Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/PK0i9KhOGtC1vQe8IBSXMpa1oTE.roa
File: PK0i9KhOGtC1vQe8IBSXMpa1oTE.roa (raw, json)
Hash identifier: bRMvydSz/epeAvS9AeV29V5P+gFJQ3y419ciT41I/X0=
Subject key identifier: 3C:AD:22:F4:A8:4E:1A:D0:B5:BD:07:BC:20:14:97:32:96:B5:A1:31
Certificate issuer: /CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Certificate serial: 0193FCE705B353BEE670FF5936DEB5105811
Authority key identifier: 5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/PK0i9KhOGtC1vQe8IBSXMpa1oTE.roa
Signing time: Wed 25 Dec 2024 08:20:18 +0000
ROA not before: Wed 25 Dec 2024 08:20:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52052
IP address blocks: 185.166.72.0/22 maxlen: 22
193.37.134.0/24 maxlen: 24
193.37.155.0/24 maxlen: 24
193.37.224.0/24 maxlen: 24
193.37.229.0/24 maxlen: 24
194.247.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Dec 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fc:e7:05:b3:53:be:e6:70:ff:59:36:de:b5:10:58:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Validity
Not Before: Dec 25 08:20:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cad22f4a84e1ad0b5bd07bc2014973296b5a131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a1:7b:08:6e:6e:20:d6:20:af:3d:26:63:e2:
0a:d4:74:67:17:d8:c9:13:a4:b0:40:c4:ef:7b:7d:
cb:e9:a4:8f:33:6e:e1:87:66:1f:40:50:10:18:54:
68:fc:e3:9f:ff:a9:19:b4:f7:90:c8:59:61:ec:6a:
d3:be:ec:c9:99:b9:7d:e5:f1:2f:23:33:7a:9c:a0:
86:7a:03:5d:a3:52:07:59:ad:41:51:a0:e5:e0:57:
e3:75:92:88:8f:f9:8a:63:1c:cc:2c:34:71:bc:f6:
ec:a3:15:94:1a:79:a2:6d:25:07:41:dd:70:a1:41:
85:53:6b:62:45:f9:48:68:1f:b7:9d:76:52:0c:2c:
b4:9e:21:29:f4:2a:07:2e:8c:5f:0b:f0:6e:f3:1c:
ac:cd:47:6e:14:1b:2c:2a:1d:2b:fe:36:b8:93:43:
93:0a:42:18:0a:d2:79:e0:51:d3:bc:b7:b3:8b:1d:
3b:49:7f:9a:46:5a:bd:fb:2e:3a:97:38:f8:b6:53:
32:d5:f2:d2:1b:54:0a:49:00:ba:7f:ed:46:1c:c7:
49:88:cb:97:2f:76:cf:3d:a1:fa:eb:52:b3:b3:41:
77:6c:7e:ec:10:c6:62:cf:7c:a5:4b:e8:39:c9:74:
ca:8c:00:ae:c2:04:a8:65:63:66:ee:41:a8:f3:11:
98:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:AD:22:F4:A8:4E:1A:D0:B5:BD:07:BC:20:14:97:32:96:B5:A1:31
X509v3 Authority Key Identifier:
keyid:5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/PK0i9KhOGtC1vQe8IBSXMpa1oTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.72.0/22
193.37.134.0/24
193.37.155.0/24
193.37.224.0/24
193.37.229.0/24
194.247.33.0/24
Signature Algorithm: sha256WithRSAEncryption
37:c8:72:20:65:0f:f8:1d:8d:11:7d:93:7d:fa:42:cd:ab:2c:
dc:49:a3:31:34:9d:13:b1:9f:be:7e:d5:2d:db:7e:20:6d:af:
0a:40:01:fa:8d:14:80:cc:70:04:77:78:69:34:bf:5d:28:17:
15:0b:34:ad:03:cd:bf:99:e5:ff:07:86:a2:56:bf:52:02:35:
21:a5:46:68:65:d0:34:b5:3f:90:1e:e3:29:c2:02:ee:dc:c1:
80:83:c3:f0:c7:69:41:99:30:1f:78:4c:2a:59:95:00:0a:ed:
c4:b4:59:a4:68:fb:8f:34:0e:b7:8b:ae:29:24:ee:61:dd:4b:
34:e3:60:95:92:aa:96:bb:5f:47:22:6b:0d:7f:bb:81:14:34:
3b:80:b9:3d:ad:7d:81:ff:a0:b6:ef:06:c2:07:e3:fd:3a:67:
08:2e:03:af:55:31:ac:fe:f3:bd:a3:fd:a4:57:07:2e:82:46:
91:8e:38:68:53:a1:8a:a5:84:74:b1:06:6d:b5:3e:ef:77:7d:
87:5c:82:9a:85:05:a6:ad:f9:57:3e:68:6e:bd:9d:b7:c0:bb:
05:f6:9b:a6:56:98:c1:0d:73:c5:ce:3a:5a:57:6d:eb:54:be:
ee:eb:82:39:a6:1d:3f:4c:ec:cb:5e:ba:5f:09:1a:a3:54:08:
eb:84:2c:13
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZP85wWzU77mcP9ZNt61EFgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkY2MyZjdkNzkwYTgzMDBhN2RkMzUxOWUwZmI4ODdmYTRk
ZTAyNjAwHhcNMjQxMjI1MDgyMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2FkMjJmNGE4NGUxYWQwYjViZDA3YmMyMDE0OTczMjk2YjVhMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKF7CG5uINYgrz0mY+IK1HRnF9jJ
E6SwQMTve33L6aSPM27hh2YfQFAQGFRo/OOf/6kZtPeQyFlh7GrTvuzJmbl95fEv
IzN6nKCGegNdo1IHWa1BUaDl4FfjdZKIj/mKYxzMLDRxvPbsoxWUGnmibSUHQd1w
oUGFU2tiRflIaB+3nXZSDCy0niEp9CoHLoxfC/Bu8xyszUduFBssKh0r/ja4k0OT
CkIYCtJ54FHTvLezix07SX+aRlq9+y46lzj4tlMy1fLSG1QKSQC6f+1GHMdJiMuX
L3bPPaH661Kzs0F3bH7sEMZiz3ylS+g5yXTKjACuwgSoZWNm7kGo8xGYPQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDytIvSoThrQtb0HvCAUlzKWtaExMB8GA1UdIwQY
MBaAFF3ML315CoMAp901GeD7iH+k3gJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEt
YmY3MTQ0OWQ5N2RkLzEvUEswaTlLaE9HdEMxdlFlOElCU1hNcGExb1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEtYmY3MTQ0OWQ5N2Rk
LzEvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuaZIAwQA
wSWGAwQAwSWbAwQAwSXgAwQAwSXlAwQAwvchMA0GCSqGSIb3DQEBCwUAA4IBAQA3
yHIgZQ/4HY0RfZN9+kLNqyzcSaMxNJ0TsZ++ftUt234gba8KQAH6jRSAzHAEd3hp
NL9dKBcVCzStA82/meX/B4aiVr9SAjUhpUZoZdA0tT+QHuMpwgLu3MGAg8Pwx2lB
mTAfeEwqWZUACu3EtFmkaPuPNA63i64pJO5h3Us042CVkqqWu19HImsNf7uBFDQ7
gLk9rX2B/6C27wbCB+P9OmcILgOvVTGs/vO9o/2kVwcugkaRjjhoU6GKpYR0sQZt
tT7vd32HXIKahQWmrflXPmhuvZ23wLsF9pumVpjBDXPFzjpaV23rVL7u64I5ph0/
TOzLXrpfCRqjVAjrhCwT
-----END CERTIFICATE-----
Generated at Thu May 15 13:51:37 2025 by rpki-client