Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/E3rfmOthScZxt9xdcbCdQOOiCl0.roa
File: E3rfmOthScZxt9xdcbCdQOOiCl0.roa (raw, json)
Hash identifier: LEhvKWd4QpSzgElfpn+2rBSepm6Q2UCwLQdCZG3Gf9c=
Subject key identifier: 13:7A:DF:98:EB:61:49:C6:71:B7:DC:5D:71:B0:9D:40:E3:A2:0A:5D
Certificate issuer: /CN=29184647248b55523999cbb7fe5b20a99fe73be3
Certificate serial: 018FDEB754B5DA1817B72983FF27A66093EF
Authority key identifier: 29:18:46:47:24:8B:55:52:39:99:CB:B7:FE:5B:20:A9:9F:E7:3B:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRhGRySLVVI5mcu3_lsgqZ_nO-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/E3rfmOthScZxt9xdcbCdQOOiCl0.roa
Signing time: Mon 03 Jun 2024 15:28:27 +0000
ROA not before: Mon 03 Jun 2024 15:28:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20514
IP address blocks: 185.166.32.0/22 maxlen: 24
217.151.192.0/20 maxlen: 20
217.151.192.0/21 maxlen: 21
217.151.207.0/24 maxlen: 24
2a03:c300::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:b7:54:b5:da:18:17:b7:29:83:ff:27:a6:60:93:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29184647248b55523999cbb7fe5b20a99fe73be3
Validity
Not Before: Jun 3 15:28:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=137adf98eb6149c671b7dc5d71b09d40e3a20a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f6:25:3a:67:eb:65:1a:64:0f:87:9e:d5:02:
f4:26:ca:ef:02:de:f1:ef:e4:11:7d:c5:6c:fd:f0:
a7:11:88:0f:3c:d2:92:fd:1c:b0:08:f1:70:29:61:
91:49:e4:d9:e0:e9:1b:72:e0:eb:a2:ae:ac:34:d9:
d2:13:bc:9c:2e:be:15:3a:35:5c:53:5c:44:a9:00:
60:be:8d:1a:f1:52:2a:bc:37:65:86:57:6c:9b:c5:
c6:ea:43:b5:97:d4:5d:e6:5b:9d:a1:9d:a9:2d:cf:
c0:eb:72:03:68:69:16:dd:dc:31:ff:ec:04:be:72:
80:5d:26:62:45:75:8a:ad:7a:c8:8b:64:79:53:2d:
15:5b:76:b1:3a:b2:34:6c:48:a3:0d:a8:93:31:ef:
1b:7f:a1:fa:2a:a6:3a:df:f3:08:f7:df:55:47:90:
b8:04:f2:02:14:b7:7e:be:e6:ac:7f:4e:0b:97:af:
7f:a1:2c:1f:8a:b7:99:84:75:20:9b:a4:f5:28:0f:
82:8a:81:99:31:bd:20:1e:88:b5:a4:29:25:e4:7a:
87:30:5f:29:b1:87:bc:ae:22:45:bd:d6:99:55:fe:
0a:2b:ff:c5:00:87:db:bb:f8:86:da:dc:26:92:d4:
81:ac:6a:4d:c1:f2:35:a4:3a:b4:16:c3:5a:20:17:
93:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:7A:DF:98:EB:61:49:C6:71:B7:DC:5D:71:B0:9D:40:E3:A2:0A:5D
X509v3 Authority Key Identifier:
keyid:29:18:46:47:24:8B:55:52:39:99:CB:B7:FE:5B:20:A9:9F:E7:3B:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRhGRySLVVI5mcu3_lsgqZ_nO-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/E3rfmOthScZxt9xdcbCdQOOiCl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/KRhGRySLVVI5mcu3_lsgqZ_nO-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.32.0/22
217.151.192.0/20
IPv6:
2a03:c300::/32
Signature Algorithm: sha256WithRSAEncryption
b4:29:fd:77:04:90:33:f6:45:1c:0b:d2:48:53:e4:4d:2a:4b:
22:ae:c0:c0:25:ca:64:da:54:89:1c:f4:5b:a4:10:b0:58:fe:
38:b8:09:af:56:91:99:86:ce:a4:dd:ec:7a:67:92:b7:48:b2:
2f:f0:7c:c1:96:98:82:23:76:11:48:2f:ee:4e:58:08:ae:e1:
7d:68:2f:e7:3c:42:41:69:a9:22:2b:2f:dd:bc:19:50:0e:86:
96:26:21:00:c7:bf:14:7c:0a:33:40:bb:36:35:7f:f2:20:c9:
2a:be:11:0b:d0:ec:03:8d:4a:f8:df:6f:0a:ed:c8:d8:db:73:
61:d4:ab:05:ff:a2:38:79:a9:9d:37:d3:08:0a:35:6c:a7:88:
85:7d:ea:a0:39:ee:ca:e2:f9:62:c9:72:0b:67:e4:cb:9a:12:
d9:6f:95:41:54:24:b7:b5:46:5c:c9:f6:f3:31:6c:92:34:e0:
bf:32:30:e1:25:29:5c:c6:38:21:00:7d:68:82:8b:9d:c2:12:
1e:00:bc:84:a9:98:00:b2:4f:0c:c7:0e:48:be:3a:99:b3:bd:
7c:5f:bc:96:66:86:c6:43:e1:11:b7:f9:c3:4f:30:50:5c:e9:
5c:1a:6c:df:80:5e:18:5c:91:43:65:b3:e9:b1:4a:32:95:3d:
90:a9:96:3f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY/et1S12hgXtymD/yemYJPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTg0NjQ3MjQ4YjU1NTIzOTk5Y2JiN2ZlNWIyMGE5OWZl
NzNiZTMwHhcNMjQwNjAzMTUyODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzdhZGY5OGViNjE0OWM2NzFiN2RjNWQ3MWIwOWQ0MGUzYTIwYTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fYlOmfrZRpkD4ee1QL0JsrvAt7x
7+QRfcVs/fCnEYgPPNKS/RywCPFwKWGRSeTZ4OkbcuDroq6sNNnSE7ycLr4VOjVc
U1xEqQBgvo0a8VIqvDdlhldsm8XG6kO1l9Rd5ludoZ2pLc/A63IDaGkW3dwx/+wE
vnKAXSZiRXWKrXrIi2R5Uy0VW3axOrI0bEijDaiTMe8bf6H6KqY63/MI999VR5C4
BPICFLd+vuasf04Ll69/oSwfireZhHUgm6T1KA+CioGZMb0gHoi1pCkl5HqHMF8p
sYe8riJFvdaZVf4KK//FAIfbu/iG2twmktSBrGpNwfI1pDq0FsNaIBeTAQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBN635jrYUnGcbfcXXGwnUDjogpdMB8GA1UdIwQY
MBaAFCkYRkcki1VSOZnLt/5bIKmf5zvjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JoR1J5U0xWVkk1bWN1M19sc2dxWl9uTy1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NjAzNmItMjNkOC00YjM3LWI1NDYt
OGZjMjM3M2ZjMjZlLzEvRTNyZm1PdGhTY1p4dDl4ZGNiQ2RRT09pQ2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NjAzNmItMjNkOC00YjM3LWI1NDYtOGZjMjM3M2ZjMjZl
LzEvS1JoR1J5U0xWVkk1bWN1M19sc2dxWl9uTy1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuaYgAwQE
2ZfAMA0EAgACMAcDBQAqA8MAMA0GCSqGSIb3DQEBCwUAA4IBAQC0Kf13BJAz9kUc
C9JIU+RNKksirsDAJcpk2lSJHPRbpBCwWP44uAmvVpGZhs6k3ex6Z5K3SLIv8HzB
lpiCI3YRSC/uTlgIruF9aC/nPEJBaakiKy/dvBlQDoaWJiEAx78UfAozQLs2NX/y
IMkqvhEL0OwDjUr4328K7cjY23Nh1KsF/6I4eamdN9MICjVsp4iFfeqgOe7K4vli
yXILZ+TLmhLZb5VBVCS3tUZcyfbzMWySNOC/MjDhJSlcxjghAH1ogoudwhIeALyE
qZgAsk8Mxw5IvjqZs718X7yWZobGQ+ERt/nDTzBQXOlcGmzfgF4YXJFDZbPpsUoy
lT2QqZY/
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:30 2025 by rpki-client