Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/952cd7-3297-4eaf-854f-b0afd45dcd78/1/Iq2akMwBDAIeYHZd7Ca-YpoiuWQ.roa
File: Iq2akMwBDAIeYHZd7Ca-YpoiuWQ.roa (raw, json)
Hash identifier: DUpaGEOVUGn7qNWighinOVe66Xta2E2xfsodwPu2l2Q=
Subject key identifier: 22:AD:9A:90:CC:01:0C:02:1E:60:76:5D:EC:26:BE:62:9A:22:B9:64
Certificate issuer: /CN=06c746cd7d4df95a6d03ca9554a754760d5e4e06
Certificate serial: 018CC86EFAC6C4518DA568B2C99E5135D239
Authority key identifier: 06:C7:46:CD:7D:4D:F9:5A:6D:03:CA:95:54:A7:54:76:0D:5E:4E:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BsdGzX1N-VptA8qVVKdUdg1eTgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/952cd7-3297-4eaf-854f-b0afd45dcd78/1/Iq2akMwBDAIeYHZd7Ca-YpoiuWQ.roa
Signing time: Tue 02 Jan 2024 04:29:25 +0000
ROA not before: Tue 02 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199544
IP address blocks: 185.14.243.0/24 maxlen: 24
185.14.241.0/24 maxlen: 24
91.239.255.0/24 maxlen: 24
185.14.240.0/24 maxlen: 24
2a03:7ec0:3131::/48 maxlen: 48
2a03:7ec0:2424::/48 maxlen: 48
2a03:7ec0:57f::/48 maxlen: 48
2a03:7ec0:31ff::/48 maxlen: 48
2a03:7ec0:3100::/40 maxlen: 48
2a03:7ec0:3000::/40 maxlen: 48
2a03:7ec0:3100::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 04 Jan 2024 09:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:fa:c6:c4:51:8d:a5:68:b2:c9:9e:51:35:d2:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06c746cd7d4df95a6d03ca9554a754760d5e4e06
Validity
Not Before: Jan 2 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22ad9a90cc010c021e60765dec26be629a22b964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:14:21:53:aa:1b:d2:e1:ed:77:cf:8f:89:ef:
63:f7:dd:3e:77:cc:26:51:99:45:39:89:13:a4:f8:
a1:ae:10:95:ac:49:d8:b8:1f:71:fe:f7:45:13:c5:
86:32:6c:68:db:dd:d7:12:30:61:68:51:be:7a:94:
e0:d4:3c:7e:66:3f:8d:fc:28:ba:a4:35:1a:e1:1e:
71:e6:c1:77:da:19:92:23:66:8c:5d:8f:71:f1:ab:
f1:fd:5a:3c:f4:93:53:9b:50:83:e7:22:c3:f3:87:
40:d7:a9:06:89:c0:75:a1:16:91:6a:33:e4:eb:1c:
26:67:13:4d:58:dc:0c:78:e7:8f:33:fe:07:7e:44:
69:d2:48:d2:cb:63:27:71:fd:4b:52:2c:5b:4d:21:
16:8c:c9:cb:b0:b3:d8:d2:5a:27:45:25:e7:a0:fd:
3b:b4:81:15:ab:07:99:f4:dd:8d:2d:e3:76:89:21:
2a:df:1e:57:69:7c:4a:94:f5:36:54:50:f8:05:e8:
8d:c9:55:9e:f8:f1:db:17:30:9d:c5:63:4d:fa:54:
f0:0a:82:5b:3c:f0:a4:7e:9e:fb:a8:f4:4a:15:4e:
f8:08:82:d1:88:01:00:e7:1a:da:70:c6:23:49:c8:
98:b4:55:da:f8:d2:04:19:b8:27:5e:3f:81:9e:41:
20:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:AD:9A:90:CC:01:0C:02:1E:60:76:5D:EC:26:BE:62:9A:22:B9:64
X509v3 Authority Key Identifier:
keyid:06:C7:46:CD:7D:4D:F9:5A:6D:03:CA:95:54:A7:54:76:0D:5E:4E:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BsdGzX1N-VptA8qVVKdUdg1eTgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/952cd7-3297-4eaf-854f-b0afd45dcd78/1/Iq2akMwBDAIeYHZd7Ca-YpoiuWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/952cd7-3297-4eaf-854f-b0afd45dcd78/1/BsdGzX1N-VptA8qVVKdUdg1eTgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.255.0/24
185.14.240.0/23
185.14.243.0/24
IPv6:
2a03:7ec0:57f::/48
2a03:7ec0:2424::/48
2a03:7ec0:3000::/39
Signature Algorithm: sha256WithRSAEncryption
7a:a2:9f:f4:0b:f9:37:59:05:0d:11:c3:50:20:3e:f0:b8:d4:
00:8a:75:1d:d0:da:0c:9c:14:60:ef:be:de:f6:07:12:0f:40:
60:5d:38:3c:f3:07:07:ae:70:fc:65:4a:d0:1a:71:41:e7:d0:
fb:a0:89:02:ee:55:d2:c2:75:71:ec:85:29:e2:82:8e:ec:71:
85:a4:2e:4a:06:65:a9:90:c1:e9:37:f5:92:60:7c:98:96:66:
81:ef:3b:7b:22:00:c5:dc:f2:af:de:b9:68:ea:98:6a:87:d6:
d2:63:26:91:2b:6d:5d:e6:9c:9f:b1:96:3b:d6:a1:a7:43:c8:
0e:76:d7:85:1c:3b:b7:bf:12:d1:7d:ce:24:1f:ef:c1:6d:01:
85:49:66:15:1f:72:41:61:bb:b1:24:85:e0:74:41:a4:7c:c0:
4c:90:f0:95:13:7c:75:b3:43:85:4d:41:5e:9d:5c:97:52:10:
e2:db:e4:a2:99:62:83:ec:1c:1a:3a:7e:ff:24:56:76:94:e3:
5c:36:b2:1d:75:5d:22:0f:28:20:88:be:38:a4:c5:6e:4f:60:
22:ad:0a:35:62:b1:ea:05:ab:4a:d1:a1:20:26:74:49:9e:92:
32:93:fb:ff:08:fa:0f:c0:ea:9a:13:11:a0:90:6e:58:75:d1:
b2:35:fc:ef
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzIbvrGxFGNpWiyyZ5RNdI5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2Yzc0NmNkN2Q0ZGY5NWE2ZDAzY2E5NTU0YTc1NDc2MGQ1
ZTRlMDYwHhcNMjQwMTAyMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmFkOWE5MGNjMDEwYzAyMWU2MDc2NWRlYzI2YmU2MjlhMjJiOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxQhU6ob0uHtd8+Pie9j990+d8wm
UZlFOYkTpPihrhCVrEnYuB9x/vdFE8WGMmxo293XEjBhaFG+epTg1Dx+Zj+N/Ci6
pDUa4R5x5sF32hmSI2aMXY9x8avx/Vo89JNTm1CD5yLD84dA16kGicB1oRaRajPk
6xwmZxNNWNwMeOePM/4HfkRp0kjSy2Mncf1LUixbTSEWjMnLsLPY0lonRSXnoP07
tIEVqweZ9N2NLeN2iSEq3x5XaXxKlPU2VFD4BeiNyVWe+PHbFzCdxWNN+lTwCoJb
PPCkfp77qPRKFU74CILRiAEA5xracMYjSciYtFXa+NIEGbgnXj+BnkEgywIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFCKtmpDMAQwCHmB2XewmvmKaIrlkMB8GA1UdIwQY
MBaAFAbHRs19TflabQPKlVSnVHYNXk4GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnNkR3pYMU4tVnB0QThxVlZLZFVkZzFlVGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi85NTJjZDctMzI5Ny00ZWFmLTg1NGYt
YjBhZmQ0NWRjZDc4LzEvSXEyYWtNd0JEQUllWUhaZDdDYS1ZcG9pdVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi85NTJjZDctMzI5Ny00ZWFmLTg1NGYtYjBhZmQ0NWRjZDc4
LzEvQnNkR3pYMU4tVnB0QThxVlZLZFVkZzFlVGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAYBAIAATASAwQAW+//AwQB
uQ7wAwQAuQ7zMCAEAgACMBoDBwAqA37ABX8DBwAqA37AJCQDBgEqA37AMDANBgkq
hkiG9w0BAQsFAAOCAQEAeqKf9Av5N1kFDRHDUCA+8LjUAIp1HdDaDJwUYO++3vYH
Eg9AYF04PPMHB65w/GVK0BpxQefQ+6CJAu5V0sJ1ceyFKeKCjuxxhaQuSgZlqZDB
6Tf1kmB8mJZmge87eyIAxdzyr965aOqYaofW0mMmkSttXeacn7GWO9ahp0PIDnbX
hRw7t78S0X3OJB/vwW0BhUlmFR9yQWG7sSSF4HRBpHzATJDwlRN8dbNDhU1BXp1c
l1IQ4tvkoplig+wcGjp+/yRWdpTjXDayHXVdIg8oIIi+OKTFbk9gIq0KNWKx6gWr
StGhICZ0SZ6SMpP7/wj6D8DqmhMRoJBuWHXRsjX87w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:16 2024 by rpki-client on console-ams.rpki-client.org