Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/R7at6yo8kR5DqykNm-muPNGl5kU.roa
File: R7at6yo8kR5DqykNm-muPNGl5kU.roa (raw, json)
Hash identifier: JvxL+P8h/RSTRicvC6iA8TT9VUeerpGsACdnGURJpyA=
Subject key identifier: 47:B6:AD:EB:2A:3C:91:1E:43:AB:29:0D:9B:E9:AE:3C:D1:A5:E6:45
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 018CC8014D32EFC1DAA7BBEF6865C2ACAB41
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/R7at6yo8kR5DqykNm-muPNGl5kU.roa
Signing time: Tue 02 Jan 2024 02:29:37 +0000
ROA not before: Tue 02 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.146.152.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
2a07:4f80:10::/44 maxlen: 44
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
2a07:4f80:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Jan 2024 10:57:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:4d:32:ef:c1:da:a7:bb:ef:68:65:c2:ac:ab:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Jan 2 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47b6adeb2a3c911e43ab290d9be9ae3cd1a5e645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d4:88:a9:26:9c:ad:f4:08:ce:64:70:cd:ef:
b7:b7:c2:dd:8f:23:09:34:7b:2b:01:ec:84:1f:8e:
10:ed:7d:a4:5c:79:d8:99:b1:89:ed:13:e9:37:81:
f3:29:1a:4e:b2:0f:14:57:21:f9:c2:75:da:d3:44:
a9:28:f4:15:b7:3a:8a:23:5c:e5:65:5c:10:c7:8d:
7a:a8:67:4a:e3:a4:99:2b:3e:6c:6c:c3:56:c2:d5:
6a:81:06:2a:9c:98:47:ce:4e:9c:83:36:17:7a:56:
69:6d:e0:95:54:5c:e1:70:f6:37:eb:d3:01:7f:98:
09:57:54:75:df:76:0b:6a:eb:a5:ed:e6:42:a9:e9:
1f:ac:38:55:7f:d4:98:6a:d4:ff:fe:a6:81:db:6e:
01:38:4b:90:9d:6f:0e:97:bc:53:f7:70:7f:3a:fc:
62:51:c6:86:6a:11:a6:b7:f4:19:01:e1:37:49:0b:
5e:c3:47:49:57:4d:31:f0:99:37:f3:2b:ca:0d:0c:
1b:2e:3a:3f:77:e0:89:d2:14:9c:6c:10:db:e1:13:
c0:34:13:34:19:89:d5:3a:4c:b5:ea:99:57:75:82:
da:ea:8a:b9:62:df:3d:7c:5c:6b:89:b7:c9:c0:cf:
39:95:f2:35:2c:d9:d8:7f:ce:1c:ce:c7:69:41:1d:
41:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B6:AD:EB:2A:3C:91:1E:43:AB:29:0D:9B:E9:AE:3C:D1:A5:E6:45
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/R7at6yo8kR5DqykNm-muPNGl5kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.152.0/24
185.146.154.0/23
IPv6:
2a07:4f80::-2a07:4f80:20:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7d:58:c9:e9:6a:03:27:b8:39:24:58:f9:3b:35:c1:9d:2b:fa:
66:f7:66:5b:93:af:22:c7:fe:14:10:b0:24:e7:c2:26:a1:fd:
99:8b:f7:cc:c3:6f:96:a5:f3:28:29:9f:29:e4:e8:6d:1c:d5:
b0:d4:1b:69:f4:f2:9d:92:fb:0a:55:81:95:0a:17:90:d3:82:
b9:2f:23:30:c3:7e:b3:a1:40:13:47:87:07:66:7f:01:e7:75:
49:af:c8:63:18:43:a9:c7:e8:64:1f:ff:4b:f5:a2:fc:7c:a8:
34:82:73:1f:76:5e:df:84:de:b3:4f:db:c1:49:cc:06:82:a8:
1c:e3:1e:58:14:fd:ce:95:17:d1:ca:21:03:c8:ae:b8:07:cf:
a2:e9:d0:37:1d:78:a3:82:1c:12:6d:26:9e:70:b8:2c:e9:54:
df:a1:d3:27:2a:c3:e4:55:b4:fb:53:b0:10:a2:45:b8:32:32:
30:8c:a5:a8:4d:bc:b8:6e:1d:4e:bc:99:74:6f:2d:aa:fe:7f:
30:a0:9d:87:d1:3a:82:a7:e8:a6:71:31:fb:b9:66:e3:93:10:
1e:0f:ce:af:ff:6e:4a:e1:8a:d3:b4:1a:61:09:4a:20:db:99:
3c:11:55:b7:d9:46:00:2a:ef:4a:88:a2:8b:52:a1:cf:3d:8a:
da:2e:82:96
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzIAU0y78Hap7vvaGXCrKtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjQwMTAyMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2I2YWRlYjJhM2M5MTFlNDNhYjI5MGQ5YmU5YWUzY2QxYTVlNjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9SIqSacrfQIzmRwze+3t8LdjyMJ
NHsrAeyEH44Q7X2kXHnYmbGJ7RPpN4HzKRpOsg8UVyH5wnXa00SpKPQVtzqKI1zl
ZVwQx416qGdK46SZKz5sbMNWwtVqgQYqnJhHzk6cgzYXelZpbeCVVFzhcPY369MB
f5gJV1R133YLauul7eZCqekfrDhVf9SYatT//qaB224BOEuQnW8Ol7xT93B/Ovxi
UcaGahGmt/QZAeE3SQtew0dJV00x8Jk38yvKDQwbLjo/d+CJ0hScbBDb4RPANBM0
GYnVOky16plXdYLa6oq5Yt89fFxribfJwM85lfI1LNnYf84czsdpQR1BNQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEe2resqPJEeQ6spDZvprjzRpeZFMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvUjdhdDZ5bzhrUjVEcXlrTm0tbXVQTkdsNWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuZKYAwQB
uZKaMBgEAgACMBIwEAMFByoHT4ADBwAqB0+AACAwDQYJKoZIhvcNAQELBQADggEB
AH1YyelqAye4OSRY+Ts1wZ0r+mb3ZluTryLH/hQQsCTnwiah/ZmL98zDb5al8ygp
nynk6G0c1bDUG2n08p2S+wpVgZUKF5DTgrkvIzDDfrOhQBNHhwdmfwHndUmvyGMY
Q6nH6GQf/0v1ovx8qDSCcx92Xt+E3rNP28FJzAaCqBzjHlgU/c6VF9HKIQPIrrgH
z6Lp0DcdeKOCHBJtJp5wuCzpVN+h0ycqw+RVtPtTsBCiRbgyMjCMpahNvLhuHU68
mXRvLar+fzCgnYfROoKn6KZxMfu5ZuOTEB4Pzq//bkrhitO0GmEJSiDbmTwRVbfZ
RgAq70qIootSoc89itougpY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:09 2024 by rpki-client on console-fra.rpki-client.org