Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/K-htJ5VmkZA1Gth4-3RasySyQ0s.roa
File: K-htJ5VmkZA1Gth4-3RasySyQ0s.roa (raw, json)
Hash identifier: bm/hncu4TvU71bU4xgMgtEgkY6OE89yYJ3KHuPOAf+k=
Subject key identifier: 2B:E8:6D:27:95:66:91:90:35:1A:D8:78:FB:74:5A:B3:24:B2:43:4B
Certificate issuer: /CN=621310302018a387c692146a35efd33a6ed6b1ef
Certificate serial: 0192282FB7557B79BC857E35D89FBEA681CA
Authority key identifier: 62:13:10:30:20:18:A3:87:C6:92:14:6A:35:EF:D3:3A:6E:D6:B1:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/K-htJ5VmkZA1Gth4-3RasySyQ0s.roa
Signing time: Wed 25 Sep 2024 07:57:48 +0000
ROA not before: Wed 25 Sep 2024 07:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.99.20.0/24 maxlen: 24
185.151.146.0/24 maxlen: 24
185.179.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 19:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:28:2f:b7:55:7b:79:bc:85:7e:35:d8:9f:be:a6:81:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=621310302018a387c692146a35efd33a6ed6b1ef
Validity
Not Before: Sep 25 07:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2be86d2795669190351ad878fb745ab324b2434b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:21:53:62:77:e8:dd:1d:5a:8d:05:56:6a:ed:
bf:3a:b9:8f:3a:c1:9f:4c:bf:30:b1:1c:6b:ea:35:
68:e4:65:95:71:8e:3e:97:2f:61:ae:02:bb:11:e0:
7e:59:32:cc:30:aa:7c:29:ab:4d:41:f9:eb:dd:43:
dc:dd:cf:9f:40:35:20:28:5a:40:6d:36:21:d2:67:
57:ba:33:c1:92:58:eb:c2:75:36:1f:ea:0a:91:5a:
06:d1:7d:e4:8d:c1:48:81:96:b5:14:88:8c:22:28:
c5:39:91:46:14:02:56:bd:f4:d4:e7:9e:f0:ac:96:
43:ba:93:12:6b:01:f3:87:92:be:4e:3b:ed:a2:b0:
1b:34:59:70:3c:ba:42:20:71:1c:e0:cc:25:b8:63:
86:ae:ac:7c:ae:e4:1f:2e:d3:8e:1f:44:ec:e6:45:
49:59:b7:8b:0f:af:5a:70:e7:c3:8a:38:29:e1:bf:
dc:34:dc:2d:96:a9:81:1a:28:1c:6f:f6:96:61:35:
54:59:c4:f9:e1:ad:29:b7:88:da:49:49:74:82:14:
72:ba:42:99:7f:3d:79:e5:d9:a7:d8:53:12:87:2e:
2a:90:be:e0:1a:e2:c1:7e:67:45:66:de:eb:97:ee:
09:3d:3e:de:80:1b:5a:9b:f0:ee:38:e9:a2:73:d1:
c9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E8:6D:27:95:66:91:90:35:1A:D8:78:FB:74:5A:B3:24:B2:43:4B
X509v3 Authority Key Identifier:
keyid:62:13:10:30:20:18:A3:87:C6:92:14:6A:35:EF:D3:3A:6E:D6:B1:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/K-htJ5VmkZA1Gth4-3RasySyQ0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/YhMQMCAYo4fGkhRqNe_TOm7Wse8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.20.0/24
185.151.146.0/24
185.179.91.0/24
Signature Algorithm: sha256WithRSAEncryption
78:c7:78:bd:43:eb:a9:74:d9:98:0e:a2:24:8f:93:7e:81:dc:
03:75:8a:10:ce:d6:2a:01:31:20:f3:1a:75:46:0d:f6:0d:cd:
b9:b6:a4:6e:c3:a2:6e:ba:b8:45:fb:3a:73:60:99:90:a8:0a:
c3:7d:9f:9f:1e:85:1e:1e:07:6a:bb:e9:cf:7c:e5:b5:39:05:
bd:fb:21:00:62:cd:ef:ea:d8:5d:8c:d2:a4:19:94:89:33:5e:
85:22:66:58:91:06:18:ff:dd:78:eb:61:84:5d:ed:f0:8c:45:
08:54:6d:70:d2:c4:f2:fd:44:56:6c:5b:e2:05:38:8d:e1:cf:
47:d7:d4:c8:8b:cf:73:6c:ab:40:46:c1:fd:57:c0:0b:6d:34:
65:de:28:5f:3d:9d:bd:af:3b:ad:15:53:63:d8:f2:fb:b8:a8:
93:9a:3a:39:87:dd:d3:bf:6f:43:da:89:d1:5c:ae:d4:b8:4b:
41:e0:c8:cd:1c:55:b5:1f:15:14:71:35:60:b4:a6:51:5f:be:
d7:bd:1e:e2:f5:28:8c:92:33:27:a3:c4:ed:1d:b5:5b:2a:ae:
ca:97:ef:60:30:9d:0b:ab:1b:d3:6d:8e:97:5d:cb:bb:ac:10:
a3:21:74:39:03:4f:b2:e1:16:60:7b:63:2e:45:32:42:63:f7:
55:13:1a:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIoL7dVe3m8hX412J++poHKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTMxMDMwMjAxOGEzODdjNjkyMTQ2YTM1ZWZkMzNhNmVk
NmIxZWYwHhcNMjQwOTI1MDc1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmU4NmQyNzk1NjY5MTkwMzUxYWQ4NzhmYjc0NWFiMzI0YjI0MzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SFTYnfo3R1ajQVWau2/OrmPOsGf
TL8wsRxr6jVo5GWVcY4+ly9hrgK7EeB+WTLMMKp8KatNQfnr3UPc3c+fQDUgKFpA
bTYh0mdXujPBkljrwnU2H+oKkVoG0X3kjcFIgZa1FIiMIijFOZFGFAJWvfTU557w
rJZDupMSawHzh5K+TjvtorAbNFlwPLpCIHEc4MwluGOGrqx8ruQfLtOOH0Ts5kVJ
WbeLD69acOfDijgp4b/cNNwtlqmBGigcb/aWYTVUWcT54a0pt4jaSUl0ghRyukKZ
fz155dmn2FMShy4qkL7gGuLBfmdFZt7rl+4JPT7egBtam/DuOOmic9HJjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCvobSeVZpGQNRrYePt0WrMkskNLMB8GA1UdIwQY
MBaAFGITEDAgGKOHxpIUajXv0zpu1rHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhNUU1DQVlvNGZHa2hScU5lX1RPbTdXc2U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9mNThhYzgtNTNlOS00Y2E2LWFjYjIt
YmU1N2Q3ZGZhMGRlLzEvSy1odEo1Vm1rWkExR3RoNC0zUmFzeVN5UTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9mNThhYzgtNTNlOS00Y2E2LWFjYjItYmU1N2Q3ZGZhMGRl
LzEvWWhNUU1DQVlvNGZHa2hScU5lX1RPbTdXc2U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuWMUAwQA
uZeSAwQAubNbMA0GCSqGSIb3DQEBCwUAA4IBAQB4x3i9Q+updNmYDqIkj5N+gdwD
dYoQztYqATEg8xp1Rg32Dc25tqRuw6JuurhF+zpzYJmQqArDfZ+fHoUeHgdqu+nP
fOW1OQW9+yEAYs3v6thdjNKkGZSJM16FImZYkQYY/91462GEXe3wjEUIVG1w0sTy
/URWbFviBTiN4c9H19TIi89zbKtARsH9V8ALbTRl3ihfPZ29rzutFVNj2PL7uKiT
mjo5h93Tv29D2onRXK7UuEtB4MjNHFW1HxUUcTVgtKZRX77XvR7i9SiMkjMno8Tt
HbVbKq7Kl+9gMJ0LqxvTbY6XXcu7rBCjIXQ5A0+y4RZge2MuRTJCY/dVExpP
Generated at Wed Sep 25 20:37:39 2024 by rpki-client on console-fra.rpki-client.org