Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/aQKBhcCsCeOTbhYYCblu_IGLKwU.roa
File: aQKBhcCsCeOTbhYYCblu_IGLKwU.roa (raw, json)
Hash identifier: /zUTvDkQNJ8QY+bTjVNFeIXMgPMdfMnZvX5fE8/BLuw=
Subject key identifier: 69:02:81:85:C0:AC:09:E3:93:6E:16:18:09:B9:6E:FC:81:8B:2B:05
Certificate issuer: /CN=88727fad5b5c06852e1dafa071ce4767a799e050
Certificate serial: 018570396D845F0B14948423966EF20C011E
Authority key identifier: 88:72:7F:AD:5B:5C:06:85:2E:1D:AF:A0:71:CE:47:67:A7:99:E0:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/aQKBhcCsCeOTbhYYCblu_IGLKwU.roa
Signing time: Mon 02 Jan 2023 02:04:49 +0000
ROA not before: Mon 02 Jan 2023 02:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48944
IP address blocks: 185.226.132.0/22 maxlen: 22
185.226.132.0/24 maxlen: 24
185.226.135.0/24 maxlen: 24
185.226.134.0/24 maxlen: 24
185.226.133.0/24 maxlen: 24
185.193.211.0/24 maxlen: 24
185.193.208.0/22 maxlen: 22
185.193.208.0/23 maxlen: 23
185.193.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Feb 2023 14:46:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:6d:84:5f:0b:14:94:84:23:96:6e:f2:0c:01:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88727fad5b5c06852e1dafa071ce4767a799e050
Validity
Not Before: Jan 2 02:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69028185c0ac09e3936e161809b96efc818b2b05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:da:f2:8a:6e:cb:ce:a1:49:40:55:e7:93:39:
9c:77:d5:4f:dd:31:fd:9c:b0:42:0b:79:ba:f8:5d:
65:59:0e:55:bb:c6:08:f8:37:1c:95:99:45:c8:61:
3f:92:37:ae:11:a5:23:46:8f:71:14:1d:7a:b7:5c:
e2:ff:97:55:51:54:28:16:df:68:47:b7:30:21:ba:
2d:0a:b8:07:95:90:ad:24:e8:bc:5f:01:4c:ba:d4:
9f:12:93:6b:3a:0c:2b:79:58:77:b1:2d:af:7f:07:
38:6d:73:b0:91:a8:29:01:91:2e:71:f7:12:1b:d3:
a5:65:1a:8d:18:67:4b:4e:43:fd:1e:87:a5:5f:01:
a7:dc:b3:55:82:ad:dc:12:7e:45:da:38:cd:f5:09:
6f:ce:c2:02:c4:e5:f0:f6:11:53:53:7b:d0:d5:bd:
2d:0b:13:52:6f:10:03:9b:cb:48:4b:a5:50:c6:68:
b8:ef:cb:55:86:9a:f6:f2:af:2f:7a:b6:8a:6a:07:
38:43:d0:b1:9d:75:35:10:f8:d6:e8:a4:e4:e9:ac:
e6:c1:2c:88:61:a4:46:76:e1:1e:1b:f2:8c:47:c4:
95:bf:9a:62:45:ec:8b:36:36:82:d7:f3:cc:38:7a:
bf:c3:b5:f5:9c:95:a4:0a:3b:de:6d:4f:48:11:2d:
b0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:02:81:85:C0:AC:09:E3:93:6E:16:18:09:B9:6E:FC:81:8B:2B:05
X509v3 Authority Key Identifier:
keyid:88:72:7F:AD:5B:5C:06:85:2E:1D:AF:A0:71:CE:47:67:A7:99:E0:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/aQKBhcCsCeOTbhYYCblu_IGLKwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.208.0/22
185.226.132.0/22
Signature Algorithm: sha256WithRSAEncryption
73:b4:e0:17:64:ea:14:ff:74:8b:e7:61:17:4c:c8:a5:dd:e5:
68:3c:e0:fe:a9:ff:1a:88:05:94:3b:53:bb:c8:34:65:92:9d:
1d:cb:02:29:bd:28:e8:af:63:8c:a8:6c:87:0d:c0:76:51:dc:
5e:25:f1:82:54:1d:29:53:4e:00:ea:2f:ce:c2:97:dd:6e:54:
9d:37:38:bc:08:f6:7d:ff:84:ee:8c:4e:41:f5:e3:4a:d1:99:
d1:63:35:60:65:2f:0b:e3:c2:7a:4a:f6:87:d0:2a:c6:15:eb:
8c:e9:26:c9:ce:47:8e:f3:b2:a2:18:ec:85:91:e2:bd:b0:89:
9a:db:39:43:20:5b:5f:21:09:a5:1b:cc:f2:1d:b7:28:63:05:
7e:2b:6c:1d:02:43:e8:1c:01:22:4c:92:9b:05:af:d1:b9:fd:
0b:1c:f0:39:e3:a4:b7:7b:aa:08:ec:1b:79:6f:00:01:18:5e:
39:fa:b7:e2:48:f8:d3:92:0b:59:5f:9f:92:c9:6b:fa:fc:26:
ef:ca:40:5c:dd:04:eb:e6:99:61:f0:d7:97:13:54:9b:3b:43:
7f:2b:79:8a:12:de:d2:5d:69:19:15:14:e1:aa:bb:68:62:df:
0b:2b:90:51:f6:7b:aa:6d:b0:96:7c:05:d3:8d:86:51:5c:08:
4e:cf:0a:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwOW2EXwsUlIQjlm7yDAEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NzI3ZmFkNWI1YzA2ODUyZTFkYWZhMDcxY2U0NzY3YTc5
OWUwNTAwHhcNMjMwMTAyMDIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTAyODE4NWMwYWMwOWUzOTM2ZTE2MTgwOWI5NmVmYzgxOGIyYjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dryim7LzqFJQFXnkzmcd9VP3TH9
nLBCC3m6+F1lWQ5Vu8YI+DcclZlFyGE/kjeuEaUjRo9xFB16t1zi/5dVUVQoFt9o
R7cwIbotCrgHlZCtJOi8XwFMutSfEpNrOgwreVh3sS2vfwc4bXOwkagpAZEucfcS
G9OlZRqNGGdLTkP9HoelXwGn3LNVgq3cEn5F2jjN9QlvzsICxOXw9hFTU3vQ1b0t
CxNSbxADm8tIS6VQxmi478tVhpr28q8veraKagc4Q9CxnXU1EPjW6KTk6azmwSyI
YaRGduEeG/KMR8SVv5piReyLNjaC1/PMOHq/w7X1nJWkCjvebU9IES2w0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGkCgYXArAnjk24WGAm5bvyBiysFMB8GA1UdIwQY
MBaAFIhyf61bXAaFLh2voHHOR2enmeBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUhKX3JWdGNCb1V1SGEtZ2NjNUhaNmVaNEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9hNGEyNjAtODRiMC00NjhlLWI0OTct
NWE0MTkyNmZlZDdjLzEvYVFLQmhjQ3NDZU9UYmhZWUNibHVfSUdMS3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9hNGEyNjAtODRiMC00NjhlLWI0OTctNWE0MTkyNmZlZDdj
LzEvaUhKX3JWdGNCb1V1SGEtZ2NjNUhaNmVaNEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucHQAwQC
ueKEMA0GCSqGSIb3DQEBCwUAA4IBAQBztOAXZOoU/3SL52EXTMil3eVoPOD+qf8a
iAWUO1O7yDRlkp0dywIpvSjor2OMqGyHDcB2UdxeJfGCVB0pU04A6i/OwpfdblSd
Nzi8CPZ9/4TujE5B9eNK0ZnRYzVgZS8L48J6SvaH0CrGFeuM6SbJzkeO87KiGOyF
keK9sIma2zlDIFtfIQmlG8zyHbcoYwV+K2wdAkPoHAEiTJKbBa/Ruf0LHPA546S3
e6oI7Bt5bwABGF45+rfiSPjTkgtZX5+SyWv6/CbvykBc3QTr5plh8NeXE1SbO0N/
K3mKEt7SXWkZFRThqrtoYt8LK5BR9nuqbbCWfAXTjYZRXAhOzwqu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:58 2024 by rpki-client on console-ams.rpki-client.org