Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/1eFzY8FiTQQxUwtOAKRVnCNNLIc.roa
File: 1eFzY8FiTQQxUwtOAKRVnCNNLIc.roa (raw, json)
Hash identifier: cCb/0Xo070sG5o+M16V7v7dXegnBiWH8sATF36pJWgU=
Subject key identifier: D5:E1:73:63:C1:62:4D:04:31:53:0B:4E:00:A4:55:9C:23:4D:2C:87
Certificate issuer: /CN=fef918c5a9330dbbe6eee17cb9a1d62fbc855bde
Certificate serial: 0194458962485F3B1FF4596076248899D54E
Authority key identifier: FE:F9:18:C5:A9:33:0D:BB:E6:EE:E1:7C:B9:A1:D6:2F:BC:85:5B:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/1eFzY8FiTQQxUwtOAKRVnCNNLIc.roa
Signing time: Wed 08 Jan 2025 10:50:18 +0000
ROA not before: Wed 08 Jan 2025 10:50:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59395
IP address blocks: 185.159.216.0/22 maxlen: 22
185.175.112.0/22 maxlen: 22
217.119.128.0/24 maxlen: 24
217.119.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 15:39:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:89:62:48:5f:3b:1f:f4:59:60:76:24:88:99:d5:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef918c5a9330dbbe6eee17cb9a1d62fbc855bde
Validity
Not Before: Jan 8 10:50:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5e17363c1624d0431530b4e00a4559c234d2c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:62:0e:31:01:5a:7b:34:0f:92:8f:99:03:08:
64:44:7b:a4:e8:ed:5a:8d:6b:d7:80:8e:b8:da:3d:
98:f0:5e:12:66:2b:b1:f3:e9:73:c4:1a:87:2c:1a:
86:50:d1:aa:18:df:6b:25:8b:fe:9f:5e:28:1b:de:
28:3a:85:c1:99:60:d8:c9:67:14:79:db:69:66:f9:
8a:db:9d:f2:48:b4:6d:f9:18:de:0f:6c:59:c4:5d:
a8:13:d8:30:df:3f:ac:33:4e:e0:ed:b8:2f:22:e1:
79:4c:c7:ec:95:bb:0d:10:ad:8f:c3:46:1b:b0:73:
9e:a9:3a:d1:40:fa:19:cf:d3:e8:71:ff:ea:a5:79:
0a:38:b4:49:f5:f4:40:8e:99:cc:17:0d:95:c8:f2:
e7:31:14:25:7e:ad:b2:dc:31:1a:01:43:3b:96:b0:
4c:f8:f9:1f:80:0c:5c:a0:e5:f5:7d:f1:b7:b8:98:
18:6e:13:68:8c:63:66:d0:5a:bc:39:71:eb:4a:77:
e7:d0:d2:00:3b:58:a2:a5:18:95:d8:35:ce:36:9e:
e8:32:ed:04:71:f9:3b:73:a5:39:df:f3:ea:37:ea:
3e:53:58:46:b6:22:bc:a2:f2:73:b0:e5:04:62:20:
ba:6a:e7:1a:c2:b5:d8:5a:20:7e:f4:ab:a2:c8:70:
99:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E1:73:63:C1:62:4D:04:31:53:0B:4E:00:A4:55:9C:23:4D:2C:87
X509v3 Authority Key Identifier:
keyid:FE:F9:18:C5:A9:33:0D:BB:E6:EE:E1:7C:B9:A1:D6:2F:BC:85:5B:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/1eFzY8FiTQQxUwtOAKRVnCNNLIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.216.0/22
185.175.112.0/22
217.119.128.0/24
217.119.137.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:82:a1:ca:0d:7c:b4:72:9f:c5:3e:b7:7b:73:16:40:76:1c:
ea:bf:b1:25:95:80:86:ff:90:e1:e8:2a:9d:c8:1d:3e:a9:90:
dc:2e:be:88:12:21:63:59:5e:32:b9:52:bb:19:7c:11:f2:90:
27:6f:27:45:0d:3c:78:fa:b9:c5:27:18:1e:53:f4:ac:16:3a:
00:c1:1a:4f:2c:b3:71:4d:06:e8:4b:fe:2b:30:b7:fd:44:cd:
16:9e:5f:8a:4c:f7:1f:e5:83:4b:63:21:c4:e0:61:54:5f:fc:
13:70:00:24:f8:d1:10:1e:7f:fa:47:df:15:8f:5a:63:ee:9a:
b5:20:a1:af:4d:2f:07:e6:eb:cb:4e:19:76:e7:c3:0f:d0:24:
b1:7b:70:33:5b:bf:51:1b:d2:a6:8a:94:12:5b:3e:f1:d5:4a:
8e:79:53:6f:d5:3b:5f:1e:a9:54:7d:e2:72:8a:27:44:b3:9d:
94:7b:f7:b4:0b:02:09:b2:bc:24:20:04:38:a2:aa:08:e6:a3:
2f:c1:99:49:e0:7c:72:f6:27:4a:49:3e:dc:eb:68:eb:f3:df:
cb:91:6d:54:56:a3:56:5e:23:7d:63:71:bf:68:d7:5e:07:2f:
0f:de:91:03:8b:b0:a2:53:56:1d:80:c0:03:fd:18:c4:c2:ca:
c2:4c:05:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZRFiWJIXzsf9FlgdiSImdVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjkxOGM1YTkzMzBkYmJlNmVlZTE3Y2I5YTFkNjJmYmM4
NTViZGUwHhcNMjUwMTA4MTA1MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWUxNzM2M2MxNjI0ZDA0MzE1MzBiNGUwMGE0NTU5YzIzNGQyYzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmIOMQFaezQPko+ZAwhkRHuk6O1a
jWvXgI642j2Y8F4SZiux8+lzxBqHLBqGUNGqGN9rJYv+n14oG94oOoXBmWDYyWcU
edtpZvmK253ySLRt+RjeD2xZxF2oE9gw3z+sM07g7bgvIuF5TMfslbsNEK2Pw0Yb
sHOeqTrRQPoZz9Pocf/qpXkKOLRJ9fRAjpnMFw2VyPLnMRQlfq2y3DEaAUM7lrBM
+PkfgAxcoOX1ffG3uJgYbhNojGNm0Fq8OXHrSnfn0NIAO1iipRiV2DXONp7oMu0E
cfk7c6U53/PqN+o+U1hGtiK8ovJzsOUEYiC6aucawrXYWiB+9KuiyHCZiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNXhc2PBYk0EMVMLTgCkVZwjTSyHMB8GA1UdIwQY
MBaAFP75GMWpMw275u7hfLmh1i+8hVveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZrWXhha3pEYnZtN3VGOHVhSFdMN3lGVzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lZDY1NWQtNTEwMi00OTMyLWIxZGIt
YmEyODg5YWZhYWRkLzEvMWVGelk4RmlUUVF4VXd0T0FLUlZuQ05OTEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lZDY1NWQtNTEwMi00OTMyLWIxZGItYmEyODg5YWZhYWRk
LzEvX3ZrWXhha3pEYnZtN3VGOHVhSFdMN3lGVzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuZ/YAwQC
ua9wAwQA2XeAAwQA2XeJMA0GCSqGSIb3DQEBCwUAA4IBAQBPgqHKDXy0cp/FPrd7
cxZAdhzqv7EllYCG/5Dh6CqdyB0+qZDcLr6IEiFjWV4yuVK7GXwR8pAnbydFDTx4
+rnFJxgeU/SsFjoAwRpPLLNxTQboS/4rMLf9RM0Wnl+KTPcf5YNLYyHE4GFUX/wT
cAAk+NEQHn/6R98Vj1pj7pq1IKGvTS8H5uvLThl258MP0CSxe3AzW79RG9KmipQS
Wz7x1UqOeVNv1TtfHqlUfeJyiidEs52Ue/e0CwIJsrwkIAQ4oqoI5qMvwZlJ4Hxy
9idKST7c62jr89/LkW1UVqNWXiN9Y3G/aNdeBy8P3pEDi7CiU1YdgMAD/RjEwsrC
TAWF
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:52 2025 by rpki-client