Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/IvWQ2yS2mKAKi9giJB6qR7kTDdk.roa
File: IvWQ2yS2mKAKi9giJB6qR7kTDdk.roa (raw, json)
Hash identifier: YZDuPvI9sS0WzI7Tae+pPZVhQtFcsBgbchVY6XbFLO0=
Subject key identifier: 22:F5:90:DB:24:B6:98:A0:0A:8B:D8:22:24:1E:AA:47:B9:13:0D:D9
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 018A6A1668CC6C774919F12BD8478BF572F1
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/IvWQ2yS2mKAKi9giJB6qR7kTDdk.roa
Signing time: Wed 06 Sep 2023 10:42:48 +0000
ROA not before: Wed 06 Sep 2023 10:42:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212988
IP address blocks: 185.230.146.0/23 maxlen: 23
185.232.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:16:68:cc:6c:77:49:19:f1:2b:d8:47:8b:f5:72:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Sep 6 10:42:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22f590db24b698a00a8bd822241eaa47b9130dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ff:56:a5:48:34:4b:ca:71:6b:db:7d:5a:c8:
28:e4:68:ac:1d:c1:8a:c6:09:42:b7:be:9d:eb:a0:
b9:12:00:e8:72:37:28:67:ea:11:fc:ca:07:83:b8:
47:ef:5a:2f:9e:11:1d:09:97:f9:5b:4a:3c:b4:0c:
bf:fb:c2:e6:b5:08:93:05:ff:cf:25:e3:af:56:9a:
3d:44:f7:9f:86:05:6f:96:ef:e0:5e:d2:97:07:ff:
3d:80:5b:08:6e:c0:27:42:95:eb:64:b7:7a:de:ac:
71:d4:9d:59:25:df:54:91:13:23:cc:b9:d0:1e:54:
57:ee:05:fb:67:82:6a:c8:84:46:b0:ae:f5:8e:dd:
6a:ee:70:ab:aa:7c:0c:48:a6:18:c7:f7:e8:a3:6a:
f2:6a:46:4c:50:a4:e2:6f:89:0b:83:7e:2b:61:4c:
f6:0d:53:fe:8d:56:45:94:0b:f6:2c:a9:bb:b1:fb:
19:ff:a9:f1:b5:e1:43:86:50:4c:50:24:af:51:84:
1f:bf:8d:fa:b8:76:a7:8f:71:64:62:40:68:19:94:
ea:78:9f:50:46:df:3c:1b:b9:28:54:b9:a1:50:1d:
1c:83:db:95:c8:cd:4a:8d:a1:4e:9b:ad:a5:c3:4e:
47:f8:c0:53:ec:c8:17:f2:96:6a:a0:13:dc:54:01:
5a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F5:90:DB:24:B6:98:A0:0A:8B:D8:22:24:1E:AA:47:B9:13:0D:D9
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/IvWQ2yS2mKAKi9giJB6qR7kTDdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.146.0/23
185.232.133.0/24
Signature Algorithm: sha256WithRSAEncryption
10:93:98:02:73:4c:93:e6:17:ee:49:05:32:4b:01:08:d1:d4:
cb:e0:ed:e6:6d:e6:cc:5f:06:9b:3d:ab:ad:f5:e5:89:65:fa:
b3:aa:ed:5b:09:b9:9a:cb:ab:4d:27:a1:81:5a:83:87:2c:f9:
ad:42:fa:60:66:5c:e9:7a:30:c2:b1:4b:ef:8e:10:47:30:0b:
e0:68:0a:9f:78:5a:2c:06:18:ad:55:28:f1:53:52:3c:d8:4a:
d9:ae:f0:b6:6d:7e:1b:b9:35:0f:f1:d4:02:91:5a:63:17:5b:
e3:d5:be:b0:05:64:7c:03:99:92:f3:10:cc:cf:52:3c:7c:3f:
8b:65:f4:3e:76:b3:99:41:b1:65:65:ed:f7:82:45:95:31:34:
68:88:38:8b:8d:ca:5b:3e:42:73:a4:a2:cc:07:2e:c9:0e:51:
6e:74:ce:22:55:c7:16:1a:11:51:11:e9:11:b5:03:9f:86:3d:
2a:ce:a9:90:d5:e3:94:6b:e7:84:81:10:6a:0d:76:45:9e:bf:
4d:9f:4e:78:66:7c:a1:64:f4:03:5b:f1:c6:70:f0:59:d3:d1:
ab:c3:40:e3:83:3f:6c:7e:55:98:da:38:20:64:a1:37:84:1b:
13:67:ab:e1:cf:93:4b:ab:b4:95:96:b1:51:f3:ce:b0:dd:ca:
42:45:f3:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpqFmjMbHdJGfEr2EeL9XLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjMwOTA2MTA0MjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmY1OTBkYjI0YjY5OGEwMGE4YmQ4MjIyNDFlYWE0N2I5MTMwZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvv9WpUg0S8pxa9t9Wsgo5GisHcGK
xglCt76d66C5EgDocjcoZ+oR/MoHg7hH71ovnhEdCZf5W0o8tAy/+8LmtQiTBf/P
JeOvVpo9RPefhgVvlu/gXtKXB/89gFsIbsAnQpXrZLd63qxx1J1ZJd9UkRMjzLnQ
HlRX7gX7Z4JqyIRGsK71jt1q7nCrqnwMSKYYx/foo2ryakZMUKTib4kLg34rYUz2
DVP+jVZFlAv2LKm7sfsZ/6nxteFDhlBMUCSvUYQfv436uHanj3FkYkBoGZTqeJ9Q
Rt88G7koVLmhUB0cg9uVyM1KjaFOm62lw05H+MBT7MgX8pZqoBPcVAFacQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCL1kNsktpigCovYIiQeqke5Ew3ZMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvSXZXUTJ5UzJtS0FLaTlnaUpCNnFSN2tURGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBueaSAwQA
ueiFMA0GCSqGSIb3DQEBCwUAA4IBAQAQk5gCc0yT5hfuSQUySwEI0dTL4O3mbebM
XwabPaut9eWJZfqzqu1bCbmay6tNJ6GBWoOHLPmtQvpgZlzpejDCsUvvjhBHMAvg
aAqfeFosBhitVSjxU1I82ErZrvC2bX4buTUP8dQCkVpjF1vj1b6wBWR8A5mS8xDM
z1I8fD+LZfQ+drOZQbFlZe33gkWVMTRoiDiLjcpbPkJzpKLMBy7JDlFudM4iVccW
GhFREekRtQOfhj0qzqmQ1eOUa+eEgRBqDXZFnr9Nn054ZnyhZPQDW/HGcPBZ09Gr
w0Djgz9sflWY2jggZKE3hBsTZ6vhz5NLq7SVlrFR886w3cpCRfP8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:06 2024 by rpki-client on console-ams.rpki-client.org