Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/aKE9GPSSp_cWe3tX_VvqQvoojJk.roa
File: aKE9GPSSp_cWe3tX_VvqQvoojJk.roa (raw, json)
Hash identifier: dHjBLGgXAhBlRzI7uPiVfFv/toS1aUpyEKRlQ7YKMiQ=
Subject key identifier: 68:A1:3D:18:F4:92:A7:F7:16:7B:7B:57:FD:5B:EA:42:FA:28:8C:99
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018C151E60BC945AD5C554206A308AE68033
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/aKE9GPSSp_cWe3tX_VvqQvoojJk.roa
Signing time: Tue 28 Nov 2023 08:49:21 +0000
ROA not before: Tue 28 Nov 2023 08:49:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38136
IP address blocks: 185.248.184.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
178.236.36.0/22 maxlen: 24
188.253.4.0/22 maxlen: 24
5.226.48.0/22 maxlen: 24
185.36.192.0/22 maxlen: 24
212.87.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Dec 2023 04:10:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:1e:60:bc:94:5a:d5:c5:54:20:6a:30:8a:e6:80:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 28 08:49:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68a13d18f492a7f7167b7b57fd5bea42fa288c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:94:34:98:dd:51:24:88:38:99:ad:fc:ec:5d:
2a:31:02:d4:47:7a:a9:88:e0:96:b0:1b:8b:75:98:
55:36:aa:cf:ac:2d:d5:2e:68:a1:63:51:ab:a6:aa:
ab:a5:75:36:96:08:90:74:79:6e:e0:af:10:00:56:
24:10:7c:51:ec:95:26:e3:70:1e:1a:d6:79:36:81:
5a:aa:4d:5b:ca:71:51:cd:9f:cd:a1:7f:6a:ee:48:
31:1b:c8:5b:fc:8f:49:91:a2:4c:2c:aa:7f:99:08:
b5:a2:57:11:ef:ae:db:f9:ea:0e:15:af:ef:bd:6a:
28:c4:46:19:09:bf:99:07:91:a6:50:7f:e6:30:d8:
a9:c4:e0:92:81:67:c3:20:24:f9:6c:7e:88:56:35:
a6:89:ad:65:8a:46:10:a9:05:65:4c:fd:d6:9a:f2:
65:5f:64:4e:44:86:5c:02:25:4c:0e:b4:9a:39:40:
81:bf:fd:c1:71:7c:75:fa:ce:8c:97:09:c1:b6:2c:
a8:ff:ac:e9:02:0b:fa:06:15:cf:2d:cf:ea:c7:75:
75:ac:ee:36:11:59:db:0c:41:1a:e3:67:38:d0:8e:
01:7d:56:a7:ab:64:95:3f:5f:1d:95:bb:92:d4:c8:
51:f1:f5:3d:02:d3:b3:6b:83:d1:c7:c3:ba:6a:95:
55:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A1:3D:18:F4:92:A7:F7:16:7B:7B:57:FD:5B:EA:42:FA:28:8C:99
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/aKE9GPSSp_cWe3tX_VvqQvoojJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.48.0/22
178.236.36.0/22
185.36.192.0/22
185.220.236.0/22
185.248.184.0/22
188.253.4.0/22
212.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:2f:75:43:5c:90:14:5f:6d:1e:e7:a9:c9:fc:31:cb:94:9c:
6e:0e:95:b3:f4:1f:90:09:bc:05:fb:6b:ce:d0:4e:c7:5c:c0:
96:2e:46:fd:50:e5:04:a6:bf:ff:bb:dc:4c:f8:10:85:6a:2e:
da:1f:98:0c:04:02:2a:84:e5:e0:2d:ea:37:0c:72:63:dd:90:
d0:39:0f:02:47:e3:9f:08:1f:e5:a0:ec:2c:75:bc:e5:f8:49:
b3:3a:8d:e6:94:01:7b:31:fe:30:32:85:4d:9c:19:7f:b6:5d:
41:fe:0d:9d:1e:4b:1d:15:ee:3f:e0:d2:f1:55:76:d0:aa:ea:
2b:57:ce:74:24:b7:78:03:d6:1b:aa:ed:90:dd:d2:3c:f6:5e:
dc:9b:6d:75:a3:04:41:88:95:b1:8a:0f:24:34:ca:68:06:96:
3b:51:dd:fd:d8:33:74:2d:34:e2:4d:86:de:25:3f:b6:93:e9:
d0:44:ae:ea:25:38:92:f9:9f:08:42:39:16:50:90:ec:0f:50:
50:4d:0a:ba:5f:02:80:5e:89:1c:94:53:87:0a:e7:4f:ea:a7:
9f:68:44:e6:1c:eb:3a:d7:49:c5:ec:9b:c1:b2:4f:1e:83:e8:
33:6c:83:61:7d:23:ef:97:ed:d2:65:a6:b4:b8:ee:c7:ea:cb:
30:a6:ab:ae
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYwVHmC8lFrVxVQgajCK5oAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMTI4MDg0OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGExM2QxOGY0OTJhN2Y3MTY3YjdiNTdmZDViZWE0MmZhMjg4Yzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5Q0mN1RJIg4ma387F0qMQLUR3qp
iOCWsBuLdZhVNqrPrC3VLmihY1GrpqqrpXU2lgiQdHlu4K8QAFYkEHxR7JUm43Ae
GtZ5NoFaqk1bynFRzZ/NoX9q7kgxG8hb/I9JkaJMLKp/mQi1olcR767b+eoOFa/v
vWooxEYZCb+ZB5GmUH/mMNipxOCSgWfDICT5bH6IVjWmia1likYQqQVlTP3WmvJl
X2RORIZcAiVMDrSaOUCBv/3BcXx1+s6MlwnBtiyo/6zpAgv6BhXPLc/qx3V1rO42
EVnbDEEa42c40I4BfVanq2SVP18dlbuS1MhR8fU9AtOza4PRx8O6apVV1wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGihPRj0kqf3Fnt7V/1b6kL6KIyZMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvYUtFOUdQU1NwX2NXZTN0WF9WdnFRdm9vakprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCBeIwAwQC
suwkAwQCuSTAAwQCudzsAwQCufi4AwQCvP0EAwQC1FfAMA0GCSqGSIb3DQEBCwUA
A4IBAQDCL3VDXJAUX20e56nJ/DHLlJxuDpWz9B+QCbwF+2vO0E7HXMCWLkb9UOUE
pr//u9xM+BCFai7aH5gMBAIqhOXgLeo3DHJj3ZDQOQ8CR+OfCB/loOwsdbzl+Emz
Oo3mlAF7Mf4wMoVNnBl/tl1B/g2dHksdFe4/4NLxVXbQquorV850JLd4A9Ybqu2Q
3dI89l7cm211owRBiJWxig8kNMpoBpY7Ud392DN0LTTiTYbeJT+2k+nQRK7qJTiS
+Z8IQjkWUJDsD1BQTQq6XwKAXokclFOHCudP6qefaETmHOs610nF7JvBsk8eg+gz
bINhfSPvl+3SZaa0uO7H6sswpquu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org