Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/gTnYpFk6N-HZU2lFC5ntaLgWMAE.roa
File: gTnYpFk6N-HZU2lFC5ntaLgWMAE.roa (raw, json)
Hash identifier: 6KFsPhEfoa212tt7cAY2qx6UgvkaMKBl6wYDy5ALicA=
Subject key identifier: 81:39:D8:A4:59:3A:37:E1:D9:53:69:45:0B:99:ED:68:B8:16:30:01
Certificate issuer: /CN=229fb0fb3d278e1b280a777de200efbd08baac30
Certificate serial: 01882E8D54AAA5D6015F61D1EB01AFDCB60E
Authority key identifier: 22:9F:B0:FB:3D:27:8E:1B:28:0A:77:7D:E2:00:EF:BD:08:BA:AC:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ip-w-z0njhsoCnd94gDvvQi6rDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/gTnYpFk6N-HZU2lFC5ntaLgWMAE.roa
Signing time: Thu 18 May 2023 11:09:54 +0000
ROA not before: Thu 18 May 2023 11:09:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206927
IP address blocks: 185.171.176.0/24 maxlen: 24
185.171.178.0/24 maxlen: 24
185.171.177.0/24 maxlen: 24
2a0a:e100::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 18 May 2023 11:38:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2e:8d:54:aa:a5:d6:01:5f:61:d1:eb:01:af:dc:b6:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=229fb0fb3d278e1b280a777de200efbd08baac30
Validity
Not Before: May 18 11:09:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8139d8a4593a37e1d95369450b99ed68b8163001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c7:b9:91:4b:6a:22:15:5b:a1:3a:c6:79:93:
92:b5:7b:77:f7:46:3e:97:6b:b8:4a:64:67:ff:76:
30:7e:be:d7:72:a2:a2:51:79:c4:62:38:02:84:b2:
db:e1:84:1a:59:de:93:10:bb:1d:f9:02:47:92:02:
cc:42:ce:2f:1c:8b:0e:7a:5c:82:c0:81:58:f4:bc:
8c:72:58:f8:cd:17:a5:42:3b:2e:95:39:7b:b8:aa:
e3:23:3c:4f:70:76:57:c5:b4:2c:48:8a:5c:0d:bf:
50:d7:d7:e8:43:3a:7d:e0:7a:49:0d:e8:66:09:e8:
89:33:a1:d5:94:2e:df:88:8a:c4:92:59:16:a8:90:
6b:01:72:9b:89:72:db:e0:b8:0e:7c:ee:ba:54:a9:
79:0a:ae:a8:95:dc:fb:c2:7f:ee:c1:1d:18:d0:0a:
4b:9a:65:82:74:c1:4a:89:e4:cf:94:55:e2:a6:7a:
fe:96:32:ee:fc:10:11:60:75:8e:87:43:70:7f:c8:
97:38:19:6b:f9:3e:0b:fd:d7:d0:a2:f8:43:69:5b:
14:6f:fc:8f:55:47:74:67:35:5c:61:24:a1:c0:59:
82:49:97:10:b5:ab:15:55:fc:8e:95:0a:fa:24:1f:
51:fa:34:7f:89:3f:ff:5c:a0:1b:ba:dc:8d:f8:e0:
27:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:39:D8:A4:59:3A:37:E1:D9:53:69:45:0B:99:ED:68:B8:16:30:01
X509v3 Authority Key Identifier:
keyid:22:9F:B0:FB:3D:27:8E:1B:28:0A:77:7D:E2:00:EF:BD:08:BA:AC:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ip-w-z0njhsoCnd94gDvvQi6rDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/gTnYpFk6N-HZU2lFC5ntaLgWMAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/6c54a9-9fe5-4893-9da7-7b986633ac5e/1/Ip-w-z0njhsoCnd94gDvvQi6rDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.176.0-185.171.178.255
IPv6:
2a0a:e100::/29
Signature Algorithm: sha256WithRSAEncryption
b2:25:c2:d5:ff:ff:2a:ae:35:1b:bc:bd:54:33:21:ef:99:a3:
2e:a1:e9:90:8f:5b:d3:c4:4f:30:d3:54:32:3a:02:2a:e6:44:
ff:28:3c:a6:73:8c:15:55:08:c4:96:f2:a5:67:9c:df:ad:a8:
a4:f1:43:d7:db:6a:ae:b1:7d:0b:40:bd:d4:f3:ec:82:d4:ba:
60:ed:c5:9d:17:aa:bf:5d:64:a5:b9:29:1b:35:a5:6e:5e:67:
f6:e4:d7:07:e5:40:62:e0:d2:ef:19:a9:41:73:5e:54:67:41:
43:e6:b5:4e:fb:43:49:d2:72:d3:38:5e:3d:bd:31:a9:f0:88:
45:7d:5b:2f:24:48:d2:ee:5a:e6:8a:2a:ca:dd:a0:06:92:b6:
e6:65:e9:26:05:b1:38:46:24:73:cb:d6:47:e8:29:4c:72:df:
f8:2f:8b:d7:d2:7d:56:61:10:01:61:0c:8e:b1:99:1e:20:42:
8a:d4:8a:ce:61:01:7d:e4:4f:46:51:d9:6d:cd:36:33:da:13:
34:bc:d1:13:c5:75:60:1d:c2:60:bf:a6:57:0e:db:d2:2a:67:
eb:aa:6b:b8:04:fb:3e:30:ca:eb:88:3b:8e:f3:db:55:84:76:
4b:bf:1f:84:6c:3b:58:78:14:f1:3d:9c:bc:8c:b6:c6:54:e6:
ad:87:af:13
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYgujVSqpdYBX2HR6wGv3LYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyOWZiMGZiM2QyNzhlMWIyODBhNzc3ZGUyMDBlZmJkMDhi
YWFjMzAwHhcNMjMwNTE4MTEwOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTM5ZDhhNDU5M2EzN2UxZDk1MzY5NDUwYjk5ZWQ2OGI4MTYzMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMe5kUtqIhVboTrGeZOStXt390Y+
l2u4SmRn/3Ywfr7XcqKiUXnEYjgChLLb4YQaWd6TELsd+QJHkgLMQs4vHIsOelyC
wIFY9LyMclj4zRelQjsulTl7uKrjIzxPcHZXxbQsSIpcDb9Q19foQzp94HpJDehm
CeiJM6HVlC7fiIrEklkWqJBrAXKbiXLb4LgOfO66VKl5Cq6oldz7wn/uwR0Y0ApL
mmWCdMFKieTPlFXipnr+ljLu/BARYHWOh0Nwf8iXOBlr+T4L/dfQovhDaVsUb/yP
VUd0ZzVcYSShwFmCSZcQtasVVfyOlQr6JB9R+jR/iT//XKAbutyN+OAnmwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIE52KRZOjfh2VNpRQuZ7Wi4FjABMB8GA1UdIwQY
MBaAFCKfsPs9J44bKAp3feIA770IuqwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXAtdy16MG5qaHNvQ25kOTRnRHZ2UWk2ckRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS82YzU0YTktOWZlNS00ODkzLTlkYTct
N2I5ODY2MzNhYzVlLzEvZ1RuWXBGazZOLUhaVTJsRkM1bnRhTGdXTUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS82YzU0YTktOWZlNS00ODkzLTlkYTctN2I5ODY2MzNhYzVl
LzEvSXAtdy16MG5qaHNvQ25kOTRnRHZ2UWk2ckRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAS5q7AD
BAC5q7IwDQQCAAIwBwMFAyoK4QAwDQYJKoZIhvcNAQELBQADggEBALIlwtX//yqu
NRu8vVQzIe+Zoy6h6ZCPW9PETzDTVDI6AirmRP8oPKZzjBVVCMSW8qVnnN+tqKTx
Q9fbaq6xfQtAvdTz7ILUumDtxZ0Xqr9dZKW5KRs1pW5eZ/bk1wflQGLg0u8ZqUFz
XlRnQUPmtU77Q0nSctM4Xj29ManwiEV9Wy8kSNLuWuaKKsrdoAaStuZl6SYFsThG
JHPL1kfoKUxy3/gvi9fSfVZhEAFhDI6xmR4gQorUis5hAX3kT0ZR2W3NNjPaEzS8
0RPFdWAdwmC/plcO29IqZ+uqa7gE+z4wyuuIO47z21WEdku/H4RsO1h4FPE9nLyM
tsZU5q2HrxM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:20 2024 by rpki-client on console-ams.rpki-client.org