Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/seSaS9KeXBwTsEDCU_EDz9Hb7UY.roa
File: seSaS9KeXBwTsEDCU_EDz9Hb7UY.roa (raw, json)
Hash identifier: 88fWH8PN4ZBsESUH4XZwGUKA+7WDj/W69pcgbH25Asg=
Subject key identifier: B1:E4:9A:4B:D2:9E:5C:1C:13:B0:40:C2:53:F1:03:CF:D1:DB:ED:46
Certificate issuer: /CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Certificate serial: 018CED3FD355E93B68EAE8D76AAA83B88086
Authority key identifier: 36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/seSaS9KeXBwTsEDCU_EDz9Hb7UY.roa
Signing time: Tue 09 Jan 2024 08:03:52 +0000
ROA not before: Tue 09 Jan 2024 08:03:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 185.113.66.0/24 maxlen: 24
185.113.66.0/23 maxlen: 24
185.113.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 09:34:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:3f:d3:55:e9:3b:68:ea:e8:d7:6a:aa:83:b8:80:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Validity
Not Before: Jan 9 08:03:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1e49a4bd29e5c1c13b040c253f103cfd1dbed46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c6:bd:e4:d2:90:46:97:7d:cf:ca:a3:23:d4:
88:3a:bd:79:7d:10:1e:fa:d6:eb:b5:58:a8:e3:55:
95:99:42:ab:3b:60:c4:91:07:2b:74:f4:be:65:47:
a9:b5:c2:52:87:0b:d6:33:ee:46:bb:99:0d:f3:15:
dd:81:ae:3c:1d:b2:05:66:aa:01:f6:4b:fa:bb:70:
ae:a1:16:a3:e7:d1:df:ec:a9:2f:b0:52:54:f4:bf:
6c:f6:9c:8f:09:e6:70:4a:ce:54:0c:99:cd:71:99:
9d:79:f9:0b:54:9a:41:e7:1b:8b:ee:61:f1:e6:db:
3c:50:8a:eb:c1:28:48:98:52:d5:83:6a:db:7a:ac:
90:75:a6:51:bd:94:aa:5c:2f:5e:eb:12:28:a9:d9:
d0:20:3a:df:a6:88:94:2c:71:21:98:00:c6:33:3a:
fa:de:af:53:45:67:b4:0f:07:36:89:0f:12:ae:08:
ba:99:04:34:d7:f4:8b:ad:74:7b:33:4f:61:a9:87:
5f:62:28:6c:f8:1a:00:dd:d8:b8:d7:12:b3:33:da:
02:f8:1e:82:db:d5:b5:f7:e8:41:fa:be:c6:41:97:
41:5e:12:be:70:f7:2a:c1:ef:48:e1:c8:a7:67:af:
29:ee:57:c8:4e:94:ba:4d:8c:4e:c2:e5:5e:7a:31:
5b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E4:9A:4B:D2:9E:5C:1C:13:B0:40:C2:53:F1:03:CF:D1:DB:ED:46
X509v3 Authority Key Identifier:
keyid:36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/seSaS9KeXBwTsEDCU_EDz9Hb7UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/NpT8xr9qh0D6eBRkH9nW7I2GLl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.66.0/23
Signature Algorithm: sha256WithRSAEncryption
76:7d:e8:34:d2:81:15:cf:7a:8b:25:6f:56:7d:79:e0:02:71:
0e:c7:35:6f:38:a7:d4:40:37:b5:28:7e:ad:67:0d:30:da:3d:
89:bc:5a:ff:28:ab:87:b4:b1:4a:5f:a0:da:29:7c:a4:f2:31:
0c:6a:c1:3f:f8:e4:64:62:c6:ed:6d:ab:3c:81:c1:e7:e3:b1:
3f:fb:a1:d5:68:c4:30:cd:f6:61:f0:5a:50:db:51:e0:43:6d:
a2:35:3c:ee:7f:55:cb:5f:dc:e3:2a:16:c2:32:64:44:b3:66:
ac:d1:4d:cd:98:8e:ea:32:2e:b0:7a:da:12:43:92:78:a8:69:
93:97:f5:18:7b:a1:8e:42:03:29:13:e2:1e:dc:ac:51:54:07:
6b:d6:9a:53:9d:06:c3:23:5c:da:0f:3a:f1:94:1b:1b:20:90:
99:63:e1:4a:d3:92:47:e4:ce:0d:2d:74:25:a7:90:04:18:09:
d5:2d:4d:65:99:1d:97:fc:55:5f:f7:dd:8f:4e:08:e3:af:4b:
1c:e7:f3:e7:0b:cb:76:34:a4:8c:62:4a:bc:83:7e:48:be:5f:
be:52:dc:fa:62:ea:d5:8b:9b:58:f1:73:13:a4:d2:c5:65:a5:
0a:b6:cb:ae:80:06:f0:4a:30:d8:3b:12:0a:af:12:28:a5:c1:
05:fa:7d:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYztP9NV6Tto6ujXaqqDuICGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTRmY2M2YmY2YTg3NDBmYTc4MTQ2NDFmZDlkNmVjOGQ4
NjJlNWYwHhcNMjQwMTA5MDgwMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWU0OWE0YmQyOWU1YzFjMTNiMDQwYzI1M2YxMDNjZmQxZGJlZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApca95NKQRpd9z8qjI9SIOr15fRAe
+tbrtVio41WVmUKrO2DEkQcrdPS+ZUeptcJShwvWM+5Gu5kN8xXdga48HbIFZqoB
9kv6u3CuoRaj59Hf7KkvsFJU9L9s9pyPCeZwSs5UDJnNcZmdefkLVJpB5xuL7mHx
5ts8UIrrwShImFLVg2rbeqyQdaZRvZSqXC9e6xIoqdnQIDrfpoiULHEhmADGMzr6
3q9TRWe0Dwc2iQ8Srgi6mQQ01/SLrXR7M09hqYdfYihs+BoA3di41xKzM9oC+B6C
29W19+hB+r7GQZdBXhK+cPcqwe9I4cinZ68p7lfITpS6TYxOwuVeejFbiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLHkmkvSnlwcE7BAwlPxA8/R2+1GMB8GA1UdIwQY
MBaAFDaU/Ma/aodA+ngUZB/Z1uyNhi5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUt
MGQzZmNlNDI5YmRlLzEvc2VTYVM5S2VYQndUc0VEQ1VfRUR6OUhiN1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUtMGQzZmNlNDI5YmRl
LzEvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuXFCMA0G
CSqGSIb3DQEBCwUAA4IBAQB2feg00oEVz3qLJW9WfXngAnEOxzVvOKfUQDe1KH6t
Zw0w2j2JvFr/KKuHtLFKX6DaKXyk8jEMasE/+ORkYsbtbas8gcHn47E/+6HVaMQw
zfZh8FpQ21HgQ22iNTzuf1XLX9zjKhbCMmREs2as0U3NmI7qMi6wetoSQ5J4qGmT
l/UYe6GOQgMpE+Ie3KxRVAdr1ppTnQbDI1zaDzrxlBsbIJCZY+FK05JH5M4NLXQl
p5AEGAnVLU1lmR2X/FVf992PTgjjr0sc5/PnC8t2NKSMYkq8g35Ivl++Utz6YurV
i5tY8XMTpNLFZaUKtsuugAbwSjDYOxIKrxIopcEF+n2R
-----END CERTIFICATE-----
Generated at Sun May 11 17:50:16 2025 by rpki-client