Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/eg89MORZb6Y6_n9YFbgEy43B4Is.roa
File: eg89MORZb6Y6_n9YFbgEy43B4Is.roa (raw, json)
Hash identifier: SPnTvbLEjKSgPfQ8jgLZTLXVTnq430HIX/4osKEJr68=
Subject key identifier: 7A:0F:3D:30:E4:59:6F:A6:3A:FE:7F:58:15:B8:04:CB:8D:C1:E0:8B
Certificate issuer: /CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Certificate serial: 0191EA2E4EB33E9BA4A63BCA3D77E972A0D1
Authority key identifier: B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/eg89MORZb6Y6_n9YFbgEy43B4Is.roa
Signing time: Fri 13 Sep 2024 06:59:48 +0000
ROA not before: Fri 13 Sep 2024 06:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211134
IP address blocks: 185.253.184.0/22 maxlen: 22
185.253.184.0/23 maxlen: 23
185.253.184.0/24 maxlen: 24
185.253.185.0/24 maxlen: 24
185.253.186.0/23 maxlen: 23
185.253.186.0/24 maxlen: 24
185.253.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ea:2e:4e:b3:3e:9b:a4:a6:3b:ca:3d:77:e9:72:a0:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Validity
Not Before: Sep 13 06:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a0f3d30e4596fa63afe7f5815b804cb8dc1e08b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b8:47:ab:20:04:2a:a4:89:03:39:53:f8:b7:
1d:16:2b:e0:6b:63:6d:fc:8d:73:37:8f:ee:f1:6a:
80:72:5c:9f:16:2b:71:ec:e3:ff:97:62:93:32:d1:
81:b1:3f:28:a1:d3:6b:80:af:88:ec:65:c4:d6:8d:
29:db:bc:bc:b7:11:9b:d6:17:12:f0:f3:14:86:2b:
df:04:20:6c:4b:4c:26:de:c5:80:55:8b:61:de:f3:
f1:0a:83:0e:fb:76:09:87:bb:a3:e7:87:bb:91:10:
70:5b:ee:c2:be:40:34:ad:77:ec:bb:e9:ec:9f:23:
1f:71:e4:d2:a8:ed:ec:b0:b1:f2:74:e0:b8:31:b5:
13:f5:e8:43:9c:29:65:4b:98:64:73:08:ee:74:61:
3f:43:84:f7:9e:4d:74:ed:b0:cf:be:14:04:1c:fe:
cb:1c:fa:3f:be:9f:18:d8:9e:b6:6e:90:80:3f:a0:
4f:69:95:7e:d6:ce:f3:84:6e:6a:ca:94:40:9e:5a:
a8:a9:5b:84:a2:0e:53:16:f5:53:a2:76:d5:f9:30:
0c:d6:6f:eb:fa:19:98:bf:27:75:2a:06:a3:15:22:
26:41:a9:40:29:03:84:45:fc:92:94:b1:4d:6b:dc:
e2:bd:d0:f4:ac:58:68:27:e5:9d:89:1f:b5:e6:11:
1e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0F:3D:30:E4:59:6F:A6:3A:FE:7F:58:15:B8:04:CB:8D:C1:E0:8B
X509v3 Authority Key Identifier:
keyid:B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/eg89MORZb6Y6_n9YFbgEy43B4Is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/sQw889xTylScA-T19G2RzpC44HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.184.0/22
Signature Algorithm: sha256WithRSAEncryption
44:fc:96:86:fd:87:60:0c:03:e5:1a:ce:3f:20:29:1a:73:6f:
73:80:ba:1e:34:f1:43:97:e4:2f:b9:f4:bb:33:ef:c2:e0:2a:
61:2e:46:18:6b:82:e4:3b:83:8e:36:76:e8:a4:37:86:a7:35:
a3:88:91:c8:24:dd:16:03:b3:a0:8c:de:f7:ae:03:80:f5:47:
08:6e:97:13:bf:62:2e:22:2f:6c:04:7a:88:a6:91:18:06:9b:
1c:09:46:91:6d:27:8d:5b:6f:84:e7:9d:50:45:93:76:86:ed:
41:bb:83:e4:eb:b2:46:e8:4e:58:de:69:68:26:30:b3:6d:7b:
7f:cc:85:c1:eb:ad:64:a0:f3:f3:3b:0d:9d:8e:7c:35:7d:a9:
f6:0e:fd:41:1e:68:2f:9c:c7:18:b8:dc:60:76:42:06:35:9d:
04:1a:09:bc:bb:43:0e:8a:3c:a4:b6:5e:d1:6a:41:0f:75:09:
43:d0:58:0d:12:fa:61:19:e4:5c:af:56:f1:7f:2d:03:ac:88:
3a:44:56:12:a3:78:8b:48:71:22:4b:31:79:59:90:a9:60:e1:
17:ee:e6:04:4c:04:32:9e:15:5a:44:02:7d:ff:eb:67:9e:11:
70:0c:3c:4b:5f:de:b9:e6:1e:96:1e:aa:00:97:46:5d:9b:86:
b6:7e:98:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHqLk6zPpukpjvKPXfpcqDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMGMzY2YzZGM1M2NhNTQ5YzAzZTRmNWY0NmQ5MWNlOTBi
OGUwNzAwHhcNMjQwOTEzMDY1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTBmM2QzMGU0NTk2ZmE2M2FmZTdmNTgxNWI4MDRjYjhkYzFlMDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrhHqyAEKqSJAzlT+LcdFivga2Nt
/I1zN4/u8WqAclyfFitx7OP/l2KTMtGBsT8oodNrgK+I7GXE1o0p27y8txGb1hcS
8PMUhivfBCBsS0wm3sWAVYth3vPxCoMO+3YJh7uj54e7kRBwW+7CvkA0rXfsu+ns
nyMfceTSqO3ssLHydOC4MbUT9ehDnCllS5hkcwjudGE/Q4T3nk107bDPvhQEHP7L
HPo/vp8Y2J62bpCAP6BPaZV+1s7zhG5qypRAnlqoqVuEog5TFvVTonbV+TAM1m/r
+hmYvyd1KgajFSImQalAKQOERfySlLFNa9zivdD0rFhoJ+WdiR+15hEeGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHoPPTDkWW+mOv5/WBW4BMuNweCLMB8GA1UdIwQY
MBaAFLEMPPPcU8pUnAPk9fRtkc6QuOBwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMt
MzZmODJiZDM3OWJkLzEvZWc4OU1PUlpiNlk2X245WUZiZ0V5NDNCNElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMtMzZmODJiZDM3OWJk
LzEvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf24MA0G
CSqGSIb3DQEBCwUAA4IBAQBE/JaG/YdgDAPlGs4/ICkac29zgLoeNPFDl+QvufS7
M+/C4CphLkYYa4LkO4OONnbopDeGpzWjiJHIJN0WA7OgjN73rgOA9UcIbpcTv2Iu
Ii9sBHqIppEYBpscCUaRbSeNW2+E551QRZN2hu1Bu4Pk67JG6E5Y3mloJjCzbXt/
zIXB661koPPzOw2djnw1fan2Dv1BHmgvnMcYuNxgdkIGNZ0EGgm8u0MOijyktl7R
akEPdQlD0FgNEvphGeRcr1bxfy0DrIg6RFYSo3iLSHEiSzF5WZCpYOEX7uYETAQy
nhVaRAJ9/+tnnhFwDDxLX9655h6WHqoAl0Zdm4a2fph/
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:22:46 2025 by rpki-client