Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/AdPo4CPiRS8OHleSh9YLvh7vOdI.roa
File: AdPo4CPiRS8OHleSh9YLvh7vOdI.roa (raw, json)
Hash identifier: oHYdi8GzkMGvDuYfQcboXRjpPwU+5tKLaDGhrZWZ9ec=
Subject key identifier: 01:D3:E8:E0:23:E2:45:2F:0E:1E:57:92:87:D6:0B:BE:1E:EF:39:D2
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 01856FCB8B19E5250E5AF8042A7B37CDC6CB
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/AdPo4CPiRS8OHleSh9YLvh7vOdI.roa
Signing time: Mon 02 Jan 2023 00:04:48 +0000
ROA not before: Mon 02 Jan 2023 00:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204175
IP address blocks: 185.177.43.0/24 maxlen: 24
185.177.42.0/24 maxlen: 24
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.220.166.0/23 maxlen: 23
185.232.132.0/24 maxlen: 24
185.232.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Sep 2023 10:41:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:8b:19:e5:25:0e:5a:f8:04:2a:7b:37:cd:c6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Jan 2 00:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01d3e8e023e2452f0e1e579287d60bbe1eef39d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b8:73:43:b2:21:02:cc:97:a3:e8:ab:cd:ad:
0a:2f:5a:70:1c:9d:c1:00:44:35:ea:cd:88:a2:b1:
12:34:3a:f4:a0:dc:d8:32:b1:b2:98:ac:96:4f:48:
3e:c5:8b:62:5b:52:e0:80:03:8c:f0:f3:4d:95:69:
45:bf:3b:be:85:e6:01:c6:f5:d1:95:9b:84:37:07:
31:e3:46:5e:e8:b2:a2:77:ef:20:5d:cf:30:6d:5d:
df:57:16:b5:0d:ff:6d:0c:66:4d:ad:5a:53:e4:7b:
87:49:a7:57:34:2b:73:37:89:10:1a:dd:7b:54:41:
72:5e:fe:e0:15:94:89:ac:dc:3c:f3:92:6d:85:57:
43:e0:11:9a:e8:ff:77:4b:6e:82:c7:72:93:48:66:
ae:c4:91:af:d1:79:2d:eb:f7:0c:1c:9f:95:42:1c:
01:ec:b9:23:89:78:51:9a:77:15:82:27:64:78:45:
43:9e:a8:1f:5a:1d:c2:8f:5e:55:00:9f:ed:e7:e7:
87:65:af:41:f9:e7:48:44:9a:ec:b7:f3:3b:41:0b:
fc:b4:72:45:8d:fa:22:f1:c9:a5:be:57:6e:a8:af:
5a:b7:9f:cf:f6:81:e4:0e:61:31:00:a6:59:53:2a:
b2:8c:96:a3:4b:1e:6d:c4:07:65:23:40:d6:a7:6d:
66:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D3:E8:E0:23:E2:45:2F:0E:1E:57:92:87:D6:0B:BE:1E:EF:39:D2
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/AdPo4CPiRS8OHleSh9YLvh7vOdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.42.0/23
185.220.166.0/23
185.232.132.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:f4:c7:c3:36:fe:95:40:84:5e:cb:f3:ab:90:77:88:05:14:
52:9e:35:c8:e6:81:57:f2:66:1b:a3:18:39:8d:c8:d2:1d:1c:
7d:d8:12:7f:bb:20:c8:d2:db:09:f3:10:35:b3:28:65:cb:d8:
9f:4b:f0:d4:2c:1b:b6:aa:6a:17:60:93:75:44:35:1f:80:04:
8e:e7:a0:25:7e:f1:ca:99:57:f4:ea:b4:ce:0b:99:61:d6:55:
15:52:9f:63:49:51:f0:42:68:ca:9f:bf:fe:ca:32:18:51:e0:
3b:da:c2:1d:c0:41:34:0a:a4:aa:ed:00:64:92:0d:cd:02:88:
d0:e8:36:64:76:ca:ff:d2:91:59:56:1c:7e:ec:9d:f7:e9:7e:
0b:1a:3d:47:ea:04:db:b2:c6:5d:0b:73:50:da:05:c3:ad:ca:
54:d2:43:27:bf:17:bc:b2:8d:5b:28:3e:c1:f1:12:26:c2:23:
58:c9:93:5e:57:22:a7:e9:ba:aa:66:a0:73:58:5e:32:8c:df:
d0:14:a4:30:85:fd:38:90:34:41:96:bd:e4:d1:cf:59:67:59:
f6:a1:27:26:bc:4b:4d:e4:50:d6:34:3e:4d:52:ed:33:86:86:
36:88:e7:f5:1c:e3:13:85:d1:85:99:93:16:bc:c4:0e:29:ef:
9c:17:19:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvy4sZ5SUOWvgEKns3zcbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjMwMTAyMDAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWQzZThlMDIzZTI0NTJmMGUxZTU3OTI4N2Q2MGJiZTFlZWYzOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirhzQ7IhAsyXo+irza0KL1pwHJ3B
AEQ16s2IorESNDr0oNzYMrGymKyWT0g+xYtiW1LggAOM8PNNlWlFvzu+heYBxvXR
lZuENwcx40Ze6LKid+8gXc8wbV3fVxa1Df9tDGZNrVpT5HuHSadXNCtzN4kQGt17
VEFyXv7gFZSJrNw885JthVdD4BGa6P93S26Cx3KTSGauxJGv0Xkt6/cMHJ+VQhwB
7LkjiXhRmncVgidkeEVDnqgfWh3Cj15VAJ/t5+eHZa9B+edIRJrst/M7QQv8tHJF
jfoi8cmlvlduqK9at5/P9oHkDmExAKZZUyqyjJajSx5txAdlI0DWp21mDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAHT6OAj4kUvDh5XkofWC74e7znSMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvQWRQbzRDUGlSUzhPSGxlU2g5WUx2aDd2T2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBubEqAwQB
udymAwQBueiEMA0GCSqGSIb3DQEBCwUAA4IBAQBf9MfDNv6VQIRey/OrkHeIBRRS
njXI5oFX8mYboxg5jcjSHRx92BJ/uyDI0tsJ8xA1syhly9ifS/DULBu2qmoXYJN1
RDUfgASO56AlfvHKmVf06rTOC5lh1lUVUp9jSVHwQmjKn7/+yjIYUeA72sIdwEE0
CqSq7QBkkg3NAojQ6DZkdsr/0pFZVhx+7J336X4LGj1H6gTbssZdC3NQ2gXDrcpU
0kMnvxe8so1bKD7B8RImwiNYyZNeVyKn6bqqZqBzWF4yjN/QFKQwhf04kDRBlr3k
0c9ZZ1n2oScmvEtN5FDWND5NUu0zhoY2iOf1HOMThdGFmZMWvMQOKe+cFxmY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:06 2024 by rpki-client on console-ams.rpki-client.org