Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/e1870f-9cb6-4339-aa38-0af4231da79a/1/Grp8DrWepq28cjcYjKtRSGYZxQs.roa
File: Grp8DrWepq28cjcYjKtRSGYZxQs.roa (raw, json)
Hash identifier: taOMhRGZUIwOf6z/G8rLvViiBrG+bkDJCPuXlRhSx2U=
Subject key identifier: 1A:BA:7C:0E:B5:9E:A6:AD:BC:72:37:18:8C:AB:51:48:66:19:C5:0B
Certificate issuer: /CN=83ad289621833dae86fdda62e4b9b09e29e078a0
Certificate serial: 018CC8DEFE481D742F524CDC39325133ECFC
Authority key identifier: 83:AD:28:96:21:83:3D:AE:86:FD:DA:62:E4:B9:B0:9E:29:E0:78:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g60oliGDPa6G_dpi5LmwningeKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/e1870f-9cb6-4339-aa38-0af4231da79a/1/Grp8DrWepq28cjcYjKtRSGYZxQs.roa
Signing time: Tue 02 Jan 2024 06:31:46 +0000
ROA not before: Tue 02 Jan 2024 06:31:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44180
IP address blocks: 185.146.196.0/22 maxlen: 24
193.34.116.0/22 maxlen: 24
185.144.204.0/22 maxlen: 24
46.227.88.0/21 maxlen: 24
185.98.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 10:25:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:fe:48:1d:74:2f:52:4c:dc:39:32:51:33:ec:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83ad289621833dae86fdda62e4b9b09e29e078a0
Validity
Not Before: Jan 2 06:31:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1aba7c0eb59ea6adbc7237188cab51486619c50b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c0:dd:2e:47:e2:c0:90:ba:4d:d1:37:97:6f:
a1:ee:d4:c3:7b:5a:af:ee:55:6d:88:5d:a9:c9:87:
84:33:5f:62:35:d4:be:a3:35:83:c9:58:2c:1f:94:
28:4b:c9:f1:6b:b7:ee:54:93:2f:b4:8e:a5:b1:03:
18:82:6a:a7:1b:33:60:0b:4f:eb:18:4e:d8:24:db:
63:9c:9c:b4:ff:26:5e:8b:11:9b:f4:39:06:58:87:
2e:2c:1c:33:d9:9f:0a:ae:fd:c8:52:ad:30:b4:9d:
2f:61:87:a4:f6:0a:2c:39:61:44:bb:23:9d:28:e5:
16:d8:bb:2e:34:3d:fc:41:73:cd:64:bb:6f:84:99:
0a:c1:65:68:1c:fa:b3:3e:9c:f6:40:3e:99:a2:ba:
c0:a5:24:f9:d1:f7:05:da:6f:99:cd:d4:b4:87:d3:
fe:9b:af:60:52:72:c7:8c:f8:19:36:d8:27:dd:93:
5a:3d:ce:b4:0d:97:05:3e:a4:c5:e7:ac:cf:17:63:
20:65:87:9d:25:1d:8c:c2:5e:13:eb:44:14:52:32:
0d:06:dc:3b:6c:d2:04:80:7e:50:64:78:39:ad:db:
85:08:a4:29:9a:86:6e:69:cf:03:c4:53:98:b9:93:
62:41:31:74:38:31:ca:34:73:d8:eb:80:eb:d1:3a:
22:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:BA:7C:0E:B5:9E:A6:AD:BC:72:37:18:8C:AB:51:48:66:19:C5:0B
X509v3 Authority Key Identifier:
keyid:83:AD:28:96:21:83:3D:AE:86:FD:DA:62:E4:B9:B0:9E:29:E0:78:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g60oliGDPa6G_dpi5LmwningeKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e1870f-9cb6-4339-aa38-0af4231da79a/1/Grp8DrWepq28cjcYjKtRSGYZxQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e1870f-9cb6-4339-aa38-0af4231da79a/1/g60oliGDPa6G_dpi5LmwningeKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.88.0/21
185.98.56.0/22
185.144.204.0/22
185.146.196.0/22
193.34.116.0/22
Signature Algorithm: sha256WithRSAEncryption
40:0c:95:94:88:09:27:80:59:f4:f0:66:00:d0:29:1f:31:81:
86:0b:b6:0e:89:12:8a:ee:3a:05:fd:b3:0c:a1:d7:30:f9:81:
57:89:0d:41:77:2b:00:30:bb:36:23:84:7a:49:d6:ec:11:5d:
ef:bb:17:e9:a6:7e:81:fe:1f:19:93:c3:05:d8:36:68:d8:f2:
7b:83:3f:40:a3:d2:bc:d0:36:de:64:12:54:b2:10:d3:10:6e:
3f:b1:85:09:27:de:f0:bd:58:78:ab:46:a2:2d:05:be:7d:8c:
fb:94:22:62:ab:da:32:85:a0:15:b5:34:59:5e:2b:8f:78:19:
b5:f1:7f:ca:57:e9:45:31:5e:42:2f:f2:fe:13:8d:4f:c5:6c:
ae:6d:e7:c3:3e:1b:15:f0:a9:f5:cc:2b:63:3a:11:73:af:58:
53:a9:d2:00:b8:7f:29:a0:50:41:b3:0e:d2:17:07:f4:d3:75:
49:a6:00:7a:19:53:ea:76:2b:f1:b8:a8:45:69:c5:ea:54:cb:
4a:d4:e5:e8:59:58:c5:93:e0:27:69:ea:d6:51:9e:a5:8a:7f:
a7:54:3f:00:62:50:93:98:ff:d9:47:54:5f:f2:bc:2c:81:c1:
43:94:66:66:25:4a:3e:2c:4e:e4:ff:72:4e:e0:30:f4:d2:18:
70:6b:83:ac
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzI3v5IHXQvUkzcOTJRM+z8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYWQyODk2MjE4MzNkYWU4NmZkZGE2MmU0YjliMDllMjll
MDc4YTAwHhcNMjQwMTAyMDYzMTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWJhN2MwZWI1OWVhNmFkYmM3MjM3MTg4Y2FiNTE0ODY2MTljNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMDdLkfiwJC6TdE3l2+h7tTDe1qv
7lVtiF2pyYeEM19iNdS+ozWDyVgsH5QoS8nxa7fuVJMvtI6lsQMYgmqnGzNgC0/r
GE7YJNtjnJy0/yZeixGb9DkGWIcuLBwz2Z8Krv3IUq0wtJ0vYYek9gosOWFEuyOd
KOUW2LsuND38QXPNZLtvhJkKwWVoHPqzPpz2QD6ZorrApST50fcF2m+ZzdS0h9P+
m69gUnLHjPgZNtgn3ZNaPc60DZcFPqTF56zPF2MgZYedJR2Mwl4T60QUUjINBtw7
bNIEgH5QZHg5rduFCKQpmoZuac8DxFOYuZNiQTF0ODHKNHPY64Dr0ToivQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBq6fA61nqatvHI3GIyrUUhmGcULMB8GA1UdIwQY
MBaAFIOtKJYhgz2uhv3aYuS5sJ4p4HigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzYwb2xpR0RQYTZHX2RwaTVMbXduaW5nZUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9lMTg3MGYtOWNiNi00MzM5LWFhMzgt
MGFmNDIzMWRhNzlhLzEvR3JwOERyV2VwcTI4Y2pjWWpLdFJTR1laeFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9lMTg3MGYtOWNiNi00MzM5LWFhMzgtMGFmNDIzMWRhNzlh
LzEvZzYwb2xpR0RQYTZHX2RwaTVMbXduaW5nZUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDLuNYAwQC
uWI4AwQCuZDMAwQCuZLEAwQCwSJ0MA0GCSqGSIb3DQEBCwUAA4IBAQBADJWUiAkn
gFn08GYA0CkfMYGGC7YOiRKK7joF/bMModcw+YFXiQ1BdysAMLs2I4R6SdbsEV3v
uxfppn6B/h8Zk8MF2DZo2PJ7gz9Ao9K80DbeZBJUshDTEG4/sYUJJ97wvVh4q0ai
LQW+fYz7lCJiq9oyhaAVtTRZXiuPeBm18X/KV+lFMV5CL/L+E41PxWyubefDPhsV
8Kn1zCtjOhFzr1hTqdIAuH8poFBBsw7SFwf003VJpgB6GVPqdivxuKhFacXqVMtK
1OXoWVjFk+AnaerWUZ6lin+nVD8AYlCTmP/ZR1Rf8rwsgcFDlGZmJUo+LE7k/3JO
4DD00hhwa4Os
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:31 2025 by rpki-client