzQ1NTE4
LzEvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudyIMA0G
CSqGSIb3DQEBCwUAA4IBAQBceALSAvpI4FCtxlsoJ3U20WkSdBIMx2YZw71DQ3wz
fAHEPOuuH0BmSiqFKOQ4CPCzqKR8tP+YPt1HwGlk4+WKzMOltPeq5AvTZvyRNlWD
1enzNGmTZxxWgbSMwV1ieEZTx23v6nhDV3BdDUf4q+5Fti0OXjW+3KQpbQH8/Nk9
OubxpdAY37ZcRQd+PkI6nKWpBVbhg/ZXE44SIeDGw9kY93qfOsjnIpXuZw+xsDvz
+WBad2GTgfXG1Vrhf9M2Q6guyMGM3GlJrcgBl0nofkdbttmd3C0ZuYZgshUGbj5U
k8oHVeTWe43wghA1QyTsGnGRWWFtLgWV6oKx8m8Sanxi
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:14:00 2025 by rpki-client