Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/COR-6adz-xnsfn2hpLYxBLEtlrI.roa
File: COR-6adz-xnsfn2hpLYxBLEtlrI.roa (raw, json)
Hash identifier: 8zkDVSYz+JHeyVEJaR7jyYBdk+uFq55XRHbStpAGEFk=
Subject key identifier: 08:E4:7E:E9:A7:73:FB:19:EC:7E:7D:A1:A4:B6:31:04:B1:2D:96:B2
Certificate issuer: /CN=e5c340ee5b9daf1a6818f0df407fa5975886b10f
Certificate serial: 01920953A1F5B457445B3F5C109B3C2B403E
Authority key identifier: E5:C3:40:EE:5B:9D:AF:1A:68:18:F0:DF:40:7F:A5:97:58:86:B1:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/COR-6adz-xnsfn2hpLYxBLEtlrI.roa
Signing time: Thu 19 Sep 2024 08:08:48 +0000
ROA not before: Thu 19 Sep 2024 08:08:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12595
IP address blocks: 185.117.226.0/24 maxlen: 24
185.133.88.0/22 maxlen: 24
188.116.45.0/24 maxlen: 24
193.142.212.0/24 maxlen: 24
212.11.88.0/22 maxlen: 24
2a10:7180::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 27 Sep 2024 21:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:09:53:a1:f5:b4:57:44:5b:3f:5c:10:9b:3c:2b:40:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5c340ee5b9daf1a6818f0df407fa5975886b10f
Validity
Not Before: Sep 19 08:08:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08e47ee9a773fb19ec7e7da1a4b63104b12d96b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e7:3c:a5:c5:ba:7e:b5:35:62:94:3f:87:78:
ef:86:3f:d2:09:7e:21:a4:13:4b:af:08:a4:43:4d:
ce:02:e6:e8:0b:09:03:ff:31:a3:6e:d4:ba:10:fa:
b8:cf:6d:9a:54:ab:b0:0c:d9:fa:05:8c:30:71:88:
a8:14:04:9c:29:93:a2:75:8a:78:3d:68:a4:71:0a:
c9:34:35:2d:49:8d:a8:5b:d3:15:9f:ae:35:fc:ea:
7d:aa:1a:d6:9c:b5:41:d1:fa:0a:6a:14:0f:3e:72:
bc:72:cd:54:72:aa:d9:60:8a:04:b4:d7:e2:f9:92:
65:92:e5:67:db:ba:0b:cf:73:4b:b3:3d:f9:20:ac:
93:4a:ca:68:76:2d:28:67:9d:45:4b:66:b7:aa:81:
e7:fd:bc:e4:4c:6d:e7:3b:ff:ce:61:0c:f4:e5:45:
f1:50:de:af:c8:a7:06:04:f3:0e:a6:bf:02:2d:1c:
68:85:02:21:45:ec:70:be:ec:5c:af:36:ed:21:97:
b3:9e:3e:92:55:4c:ec:78:aa:58:0f:c2:23:08:5a:
57:fc:f3:b9:b1:23:37:8e:7a:bd:0c:b1:10:a9:a4:
98:0b:6f:d9:d3:8a:ab:e9:81:41:d8:46:b3:2f:de:
11:1c:b4:aa:a3:6b:56:e7:a3:1a:07:62:47:7e:99:
bb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E4:7E:E9:A7:73:FB:19:EC:7E:7D:A1:A4:B6:31:04:B1:2D:96:B2
X509v3 Authority Key Identifier:
keyid:E5:C3:40:EE:5B:9D:AF:1A:68:18:F0:DF:40:7F:A5:97:58:86:B1:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/COR-6adz-xnsfn2hpLYxBLEtlrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/5cNA7ludrxpoGPDfQH-ll1iGsQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.226.0/24
185.133.88.0/22
188.116.45.0/24
193.142.212.0/24
212.11.88.0/22
IPv6:
2a10:7180::/29
Signature Algorithm: sha256WithRSAEncryption
72:e4:bc:16:58:c0:47:31:78:fe:e3:41:3e:b1:d5:43:d5:bd:
5a:b6:00:a1:a4:db:3b:07:cd:b9:e3:c0:45:39:54:01:31:5d:
eb:62:f6:60:41:c0:c8:97:be:a4:70:f2:f3:73:58:fb:10:0d:
2a:fa:9c:10:0c:cd:e8:79:42:6e:8c:01:0a:5d:a8:89:28:d8:
a9:1f:ab:4c:85:f1:42:4c:15:0a:8b:08:e9:60:e5:58:69:58:
74:34:e4:73:33:23:6a:f8:41:8d:88:08:92:65:00:8e:af:3d:
db:12:b8:9a:26:f7:0d:01:7d:bb:64:ba:b1:ec:2f:d2:e7:0c:
38:a8:a6:94:d8:1e:67:0f:75:a6:4c:23:1d:f5:3f:23:d9:29:
9c:86:87:77:3b:5f:de:2d:12:47:20:02:c6:29:8f:22:90:2f:
95:df:b6:11:b1:32:6b:6b:38:b1:65:53:6d:8e:5b:d1:d3:a7:
cb:a6:07:c6:a4:b7:d2:4e:80:95:c1:e1:1a:5b:1b:d2:5e:f8:
02:af:6d:40:2f:d3:fb:ab:06:6f:a0:76:7c:a7:29:b1:ff:e5:
95:f9:7f:91:bb:26:5b:15:41:33:c5:da:7d:51:2d:86:a3:c7:
ec:5f:9d:19:fc:de:ef:30:31:21:ca:fb:9a:37:ff:17:53:5c:
37:3c:47:a8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZIJU6H1tFdEWz9cEJs8K0A+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzM0MGVlNWI5ZGFmMWE2ODE4ZjBkZjQwN2ZhNTk3NTg4
NmIxMGYwHhcNMjQwOTE5MDgwODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGU0N2VlOWE3NzNmYjE5ZWM3ZTdkYTFhNGI2MzEwNGIxMmQ5NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquc8pcW6frU1YpQ/h3jvhj/SCX4h
pBNLrwikQ03OAuboCwkD/zGjbtS6EPq4z22aVKuwDNn6BYwwcYioFAScKZOidYp4
PWikcQrJNDUtSY2oW9MVn641/Op9qhrWnLVB0foKahQPPnK8cs1UcqrZYIoEtNfi
+ZJlkuVn27oLz3NLsz35IKyTSspodi0oZ51FS2a3qoHn/bzkTG3nO//OYQz05UXx
UN6vyKcGBPMOpr8CLRxohQIhRexwvuxcrzbtIZeznj6SVUzseKpYD8IjCFpX/PO5
sSM3jnq9DLEQqaSYC2/Z04qr6YFB2EazL94RHLSqo2tW56MaB2JHfpm7EQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAjkfumnc/sZ7H59oaS2MQSxLZayMB8GA1UdIwQY
MBaAFOXDQO5bna8aaBjw30B/pZdYhrEPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNOQTdsdWRyeHBvR1BEZlFILWxsMWlHc1E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kNTEwNGMtZjY0YS00NGNhLWEzN2It
NmUxZjJmNjg1MWNmLzEvQ09SLTZhZHoteG5zZm4yaHBMWXhCTEV0bHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kNTEwNGMtZjY0YS00NGNhLWEzN2ItNmUxZjJmNjg1MWNm
LzEvNWNOQTdsdWRyeHBvR1BEZlFILWxsMWlHc1E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAuXXiAwQC
uYVYAwQAvHQtAwQAwY7UAwQC1AtYMA0EAgACMAcDBQMqEHGAMA0GCSqGSIb3DQEB
CwUAA4IBAQBy5LwWWMBHMXj+40E+sdVD1b1atgChpNs7B82548BFOVQBMV3rYvZg
QcDIl76kcPLzc1j7EA0q+pwQDM3oeUJujAEKXaiJKNipH6tMhfFCTBUKiwjpYOVY
aVh0NORzMyNq+EGNiAiSZQCOrz3bEriaJvcNAX27ZLqx7C/S5ww4qKaU2B5nD3Wm
TCMd9T8j2Smchod3O1/eLRJHIALGKY8ikC+V37YRsTJrazixZVNtjlvR06fLpgfG
pLfSToCVweEaWxvSXvgCr21AL9P7qwZvoHZ8pymx/+WV+X+RuyZbFUEzxdp9US2G
o8fsX50Z/N7vMDEhyvuaN/8XU1w3PEeo
-----END CERTIFICATE-----
Generated at Fri Sep 27 23:53:12 2024 by rpki-client on console-ams.rpki-client.org