Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/r3AaMgu0LYixwc9p35pLOfQC0Lc.roa
File: r3AaMgu0LYixwc9p35pLOfQC0Lc.roa (raw, json)
Hash identifier: ZHXHLeOC/JGkVs94FQ7xs5SWzizdQrzRtFsQsCrQ3Zc=
Subject key identifier: AF:70:1A:32:0B:B4:2D:88:B1:C1:CF:69:DF:9A:4B:39:F4:02:D0:B7
Certificate issuer: /CN=0cd2cabeb1d724e7a48dd61e9a7e0c50a4e9bf50
Certificate serial: 01917F4D5EEC92AEF0B6CF2F7E8DF2385BB9
Authority key identifier: 0C:D2:CA:BE:B1:D7:24:E7:A4:8D:D6:1E:9A:7E:0C:50:A4:E9:BF:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNLKvrHXJOekjdYemn4MUKTpv1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/r3AaMgu0LYixwc9p35pLOfQC0Lc.roa
Signing time: Fri 23 Aug 2024 12:54:22 +0000
ROA not before: Fri 23 Aug 2024 12:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209772
IP address blocks: 185.68.128.0/23 maxlen: 23
185.68.128.0/24 maxlen: 24
185.68.130.0/23 maxlen: 23
185.207.160.0/23 maxlen: 23
185.207.162.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 28 Aug 2024 07:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7f:4d:5e:ec:92:ae:f0:b6:cf:2f:7e:8d:f2:38:5b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd2cabeb1d724e7a48dd61e9a7e0c50a4e9bf50
Validity
Not Before: Aug 23 12:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af701a320bb42d88b1c1cf69df9a4b39f402d0b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2e:89:8d:d0:4c:64:1d:80:11:eb:57:c4:f5:
1e:60:94:79:0c:00:7a:f3:86:7e:65:a9:6d:c6:41:
c1:28:a8:c0:1c:89:09:2a:02:af:cb:bb:ec:83:ca:
2b:f6:93:e8:72:c9:a9:05:0b:6d:76:78:dc:0e:78:
d4:4f:12:fc:40:17:77:ee:db:55:bf:4c:bd:84:c6:
dd:e0:47:0f:34:24:ee:a1:4e:ac:cc:b7:53:67:7c:
07:47:79:1e:ec:11:5e:25:4b:2c:02:24:dc:8b:7e:
c3:94:6d:14:ca:a3:3e:be:14:0c:11:20:76:b5:8e:
7f:f4:53:89:2b:66:7f:52:7e:38:bb:49:1d:ef:73:
a6:37:e8:6c:7a:ad:0f:84:4f:e7:55:c1:a2:b0:4d:
4c:71:0f:f4:db:3b:c0:c0:dc:5e:62:78:9b:34:51:
30:33:c6:c1:b8:4e:08:90:6d:1d:ea:cb:d8:15:56:
2e:90:50:f7:b4:85:cd:5e:20:cf:7f:d8:cf:4e:54:
81:a7:55:0e:5a:4d:c7:17:1a:9a:68:85:e4:d2:ce:
23:a8:58:e8:21:b5:a3:57:76:cc:29:6d:24:bb:2f:
62:77:ac:de:69:1a:e1:27:1b:69:47:a3:0a:71:a7:
e9:e5:51:c0:6c:8c:b5:d6:62:41:15:ec:56:e6:24:
d5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:70:1A:32:0B:B4:2D:88:B1:C1:CF:69:DF:9A:4B:39:F4:02:D0:B7
X509v3 Authority Key Identifier:
keyid:0C:D2:CA:BE:B1:D7:24:E7:A4:8D:D6:1E:9A:7E:0C:50:A4:E9:BF:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNLKvrHXJOekjdYemn4MUKTpv1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/r3AaMgu0LYixwc9p35pLOfQC0Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/DNLKvrHXJOekjdYemn4MUKTpv1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.128.0/22
185.207.160.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:16:07:b5:a6:4e:4a:22:e9:51:f4:17:cd:1f:1e:f9:c5:d1:
c3:14:69:04:65:a1:03:27:aa:05:01:93:b8:52:8b:27:d2:b9:
1c:62:37:5d:6b:8d:be:bb:89:01:68:20:d7:16:83:65:06:3f:
97:15:21:0b:da:26:17:4e:41:f6:43:21:8e:ed:8c:5c:71:41:
47:3a:dc:7f:40:5d:33:63:16:2a:3c:10:62:8f:a6:43:8c:8a:
21:e3:4c:e2:b6:9d:64:61:cb:7d:b5:23:b5:70:3e:e0:b3:7d:
bc:33:39:3a:a5:56:27:18:5d:49:b6:2d:54:28:ca:c3:50:ac:
40:d2:50:87:ef:8c:6e:a3:4a:50:e9:8c:d1:7e:ef:f1:65:e0:
e6:82:47:4b:52:74:a5:ce:ce:c4:ce:92:99:ee:58:b8:48:f5:
31:73:3a:39:a2:43:58:4d:4c:e6:a1:1b:f6:2e:63:16:d2:88:
fe:03:fd:f2:9e:2e:05:a6:35:e0:0b:1a:7b:ab:e8:ec:54:03:
db:dc:51:e2:53:c0:bc:c0:24:bd:a5:6b:19:62:61:14:e2:cf:
64:50:68:82:6a:b9:f0:ae:8c:81:ac:db:ec:d3:1a:3d:50:53:
c8:34:be:cf:fa:40:73:d1:61:92:4c:8e:93:32:84:56:00:0c:
c2:14:97:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZF/TV7skq7wts8vfo3yOFu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDJjYWJlYjFkNzI0ZTdhNDhkZDYxZTlhN2UwYzUwYTRl
OWJmNTAwHhcNMjQwODIzMTI1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjcwMWEzMjBiYjQyZDg4YjFjMWNmNjlkZjlhNGIzOWY0MDJkMGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki6JjdBMZB2AEetXxPUeYJR5DAB6
84Z+ZaltxkHBKKjAHIkJKgKvy7vsg8or9pPocsmpBQttdnjcDnjUTxL8QBd37ttV
v0y9hMbd4EcPNCTuoU6szLdTZ3wHR3ke7BFeJUssAiTci37DlG0UyqM+vhQMESB2
tY5/9FOJK2Z/Un44u0kd73OmN+hseq0PhE/nVcGisE1McQ/02zvAwNxeYnibNFEw
M8bBuE4IkG0d6svYFVYukFD3tIXNXiDPf9jPTlSBp1UOWk3HFxqaaIXk0s4jqFjo
IbWjV3bMKW0kuy9id6zeaRrhJxtpR6MKcafp5VHAbIy11mJBFexW5iTVNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK9wGjILtC2IscHPad+aSzn0AtC3MB8GA1UdIwQY
MBaAFAzSyr6x1yTnpI3WHpp+DFCk6b9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5MS3ZySFhKT2VramRZZW1uNE1VS1RwdjFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iNzk3NzctNGEwNC00ZGFiLWExZGMt
MjUzNzQ0OTRjZWVlLzEvcjNBYU1ndTBMWWl4d2M5cDM1cExPZlFDMExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iNzk3NzctNGEwNC00ZGFiLWExZGMtMjUzNzQ0OTRjZWVl
LzEvRE5MS3ZySFhKT2VramRZZW1uNE1VS1RwdjFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUSAAwQC
uc+gMA0GCSqGSIb3DQEBCwUAA4IBAQA7Fge1pk5KIulR9BfNHx75xdHDFGkEZaED
J6oFAZO4Uosn0rkcYjdda42+u4kBaCDXFoNlBj+XFSEL2iYXTkH2QyGO7YxccUFH
Otx/QF0zYxYqPBBij6ZDjIoh40zitp1kYct9tSO1cD7gs328Mzk6pVYnGF1Jti1U
KMrDUKxA0lCH74xuo0pQ6YzRfu/xZeDmgkdLUnSlzs7EzpKZ7li4SPUxczo5okNY
TUzmoRv2LmMW0oj+A/3yni4FpjXgCxp7q+jsVAPb3FHiU8C8wCS9pWsZYmEU4s9k
UGiCarnwroyBrNvs0xo9UFPINL7P+kBz0WGSTI6TMoRWAAzCFJfD
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:27 2025 by rpki-client