Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/XPvi2P9MeXtBI_DguEvfuyQiYyc.roa
File: XPvi2P9MeXtBI_DguEvfuyQiYyc.roa (raw, json)
Hash identifier: 0+i484KbqFmmb9Y4i+BZcQuXkFSR0tyc82rQaQRMqDo=
Subject key identifier: 5C:FB:E2:D8:FF:4C:79:7B:41:23:F0:E0:B8:4B:DF:BB:24:22:63:27
Certificate issuer: /CN=3ae0096247a8c54e5de8c1b0daf1054aec8cc450
Certificate serial: 018CC9BC9B50D541D4A9BF4854E2D91F3D6D
Authority key identifier: 3A:E0:09:62:47:A8:C5:4E:5D:E8:C1:B0:DA:F1:05:4A:EC:8C:C4:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/XPvi2P9MeXtBI_DguEvfuyQiYyc.roa
Signing time: Tue 02 Jan 2024 10:33:50 +0000
ROA not before: Tue 02 Jan 2024 10:33:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57581
IP address blocks: 185.27.78.0/24 maxlen: 24
185.27.77.0/24 maxlen: 24
185.27.76.0/22 maxlen: 22
185.27.76.0/24 maxlen: 24
194.114.145.0/24 maxlen: 24
2a00:92a0::/32 maxlen: 32
2a00:92a0:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:9b:50:d5:41:d4:a9:bf:48:54:e2:d9:1f:3d:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ae0096247a8c54e5de8c1b0daf1054aec8cc450
Validity
Not Before: Jan 2 10:33:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cfbe2d8ff4c797b4123f0e0b84bdfbb24226327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2f:33:08:e0:ce:f0:8f:d4:8f:6e:68:c7:02:
44:53:3f:2f:99:f8:8a:59:be:74:31:28:a3:36:66:
f0:11:c4:59:25:cf:7f:00:40:1c:49:1e:0e:bf:b0:
02:32:63:6e:52:91:e3:e0:fd:5c:84:d2:07:e9:bd:
2d:79:0e:bc:b2:2b:11:51:e9:4b:65:dc:0d:84:36:
3b:9e:b0:7f:0e:e1:7b:54:cc:a4:a2:c2:34:46:48:
8c:c7:05:97:fc:2d:27:34:4f:61:38:3d:08:e2:e8:
9c:49:30:7f:d8:15:dd:37:43:51:af:c8:3d:ac:81:
63:f7:19:87:4f:cc:f0:c4:86:25:49:66:32:32:e4:
0d:46:de:2c:a6:49:b3:ed:5e:02:73:2c:ac:82:a2:
ea:d6:df:12:ea:4f:d5:08:08:a9:0e:27:6f:bc:aa:
1f:48:76:c7:b7:97:85:7c:51:0a:f1:51:0e:6e:98:
0f:28:fb:f8:58:e2:2b:cd:91:32:c8:03:e2:ea:63:
ec:3d:85:43:0d:f8:ca:ab:ef:28:31:4e:f0:3d:2d:
f4:ea:20:f0:0c:24:e3:76:bf:d8:55:f5:03:fb:9e:
ee:d7:85:4f:80:68:be:be:d8:0d:cd:60:59:7d:34:
cc:e0:31:9a:fb:d4:ef:94:f0:69:b9:8e:2f:c4:89:
2b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FB:E2:D8:FF:4C:79:7B:41:23:F0:E0:B8:4B:DF:BB:24:22:63:27
X509v3 Authority Key Identifier:
keyid:3A:E0:09:62:47:A8:C5:4E:5D:E8:C1:B0:DA:F1:05:4A:EC:8C:C4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/XPvi2P9MeXtBI_DguEvfuyQiYyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.76.0/22
194.114.145.0/24
IPv6:
2a00:92a0::/32
Signature Algorithm: sha256WithRSAEncryption
0f:b2:0c:d7:17:f5:bc:23:d9:dd:dc:19:57:e0:ee:ff:fd:40:
7e:54:f1:ea:85:e5:4a:67:c6:10:7e:5d:cc:c4:e1:80:80:39:
85:da:d0:25:96:0c:4a:98:06:b9:9e:7a:2d:65:33:10:29:15:
50:9d:fb:fc:fd:6e:d6:b5:31:2c:61:c7:d9:3b:ef:aa:02:f2:
16:15:33:76:0b:c4:2d:b9:d8:ea:7e:e5:bd:50:bd:bd:20:42:
4b:0c:45:72:1f:25:34:20:9c:bf:3e:c6:e0:f0:42:d0:93:90:
ab:c6:dd:48:45:7a:a6:96:12:3c:6f:7c:75:60:8f:61:e2:7a:
1e:35:77:d0:3b:5e:ea:01:c2:8f:35:8b:cb:e6:66:da:7d:17:
8d:2d:40:7f:21:e3:2f:c2:1a:44:f2:6b:26:d5:24:d2:52:da:
71:2a:78:7e:10:bf:75:56:52:ef:f6:ef:1e:ee:2c:c4:eb:e8:
15:90:8c:92:ea:95:f9:e0:be:9a:5f:8c:54:92:c7:66:ee:3c:
a8:dc:90:b4:ac:93:17:f9:43:99:82:08:63:dd:30:e9:2d:af:
f7:2d:9b:fb:a4:50:99:e4:d8:d1:bd:fc:c4:07:2d:aa:08:05:
20:d2:6d:76:90:de:de:89:3c:19:4e:ed:c6:86:1b:28:cc:de:
82:b9:84:c3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvJtQ1UHUqb9IVOLZHz1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZTAwOTYyNDdhOGM1NGU1ZGU4YzFiMGRhZjEwNTRhZWM4
Y2M0NTAwHhcNMjQwMTAyMTAzMzUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2ZiZTJkOGZmNGM3OTdiNDEyM2YwZTBiODRiZGZiYjI0MjI2MzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1S8zCODO8I/Uj25oxwJEUz8vmfiK
Wb50MSijNmbwEcRZJc9/AEAcSR4Ov7ACMmNuUpHj4P1chNIH6b0teQ68sisRUelL
ZdwNhDY7nrB/DuF7VMykosI0RkiMxwWX/C0nNE9hOD0I4uicSTB/2BXdN0NRr8g9
rIFj9xmHT8zwxIYlSWYyMuQNRt4spkmz7V4CcyysgqLq1t8S6k/VCAipDidvvKof
SHbHt5eFfFEK8VEObpgPKPv4WOIrzZEyyAPi6mPsPYVDDfjKq+8oMU7wPS306iDw
DCTjdr/YVfUD+57u14VPgGi+vtgNzWBZfTTM4DGa+9TvlPBpuY4vxIkr9QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFz74tj/THl7QSPw4LhL37skImMnMB8GA1UdIwQY
MBaAFDrgCWJHqMVOXejBsNrxBUrsjMRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wYWE0OTQtOTMwOC00N2VlLWE4MDgt
Yjk3MjIxNDQ1MTNmLzEvWFB2aTJQOU1lWHRCSV9EZ3VFdmZ1eVFpWXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wYWE0OTQtOTMwOC00N2VlLWE4MDgtYjk3MjIxNDQ1MTNm
LzEvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRtMAwQA
wnKRMA0EAgACMAcDBQAqAJKgMA0GCSqGSIb3DQEBCwUAA4IBAQAPsgzXF/W8I9nd
3BlX4O7//UB+VPHqheVKZ8YQfl3MxOGAgDmF2tAllgxKmAa5nnotZTMQKRVQnfv8
/W7WtTEsYcfZO++qAvIWFTN2C8QtudjqfuW9UL29IEJLDEVyHyU0IJy/Psbg8ELQ
k5Crxt1IRXqmlhI8b3x1YI9h4noeNXfQO17qAcKPNYvL5mbafReNLUB/IeMvwhpE
8msm1STSUtpxKnh+EL91VlLv9u8e7izE6+gVkIyS6pX54L6aX4xUksdm7jyo3JC0
rJMX+UOZgghj3TDpLa/3LZv7pFCZ5NjRvfzEBy2qCAUg0m12kN7eiTwZTu3Ghhso
zN6CuYTD
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:35:36 2025 by rpki-client