Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/726123-bfc2-47ea-9b05-570fec29d139/1/gAsRnJ-ynaftS85sKqZiD-LEI8I.roa
File: gAsRnJ-ynaftS85sKqZiD-LEI8I.roa (raw, json)
Hash identifier: c5TjkTtmbxLajk6hTWpE/XkMciTvrHIH7NDfc24JOMQ=
Subject key identifier: 80:0B:11:9C:9F:B2:9D:A7:ED:4B:CE:6C:2A:A6:62:0F:E2:C4:23:C2
Certificate issuer: /CN=ab0f2d1829d6fb8d247fa4e9658ea17f06c00b05
Certificate serial: 018F7276864A48FA092B0800336A4CFC793B
Authority key identifier: AB:0F:2D:18:29:D6:FB:8D:24:7F:A4:E9:65:8E:A1:7F:06:C0:0B:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qw8tGCnW-40kf6TpZY6hfwbACwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/726123-bfc2-47ea-9b05-570fec29d139/1/gAsRnJ-ynaftS85sKqZiD-LEI8I.roa
Signing time: Mon 13 May 2024 14:58:41 +0000
ROA not before: Mon 13 May 2024 14:58:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60636
IP address blocks: 185.27.104.0/22 maxlen: 22
185.27.104.0/24 maxlen: 24
185.27.105.0/24 maxlen: 24
185.27.106.0/24 maxlen: 24
185.27.107.0/24 maxlen: 24
185.46.76.0/22 maxlen: 22
185.46.76.0/24 maxlen: 24
185.46.77.0/24 maxlen: 24
185.46.78.0/24 maxlen: 24
185.46.79.0/24 maxlen: 24
185.125.12.0/22 maxlen: 22
185.125.12.0/24 maxlen: 24
185.125.13.0/24 maxlen: 24
185.125.14.0/24 maxlen: 24
185.125.15.0/24 maxlen: 24
2a10:2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:76:86:4a:48:fa:09:2b:08:00:33:6a:4c:fc:79:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0f2d1829d6fb8d247fa4e9658ea17f06c00b05
Validity
Not Before: May 13 14:58:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=800b119c9fb29da7ed4bce6c2aa6620fe2c423c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a9:4f:aa:e5:41:9e:45:c1:f0:09:de:1f:5e:
63:6b:db:1d:19:b6:09:bc:29:d8:0b:fe:dd:c1:77:
13:6f:9a:d2:02:f3:e4:a3:0c:9c:54:62:77:4e:61:
01:ea:b4:8f:3d:a2:4e:a6:37:ee:06:d5:5e:d7:73:
a6:6d:d0:0e:c4:7d:0e:64:cc:b2:17:ee:67:59:50:
29:70:39:5a:80:14:ff:57:f0:f5:18:d5:41:b8:e5:
e6:14:0a:a3:f3:3c:08:75:14:c6:61:a9:48:43:e7:
93:9a:d3:1c:1f:1e:b3:c9:50:ae:f5:e9:bb:68:53:
99:84:a6:5b:e8:77:8b:53:94:f4:11:ca:f6:a6:4b:
63:44:3d:c2:b8:eb:03:72:e1:21:05:ef:14:8f:4f:
ae:f8:5c:5f:3b:f6:2a:32:a9:df:56:d6:ea:ac:9c:
eb:8d:7e:cf:84:11:8b:87:8b:1b:1a:ea:fc:af:77:
c8:fc:ba:62:f3:2e:76:82:69:aa:99:3b:7b:26:83:
a4:dc:49:64:b3:77:29:9c:df:67:01:17:f7:76:19:
d2:49:f2:fb:c0:54:de:0f:59:96:58:11:b1:c4:cc:
e0:ec:17:41:41:96:72:03:09:9a:fc:17:7e:d6:6c:
e8:c5:5a:89:b6:94:3f:16:10:c4:aa:f7:92:79:22:
70:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:0B:11:9C:9F:B2:9D:A7:ED:4B:CE:6C:2A:A6:62:0F:E2:C4:23:C2
X509v3 Authority Key Identifier:
keyid:AB:0F:2D:18:29:D6:FB:8D:24:7F:A4:E9:65:8E:A1:7F:06:C0:0B:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qw8tGCnW-40kf6TpZY6hfwbACwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/726123-bfc2-47ea-9b05-570fec29d139/1/gAsRnJ-ynaftS85sKqZiD-LEI8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/726123-bfc2-47ea-9b05-570fec29d139/1/qw8tGCnW-40kf6TpZY6hfwbACwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.104.0/22
185.46.76.0/22
185.125.12.0/22
IPv6:
2a10:2c0::/29
Signature Algorithm: sha256WithRSAEncryption
47:1f:a6:f9:e1:69:a5:a5:00:56:66:78:0d:59:b6:54:2d:60:
33:f5:f1:67:80:63:a7:a6:59:6a:a1:59:3d:b5:39:8a:42:ff:
dc:dc:0b:13:c6:06:6d:d0:08:18:bd:3d:5a:fc:f2:aa:bd:d1:
f5:f5:37:00:66:a5:1e:31:8b:c2:bd:37:1a:03:4e:48:95:50:
d4:c3:58:57:fa:5f:d8:0b:29:5f:2d:a1:37:42:be:3e:7f:39:
42:db:63:95:07:ff:0c:e2:06:15:03:4d:dd:1f:77:a2:05:d4:
b7:39:83:be:7a:a9:49:58:cb:24:d0:a9:c2:9e:53:27:d9:f0:
19:83:76:8f:44:84:bb:79:b8:e2:62:58:38:0c:6b:37:44:83:
be:b5:58:c7:48:a4:74:af:4f:00:60:cd:40:31:9d:86:59:01:
ef:95:ea:15:df:c4:1f:83:95:09:a5:75:08:df:0c:46:e6:12:
d3:d0:d9:36:7a:75:ab:5c:07:2a:24:ae:47:13:9e:3f:86:f9:
65:2f:96:69:e2:26:24:19:78:6a:9c:98:7d:b3:ac:f5:e7:b4:
05:7b:7f:18:7f:c5:fa:a4:f3:56:2f:29:25:0e:c8:6b:33:1e:
2d:4b:eb:41:d6:ce:6e:b6:88:cd:3a:73:87:fd:d7:03:88:5d:
fa:d3:9f:bf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY9ydoZKSPoJKwgAM2pM/Hk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMGYyZDE4MjlkNmZiOGQyNDdmYTRlOTY1OGVhMTdmMDZj
MDBiMDUwHhcNMjQwNTEzMTQ1ODQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDBiMTE5YzlmYjI5ZGE3ZWQ0YmNlNmMyYWE2NjIwZmUyYzQyM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKlPquVBnkXB8AneH15ja9sdGbYJ
vCnYC/7dwXcTb5rSAvPkowycVGJ3TmEB6rSPPaJOpjfuBtVe13OmbdAOxH0OZMyy
F+5nWVApcDlagBT/V/D1GNVBuOXmFAqj8zwIdRTGYalIQ+eTmtMcHx6zyVCu9em7
aFOZhKZb6HeLU5T0Ecr2pktjRD3CuOsDcuEhBe8Uj0+u+FxfO/YqMqnfVtbqrJzr
jX7PhBGLh4sbGur8r3fI/Lpi8y52gmmqmTt7JoOk3Elks3cpnN9nARf3dhnSSfL7
wFTeD1mWWBGxxMzg7BdBQZZyAwma/Bd+1mzoxVqJtpQ/FhDEqveSeSJwRQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIALEZyfsp2n7UvObCqmYg/ixCPCMB8GA1UdIwQY
MBaAFKsPLRgp1vuNJH+k6WWOoX8GwAsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXc4dEdDblctNDBrZjZUcFpZNmhmd2JBQ3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83MjYxMjMtYmZjMi00N2VhLTliMDUt
NTcwZmVjMjlkMTM5LzEvZ0FzUm5KLXluYWZ0Uzg1c0txWmlELUxFSThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS83MjYxMjMtYmZjMi00N2VhLTliMDUtNTcwZmVjMjlkMTM5
LzEvcXc4dEdDblctNDBrZjZUcFpZNmhmd2JBQ3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuRtoAwQC
uS5MAwQCuX0MMA0EAgACMAcDBQMqEALAMA0GCSqGSIb3DQEBCwUAA4IBAQBHH6b5
4WmlpQBWZngNWbZULWAz9fFngGOnpllqoVk9tTmKQv/c3AsTxgZt0AgYvT1a/PKq
vdH19TcAZqUeMYvCvTcaA05IlVDUw1hX+l/YCylfLaE3Qr4+fzlC22OVB/8M4gYV
A03dH3eiBdS3OYO+eqlJWMsk0KnCnlMn2fAZg3aPRIS7ebjiYlg4DGs3RIO+tVjH
SKR0r08AYM1AMZ2GWQHvleoV38Qfg5UJpXUI3wxG5hLT0Nk2enWrXAcqJK5HE54/
hvllL5Zp4iYkGXhqnJh9s6z157QFe38Yf8X6pPNWLyklDshrMx4tS+tB1s5utojN
OnOH/dcDiF3605+/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:33 2025 by rpki-client