Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/sy2R1aU35D1wfD2oCzSJuq2I9D4.roa
File: sy2R1aU35D1wfD2oCzSJuq2I9D4.roa (raw, json)
Hash identifier: jukWlb1rIjfQgba9VCYif6lyVhR+oGsSBB6zkwPuX9o=
Subject key identifier: B3:2D:91:D5:A5:37:E4:3D:70:7C:3D:A8:0B:34:89:BA:AD:88:F4:3E
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018B6B394056420BC336FAF18539733FCF34
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/sy2R1aU35D1wfD2oCzSJuq2I9D4.roa
Signing time: Thu 26 Oct 2023 09:03:15 +0000
ROA not before: Thu 26 Oct 2023 09:03:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216271
IP address blocks: 185.201.139.0/24 maxlen: 24
185.201.136.0/22 maxlen: 22
2a12:ec0::/29 maxlen: 29
2a12:28c0::/29 maxlen: 29
2a0f:e000::/29 maxlen: 29
2a13:ba00::/29 maxlen: 29
2a12:1900::/29 maxlen: 29
2a11:f240::/29 maxlen: 29
2a12:6b80::/29 maxlen: 29
2a13:dac0::/29 maxlen: 29
2a0e:7780::/29 maxlen: 29
2a0a:e2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 27 Oct 2023 10:19:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:39:40:56:42:0b:c3:36:fa:f1:85:39:73:3f:cf:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Oct 26 09:03:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b32d91d5a537e43d707c3da80b3489baad88f43e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:85:1c:f6:3e:e2:2d:5c:07:1d:7e:46:73:17:
a9:dc:7e:11:5f:e1:e2:d5:a2:06:aa:65:79:a4:d2:
a3:d9:2a:3f:b9:e8:91:54:be:98:82:ef:e5:7b:e7:
7e:77:9a:21:96:4b:66:17:1d:97:f4:0c:0c:cd:e0:
48:20:af:cb:f3:eb:ec:bd:70:d6:de:ab:5b:4e:5a:
af:da:d3:73:52:78:f6:cd:f3:9a:69:9c:10:bc:8c:
9f:bd:96:fb:ca:9b:e0:83:b5:5a:24:84:4d:c3:b8:
ed:46:9a:fb:83:2e:c9:5c:99:12:df:42:01:c3:40:
7c:95:e9:28:ae:87:b1:d7:f8:99:92:fa:97:33:64:
d9:fe:40:44:79:c2:c9:ef:09:61:43:53:2e:52:33:
85:c7:83:eb:15:bd:ff:b1:0b:b3:82:cf:2e:22:e8:
fb:a2:90:01:63:37:2e:1c:19:ae:7a:71:85:49:90:
97:1f:a1:57:1a:22:4b:c7:92:36:1c:65:b8:2f:22:
5e:c7:b6:28:ae:9e:31:d3:5f:a7:08:a9:59:50:62:
54:b4:81:f8:9a:3a:24:32:6f:2c:03:e5:2b:8f:7a:
7d:8b:7e:5f:53:22:81:05:2e:bc:c9:c7:26:44:a6:
0e:96:04:83:40:d0:06:a8:7e:38:6c:4a:ea:34:af:
ed:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:2D:91:D5:A5:37:E4:3D:70:7C:3D:A8:0B:34:89:BA:AD:88:F4:3E
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/sy2R1aU35D1wfD2oCzSJuq2I9D4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.136.0/22
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:e000::/29
2a11:f240::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
2a12:6b80::/29
2a13:ba00::/29
2a13:dac0::/29
Signature Algorithm: sha256WithRSAEncryption
66:fe:e9:4c:48:a1:59:3c:69:2b:72:8d:bf:c9:72:bb:d7:af:
84:74:88:9d:94:71:6e:1f:f7:3e:d3:b4:e9:8b:15:b2:d1:54:
d9:fc:6a:67:82:38:11:0a:00:a4:b9:31:1f:07:e5:fd:c1:11:
2c:48:25:7f:1f:94:1d:67:2c:7f:a5:f9:41:31:b2:30:70:23:
ee:ef:6e:93:05:e6:2c:29:dc:44:9e:d2:73:dd:5f:17:51:3b:
de:63:ec:28:51:e8:5c:73:4b:92:e4:ac:c5:9c:cd:0e:13:8e:
be:38:42:57:68:c3:29:bf:76:10:76:dd:2a:b2:94:12:6f:65:
82:91:3a:d7:5b:af:d7:c4:7f:2c:22:ca:13:27:bd:fb:55:1b:
c4:e4:bf:22:05:a8:68:14:59:33:4a:ca:7a:a2:4e:b9:71:60:
e8:32:a2:ae:af:ca:6e:9e:88:d1:55:a4:9d:9c:b1:c4:70:16:
d4:38:5a:ae:d5:5a:45:af:33:90:d0:7e:fc:ea:f8:1d:ed:4f:
6f:4d:09:2a:2f:88:e8:7b:e4:7f:b8:33:26:b0:ea:77:f6:29:
38:2a:4a:56:62:f6:e4:0c:53:2f:a1:56:7c:f7:fd:8c:9b:e3:
87:6f:5f:ba:ef:8f:65:88:5f:71:63:c4:c6:18:0e:6e:95:fe:
b3:12:13:b4
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYtrOUBWQgvDNvrxhTlzP880MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjMxMDI2MDkwMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzJkOTFkNWE1MzdlNDNkNzA3YzNkYTgwYjM0ODliYWFkODhmNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYUc9j7iLVwHHX5Gcxep3H4RX+Hi
1aIGqmV5pNKj2So/ueiRVL6Ygu/le+d+d5ohlktmFx2X9AwMzeBIIK/L8+vsvXDW
3qtbTlqv2tNzUnj2zfOaaZwQvIyfvZb7ypvgg7VaJIRNw7jtRpr7gy7JXJkS30IB
w0B8lekoroex1/iZkvqXM2TZ/kBEecLJ7wlhQ1MuUjOFx4PrFb3/sQuzgs8uIuj7
opABYzcuHBmuenGFSZCXH6FXGiJLx5I2HGW4LyJex7Yorp4x01+nCKlZUGJUtIH4
mjokMm8sA+Urj3p9i35fUyKBBS68yccmRKYOlgSDQNAGqH44bErqNK/t2QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFLMtkdWlN+Q9cHw9qAs0ibqtiPQ+MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvc3kyUjFhVTM1RDF3ZkQyb0N6U0p1cTJJOUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDAMBAIAATAGAwQCucmIMEwE
AgACMEYDBQMqCuLAAwUDKg53gAMFAyoP4AADBQMqEfJAAwUDKhIOwAMFAyoSGQAD
BQMqEijAAwUDKhJrgAMFAyoTugADBQMqE9rAMA0GCSqGSIb3DQEBCwUAA4IBAQBm
/ulMSKFZPGkrco2/yXK716+EdIidlHFuH/c+07TpixWy0VTZ/GpngjgRCgCkuTEf
B+X9wREsSCV/H5QdZyx/pflBMbIwcCPu726TBeYsKdxEntJz3V8XUTveY+woUehc
c0uS5KzFnM0OE46+OEJXaMMpv3YQdt0qspQSb2WCkTrXW6/XxH8sIsoTJ737VRvE
5L8iBahoFFkzSsp6ok65cWDoMqKur8punojRVaSdnLHEcBbUOFqu1VpFrzOQ0H78
6vgd7U9vTQkqL4joe+R/uDMmsOp39ik4KkpWYvbkDFMvoVZ89/2Mm+OHb1+6749l
iF9xY8TGGA5ulf6zEhO0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:03 2024 by rpki-client on console-ams.rpki-client.org