Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/JSn7XQgzPw_U43HohgYZhcASnV4.roa
File: JSn7XQgzPw_U43HohgYZhcASnV4.roa (raw, json)
Hash identifier: vrayilJqhgpN9Z/HkU1/H0qKcZGhCHUj303mPVGfXq0=
Subject key identifier: 25:29:FB:5D:08:33:3F:0F:D4:E3:71:E8:86:06:19:85:C0:12:9D:5E
Certificate issuer: /CN=cf9625541abe6b5ae926671daa98ac6d8094ec7b
Certificate serial: 01856DA647BD59D04C72567369E7D887B825
Authority key identifier: CF:96:25:54:1A:BE:6B:5A:E9:26:67:1D:AA:98:AC:6D:80:94:EC:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z5YlVBq-a1rpJmcdqpisbYCU7Hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/JSn7XQgzPw_U43HohgYZhcASnV4.roa
Signing time: Sun 01 Jan 2023 14:04:51 +0000
ROA not before: Sun 01 Jan 2023 14:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45033
IP address blocks: 185.138.196.0/24 maxlen: 24
185.138.197.0/24 maxlen: 24
185.138.198.0/24 maxlen: 24
185.138.199.0/24 maxlen: 24
185.43.131.0/24 maxlen: 24
185.43.130.0/24 maxlen: 24
2a07:f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 Mar 2023 07:10:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:47:bd:59:d0:4c:72:56:73:69:e7:d8:87:b8:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf9625541abe6b5ae926671daa98ac6d8094ec7b
Validity
Not Before: Jan 1 14:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2529fb5d08333f0fd4e371e886061985c0129d5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c4:f6:8b:0c:44:d9:39:32:58:ba:84:3f:15:
e1:ee:29:aa:bf:46:49:7a:7b:2f:1b:99:cb:bd:d4:
0c:54:d3:ef:e6:f9:91:8b:c5:f4:d6:2b:37:86:61:
24:36:af:77:97:af:d4:61:50:8a:8a:38:ab:0e:ca:
c2:cd:2c:c5:c6:09:88:8b:59:a5:3b:62:c9:22:63:
ab:0b:08:9d:31:bb:bd:3d:04:54:75:67:4e:a8:be:
e8:0b:f0:45:0b:8d:57:a8:94:d0:bf:da:99:9c:6c:
0d:d9:f5:d6:7d:e8:f6:b6:6a:37:d1:0b:e2:3c:9f:
32:db:9e:45:6b:4c:16:8b:05:57:6e:50:42:ec:1e:
54:8c:74:a5:e7:93:e7:ce:a4:74:60:8a:2d:bf:8a:
2f:f3:08:ba:d5:06:1d:19:6f:f1:1d:eb:21:34:0e:
17:7f:af:92:8c:eb:26:c3:35:57:b5:f9:50:91:c0:
d1:76:5d:69:bf:a9:a9:6c:9d:33:4d:5f:1d:af:bf:
60:8f:ee:f6:9a:e0:ec:53:46:34:68:df:48:a0:4b:
13:ef:fd:c4:20:80:df:51:28:0e:58:2a:e8:5d:fc:
30:dd:90:57:d5:c8:78:e1:c8:44:ac:14:48:b4:7e:
cc:86:13:a5:8d:8d:b8:ed:35:29:e3:eb:0f:95:eb:
7f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:29:FB:5D:08:33:3F:0F:D4:E3:71:E8:86:06:19:85:C0:12:9D:5E
X509v3 Authority Key Identifier:
keyid:CF:96:25:54:1A:BE:6B:5A:E9:26:67:1D:AA:98:AC:6D:80:94:EC:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z5YlVBq-a1rpJmcdqpisbYCU7Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/JSn7XQgzPw_U43HohgYZhcASnV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/z5YlVBq-a1rpJmcdqpisbYCU7Hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.130.0/23
185.138.196.0/22
IPv6:
2a07:f80::/29
Signature Algorithm: sha256WithRSAEncryption
0b:48:8f:47:d6:be:2b:64:37:b8:46:b2:71:66:a9:a3:c9:5a:
cb:b0:87:15:7c:0a:cd:6e:90:f7:3f:c5:a9:1b:de:0d:c1:d5:
1b:10:fb:03:80:8d:7c:98:3a:24:bf:c4:d4:29:2f:d2:d8:22:
f0:11:a8:d7:ac:12:cc:fa:29:29:57:1c:01:b9:9d:05:b2:cd:
d5:e1:97:aa:e3:83:73:85:62:60:1f:2e:68:84:81:44:8a:67:
b1:72:93:22:35:eb:d7:b2:e5:c2:56:07:0a:ea:91:33:0c:c5:
a1:f4:52:cd:ee:92:4c:b9:44:fc:48:19:75:6e:d2:b0:55:4d:
ea:b4:04:97:bb:29:0e:1b:86:2e:06:0d:e8:26:c5:5d:c0:f2:
7c:9d:5b:77:42:43:f0:da:a5:79:d3:16:28:e0:44:27:8d:4b:
7b:64:f8:07:e5:06:59:cf:cc:62:b1:30:e2:b3:32:9a:10:e8:
a6:80:e5:9a:cb:85:a1:e1:ec:93:3f:57:a1:d7:51:27:d9:78:
0c:7e:db:71:ae:4d:b2:5b:1d:7f:65:a5:57:0c:b8:40:21:5a:
4e:df:ec:ce:2f:2f:e0:c4:d9:4a:ae:b8:bb:66:6d:46:54:b9:
c3:8d:cb:ec:ce:33:a1:bc:0d:33:30:36:b9:a2:83:7b:70:d5:
2a:09:8a:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtpke9WdBMclZzaefYh7glMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOTYyNTU0MWFiZTZiNWFlOTI2NjcxZGFhOThhYzZkODA5
NGVjN2IwHhcNMjMwMTAxMTQwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTI5ZmI1ZDA4MzMzZjBmZDRlMzcxZTg4NjA2MTk4NWMwMTI5ZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcT2iwxE2TkyWLqEPxXh7imqv0ZJ
ensvG5nLvdQMVNPv5vmRi8X01is3hmEkNq93l6/UYVCKijirDsrCzSzFxgmIi1ml
O2LJImOrCwidMbu9PQRUdWdOqL7oC/BFC41XqJTQv9qZnGwN2fXWfej2tmo30Qvi
PJ8y255Fa0wWiwVXblBC7B5UjHSl55PnzqR0YIotv4ov8wi61QYdGW/xHeshNA4X
f6+SjOsmwzVXtflQkcDRdl1pv6mpbJ0zTV8dr79gj+72muDsU0Y0aN9IoEsT7/3E
IIDfUSgOWCroXfww3ZBX1ch44chErBRItH7MhhOljY247TUp4+sPlet/fQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCUp+10IMz8P1ONx6IYGGYXAEp1eMB8GA1UdIwQY
MBaAFM+WJVQavmta6SZnHaqYrG2AlOx7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejVZbFZCcS1hMXJwSm1jZHFwaXNiWUNVN0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xMzJlZDMtNDM0ZC00ZDQ5LTk1Y2Et
NTlhNTg3YmRlYTNmLzEvSlNuN1hRZ3pQd19VNDNIb2hnWVpoY0FTblY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xMzJlZDMtNDM0ZC00ZDQ5LTk1Y2EtNTlhNTg3YmRlYTNm
LzEvejVZbFZCcS1hMXJwSm1jZHFwaXNiWUNVN0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuSuCAwQC
uYrEMA0EAgACMAcDBQMqBw+AMA0GCSqGSIb3DQEBCwUAA4IBAQALSI9H1r4rZDe4
RrJxZqmjyVrLsIcVfArNbpD3P8WpG94NwdUbEPsDgI18mDokv8TUKS/S2CLwEajX
rBLM+ikpVxwBuZ0Fss3V4Zeq44NzhWJgHy5ohIFEimexcpMiNevXsuXCVgcK6pEz
DMWh9FLN7pJMuUT8SBl1btKwVU3qtASXuykOG4YuBg3oJsVdwPJ8nVt3QkPw2qV5
0xYo4EQnjUt7ZPgH5QZZz8xisTDiszKaEOimgOWay4Wh4eyTP1eh11En2XgMfttx
rk2yWx1/ZaVXDLhAIVpO3+zOLy/gxNlKrri7Zm1GVLnDjcvszjOhvA0zMDa5ooN7
cNUqCYoi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:47 2024 by rpki-client on console-fra.rpki-client.org