Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/icK5KSSptD7_kGB28cUnDhZRQDE.roa
File: icK5KSSptD7_kGB28cUnDhZRQDE.roa (raw, json)
Hash identifier: 4vg/0Cj+3+A+rId/PImzvvdTIH9DPzPPDHZRrkWcDCg=
Subject key identifier: 89:C2:B9:29:24:A9:B4:3E:FF:90:60:76:F1:C5:27:0E:16:51:40:31
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 018CC9BC96E7F513B6D50F500CB87336FBFA
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/icK5KSSptD7_kGB28cUnDhZRQDE.roa
Signing time: Tue 02 Jan 2024 10:33:48 +0000
ROA not before: Tue 02 Jan 2024 10:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35179
IP address blocks: 185.49.30.0/23 maxlen: 23
185.49.29.0/24 maxlen: 24
83.168.72.0/21 maxlen: 24
83.168.108.0/23 maxlen: 23
79.110.192.0/20 maxlen: 24
193.239.56.0/22 maxlen: 24
2a01:96e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 05 Feb 2024 10:36:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:96:e7:f5:13:b6:d5:0f:50:0c:b8:73:36:fb:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Jan 2 10:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89c2b92924a9b43eff906076f1c5270e16514031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dd:78:dd:ec:5a:b9:02:df:92:4e:6a:c9:25:
4f:23:14:68:5c:16:c2:62:07:d3:73:e8:3c:05:cd:
e4:66:57:69:78:2c:fb:2a:95:93:c9:6b:46:17:07:
33:15:c4:69:17:47:c5:0a:75:4e:17:c4:47:aa:20:
64:2e:e4:12:fe:24:fc:d9:9f:52:66:f0:00:c0:1b:
97:9d:b3:4c:e6:7f:09:3c:95:78:55:a0:89:8e:b8:
64:0d:03:ba:9d:cd:92:e7:de:00:1f:32:63:a0:6e:
46:5d:7c:0a:84:b1:ad:13:87:fa:2b:19:2e:3d:32:
0f:a1:bf:31:5b:d6:54:c7:f4:b7:98:e7:7b:24:a8:
5f:ed:87:63:78:90:0c:fe:67:55:11:7d:be:66:02:
4d:09:dd:e7:fb:59:78:13:ab:9d:b3:e0:1a:32:88:
bb:5d:b2:14:f0:9c:d5:92:8d:8d:72:9e:d6:34:ce:
7b:7d:dd:22:a0:63:a2:72:d0:65:9e:48:6c:c5:dd:
ed:24:5d:12:d8:42:94:19:86:b3:9f:62:a3:bf:fa:
fb:3e:a4:30:23:ac:c7:7e:5a:91:19:6e:66:39:46:
22:5c:3b:72:0f:f3:37:f6:9f:14:6d:9a:1b:a3:58:
cf:9d:99:ff:4f:22:a1:38:a5:cf:6d:09:fb:ce:f1:
5b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C2:B9:29:24:A9:B4:3E:FF:90:60:76:F1:C5:27:0E:16:51:40:31
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/icK5KSSptD7_kGB28cUnDhZRQDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.192.0/20
83.168.72.0/21
83.168.108.0/23
185.49.29.0-185.49.31.255
193.239.56.0/22
IPv6:
2a01:96e0::/32
Signature Algorithm: sha256WithRSAEncryption
38:45:42:99:0b:1b:de:e9:c4:9a:72:db:e3:ec:8f:1a:f1:c4:
85:80:82:fb:80:ce:4a:d3:1a:67:5b:34:9c:87:8a:00:a3:c9:
5b:b4:12:cc:7b:db:4a:a8:23:ff:4b:30:9b:74:12:91:bb:48:
2c:90:39:19:23:dc:55:78:7c:25:43:c2:c7:99:6d:98:e5:c4:
e6:bf:ae:eb:7e:12:d4:b0:c4:81:a9:59:9c:43:93:5a:70:bb:
a7:0d:2b:d0:e4:83:28:1b:be:8b:1c:53:66:0c:91:2f:b7:fe:
15:00:47:b3:44:e3:a5:d3:77:02:9b:43:07:b7:b4:f7:3d:8b:
33:3b:a9:3c:7c:01:17:27:52:59:d2:1e:10:ba:5a:5c:8e:1f:
3e:81:e3:6a:6e:d9:91:88:63:1b:9e:c3:67:b4:02:fb:77:5f:
66:d2:57:69:fa:74:b5:74:12:5d:b8:ff:be:81:ea:ed:ec:ca:
22:31:62:19:b5:08:c0:10:c8:14:92:e0:8d:8e:9b:11:87:1b:
a3:5c:1d:fc:26:5e:54:9b:04:56:e8:27:4d:fd:58:73:fb:4d:
82:dc:63:b5:70:36:f1:44:ea:b6:77:af:80:c1:0d:ea:f0:1b:
ec:e5:03:fb:37:1d:5f:f6:fc:11:e3:46:d6:a7:5e:dc:9b:df:
41:33:af:16
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzJvJbn9RO21Q9QDLhzNvv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjQwMTAyMTAzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWMyYjkyOTI0YTliNDNlZmY5MDYwNzZmMWM1MjcwZTE2NTE0MDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9143exauQLfkk5qySVPIxRoXBbC
YgfTc+g8Bc3kZldpeCz7KpWTyWtGFwczFcRpF0fFCnVOF8RHqiBkLuQS/iT82Z9S
ZvAAwBuXnbNM5n8JPJV4VaCJjrhkDQO6nc2S594AHzJjoG5GXXwKhLGtE4f6Kxku
PTIPob8xW9ZUx/S3mOd7JKhf7YdjeJAM/mdVEX2+ZgJNCd3n+1l4E6uds+AaMoi7
XbIU8JzVko2Ncp7WNM57fd0ioGOictBlnkhsxd3tJF0S2EKUGYazn2Kjv/r7PqQw
I6zHflqRGW5mOUYiXDtyD/M39p8UbZobo1jPnZn/TyKhOKXPbQn7zvFbPQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFInCuSkkqbQ+/5BgdvHFJw4WUUAxMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvaWNLNUtTU3B0RDdfa0dCMjhjVW5EaFpSUURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQET27AAwQD
U6hIAwQBU6hsMAwDBAC5MR0DBAW5MQADBALB7zgwDQQCAAIwBwMFACoBluAwDQYJ
KoZIhvcNAQELBQADggEBADhFQpkLG97pxJpy2+PsjxrxxIWAgvuAzkrTGmdbNJyH
igCjyVu0Esx720qoI/9LMJt0EpG7SCyQORkj3FV4fCVDwseZbZjlxOa/rut+EtSw
xIGpWZxDk1pwu6cNK9DkgygbvoscU2YMkS+3/hUAR7NE46XTdwKbQwe3tPc9izM7
qTx8ARcnUlnSHhC6WlyOHz6B42pu2ZGIYxuew2e0Avt3X2bSV2n6dLV0El24/76B
6u3syiIxYhm1CMAQyBSS4I2OmxGHG6NcHfwmXlSbBFboJ039WHP7TYLcY7VwNvFE
6rZ3r4DBDerwG+zlA/s3HV/2/BHjRtanXtyb30EzrxY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:38 2024 by rpki-client on console-fra.rpki-client.org