Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/1-ai-S31efHA2IehZWQQpKRAt1yo.roa
File: 1-ai-S31efHA2IehZWQQpKRAt1yo.roa (raw, json)
Hash identifier: h6l9k4DDtv+QyTyJx8oMNFj1AfMWzk9YqGyRyPCWOw8=
Subject key identifier: F9:A8:BE:4B:7D:5E:7C:70:36:21:E8:59:59:04:29:29:10:2D:D7:2A
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 018CC9BB07977001585966964DC5279A5546
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/1-ai-S31efHA2IehZWQQpKRAt1yo.roa
Signing time: Tue 02 Jan 2024 10:32:06 +0000
ROA not before: Tue 02 Jan 2024 10:32:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47447
IP address blocks: 194.37.80.0/24 maxlen: 24
185.247.118.0/24 maxlen: 24
185.181.10.0/24 maxlen: 24
185.227.108.0/24 maxlen: 24
185.227.111.0/24 maxlen: 24
2a07:3b80:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Apr 2024 10:45:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:07:97:70:01:58:59:66:96:4d:c5:27:9a:55:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Jan 2 10:32:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9a8be4b7d5e7c703621e85959042929102dd72a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4c:4f:d4:97:cc:c0:9a:9e:75:93:c6:47:ee:
5b:6b:94:83:3a:f8:7a:67:7e:82:b5:0a:60:63:99:
8f:be:aa:cd:95:1d:a9:68:e8:32:e5:96:f2:f3:f2:
84:ad:b0:cf:62:04:42:a0:ea:e5:91:67:c3:7f:41:
59:d7:11:2c:03:f8:93:a8:24:7c:71:ae:88:52:09:
4f:09:6a:9c:0c:7e:eb:cc:75:0e:40:0d:97:ce:e9:
8c:c3:d7:4f:0d:56:48:67:f5:a7:1e:80:6f:d9:89:
7c:c5:4c:49:32:31:d4:3c:bc:29:79:7e:d3:2a:11:
81:e4:d4:18:db:18:ee:4a:56:38:a2:78:6b:2f:6b:
aa:ed:c8:32:46:0d:74:2d:3c:31:47:de:70:b2:80:
e6:46:0c:b2:f6:fd:59:12:1f:7b:a0:7b:95:7b:a5:
32:c6:b3:24:48:24:b3:bd:71:f8:a7:8f:b8:8b:82:
0b:a6:f4:9b:e1:a9:9b:60:a9:c3:57:97:0a:40:af:
ab:3a:67:a5:bf:8d:83:1f:7b:21:b9:d9:ad:14:62:
ea:d7:75:e4:c9:be:df:c1:bc:8d:e8:80:d0:51:2c:
97:c4:8e:cd:0d:98:cd:e4:6d:b3:5a:1d:7c:2e:45:
7a:6f:54:9f:28:5d:c3:41:61:da:e2:0f:77:ec:40:
b2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A8:BE:4B:7D:5E:7C:70:36:21:E8:59:59:04:29:29:10:2D:D7:2A
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/1-ai-S31efHA2IehZWQQpKRAt1yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.10.0/24
185.227.108.0/24
185.227.111.0/24
185.247.118.0/24
194.37.80.0/24
IPv6:
2a07:3b80:1::/48
Signature Algorithm: sha256WithRSAEncryption
41:b3:44:ad:01:a6:99:a3:91:15:54:6d:37:02:0a:89:1a:a9:
44:b9:ca:30:9e:b8:e7:e9:6e:d8:e0:8d:09:aa:2d:2a:17:be:
9c:ed:86:af:fd:69:6b:67:92:59:d2:04:5a:27:29:9e:0a:a3:
75:37:ae:99:04:90:65:fe:92:a9:f0:ab:c6:4d:da:a5:21:40:
1c:a7:ab:61:e6:c3:d4:43:09:2c:e1:f0:78:df:65:fb:3d:65:
44:f9:a5:4b:5c:00:4c:62:e6:a3:fe:c0:ac:9a:d6:57:de:b1:
69:8a:ef:63:71:cd:59:bf:9a:a0:c8:3d:6a:15:27:25:c9:3a:
17:8d:3d:c4:98:6b:1f:79:28:6d:0f:6c:d4:8a:25:c8:ed:69:
e9:e8:ee:4d:21:9d:e7:b4:77:b4:7a:87:9f:fd:ff:19:9b:61:
3a:dc:33:38:7d:3d:ff:fa:da:dc:06:5d:0b:20:c2:73:f7:14:
db:cf:0a:93:ad:71:04:47:e6:c4:bd:02:11:31:69:15:aa:96:
3d:08:79:09:7a:0a:bd:3f:17:5c:d3:19:be:dd:c6:77:dc:f9:
00:9a:a1:22:2a:f2:a1:8b:39:34:a5:83:39:92:68:4c:c0:5f:
f9:5e:f7:52:17:55:6c:69:92:49:44:f2:72:63:7c:53:c1:cd:
83:04:3d:c3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzJuweXcAFYWWaWTcUnmlVGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjQwMTAyMTAzMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWE4YmU0YjdkNWU3YzcwMzYyMWU4NTk1OTA0MjkyOTEwMmRkNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvExP1JfMwJqedZPGR+5ba5SDOvh6
Z36CtQpgY5mPvqrNlR2paOgy5Zby8/KErbDPYgRCoOrlkWfDf0FZ1xEsA/iTqCR8
ca6IUglPCWqcDH7rzHUOQA2XzumMw9dPDVZIZ/WnHoBv2Yl8xUxJMjHUPLwpeX7T
KhGB5NQY2xjuSlY4onhrL2uq7cgyRg10LTwxR95wsoDmRgyy9v1ZEh97oHuVe6Uy
xrMkSCSzvXH4p4+4i4ILpvSb4ambYKnDV5cKQK+rOmelv42DH3shudmtFGLq13Xk
yb7fwbyN6IDQUSyXxI7NDZjN5G2zWh18LkV6b1SfKF3DQWHa4g937ECyJQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPmovkt9XnxwNiHoWVkEKSkQLdcqMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvMS1haS1TMzFlZkhBMkllaFpXUVFwS1JBdDF5by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTUvMjY5MjI5LTIwZWItNGYxYy1hMTNlLTI2ZDFlNTQ1Nzhm
MS8xLzViMTVJNl9icm9mUWV5TUkzVGlkblBDQzdXMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5MDcwJAQCAAEwHgMEALm1CgME
ALnjbAMEALnjbwMEALn3dgMEAMIlUDAPBAIAAjAJAwcAKgc7gAABMA0GCSqGSIb3
DQEBCwUAA4IBAQBBs0StAaaZo5EVVG03AgqJGqlEucownrjn6W7Y4I0Jqi0qF76c
7Yav/WlrZ5JZ0gRaJymeCqN1N66ZBJBl/pKp8KvGTdqlIUAcp6th5sPUQwks4fB4
32X7PWVE+aVLXABMYuaj/sCsmtZX3rFpiu9jcc1Zv5qgyD1qFSclyToXjT3EmGsf
eShtD2zUiiXI7Wnp6O5NIZ3ntHe0eoef/f8Zm2E63DM4fT3/+trcBl0LIMJz9xTb
zwqTrXEER+bEvQIRMWkVqpY9CHkJegq9Pxdc0xm+3cZ33PkAmqEiKvKhizk0pYM5
kmhMwF/5XvdSF1VsaZJJRPJyY3xTwc2DBD3D
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:50 2025 by rpki-client