Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/oEWmwt3Kj8FzP1BeS4tdoJKnawA.roa
File: oEWmwt3Kj8FzP1BeS4tdoJKnawA.roa (raw, json)
Hash identifier: Cu3Jg0vq473pA1LOdUn+lKNzJ4SPVdGOxZ9zBaSz/BE=
Subject key identifier: A0:45:A6:C2:DD:CA:8F:C1:73:3F:50:5E:4B:8B:5D:A0:92:A7:6B:00
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E5FC319F0DB6673F6AF08FB5B4755F606
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/oEWmwt3Kj8FzP1BeS4tdoJKnawA.roa
Signing time: Thu 21 Mar 2024 06:46:45 +0000
ROA not before: Thu 21 Mar 2024 06:46:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8249
IP address blocks: 185.35.120.0/22 maxlen: 22
195.144.192.0/20 maxlen: 20
195.144.208.0/22 maxlen: 22
195.144.214.0/23 maxlen: 23
195.144.216.0/23 maxlen: 23
195.144.218.0/24 maxlen: 24
195.144.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 26 Aug 2024 12:58:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5f:c3:19:f0:db:66:73:f6:af:08:fb:5b:47:55:f6:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 21 06:46:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a045a6c2ddca8fc1733f505e4b8b5da092a76b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9c:fe:c0:4b:7f:39:4c:d7:fe:27:b4:c1:9c:
c2:7f:c6:5f:51:11:58:e0:ad:fb:55:94:93:43:23:
8a:58:3e:ef:4b:82:5d:d3:42:c6:84:22:ba:8b:ba:
3c:9d:12:2a:6b:8d:da:e4:d0:7a:e8:6e:40:f0:87:
b8:7a:95:17:dd:40:77:9c:6a:15:00:2a:71:04:a5:
06:db:81:92:c4:ac:7f:88:ff:fc:90:80:28:77:27:
62:d4:60:5a:32:c1:e8:8b:e0:83:5a:5a:5d:e3:d8:
e4:d9:e1:df:db:f2:03:38:31:fe:e8:69:d4:82:40:
e8:fe:c5:f3:5e:58:9c:16:be:56:8d:3a:b6:eb:3f:
5f:b5:88:bb:2e:4f:fb:40:23:35:c1:5b:e0:70:70:
3e:e5:24:5e:56:ff:a3:a3:f6:13:e8:2f:d6:7b:75:
45:7f:d6:2e:b9:dd:b9:bd:35:e1:76:39:d7:e2:00:
f9:1a:5d:92:d4:5b:d4:a4:47:3d:18:d0:91:c0:7b:
c4:02:fb:63:ac:c8:30:e2:db:05:5a:23:45:45:2f:
e7:d7:f9:c8:ff:47:30:4f:b3:4c:6b:44:d7:bc:b2:
d4:df:03:90:b5:3c:f5:05:0b:f6:e5:31:72:41:92:
2d:9f:8a:83:72:8a:89:ef:98:c3:0a:23:1f:6e:16:
6f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:45:A6:C2:DD:CA:8F:C1:73:3F:50:5E:4B:8B:5D:A0:92:A7:6B:00
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/oEWmwt3Kj8FzP1BeS4tdoJKnawA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.120.0/22
195.144.192.0-195.144.211.255
195.144.214.0-195.144.218.255
195.144.220.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:24:d2:34:7e:18:4e:c9:91:20:47:92:26:79:50:9e:eb:3a:
9b:01:ce:a4:98:69:d4:8a:bb:25:c0:3c:7d:10:8b:8d:db:c8:
e7:fe:9e:b3:c1:da:fb:d2:62:b4:72:fd:6d:13:06:f3:4a:83:
eb:e4:b4:f2:76:5c:e6:91:6b:2d:27:bf:56:16:b9:87:3e:04:
f0:ad:e1:e0:fb:40:9f:d2:38:5a:b2:78:e3:ed:93:1a:da:49:
c0:15:72:8d:48:4d:23:65:57:a8:33:e7:23:54:98:3e:b3:cb:
74:b4:e3:7e:12:ae:b6:95:9f:e3:d8:03:bc:26:cd:c2:e0:bd:
75:bc:ba:0e:48:26:8b:46:4d:1d:0a:c6:08:74:9b:86:6e:46:
3f:4b:b2:3f:e2:af:77:1f:e7:63:06:21:af:fb:05:b7:b5:da:
ff:70:be:8c:e4:06:4e:9d:21:fd:be:6f:89:f7:84:04:80:92:
ee:43:a2:d4:67:f5:f8:4e:46:08:58:5a:d1:62:5c:5e:6f:e2:
60:f9:fb:9d:7e:89:d5:63:e4:07:08:21:23:87:4a:75:de:fa:
d8:ed:c7:21:e6:f7:69:b9:88:07:ba:07:32:9d:02:af:29:d5:
d3:45:17:9c:78:ae:22:9f:57:b7:a7:a3:b1:f4:be:f2:93:22:
f2:0e:d4:bf
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY5fwxnw22Zz9q8I+1tHVfYGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzIxMDY0NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQ1YTZjMmRkY2E4ZmMxNzMzZjUwNWU0YjhiNWRhMDkyYTc2YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpz+wEt/OUzX/ie0wZzCf8ZfURFY
4K37VZSTQyOKWD7vS4Jd00LGhCK6i7o8nRIqa43a5NB66G5A8Ie4epUX3UB3nGoV
ACpxBKUG24GSxKx/iP/8kIAodydi1GBaMsHoi+CDWlpd49jk2eHf2/IDODH+6GnU
gkDo/sXzXlicFr5WjTq26z9ftYi7Lk/7QCM1wVvgcHA+5SReVv+jo/YT6C/We3VF
f9Yuud25vTXhdjnX4gD5Gl2S1FvUpEc9GNCRwHvEAvtjrMgw4tsFWiNFRS/n1/nI
/0cwT7NMa0TXvLLU3wOQtTz1BQv25TFyQZItn4qDcoqJ75jDCiMfbhZv3QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKBFpsLdyo/Bcz9QXkuLXaCSp2sAMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvb0VXbXd0M0tqOEZ6UDFCZVM0dGRvSktuYXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCuSN4MAwD
BAbDkMADBALDkNAwDAMEAcOQ1gMEAMOQ2gMEAsOQ3DANBgkqhkiG9w0BAQsFAAOC
AQEAHCTSNH4YTsmRIEeSJnlQnus6mwHOpJhp1Iq7JcA8fRCLjdvI5/6es8Ha+9Ji
tHL9bRMG80qD6+S08nZc5pFrLSe/Vha5hz4E8K3h4PtAn9I4WrJ44+2TGtpJwBVy
jUhNI2VXqDPnI1SYPrPLdLTjfhKutpWf49gDvCbNwuC9dby6Dkgmi0ZNHQrGCHSb
hm5GP0uyP+Kvdx/nYwYhr/sFt7Xa/3C+jOQGTp0h/b5vifeEBICS7kOi1Gf1+E5G
CFha0WJcXm/iYPn7nX6J1WPkBwghI4dKdd762O3HIeb3abmIB7oHMp0CrynV00UX
nHiuIp9Xt6ejsfS+8pMi8g7Uvw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:31:01 2025 by rpki-client