Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/qpywmR3U9f7u1p5axCQG3nopIkk.roa
File: qpywmR3U9f7u1p5axCQG3nopIkk.roa (raw, json)
Hash identifier: 9Sm1a9TwzarH0WeTuw9Mu8TwHyQa59xNqmkXREii+Z0=
Subject key identifier: AA:9C:B0:99:1D:D4:F5:FE:EE:D6:9E:5A:C4:24:06:DE:7A:29:22:49
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 018D35F789E9DD10E08EFF07EBFF1C7724DE
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/qpywmR3U9f7u1p5axCQG3nopIkk.roa
Signing time: Tue 23 Jan 2024 10:57:11 +0000
ROA not before: Tue 23 Jan 2024 10:57:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.109.134.0/24 maxlen: 24
185.146.152.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
2a07:4f80:10::/44 maxlen: 44
2a07:4f80:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 Jan 2024 03:13:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:f7:89:e9:dd:10:e0:8e:ff:07:eb:ff:1c:77:24:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Jan 23 10:57:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa9cb0991dd4f5feeed69e5ac42406de7a292249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:39:f4:6a:a5:48:67:f3:4b:ae:37:82:eb:7b:
28:16:cf:ba:f4:95:7d:0a:f8:c1:5f:b7:40:7e:f2:
f0:0e:eb:a3:8f:05:c5:98:ec:a3:14:5f:a8:2a:f0:
15:6f:1b:ce:54:c4:3f:03:85:49:a9:b4:07:f2:ce:
8a:2a:d8:29:c3:09:ae:df:0c:44:c8:43:ee:4b:ea:
d2:02:76:0c:07:52:55:64:c7:ed:01:25:8a:85:9b:
8f:5a:19:81:0b:e5:bc:97:3c:75:bd:2b:8c:7b:40:
02:c0:0a:32:0e:bf:06:2a:11:16:a9:fa:f9:58:17:
74:97:12:5c:13:90:03:ff:a6:8e:97:a1:4b:33:c2:
f6:2c:2d:dc:4a:17:e2:f0:49:3b:58:a0:d5:85:7d:
ef:33:74:7c:31:89:92:ee:88:9c:89:d7:0e:87:9a:
ec:d3:3c:12:18:fa:f5:6f:8b:4b:37:97:cb:c1:f7:
4f:ba:74:71:c4:f9:6e:fb:59:3d:0d:94:ac:ae:7c:
d9:bf:d1:ef:09:da:e5:6d:74:ab:35:44:20:f5:81:
41:aa:f6:d1:54:f3:10:ce:75:e0:b7:06:33:4c:a8:
84:07:7b:3c:45:ab:a0:ae:42:a0:bb:69:5e:17:b0:
1f:f1:5c:90:5a:e6:5b:7c:1b:3a:82:91:9d:dd:55:
44:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:9C:B0:99:1D:D4:F5:FE:EE:D6:9E:5A:C4:24:06:DE:7A:29:22:49
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/qpywmR3U9f7u1p5axCQG3nopIkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.134.0/24
185.146.152.0/24
185.146.154.0/23
IPv6:
2a07:4f80::-2a07:4f80:20:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
51:41:06:2f:b5:f9:4b:6a:ad:c8:d5:1a:fb:e2:c6:8b:f8:ac:
3c:5f:26:0c:be:4f:08:90:32:a2:f0:1a:a2:92:2f:c2:28:12:
ef:02:db:8e:b4:33:d4:36:7c:82:b6:04:2b:9d:2d:d8:f4:32:
f4:5a:69:8a:b0:af:a1:d6:d1:9a:52:d5:af:ea:a5:d6:05:1d:
76:3e:47:5c:a9:a9:d3:d2:70:45:fd:47:3c:0e:ca:35:ad:8c:
89:76:81:f7:6b:3f:57:7a:b5:5f:a5:9c:d5:b6:2d:4c:fc:8a:
cc:19:6d:5d:86:9d:63:ac:4d:cc:de:af:c4:85:51:84:55:23:
3e:08:86:bd:78:85:c3:b5:62:6e:a9:58:5c:9d:42:bb:09:fa:
8e:10:c4:ab:11:c5:e6:2b:74:45:96:41:d2:34:a7:b0:bc:a0:
0a:8a:55:f2:4f:8a:4b:54:9d:7f:e2:ec:12:89:7d:9c:10:90:
dc:f8:79:5a:ef:f5:25:8c:c7:b8:03:cb:85:53:3c:f3:ed:7f:
2e:98:96:bb:3c:9f:21:c2:3b:a4:3d:ab:c0:6a:97:df:05:f5:
1a:ab:36:c9:23:29:06:70:30:80:4c:0a:3c:7a:ea:c9:d5:98:
e4:4a:14:48:4b:54:7a:c6:4e:20:a2:fd:ef:4e:91:3f:36:b7:
79:47:ae:42
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY0194np3RDgjv8H6/8cdyTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjQwMTIzMTA1NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTljYjA5OTFkZDRmNWZlZWVkNjllNWFjNDI0MDZkZTdhMjkyMjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Tn0aqVIZ/NLrjeC63soFs+69JV9
CvjBX7dAfvLwDuujjwXFmOyjFF+oKvAVbxvOVMQ/A4VJqbQH8s6KKtgpwwmu3wxE
yEPuS+rSAnYMB1JVZMftASWKhZuPWhmBC+W8lzx1vSuMe0ACwAoyDr8GKhEWqfr5
WBd0lxJcE5AD/6aOl6FLM8L2LC3cShfi8Ek7WKDVhX3vM3R8MYmS7oicidcOh5rs
0zwSGPr1b4tLN5fLwfdPunRxxPlu+1k9DZSsrnzZv9HvCdrlbXSrNUQg9YFBqvbR
VPMQznXgtwYzTKiEB3s8RaugrkKgu2leF7Af8VyQWuZbfBs6gpGd3VVE6wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKqcsJkd1PX+7taeWsQkBt56KSJJMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvcXB5d21SM1U5Zjd1MXA1YXhDUUczbm9wSWtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAuW2GAwQA
uZKYAwQBuZKaMBgEAgACMBIwEAMFByoHT4ADBwAqB0+AACAwDQYJKoZIhvcNAQEL
BQADggEBAFFBBi+1+UtqrcjVGvvixov4rDxfJgy+TwiQMqLwGqKSL8IoEu8C2460
M9Q2fIK2BCudLdj0MvRaaYqwr6HW0ZpS1a/qpdYFHXY+R1ypqdPScEX9RzwOyjWt
jIl2gfdrP1d6tV+lnNW2LUz8iswZbV2GnWOsTczer8SFUYRVIz4Ihr14hcO1Ym6p
WFydQrsJ+o4QxKsRxeYrdEWWQdI0p7C8oAqKVfJPiktUnX/i7BKJfZwQkNz4eVrv
9SWMx7gDy4VTPPPtfy6Ylrs8nyHCO6Q9q8Bql98F9RqrNskjKQZwMIBMCjx66snV
mORKFEhLVHrGTiCi/e9OkT82t3lHrkI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:09 2024 by rpki-client on console-fra.rpki-client.org