Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/Ku9ZAtn-MVmb87Mvnu_yCcrtrY8.roa
File: Ku9ZAtn-MVmb87Mvnu_yCcrtrY8.roa (raw, json)
Hash identifier: e+SL8IwBFjF0GK0hkRUIiNSwpt0nAU1B9JlN3y8ybWI=
Subject key identifier: 2A:EF:59:02:D9:FE:31:59:9B:F3:B3:2F:9E:EF:F2:09:CA:ED:AD:8F
Certificate issuer: /CN=86963d003134ccda56fedfeb278f7a768a7f402f
Certificate serial: 018EF231131CD956A46B07ADD2096158F94C
Authority key identifier: 86:96:3D:00:31:34:CC:DA:56:FE:DF:EB:27:8F:7A:76:8A:7F:40:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpY9ADE0zNpW_t_rJ496dop_QC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/Ku9ZAtn-MVmb87Mvnu_yCcrtrY8.roa
Signing time: Thu 18 Apr 2024 17:11:26 +0000
ROA not before: Thu 18 Apr 2024 17:11:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48257
IP address blocks: 185.187.188.0/22 maxlen: 22
195.138.232.0/21 maxlen: 21
195.138.232.0/22 maxlen: 22
195.138.236.0/22 maxlen: 22
217.71.224.0/20 maxlen: 20
217.71.224.0/21 maxlen: 21
217.71.232.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 18 Apr 2024 17:20:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f2:31:13:1c:d9:56:a4:6b:07:ad:d2:09:61:58:f9:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86963d003134ccda56fedfeb278f7a768a7f402f
Validity
Not Before: Apr 18 17:11:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2aef5902d9fe31599bf3b32f9eeff209caedad8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5e:b0:8c:99:db:c9:3a:18:ef:0c:26:43:1d:
d8:7a:74:af:ab:34:9d:7d:fe:da:5e:07:72:9d:67:
55:36:70:41:8a:d6:7e:bc:d1:c8:36:cc:06:77:52:
e0:64:20:4e:4d:56:46:7b:62:de:72:96:f7:b8:a4:
27:ca:71:47:bc:3f:29:ff:4e:2a:51:8e:9e:c0:43:
18:f6:82:ec:5f:fb:6f:93:3a:a6:c0:9b:d3:95:02:
df:79:c7:06:e4:87:98:ed:d1:c0:7f:44:2d:b1:79:
d7:de:f3:1e:04:92:d1:ea:a6:66:3a:1a:49:53:a9:
d9:d6:82:40:d8:19:20:47:93:05:f0:0d:2e:7e:d3:
48:67:77:33:27:80:7b:0c:b2:e4:ff:fd:26:88:db:
3a:83:00:bf:98:b7:10:48:ce:c2:e8:00:f4:b8:b0:
8c:38:67:f7:04:da:fc:62:17:3b:1e:9a:f6:09:8f:
e0:10:0f:ff:e6:81:a1:6b:51:84:7d:61:49:3e:0e:
c8:43:c4:c0:28:24:6a:2c:64:6d:d4:e6:c1:cd:cd:
4d:58:0f:01:59:9c:5f:6c:b8:4b:e8:6b:d7:27:2f:
c1:c8:8f:85:d2:26:d3:09:55:db:53:9d:9d:73:39:
07:2f:88:d6:bc:4f:9c:d2:dd:d8:6a:b4:e8:7d:78:
58:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:EF:59:02:D9:FE:31:59:9B:F3:B3:2F:9E:EF:F2:09:CA:ED:AD:8F
X509v3 Authority Key Identifier:
keyid:86:96:3D:00:31:34:CC:DA:56:FE:DF:EB:27:8F:7A:76:8A:7F:40:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpY9ADE0zNpW_t_rJ496dop_QC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/Ku9ZAtn-MVmb87Mvnu_yCcrtrY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/hpY9ADE0zNpW_t_rJ496dop_QC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.188.0/22
195.138.232.0/21
217.71.224.0/20
Signature Algorithm: sha256WithRSAEncryption
5f:33:92:4d:1e:cd:bb:8f:3c:77:d3:47:ef:1d:91:6f:80:e5:
5b:bf:79:a3:84:c2:da:02:73:49:1e:10:a7:3c:2a:f3:3c:a8:
19:11:60:fb:56:06:e9:2f:fe:ce:ee:d3:88:a6:4d:39:40:c0:
cd:c7:2e:c5:cf:8a:92:30:0e:3f:e3:e3:4c:4e:00:d0:62:1b:
b1:50:d5:03:9e:25:e2:75:f3:43:97:b2:2e:37:3c:b8:9f:43:
8f:c3:fc:ba:55:c1:fd:9e:b9:90:d2:9f:cb:85:16:3f:77:a2:
94:7f:69:11:3b:82:3f:87:be:f1:c2:f8:04:2a:a4:42:13:75:
cc:51:aa:c1:16:05:f7:49:8b:fc:fc:2c:ee:64:e3:87:ce:a1:
8a:d9:96:29:14:f5:fe:90:eb:f9:4c:80:c8:15:ba:9d:33:82:
ac:e9:c4:44:4d:69:44:9c:f9:e4:6d:3b:e8:c9:95:a1:bb:d6:
8f:ca:66:b1:d0:2d:3c:b7:e9:70:8f:9b:79:a2:87:b2:1d:43:
64:d5:24:c8:80:80:8d:71:8f:5e:f1:d2:87:f8:fa:0f:b4:60:
45:fa:4d:0b:e8:4a:43:7f:59:21:ff:23:c8:96:75:44:da:31:
8a:f9:62:8e:44:6c:13:60:b5:19:3e:4f:99:db:cf:0e:a7:28:
c2:04:69:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7yMRMc2Vakawet0glhWPlMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTYzZDAwMzEzNGNjZGE1NmZlZGZlYjI3OGY3YTc2OGE3
ZjQwMmYwHhcNMjQwNDE4MTcxMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWVmNTkwMmQ5ZmUzMTU5OWJmM2IzMmY5ZWVmZjIwOWNhZWRhZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo16wjJnbyToY7wwmQx3YenSvqzSd
ff7aXgdynWdVNnBBitZ+vNHINswGd1LgZCBOTVZGe2Lecpb3uKQnynFHvD8p/04q
UY6ewEMY9oLsX/tvkzqmwJvTlQLfeccG5IeY7dHAf0QtsXnX3vMeBJLR6qZmOhpJ
U6nZ1oJA2BkgR5MF8A0uftNIZ3czJ4B7DLLk//0miNs6gwC/mLcQSM7C6AD0uLCM
OGf3BNr8Yhc7Hpr2CY/gEA//5oGha1GEfWFJPg7IQ8TAKCRqLGRt1ObBzc1NWA8B
WZxfbLhL6GvXJy/ByI+F0ibTCVXbU52dczkHL4jWvE+c0t3YarTofXhYiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCrvWQLZ/jFZm/OzL57v8gnK7a2PMB8GA1UdIwQY
MBaAFIaWPQAxNMzaVv7f6yePenaKf0AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBZOUFERTB6TnBXX3Rfcko0OTZkb3BfUUM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yYzA5NzEtYWVlZi00MTdlLThiNTQt
MTIxZDJjYmIyMWQ2LzEvS3U5WkF0bi1NVm1iODdNdm51X3lDY3J0clk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yYzA5NzEtYWVlZi00MTdlLThiNTQtMTIxZDJjYmIyMWQ2
LzEvaHBZOUFERTB6TnBXX3Rfcko0OTZkb3BfUUM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCubu8AwQD
w4roAwQE2UfgMA0GCSqGSIb3DQEBCwUAA4IBAQBfM5JNHs27jzx300fvHZFvgOVb
v3mjhMLaAnNJHhCnPCrzPKgZEWD7VgbpL/7O7tOIpk05QMDNxy7Fz4qSMA4/4+NM
TgDQYhuxUNUDniXidfNDl7IuNzy4n0OPw/y6VcH9nrmQ0p/LhRY/d6KUf2kRO4I/
h77xwvgEKqRCE3XMUarBFgX3SYv8/CzuZOOHzqGK2ZYpFPX+kOv5TIDIFbqdM4Ks
6cRETWlEnPnkbTvoyZWhu9aPymax0C08t+lwj5t5ooeyHUNk1STIgICNcY9e8dKH
+PoPtGBF+k0L6EpDf1kh/yPIlnVE2jGK+WKORGwTYLUZPk+Z288OpyjCBGm8
-----END CERTIFICATE-----
Generated at Wed May 7 14:34:23 2025 by rpki-client