Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/A3pEBkbPJoeZ_hEzYaWeu7diE1g.roa
File: A3pEBkbPJoeZ_hEzYaWeu7diE1g.roa (raw, json)
Hash identifier: fBMbz2X08dZhz4Y6MwIZBc9MV2Igh1gfqHpkl5prtrE=
Subject key identifier: 03:7A:44:06:46:CF:26:87:99:FE:11:33:61:A5:9E:BB:B7:62:13:58
Certificate issuer: /CN=84184ce919023640bb9256c2d8d1a049fa102520
Certificate serial: 018CC8011270D049B25E9A1C6EE564E0501F
Authority key identifier: 84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/A3pEBkbPJoeZ_hEzYaWeu7diE1g.roa
Signing time: Tue 02 Jan 2024 02:29:22 +0000
ROA not before: Tue 02 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43212
IP address blocks: 185.11.68.0/22 maxlen: 22
185.11.68.0/24 maxlen: 24
185.11.71.0/24 maxlen: 24
185.11.69.0/24 maxlen: 24
185.11.70.0/24 maxlen: 24
185.83.196.0/22 maxlen: 22
185.83.196.0/24 maxlen: 24
185.83.197.0/24 maxlen: 24
185.83.198.0/24 maxlen: 24
185.83.199.0/24 maxlen: 24
185.59.112.0/23 maxlen: 23
185.59.112.0/24 maxlen: 24
185.59.113.0/24 maxlen: 24
2a0b:3000::/29 maxlen: 29
2a03:9080::/32 maxlen: 32
2a06:e080::/29 maxlen: 29
2a05:9e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:12:70:d0:49:b2:5e:9a:1c:6e:e5:64:e0:50:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84184ce919023640bb9256c2d8d1a049fa102520
Validity
Not Before: Jan 2 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=037a440646cf268799fe113361a59ebbb7621358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d3:eb:3e:94:e8:cd:ed:8b:50:88:ba:e0:4f:
c6:e2:fd:92:39:5f:e1:f1:48:1e:3e:af:e4:2a:b6:
d0:b3:67:6c:da:6b:6f:1e:ef:02:8a:65:3b:e3:8a:
ff:3a:40:a1:56:5b:48:e9:9e:39:0c:5b:d2:c5:00:
ac:e9:f1:fd:04:7f:7d:52:a6:73:64:20:ec:38:42:
10:1d:09:c3:2f:f8:f1:8b:08:e6:7e:98:e6:e0:14:
0f:c9:b4:d8:db:0a:ee:14:24:c7:cd:41:18:c3:7f:
18:fb:62:28:9e:51:04:2d:94:a2:08:49:1e:3b:c1:
17:b8:1e:57:28:f6:7d:d7:f9:c9:c0:3a:ad:1d:c1:
c1:b3:45:8b:f2:b8:9f:42:f2:af:89:83:b8:a5:e2:
f0:47:f7:db:fa:65:59:f7:fe:f1:1e:75:c9:e5:3c:
d2:44:bb:d3:26:0b:e7:d5:b6:d8:63:b1:9a:9f:a4:
1d:f6:0f:0f:bb:4e:e3:13:71:ff:14:43:37:6f:46:
a0:2a:0a:0f:a1:48:cd:73:af:53:5b:62:19:bf:da:
16:54:80:9e:bb:62:6e:5b:d6:a0:6c:74:2b:fc:74:
9f:f1:3d:0a:06:ce:c2:64:7d:da:db:21:e5:1b:54:
b9:fe:1d:a4:75:4c:fb:ed:e7:3f:29:0a:db:45:9c:
0c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7A:44:06:46:CF:26:87:99:FE:11:33:61:A5:9E:BB:B7:62:13:58
X509v3 Authority Key Identifier:
keyid:84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/A3pEBkbPJoeZ_hEzYaWeu7diE1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/hBhM6RkCNkC7klbC2NGgSfoQJSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.68.0/22
185.59.112.0/23
185.83.196.0/22
IPv6:
2a03:9080::/32
2a05:9e40::/29
2a06:e080::/29
2a0b:3000::/29
Signature Algorithm: sha256WithRSAEncryption
68:58:ca:1f:a6:9b:39:c8:f3:35:00:f0:57:23:cb:4b:13:94:
4b:d4:48:46:40:22:ce:30:9e:b0:09:d2:9b:86:6d:6d:5b:d7:
a6:43:b4:aa:05:6b:c7:80:47:03:6b:5f:47:e8:d6:cd:c0:10:
85:e9:b5:86:f4:70:fd:d8:a4:a2:62:c4:f3:3f:d4:8e:7e:33:
fe:da:10:3b:96:be:fc:80:60:72:4b:57:28:fa:a5:9a:ef:00:
e7:63:e5:89:d0:4e:cd:39:ae:8e:16:68:3d:1f:57:a4:30:51:
62:b2:c8:dc:15:fe:66:69:ea:e8:3a:49:57:cc:eb:45:1a:ad:
dc:0a:33:cc:62:b6:37:17:cb:55:6b:dd:b1:fe:d8:7d:03:d2:
10:ae:cc:b4:8f:fa:3e:45:09:4b:18:d2:6f:d8:09:da:80:94:
cd:64:05:28:21:5d:a7:d2:12:9d:9c:80:60:40:8e:ab:37:5c:
c3:ad:05:fa:ad:43:c8:d7:92:6b:a8:3a:3f:4e:13:91:aa:47:
36:4c:8b:d7:cb:df:c5:3a:a3:19:85:7c:af:be:f0:e3:4a:76:
49:6d:69:45:c7:86:bb:75:f5:22:2f:3c:de:42:07:16:4b:7d:
0d:d7:2e:78:be:1e:97:40:d9:0d:92:c5:58:91:e3:f7:c9:ef:
0e:69:d2:9d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzIARJw0EmyXpocbuVk4FAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MTg0Y2U5MTkwMjM2NDBiYjkyNTZjMmQ4ZDFhMDQ5ZmEx
MDI1MjAwHhcNMjQwMTAyMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzdhNDQwNjQ2Y2YyNjg3OTlmZTExMzM2MWE1OWViYmI3NjIxMzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39PrPpToze2LUIi64E/G4v2SOV/h
8UgePq/kKrbQs2ds2mtvHu8CimU744r/OkChVltI6Z45DFvSxQCs6fH9BH99UqZz
ZCDsOEIQHQnDL/jxiwjmfpjm4BQPybTY2wruFCTHzUEYw38Y+2IonlEELZSiCEke
O8EXuB5XKPZ91/nJwDqtHcHBs0WL8rifQvKviYO4peLwR/fb+mVZ9/7xHnXJ5TzS
RLvTJgvn1bbYY7Gan6Qd9g8Pu07jE3H/FEM3b0agKgoPoUjNc69TW2IZv9oWVICe
u2JuW9agbHQr/HSf8T0KBs7CZH3a2yHlG1S5/h2kdUz77ec/KQrbRZwMQQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAN6RAZGzyaHmf4RM2Glnru3YhNYMB8GA1UdIwQY
MBaAFIQYTOkZAjZAu5JWwtjRoEn6ECUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEJoTTZSa0NOa0M3a2xiQzJOR2dTZm9RSlNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8yOTIyY2YtMTg2MS00MTlkLTllZWEt
MGE3OWQ1NDk2NWE5LzEvQTNwRUJrYlBKb2VaX2hFellhV2V1N2RpRTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8yOTIyY2YtMTg2MS00MTlkLTllZWEtMGE3OWQ1NDk2NWE5
LzEvaEJoTTZSa0NOa0M3a2xiQzJOR2dTZm9RSlNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAYBAIAATASAwQCuQtEAwQB
uTtwAwQCuVPEMCIEAgACMBwDBQAqA5CAAwUDKgWeQAMFAyoG4IADBQMqCzAAMA0G
CSqGSIb3DQEBCwUAA4IBAQBoWMofpps5yPM1APBXI8tLE5RL1EhGQCLOMJ6wCdKb
hm1tW9emQ7SqBWvHgEcDa19H6NbNwBCF6bWG9HD92KSiYsTzP9SOfjP+2hA7lr78
gGByS1co+qWa7wDnY+WJ0E7NOa6OFmg9H1ekMFFissjcFf5maeroOklXzOtFGq3c
CjPMYrY3F8tVa92x/th9A9IQrsy0j/o+RQlLGNJv2AnagJTNZAUoIV2n0hKdnIBg
QI6rN1zDrQX6rUPI15JrqDo/ThORqkc2TIvXy9/FOqMZhXyvvvDjSnZJbWlFx4a7
dfUiLzzeQgcWS30N1y54vh6XQNkNksVYkeP3ye8OadKd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:20 2025 by rpki-client