Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/kUGIjmn_t09oEVxxk86brmcCOgk.roa
File: kUGIjmn_t09oEVxxk86brmcCOgk.roa (raw, json)
Hash identifier: euILvyy6PlwowB5k1E9oV5fYs5/uE5fTXxXeZ05DJPQ=
Subject key identifier: 91:41:88:8E:69:FF:B7:4F:68:11:5C:71:93:CE:9B:AE:67:02:3A:09
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018E1DB76175F701E11EA058936B131E41E6
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/kUGIjmn_t09oEVxxk86brmcCOgk.roa
Signing time: Fri 08 Mar 2024 10:59:01 +0000
ROA not before: Fri 08 Mar 2024 10:59:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216271
IP address blocks: 185.168.28.0/22 maxlen: 22
185.201.136.0/22 maxlen: 22
2a06:b3c0::/29 maxlen: 29
2a06:b440::/29 maxlen: 29
2a06:cac0::/29 maxlen: 29
2a0f:d480::/29 maxlen: 29
2a11:2f40::/29 maxlen: 29
2a11:3b40::/29 maxlen: 29
2a11:7240::/29 maxlen: 29
2a11:9600::/29 maxlen: 29
2a12:440::/29 maxlen: 29
2a12:6640::/29 maxlen: 29
2a12:6740::/29 maxlen: 29
2a12:6b80::/29 maxlen: 29
2a12:6f40::/29 maxlen: 29
2a12:7740::/29 maxlen: 29
2a12:8ec0::/29 maxlen: 29
2a12:ccc0::/29 maxlen: 29
2a12:d3c0::/29 maxlen: 29
2a12:e240::/29 maxlen: 29
2a12:f0c0::/29 maxlen: 29
2a14:c0::/29 maxlen: 29
2a14:140::/29 maxlen: 29
2a14:1c0::/29 maxlen: 29
2a14:800::/29 maxlen: 29
2a14:f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 14 Mar 2024 15:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1d:b7:61:75:f7:01:e1:1e:a0:58:93:6b:13:1e:41:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Mar 8 10:59:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9141888e69ffb74f68115c7193ce9bae67023a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a5:79:ac:d0:34:90:5a:32:49:32:a4:b3:35:
03:d3:4c:95:be:16:eb:3d:19:97:c5:e1:6d:6b:87:
6c:5e:5a:e4:79:49:0b:e0:36:7e:97:d0:2d:d7:73:
46:47:95:bc:cd:74:13:cc:24:bb:6b:2f:03:47:64:
76:3d:8d:75:52:22:57:b9:3a:b9:ea:5c:1f:b5:29:
8c:1b:7b:19:c3:e3:98:1a:43:ba:cd:00:68:66:b2:
74:77:23:64:ec:a9:c0:e4:93:e0:37:e5:3a:fc:a5:
48:3a:f3:35:bd:d1:8e:ea:6f:02:18:be:0c:56:c2:
b2:e3:b8:9a:88:80:fa:4e:06:b0:92:22:eb:8d:4d:
a0:4e:7b:cb:50:a6:25:34:e9:51:2b:09:98:94:d6:
d1:14:dc:51:f2:af:68:e1:94:d2:71:90:4b:2a:fe:
f3:1b:5e:35:e6:a6:fb:fd:06:3d:84:81:93:3d:8e:
1d:b0:ae:0e:01:df:0c:9a:6c:53:57:4a:50:37:83:
2a:28:ba:fe:8b:94:82:ea:57:d8:31:f0:ee:0e:1f:
4e:d4:f7:5b:3c:53:b0:29:be:04:6d:a1:03:01:1d:
64:79:28:fc:0d:15:70:17:8c:29:6e:11:d9:d9:9c:
47:88:7c:ab:9a:e9:1e:6b:e5:20:2a:44:9c:a9:20:
6d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:41:88:8E:69:FF:B7:4F:68:11:5C:71:93:CE:9B:AE:67:02:3A:09
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/kUGIjmn_t09oEVxxk86brmcCOgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.28.0/22
185.201.136.0/22
IPv6:
2a06:b3c0::/29
2a06:b440::/29
2a06:cac0::/29
2a0f:d480::/29
2a11:2f40::/29
2a11:3b40::/29
2a11:7240::/29
2a11:9600::/29
2a12:440::/29
2a12:6640::/29
2a12:6740::/29
2a12:6b80::/29
2a12:6f40::/29
2a12:7740::/29
2a12:8ec0::/29
2a12:ccc0::/29
2a12:d3c0::/29
2a12:e240::/29
2a12:f0c0::/29
2a14:c0::/29
2a14:140::/29
2a14:1c0::/29
2a14:800::/29
2a14:f40::/29
Signature Algorithm: sha256WithRSAEncryption
3d:cb:03:b6:28:1b:9a:ac:37:79:73:02:b1:82:47:8d:72:c6:
e4:ff:bb:b8:d6:63:f2:48:0d:39:01:cf:84:a6:c0:99:57:1c:
75:48:41:ef:c6:77:45:33:14:e2:cc:fa:1f:00:01:6f:b9:52:
0e:a7:a8:1c:77:0d:c0:92:da:f9:b7:45:3b:1a:e4:76:66:c7:
7e:f5:96:c1:2d:ae:ba:c4:af:2d:f9:35:e2:cc:98:f8:ac:06:
06:69:43:98:6d:2d:58:48:55:a5:58:76:90:87:b4:88:1c:71:
36:94:c9:b2:3f:53:a7:0f:eb:00:1d:73:09:5d:e6:53:2e:ad:
e2:42:de:50:db:e0:f9:6c:92:c4:84:82:a2:8b:c0:2f:43:d1:
74:01:d9:fa:63:87:08:0d:2c:ec:69:cb:3b:34:36:35:78:07:
f8:d4:26:0b:9e:5f:d9:77:fd:b3:bd:3a:dd:5b:86:12:08:ad:
f6:5b:e4:9e:24:f1:6b:17:44:b0:d2:b7:28:a5:dc:d1:23:b3:
a9:48:f7:e8:d5:cc:c1:26:21:45:d5:d3:25:07:4c:5b:f0:c5:
55:17:70:ba:ef:de:89:ea:cc:93:42:96:eb:0d:82:83:ff:45:
7d:c4:47:1c:b1:9f:9f:00:f8:bf:e3:2e:2e:ac:4b:50:ef:da:
f5:22:1a:d0
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAY4dt2F19wHhHqBYk2sTHkHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMzA4MTA1OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTQxODg4ZTY5ZmZiNzRmNjgxMTVjNzE5M2NlOWJhZTY3MDIzYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKV5rNA0kFoySTKkszUD00yVvhbr
PRmXxeFta4dsXlrkeUkL4DZ+l9At13NGR5W8zXQTzCS7ay8DR2R2PY11UiJXuTq5
6lwftSmMG3sZw+OYGkO6zQBoZrJ0dyNk7KnA5JPgN+U6/KVIOvM1vdGO6m8CGL4M
VsKy47iaiID6TgawkiLrjU2gTnvLUKYlNOlRKwmYlNbRFNxR8q9o4ZTScZBLKv7z
G1415qb7/QY9hIGTPY4dsK4OAd8MmmxTV0pQN4MqKLr+i5SC6lfYMfDuDh9O1Pdb
PFOwKb4EbaEDAR1keSj8DRVwF4wpbhHZ2ZxHiHyrmukea+UgKkScqSBtJQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFJFBiI5p/7dPaBFccZPOm65nAjoJMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEva1VHSWptbl90MDlvRVZ4eGs4NmJybWNDT2drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjASBAIAATAMAwQCuagc
AwQCucmIMIGvBAIAAjCBqAMFAyoGs8ADBQMqBrRAAwUDKgbKwAMFAyoP1IADBQMq
ES9AAwUDKhE7QAMFAyoRckADBQMqEZYAAwUDKhIEQAMFAyoSZkADBQMqEmdAAwUD
KhJrgAMFAyoSb0ADBQMqEndAAwUDKhKOwAMFAyoSzMADBQMqEtPAAwUDKhLiQAMF
AyoS8MADBQMqFADAAwUDKhQBQAMFAyoUAcADBQMqFAgAAwUDKhQPQDANBgkqhkiG
9w0BAQsFAAOCAQEAPcsDtigbmqw3eXMCsYJHjXLG5P+7uNZj8kgNOQHPhKbAmVcc
dUhB78Z3RTMU4sz6HwABb7lSDqeoHHcNwJLa+bdFOxrkdmbHfvWWwS2uusSvLfk1
4syY+KwGBmlDmG0tWEhVpVh2kIe0iBxxNpTJsj9Tpw/rAB1zCV3mUy6t4kLeUNvg
+WySxISCoovAL0PRdAHZ+mOHCA0s7GnLOzQ2NXgH+NQmC55f2Xf9s7063VuGEgit
9lvkniTxaxdEsNK3KKXc0SOzqUj36NXMwSYhRdXTJQdMW/DFVRdwuu/eierMk0KW
6w2Cg/9FfcRHHLGfnwD4v+MuLqxLUO/a9SIa0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org