Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/9ndbFwNA9GEsei_Fs84w5vZNkA0.roa
File: 9ndbFwNA9GEsei_Fs84w5vZNkA0.roa (raw, json)
Hash identifier: NYQN7O4R5UrOhSZvKtONavR0VbYZqifRIoIDb4kywgs=
Subject key identifier: F6:77:5B:17:03:40:F4:61:2C:7A:2F:C5:B3:CE:30:E6:F6:4D:90:0D
Certificate issuer: /CN=b5160326be7e5cdc35b5c036441163cd25a4974d
Certificate serial: 018CC7269928323439BD5877846016D11D22
Authority key identifier: B5:16:03:26:BE:7E:5C:DC:35:B5:C0:36:44:11:63:CD:25:A4:97:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRYDJr5-XNw1tcA2RBFjzSWkl00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/9ndbFwNA9GEsei_Fs84w5vZNkA0.roa
Signing time: Mon 01 Jan 2024 22:30:44 +0000
ROA not before: Mon 01 Jan 2024 22:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206374
IP address blocks: 185.188.132.0/24 maxlen: 24
185.188.133.0/24 maxlen: 24
2a0b:c480::/32 maxlen: 38
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:99:28:32:34:39:bd:58:77:84:60:16:d1:1d:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5160326be7e5cdc35b5c036441163cd25a4974d
Validity
Not Before: Jan 1 22:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6775b170340f4612c7a2fc5b3ce30e6f64d900d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:53:86:ce:b9:ad:00:07:6c:20:87:d0:35:44:
d7:f6:3d:5d:5e:42:0a:bd:72:a7:b0:9c:a3:71:a8:
27:39:1d:d5:ee:9f:48:4a:09:92:3e:b6:de:a6:08:
b7:61:77:e3:12:80:96:04:ea:4d:48:b7:0a:6c:8c:
11:f1:33:85:14:0f:69:a9:47:84:94:0e:f6:a2:c0:
b1:5a:6a:d1:87:1a:5a:3a:0b:b8:25:85:41:43:66:
34:ae:6a:43:9f:79:01:c2:02:b1:ec:a4:53:8c:46:
25:0b:72:b3:e6:2d:f3:d8:c3:53:a2:d8:2d:fe:c1:
76:d6:a8:17:1d:21:e3:5e:7c:3b:e6:ec:6c:6e:b7:
84:3e:19:ff:21:c7:6c:83:58:75:53:47:05:0c:0e:
8d:e4:f8:84:06:50:bc:7a:ec:39:b5:3d:b4:e9:af:
9f:ac:75:37:de:22:44:e3:20:ce:2f:57:73:f8:ed:
ae:60:f2:a6:e4:24:fe:7a:5a:4b:10:e9:a8:1f:d7:
51:b5:3e:29:14:b8:3d:df:7c:d3:64:45:dc:09:3a:
9a:d0:c3:2d:34:08:d3:43:d8:a5:98:de:a6:82:ef:
7c:07:82:bd:e0:8b:fb:01:1a:2e:7b:b8:17:4b:05:
79:14:82:5b:63:6b:2b:cf:f3:9c:94:7a:68:f1:64:
df:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:77:5B:17:03:40:F4:61:2C:7A:2F:C5:B3:CE:30:E6:F6:4D:90:0D
X509v3 Authority Key Identifier:
keyid:B5:16:03:26:BE:7E:5C:DC:35:B5:C0:36:44:11:63:CD:25:A4:97:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRYDJr5-XNw1tcA2RBFjzSWkl00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/9ndbFwNA9GEsei_Fs84w5vZNkA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/tRYDJr5-XNw1tcA2RBFjzSWkl00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.132.0/23
IPv6:
2a0b:c480::/32
Signature Algorithm: sha256WithRSAEncryption
a0:c7:98:2a:67:c7:40:6a:37:b0:d8:24:8c:d2:35:46:08:c8:
6b:4a:b1:be:2b:98:de:ee:98:cd:d7:fa:d1:74:c4:f9:f4:dd:
e7:c2:f4:3f:3a:46:ce:80:3f:5c:f8:d4:83:11:38:63:96:6b:
99:14:80:2e:e2:c4:bf:1e:b5:3f:dc:4c:b9:06:d4:31:0a:08:
3c:72:5f:a2:6a:32:e9:d3:d5:9e:2a:ca:90:29:1f:ad:ab:82:
f6:1b:b8:ec:b1:19:ab:8b:91:85:6a:dd:c8:59:db:7e:4d:51:
66:60:3a:a0:0b:5e:ae:24:34:2b:f3:80:32:18:03:26:c8:64:
82:a3:22:f5:6b:16:fc:8d:c6:2e:bc:d1:97:2c:cd:ca:31:92:
ca:34:31:ac:36:e2:f5:06:5a:52:cb:c4:8b:c8:73:7e:22:41:
48:a9:01:b2:e3:9f:20:ad:aa:df:b3:f1:66:c3:54:04:d3:49:
50:e9:f7:d4:f2:51:6b:4a:27:13:8e:31:7e:0d:10:48:ae:85:
8c:87:b8:5d:ce:c0:5c:d8:c5:c4:33:ad:7b:66:c8:d3:8b:f1:
9c:b3:e9:7c:d0:d6:d0:d3:ae:d9:5d:3c:9b:f9:0b:5a:d1:af:
ec:4d:20:50:20:30:b5:26:55:cf:cc:b6:d3:41:29:d4:43:57:
b8:57:a6:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJpkoMjQ5vVh3hGAW0R0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTYwMzI2YmU3ZTVjZGMzNWI1YzAzNjQ0MTE2M2NkMjVh
NDk3NGQwHhcNMjQwMTAxMjIzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjc3NWIxNzAzNDBmNDYxMmM3YTJmYzViM2NlMzBlNmY2NGQ5MDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFOGzrmtAAdsIIfQNUTX9j1dXkIK
vXKnsJyjcagnOR3V7p9ISgmSPrbepgi3YXfjEoCWBOpNSLcKbIwR8TOFFA9pqUeE
lA72osCxWmrRhxpaOgu4JYVBQ2Y0rmpDn3kBwgKx7KRTjEYlC3Kz5i3z2MNTotgt
/sF21qgXHSHjXnw75uxsbreEPhn/Icdsg1h1U0cFDA6N5PiEBlC8euw5tT206a+f
rHU33iJE4yDOL1dz+O2uYPKm5CT+elpLEOmoH9dRtT4pFLg933zTZEXcCTqa0MMt
NAjTQ9ilmN6mgu98B4K94Iv7ARoue7gXSwV5FIJbY2srz/OclHpo8WTfWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPZ3WxcDQPRhLHovxbPOMOb2TZANMB8GA1UdIwQY
MBaAFLUWAya+flzcNbXANkQRY80lpJdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJZREpyNS1YTncxdGNBMlJCRmp6U1drbDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wZTVhYTItODQwOS00N2EwLWI0Nzkt
ZjQ4YWEyZTc1NGU1LzEvOW5kYkZ3TkE5R0VzZWlfRnM4NHc1dlpOa0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wZTVhYTItODQwOS00N2EwLWI0NzktZjQ4YWEyZTc1NGU1
LzEvdFJZREpyNS1YTncxdGNBMlJCRmp6U1drbDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBubyEMA0E
AgACMAcDBQAqC8SAMA0GCSqGSIb3DQEBCwUAA4IBAQCgx5gqZ8dAajew2CSM0jVG
CMhrSrG+K5je7pjN1/rRdMT59N3nwvQ/OkbOgD9c+NSDEThjlmuZFIAu4sS/HrU/
3Ey5BtQxCgg8cl+iajLp09WeKsqQKR+tq4L2G7jssRmri5GFat3IWdt+TVFmYDqg
C16uJDQr84AyGAMmyGSCoyL1axb8jcYuvNGXLM3KMZLKNDGsNuL1BlpSy8SLyHN+
IkFIqQGy458grarfs/Fmw1QE00lQ6ffU8lFrSicTjjF+DRBIroWMh7hdzsBc2MXE
M617ZsjTi/Gcs+l80NbQ067ZXTyb+Qta0a/sTSBQIDC1JlXPzLbTQSnUQ1e4V6Zt
-----END CERTIFICATE-----
Generated at Sun May 11 09:08:45 2025 by rpki-client