Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/Awfbvx56KHZdzQHGzrQ_3cZNcwY.roa
File: Awfbvx56KHZdzQHGzrQ_3cZNcwY.roa (raw, json)
Hash identifier: 2Qb9ZQYKj9oiedlDy0UI58QFlPhvDNNb9WfdQ2/RnyY=
Subject key identifier: 03:07:DB:BF:1E:7A:28:76:5D:CD:01:C6:CE:B4:3F:DD:C6:4D:73:06
Certificate issuer: /CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Certificate serial: 01916C2E0BCB1CD95EFA21943DDB2AD719CB
Authority key identifier: B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/Awfbvx56KHZdzQHGzrQ_3cZNcwY.roa
Signing time: Mon 19 Aug 2024 19:47:22 +0000
ROA not before: Mon 19 Aug 2024 19:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.253.184.0/22 maxlen: 22
185.253.184.0/24 maxlen: 24
185.253.185.0/24 maxlen: 24
185.253.186.0/24 maxlen: 24
185.253.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Aug 2024 18:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6c:2e:0b:cb:1c:d9:5e:fa:21:94:3d:db:2a:d7:19:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Validity
Not Before: Aug 19 19:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0307dbbf1e7a28765dcd01c6ceb43fddc64d7306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8f:f3:5a:8c:2f:1b:ee:e5:d0:76:61:3d:06:
c7:b2:ce:8c:5e:d7:85:1c:bf:cb:ac:a8:ec:a9:9b:
f0:3d:43:16:de:38:dc:26:d0:c0:b6:ce:e8:35:80:
f9:a9:56:5f:a7:a8:c3:5b:e7:07:0a:98:fd:d0:c3:
a6:14:c0:a9:64:ea:eb:1b:4c:9c:04:f9:c1:9d:6c:
76:31:8a:09:87:3e:39:80:e9:75:46:f7:74:f8:52:
0e:da:fb:ce:8a:56:04:77:ef:09:08:7c:81:88:51:
ad:a5:07:20:7c:6d:4c:89:3b:5a:9e:ba:77:80:21:
f4:ec:57:29:be:94:75:28:3f:92:95:40:64:b5:85:
bf:cd:b7:86:fc:c4:ed:25:af:2b:36:15:b1:6d:b2:
2d:d5:ec:cf:4f:25:de:05:23:f2:5d:c8:42:de:fa:
62:a0:42:6c:00:fb:2c:85:16:ba:5a:40:14:46:7d:
d2:43:05:35:d1:ef:67:39:65:64:45:a8:56:1e:84:
ea:30:c6:18:ef:2d:ae:23:4e:0b:5e:97:65:47:e4:
68:47:c6:41:98:28:b7:72:d9:ec:bc:81:e5:2c:d1:
87:4c:e8:dd:17:0a:c5:36:aa:97:26:1e:dc:aa:4e:
c5:71:e7:91:9d:c0:43:91:ed:3f:52:77:28:28:38:
87:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:07:DB:BF:1E:7A:28:76:5D:CD:01:C6:CE:B4:3F:DD:C6:4D:73:06
X509v3 Authority Key Identifier:
keyid:B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/Awfbvx56KHZdzQHGzrQ_3cZNcwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/sQw889xTylScA-T19G2RzpC44HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.184.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:a5:75:f1:be:9d:f6:33:63:e5:9a:7d:db:69:78:34:ff:62:
7e:36:ce:0b:76:99:90:ac:0a:c3:ea:12:94:42:1e:d5:46:65:
30:68:03:26:21:d6:53:00:36:3c:76:54:13:30:fb:9c:c0:47:
ed:31:5d:8c:9b:fe:d9:24:03:75:bd:60:d7:39:2b:b2:84:de:
ae:76:fb:5a:e2:f7:85:0d:1c:61:0e:ed:ad:35:20:e5:45:43:
c6:37:dc:9f:99:d3:99:50:e7:20:a4:06:42:c6:b7:a0:ba:03:
cd:e5:fe:71:f4:fe:17:ad:2a:b3:a4:16:dc:ed:e0:7e:75:52:
f2:0a:ce:92:36:48:d3:19:b2:42:cb:a2:f7:90:93:be:2e:6e:
6e:de:14:df:5e:50:85:ed:74:14:13:4f:b1:f7:95:b3:f2:cf:
f1:38:88:77:c3:be:8c:4b:fc:37:6f:6d:1e:90:bd:6c:e9:4a:
02:12:2e:da:8d:25:70:33:c1:85:08:55:eb:33:2c:47:cd:68:
76:86:d2:5c:3b:82:43:dd:19:72:a6:71:cc:36:cd:b1:1a:8e:
1f:0c:9a:12:c3:f8:a7:27:21:bd:a3:d3:d0:f5:27:12:21:e9:
07:d5:62:cf:b2:d6:f6:71:5e:fd:ae:c4:17:0c:da:4f:8f:f1:
a0:61:70:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFsLgvLHNle+iGUPdsq1xnLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMGMzY2YzZGM1M2NhNTQ5YzAzZTRmNWY0NmQ5MWNlOTBi
OGUwNzAwHhcNMjQwODE5MTk0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzA3ZGJiZjFlN2EyODc2NWRjZDAxYzZjZWI0M2ZkZGM2NGQ3MzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4/zWowvG+7l0HZhPQbHss6MXteF
HL/LrKjsqZvwPUMW3jjcJtDAts7oNYD5qVZfp6jDW+cHCpj90MOmFMCpZOrrG0yc
BPnBnWx2MYoJhz45gOl1Rvd0+FIO2vvOilYEd+8JCHyBiFGtpQcgfG1MiTtanrp3
gCH07FcpvpR1KD+SlUBktYW/zbeG/MTtJa8rNhWxbbIt1ezPTyXeBSPyXchC3vpi
oEJsAPsshRa6WkAURn3SQwU10e9nOWVkRahWHoTqMMYY7y2uI04LXpdlR+RoR8ZB
mCi3ctnsvIHlLNGHTOjdFwrFNqqXJh7cqk7FceeRncBDke0/UncoKDiHUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMH278eeih2Xc0Bxs60P93GTXMGMB8GA1UdIwQY
MBaAFLEMPPPcU8pUnAPk9fRtkc6QuOBwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMt
MzZmODJiZDM3OWJkLzEvQXdmYnZ4NTZLSFpkelFIR3pyUV8zY1pOY3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMtMzZmODJiZDM3OWJk
LzEvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf24MA0G
CSqGSIb3DQEBCwUAA4IBAQA9pXXxvp32M2Plmn3baXg0/2J+Ns4LdpmQrArD6hKU
Qh7VRmUwaAMmIdZTADY8dlQTMPucwEftMV2Mm/7ZJAN1vWDXOSuyhN6udvta4veF
DRxhDu2tNSDlRUPGN9yfmdOZUOcgpAZCxregugPN5f5x9P4XrSqzpBbc7eB+dVLy
Cs6SNkjTGbJCy6L3kJO+Lm5u3hTfXlCF7XQUE0+x95Wz8s/xOIh3w76MS/w3b20e
kL1s6UoCEi7ajSVwM8GFCFXrMyxHzWh2htJcO4JD3RlypnHMNs2xGo4fDJoSw/in
JyG9o9PQ9ScSIekH1WLPstb2cV79rsQXDNpPj/GgYXAU
-----END CERTIFICATE-----
Generated at Tue Apr 22 14:11:00 2025 by rpki-client