Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/2ncaYU8Z8NYeINfM1xJkHsP-XAM.roa
File: 2ncaYU8Z8NYeINfM1xJkHsP-XAM.roa (raw, json)
Hash identifier: FruJksNqV3Eyf3J76DWbWAdKcDxBs96rrLNB7shi/UM=
Subject key identifier: DA:77:1A:61:4F:19:F0:D6:1E:20:D7:CC:D7:12:64:1E:C3:FE:5C:03
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 018E60F7B8DC3BB91E498BA5CB9D1E3AAD02
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/2ncaYU8Z8NYeINfM1xJkHsP-XAM.roa
Signing time: Thu 21 Mar 2024 12:23:51 +0000
ROA not before: Thu 21 Mar 2024 12:23:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201453
IP address blocks: 185.160.228.0/22 maxlen: 22
185.160.228.0/24 maxlen: 24
185.160.229.0/24 maxlen: 24
185.160.230.0/24 maxlen: 24
185.160.231.0/24 maxlen: 24
185.177.43.0/24 maxlen: 24
185.230.144.0/24 maxlen: 24
185.232.132.0/22 maxlen: 22
185.232.134.0/24 maxlen: 24
185.232.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 06:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:60:f7:b8:dc:3b:b9:1e:49:8b:a5:cb:9d:1e:3a:ad:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Mar 21 12:23:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da771a614f19f0d61e20d7ccd712641ec3fe5c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3e:1c:f4:a3:c4:bf:d5:26:a5:32:69:32:9b:
ff:de:c2:fa:4e:bb:54:d6:65:9b:f3:67:10:b3:66:
bf:1d:ce:f0:de:80:0e:8d:af:22:e3:6b:27:6d:9a:
d6:7b:f9:40:c5:43:22:66:3a:cb:6b:7a:8f:e8:6f:
ed:2e:c1:83:8d:ba:83:40:8a:26:4d:7e:84:28:4b:
5e:34:e3:ed:89:8c:fc:8e:a9:20:12:31:15:06:c1:
62:10:95:87:60:be:24:b0:44:0a:f7:d0:20:f2:9f:
80:c7:6e:87:98:f3:47:34:c4:87:0b:52:b1:0d:75:
76:92:4e:74:3f:11:53:b6:57:1b:99:15:5b:88:1a:
d2:95:04:ab:8d:53:bb:39:30:32:c9:36:ef:2a:16:
06:f2:ff:b2:48:18:1a:19:1b:10:20:57:1b:30:7f:
f7:4b:33:91:27:9d:3a:dc:52:54:6a:4a:4d:41:b9:
55:04:19:2e:61:54:8f:5a:c6:78:2b:58:05:71:79:
63:52:14:7e:d6:68:b0:b8:12:c7:80:44:98:72:4c:
b3:9a:40:73:f2:c2:98:a1:19:fb:28:6f:c3:15:8b:
93:78:04:df:a8:48:d1:bd:f9:eb:1a:29:62:fd:be:
16:ca:9e:18:92:c3:c5:22:9e:f0:9e:80:21:01:b6:
e6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:77:1A:61:4F:19:F0:D6:1E:20:D7:CC:D7:12:64:1E:C3:FE:5C:03
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/2ncaYU8Z8NYeINfM1xJkHsP-XAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.228.0/22
185.177.43.0/24
185.230.144.0/24
185.232.132.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:6b:ae:a2:f3:71:c0:bb:49:24:5c:71:ea:77:c3:55:23:b8:
fb:68:44:a6:f9:ba:f2:13:11:c6:76:c2:2c:40:ed:fb:18:47:
2f:f9:8f:23:2a:0e:8c:cc:6d:f1:93:46:1a:de:1d:35:38:a8:
37:6b:58:ff:53:4d:8a:b4:c3:5e:5b:70:b6:cf:f5:b0:0b:0b:
a3:10:77:dd:64:c1:c7:a0:18:1f:f5:69:10:ad:cd:0e:c8:6e:
30:77:2b:3e:78:b3:67:4c:fe:1e:c9:f5:04:ca:9b:49:91:81:
14:6b:59:fb:48:e7:df:61:fd:90:fe:d2:16:af:0d:43:d5:db:
21:c4:93:a6:62:93:b8:b2:57:f3:3c:2f:78:0b:fe:93:e8:b8:
30:d6:ca:24:a8:6a:93:f8:36:06:8c:3f:6a:ee:01:73:d4:18:
83:3a:80:f5:46:a4:f0:3c:cf:67:1e:31:b3:90:4e:1f:3a:63:
64:6c:9f:4b:ba:a2:b2:31:24:fb:24:2c:3b:57:fd:d0:1f:76:
17:16:77:1b:7f:ed:8e:4c:47:91:f6:4d:14:4c:f3:28:d6:c7:
37:75:2f:bb:c8:7e:08:db:d4:da:fc:b4:ce:bc:ff:0b:e6:95:
b3:da:eb:af:44:67:b4:05:fb:c3:2b:13:52:18:fa:8d:f9:ef:
17:b5:77:a7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5g97jcO7keSYuly50eOq0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjQwMzIxMTIyMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTc3MWE2MTRmMTlmMGQ2MWUyMGQ3Y2NkNzEyNjQxZWMzZmU1YzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj4c9KPEv9UmpTJpMpv/3sL6TrtU
1mWb82cQs2a/Hc7w3oAOja8i42snbZrWe/lAxUMiZjrLa3qP6G/tLsGDjbqDQIom
TX6EKEteNOPtiYz8jqkgEjEVBsFiEJWHYL4ksEQK99Ag8p+Ax26HmPNHNMSHC1Kx
DXV2kk50PxFTtlcbmRVbiBrSlQSrjVO7OTAyyTbvKhYG8v+ySBgaGRsQIFcbMH/3
SzORJ5063FJUakpNQblVBBkuYVSPWsZ4K1gFcXljUhR+1miwuBLHgESYckyzmkBz
8sKYoRn7KG/DFYuTeATfqEjRvfnrGili/b4Wyp4YksPFIp7wnoAhAbbm8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNp3GmFPGfDWHiDXzNcSZB7D/lwDMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvMm5jYVlVOFo4TlllSU5mTTF4SmtIc1AtWEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuaDkAwQA
ubErAwQAueaQAwQCueiEMA0GCSqGSIb3DQEBCwUAA4IBAQA+a66i83HAu0kkXHHq
d8NVI7j7aESm+bryExHGdsIsQO37GEcv+Y8jKg6MzG3xk0Ya3h01OKg3a1j/U02K
tMNeW3C2z/WwCwujEHfdZMHHoBgf9WkQrc0OyG4wdys+eLNnTP4eyfUEyptJkYEU
a1n7SOffYf2Q/tIWrw1D1dshxJOmYpO4slfzPC94C/6T6Lgw1sokqGqT+DYGjD9q
7gFz1BiDOoD1RqTwPM9nHjGzkE4fOmNkbJ9LuqKyMST7JCw7V/3QH3YXFncbf+2O
TEeR9k0UTPMo1sc3dS+7yH4I29Ta/LTOvP8L5pWz2uuvRGe0BfvDKxNSGPqN+e8X
tXen
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:06 2024 by rpki-client on console-ams.rpki-client.org