Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/IArY-p058eJiVHC9igzSHyKuHEE.roa
File: IArY-p058eJiVHC9igzSHyKuHEE.roa (raw, json)
Hash identifier: L8WB1PzR0IaHmvlBz75oEC5/i0FygjEI2V8uvshCIBc=
Subject key identifier: 20:0A:D8:FA:9D:39:F1:E2:62:54:70:BD:8A:0C:D2:1F:22:AE:1C:41
Certificate issuer: /CN=617252ebbb33484adcec7405adea4de08a0afb04
Certificate serial: 01856D9D08317DB620B4AF186B3E57304EC8
Authority key identifier: 61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/IArY-p058eJiVHC9igzSHyKuHEE.roa
Signing time: Sun 01 Jan 2023 13:54:45 +0000
ROA not before: Sun 01 Jan 2023 13:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41608
IP address blocks: 185.213.175.0/24 maxlen: 24
185.213.174.0/24 maxlen: 24
195.170.165.0/24 maxlen: 24
195.170.172.0/24 maxlen: 24
185.213.172.0/24 maxlen: 24
185.213.172.0/23 maxlen: 23
2a0b:8bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 Mar 2023 20:06:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:08:31:7d:b6:20:b4:af:18:6b:3e:57:30:4e:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617252ebbb33484adcec7405adea4de08a0afb04
Validity
Not Before: Jan 1 13:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=200ad8fa9d39f1e2625470bd8a0cd21f22ae1c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:28:96:dd:6d:14:c6:a7:ec:57:6d:77:39:ec:
0e:3f:22:ba:65:e8:d6:df:50:54:c6:19:40:9d:b8:
12:d2:ac:d1:ab:55:2d:23:36:2e:3c:9c:05:1e:bc:
f1:7c:04:d6:4c:b5:63:ed:95:e1:5f:ab:8e:61:3f:
75:39:71:34:c4:8a:1a:f0:fb:fe:0f:aa:9b:1c:0a:
17:b1:61:4d:ee:20:4a:6c:46:bc:bb:fb:e1:db:4b:
f9:53:4d:15:51:93:f3:d9:41:16:1d:dd:84:9b:55:
54:79:d6:36:5d:68:0d:ef:d3:dd:89:70:14:2d:84:
0c:39:0d:74:bb:95:d0:90:d3:10:59:0d:8b:94:35:
8e:65:14:24:c3:41:46:fc:24:1f:c0:12:49:04:fc:
67:2c:63:ec:8d:5f:88:05:df:f5:4a:68:86:aa:70:
89:0b:78:bd:fe:41:68:26:80:ab:a8:17:c1:d9:5d:
0d:b4:d1:af:ef:f2:8d:84:0d:d7:50:a3:4c:b6:50:
1c:29:0f:ec:2d:fe:1c:02:29:91:5d:9d:7f:f8:46:
e6:f8:c2:47:e1:5a:ad:c9:9c:71:0d:be:bb:5a:c4:
b4:82:a8:5c:23:8e:d0:16:d9:aa:9d:b2:1c:1f:f0:
8d:57:45:a4:0f:39:95:85:17:2e:82:2c:7e:ca:9c:
16:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0A:D8:FA:9D:39:F1:E2:62:54:70:BD:8A:0C:D2:1F:22:AE:1C:41
X509v3 Authority Key Identifier:
keyid:61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/IArY-p058eJiVHC9igzSHyKuHEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/YXJS67szSErc7HQFrepN4IoK-wQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.172.0/22
195.170.165.0/24
195.170.172.0/24
IPv6:
2a0b:8bc0::/29
Signature Algorithm: sha256WithRSAEncryption
01:ab:6d:20:35:10:27:4f:98:b0:33:8d:92:e0:c1:7d:d5:3a:
e5:9f:4b:b7:36:19:d7:9a:ba:4b:a8:77:81:02:a2:8a:a7:df:
3d:3c:fa:84:78:89:b7:0a:56:c7:ce:b3:3f:39:3f:04:2a:fb:
cb:62:52:73:46:6d:15:16:32:ab:a9:4f:57:7d:00:87:36:1d:
85:2c:b6:9b:f5:da:27:6f:ef:d3:b7:ae:aa:92:49:17:63:65:
41:b9:e4:b0:57:7f:c8:39:54:77:b4:5a:83:3b:d4:5e:2c:41:
5e:f2:96:0d:72:86:de:49:07:57:82:ca:54:57:28:02:26:8f:
d2:dd:a1:98:5f:d4:95:1e:53:5a:70:ff:3b:dc:30:36:52:71:
a1:76:65:1c:6b:b5:9f:23:bf:7c:ce:b8:d1:57:e2:8c:99:3b:
82:91:29:65:09:c1:2b:93:26:cc:d3:94:76:a1:a4:13:3a:a8:
6c:83:08:d1:ee:a6:61:c1:39:a3:6d:48:c1:d5:f7:f1:c8:48:
f2:1c:7d:48:52:60:0f:07:26:30:42:ea:2c:a8:30:ea:4f:ec:
96:28:62:6e:c6:f8:22:67:6d:79:e0:b8:88:56:9b:54:cc:7c:
ec:47:4f:5e:4d:62:73:8d:5e:6c:cd:34:29:5f:65:1a:44:fb:
02:90:fd:df
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtnQgxfbYgtK8Yaz5XME7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNzI1MmViYmIzMzQ4NGFkY2VjNzQwNWFkZWE0ZGUwOGEw
YWZiMDQwHhcNMjMwMTAxMTM1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDBhZDhmYTlkMzlmMWUyNjI1NDcwYmQ4YTBjZDIxZjIyYWUxYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSiW3W0UxqfsV213OewOPyK6ZejW
31BUxhlAnbgS0qzRq1UtIzYuPJwFHrzxfATWTLVj7ZXhX6uOYT91OXE0xIoa8Pv+
D6qbHAoXsWFN7iBKbEa8u/vh20v5U00VUZPz2UEWHd2Em1VUedY2XWgN79PdiXAU
LYQMOQ10u5XQkNMQWQ2LlDWOZRQkw0FG/CQfwBJJBPxnLGPsjV+IBd/1SmiGqnCJ
C3i9/kFoJoCrqBfB2V0NtNGv7/KNhA3XUKNMtlAcKQ/sLf4cAimRXZ1/+Ebm+MJH
4VqtyZxxDb67WsS0gqhcI47QFtmqnbIcH/CNV0WkDzmVhRcugix+ypwWIQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCAK2PqdOfHiYlRwvYoM0h8irhxBMB8GA1UdIwQY
MBaAFGFyUuu7M0hK3Ox0Ba3qTeCKCvsEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVhKUzY3c3pTRXJjN0hRRnJlcE40SW9LLXdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zN2E5M2ItODdiNS00OTk1LTllOGMt
NjYzNWRlYmMzOTVjLzEvSUFyWS1wMDU4ZUppVkhDOWlnelNIeUt1SEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zN2E5M2ItODdiNS00OTk1LTllOGMtNjYzNWRlYmMzOTVj
LzEvWVhKUzY3c3pTRXJjN0hRRnJlcE40SW9LLXdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCudWsAwQA
w6qlAwQAw6qsMA0EAgACMAcDBQMqC4vAMA0GCSqGSIb3DQEBCwUAA4IBAQABq20g
NRAnT5iwM42S4MF91Trln0u3NhnXmrpLqHeBAqKKp989PPqEeIm3ClbHzrM/OT8E
KvvLYlJzRm0VFjKrqU9XfQCHNh2FLLab9donb+/Tt66qkkkXY2VBueSwV3/IOVR3
tFqDO9ReLEFe8pYNcobeSQdXgspUVygCJo/S3aGYX9SVHlNacP873DA2UnGhdmUc
a7WfI798zrjRV+KMmTuCkSllCcErkybM05R2oaQTOqhsgwjR7qZhwTmjbUjB1ffx
yEjyHH1IUmAPByYwQuosqDDqT+yWKGJuxvgiZ2154LiIVptUzHzsR09eTWJzjV5s
zTQpX2UaRPsCkP3f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:02 2024 by rpki-client on console-ams.rpki-client.org