Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/bf51ff-5c36-45b2-91c5-4d685aca8279/1/C0NEhLx_IMPHjotVaarPos2gNpg.roa
File: C0NEhLx_IMPHjotVaarPos2gNpg.roa (raw, json)
Hash identifier: +0l6vj2/bE3HSrdCR65l+abD+Wek5aXbNrd9iCMdmS4=
Subject key identifier: 0B:43:44:84:BC:7F:20:C3:C7:8E:8B:55:69:AA:CF:A2:CD:A0:36:98
Certificate issuer: /CN=62d03888a405e61b87d1706f933b366a86fb4295
Certificate serial: 018CEE09FB92FA24B45A43660A5B48A45F52
Authority key identifier: 62:D0:38:88:A4:05:E6:1B:87:D1:70:6F:93:3B:36:6A:86:FB:42:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YtA4iKQF5huH0XBvkzs2aob7QpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/bf51ff-5c36-45b2-91c5-4d685aca8279/1/C0NEhLx_IMPHjotVaarPos2gNpg.roa
Signing time: Tue 09 Jan 2024 11:44:40 +0000
ROA not before: Tue 09 Jan 2024 11:44:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207138
IP address blocks: 185.164.219.0/24 maxlen: 24
185.164.216.0/24 maxlen: 24
185.164.217.0/24 maxlen: 24
185.164.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:09:fb:92:fa:24:b4:5a:43:66:0a:5b:48:a4:5f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62d03888a405e61b87d1706f933b366a86fb4295
Validity
Not Before: Jan 9 11:44:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b434484bc7f20c3c78e8b5569aacfa2cda03698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:90:fa:c3:01:b2:94:bc:1a:4f:0f:85:1c:73:
4a:ec:6f:3b:d8:c9:c4:67:05:ea:eb:42:99:e5:1e:
b3:f3:35:ca:85:d1:89:7a:59:07:ac:18:23:16:06:
ea:ab:79:8e:8e:ff:4e:fc:41:19:0d:db:4a:fa:c9:
b5:36:44:23:b6:15:5a:48:d1:9a:3c:f7:bb:32:41:
1b:09:c3:be:80:85:b0:89:70:a5:e4:41:b5:13:b8:
72:38:e4:04:4a:9f:8d:7f:69:9d:ff:f3:ef:e4:bd:
f7:23:c1:1c:f3:09:ec:4c:6f:9a:1e:3b:15:a4:38:
51:2a:d7:5c:f9:cc:8e:b8:b6:3b:32:c2:93:00:be:
73:11:d9:f1:90:f3:19:c6:96:f6:c8:08:9b:0f:e4:
9c:e2:d4:5b:b3:33:96:29:58:61:c6:b7:35:9d:7b:
ec:32:26:16:57:cc:1f:63:bd:6b:51:00:21:30:df:
1e:e7:67:fb:5b:84:72:b9:a7:82:45:c1:b9:c5:b0:
e5:b4:5e:4c:df:b8:be:c1:f8:04:9d:39:79:89:7f:
5f:57:b2:8f:eb:47:92:26:dc:09:2f:d3:0f:fa:08:
b1:cc:49:f8:6f:a1:d6:32:e1:4e:11:84:a2:cc:fd:
dd:92:c2:34:f8:b6:a4:37:31:41:fb:ce:e4:41:b9:
36:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:43:44:84:BC:7F:20:C3:C7:8E:8B:55:69:AA:CF:A2:CD:A0:36:98
X509v3 Authority Key Identifier:
keyid:62:D0:38:88:A4:05:E6:1B:87:D1:70:6F:93:3B:36:6A:86:FB:42:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YtA4iKQF5huH0XBvkzs2aob7QpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/bf51ff-5c36-45b2-91c5-4d685aca8279/1/C0NEhLx_IMPHjotVaarPos2gNpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/bf51ff-5c36-45b2-91c5-4d685aca8279/1/YtA4iKQF5huH0XBvkzs2aob7QpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.216.0/22
Signature Algorithm: sha256WithRSAEncryption
74:98:5d:c5:1f:49:ef:85:58:85:ce:d7:ce:7b:5c:3c:0e:9b:
29:83:a8:38:8f:c6:bd:67:23:8b:7f:e9:a3:60:1b:1f:6b:02:
92:31:e8:fe:03:fd:4f:17:06:42:b8:a9:28:3d:21:e2:5d:80:
4d:f9:52:21:d1:a2:a6:cd:46:91:51:1c:61:db:c2:db:9a:de:
17:c4:9d:50:0c:61:d2:ee:e3:27:69:7b:0d:cc:9d:9b:27:87:
7d:b5:c8:da:ec:92:31:27:2f:3d:d0:5a:6a:1d:8c:54:4a:e1:
16:6e:12:60:5c:c6:57:81:f9:d2:94:1f:66:b0:37:7e:c5:54:
a0:06:3f:32:ce:6e:d5:d9:a3:03:b8:98:dc:d2:da:e6:fc:cb:
7a:d5:fb:5f:3a:5a:b2:f1:4a:63:7f:cd:c2:17:02:c2:74:8e:
dc:06:a9:d3:05:bf:6d:57:fa:35:80:35:a4:f5:91:b8:3c:34:
9b:f2:fa:20:8a:e1:6b:ca:ce:11:a1:75:20:e9:66:6a:05:96:
f5:26:38:43:8e:8f:a0:17:59:91:25:f6:bc:84:fe:8c:9c:e0:
e2:db:b4:e6:2b:18:c6:66:23:41:1e:0b:26:f0:fb:91:9f:49:
b9:81:3b:6b:5d:21:e7:90:23:5f:52:46:5f:d4:2d:06:ff:c3:
aa:4c:a7:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzuCfuS+iS0WkNmCltIpF9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZDAzODg4YTQwNWU2MWI4N2QxNzA2ZjkzM2IzNjZhODZm
YjQyOTUwHhcNMjQwMTA5MTE0NDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjQzNDQ4NGJjN2YyMGMzYzc4ZThiNTU2OWFhY2ZhMmNkYTAzNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5D6wwGylLwaTw+FHHNK7G872MnE
ZwXq60KZ5R6z8zXKhdGJelkHrBgjFgbqq3mOjv9O/EEZDdtK+sm1NkQjthVaSNGa
PPe7MkEbCcO+gIWwiXCl5EG1E7hyOOQESp+Nf2md//Pv5L33I8Ec8wnsTG+aHjsV
pDhRKtdc+cyOuLY7MsKTAL5zEdnxkPMZxpb2yAibD+Sc4tRbszOWKVhhxrc1nXvs
MiYWV8wfY71rUQAhMN8e52f7W4RyuaeCRcG5xbDltF5M37i+wfgEnTl5iX9fV7KP
60eSJtwJL9MP+gixzEn4b6HWMuFOEYSizP3dksI0+LakNzFB+87kQbk2PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAtDRIS8fyDDx46LVWmqz6LNoDaYMB8GA1UdIwQY
MBaAFGLQOIikBeYbh9Fwb5M7NmqG+0KVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRBNGlLUUY1aHVIMFhCdmt6czJhb2I3UXBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iZjUxZmYtNWMzNi00NWIyLTkxYzUt
NGQ2ODVhY2E4Mjc5LzEvQzBORWhMeF9JTVBIam90VmFhclBvczJnTnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iZjUxZmYtNWMzNi00NWIyLTkxYzUtNGQ2ODVhY2E4Mjc5
LzEvWXRBNGlLUUY1aHVIMFhCdmt6czJhb2I3UXBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaTYMA0G
CSqGSIb3DQEBCwUAA4IBAQB0mF3FH0nvhViFztfOe1w8Dpspg6g4j8a9ZyOLf+mj
YBsfawKSMej+A/1PFwZCuKkoPSHiXYBN+VIh0aKmzUaRURxh28Lbmt4XxJ1QDGHS
7uMnaXsNzJ2bJ4d9tcja7JIxJy890FpqHYxUSuEWbhJgXMZXgfnSlB9msDd+xVSg
Bj8yzm7V2aMDuJjc0trm/Mt61ftfOlqy8Upjf83CFwLCdI7cBqnTBb9tV/o1gDWk
9ZG4PDSb8vogiuFrys4RoXUg6WZqBZb1JjhDjo+gF1mRJfa8hP6MnODi27TmKxjG
ZiNBHgsm8PuRn0m5gTtrXSHnkCNfUkZf1C0G/8OqTKfX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:20 2025 by rpki-client