Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/9lmsFoEkS2tkKaAeGKQRawRDs5E.roa
File: 9lmsFoEkS2tkKaAeGKQRawRDs5E.roa (raw, json)
Hash identifier: UHH0VRk8dpgU4pcu2X60J5T/t2OJltDhiVKBfUoH+8k=
Subject key identifier: F6:59:AC:16:81:24:4B:6B:64:29:A0:1E:18:A4:11:6B:04:43:B3:91
Certificate issuer: /CN=13d59fd683e3570d63895530ceb9f2c84fefe0a3
Certificate serial: 018CC5DC0A387B19E3D9D9BFA72E8B5F0123
Authority key identifier: 13:D5:9F:D6:83:E3:57:0D:63:89:55:30:CE:B9:F2:C8:4F:EF:E0:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/9lmsFoEkS2tkKaAeGKQRawRDs5E.roa
Signing time: Mon 01 Jan 2024 16:29:41 +0000
ROA not before: Mon 01 Jan 2024 16:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38955
IP address blocks: 185.164.4.0/23 maxlen: 23
185.164.6.0/23 maxlen: 23
185.16.188.0/22 maxlen: 24
185.16.190.0/24 maxlen: 24
185.115.186.0/23 maxlen: 23
185.115.184.0/23 maxlen: 23
178.23.80.0/21 maxlen: 23
81.19.144.0/20 maxlen: 24
2a00:1a68::/32 maxlen: 34
2a0a:7c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 20 Feb 2024 06:22:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0a:38:7b:19:e3:d9:d9:bf:a7:2e:8b:5f:01:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d59fd683e3570d63895530ceb9f2c84fefe0a3
Validity
Not Before: Jan 1 16:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f659ac1681244b6b6429a01e18a4116b0443b391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:14:47:4b:ac:a7:92:78:ef:86:69:f0:d5:ed:
40:eb:b2:84:9b:c5:22:a2:5a:c5:6f:00:77:c3:38:
81:c8:4a:42:6b:20:48:e7:f0:76:58:5f:2e:62:8a:
28:3d:82:97:27:fa:c8:05:58:8f:df:eb:3f:dc:e0:
c5:a7:42:c2:b2:e8:6b:4d:e7:3f:59:6e:3e:ec:9e:
e7:12:33:4a:6c:6f:57:1b:39:ec:a3:0f:bd:97:f0:
38:50:a2:cd:a0:37:67:5c:86:90:c1:63:9a:64:6d:
ab:22:7a:ef:de:f1:06:a6:9a:25:d6:14:b5:27:92:
1d:7e:ad:48:d5:f0:1c:1f:16:b3:ec:77:c1:d4:65:
7c:34:a5:a8:47:a5:b1:d6:11:3b:2e:c7:2e:4c:c5:
1a:bf:79:62:18:fa:83:d1:56:bd:62:4a:dc:ed:43:
f5:9d:46:a0:07:0f:02:e3:b6:59:c1:db:58:73:ff:
ce:7b:e8:ba:e3:b3:a1:0f:d3:f0:d7:5d:80:7c:d9:
8d:e8:7d:cb:d1:f6:c5:49:6f:09:cc:5a:f2:b5:e8:
23:3e:d8:42:99:98:42:65:78:0f:c9:f4:68:02:60:
00:54:6b:41:55:09:ba:39:20:49:fc:fe:3c:e0:fd:
ca:08:23:10:e5:de:7d:eb:11:a8:5a:17:42:7e:e5:
aa:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:59:AC:16:81:24:4B:6B:64:29:A0:1E:18:A4:11:6B:04:43:B3:91
X509v3 Authority Key Identifier:
keyid:13:D5:9F:D6:83:E3:57:0D:63:89:55:30:CE:B9:F2:C8:4F:EF:E0:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/9lmsFoEkS2tkKaAeGKQRawRDs5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.144.0/20
178.23.80.0/21
185.16.188.0/22
185.115.184.0/22
185.164.4.0/22
IPv6:
2a00:1a68::/32
2a0a:7c00::/29
Signature Algorithm: sha256WithRSAEncryption
6e:38:f6:ad:08:fc:05:25:bd:2c:92:f6:bb:cf:16:77:55:cb:
6b:ff:36:01:f9:57:44:90:9a:4b:b1:93:de:39:3e:80:ab:71:
e0:34:58:8d:6e:d2:64:23:28:01:e3:f9:74:0a:56:86:70:94:
08:e6:7d:09:f7:b0:c3:96:a3:1b:13:be:a3:20:a6:c9:61:c6:
47:da:53:c9:71:7e:df:5f:d4:3b:89:a6:7b:0f:0c:2a:e0:aa:
6b:d1:c1:76:19:88:7c:c3:88:a3:0b:7b:25:d2:9b:63:fd:f3:
20:65:13:4b:2f:6e:d7:e7:ab:6f:17:6d:69:2a:48:53:6f:12:
a4:c2:8d:7b:b0:2e:13:f2:a3:34:02:50:aa:1f:78:7f:8d:cf:
5e:0c:35:68:01:7a:ac:9b:47:04:b1:17:4e:3b:34:36:b5:8f:
cc:aa:a0:74:9b:58:76:90:4c:4a:f4:b7:17:10:70:38:86:3c:
ef:d5:a9:78:d7:b1:f4:91:37:50:73:b0:3b:1e:e5:71:89:41:
f2:b7:6a:73:aa:d3:43:fd:a0:94:8e:3d:33:3e:f9:76:ed:2f:
70:a6:b6:3a:01:13:86:b0:a1:5e:10:82:f9:3e:e9:c3:24:20:
cd:9d:ae:21:b7:69:30:ab:c4:b3:b1:87:4b:da:aa:5c:8c:95:
4d:ad:e6:46
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzF3Ao4exnj2dm/py6LXwEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZDU5ZmQ2ODNlMzU3MGQ2Mzg5NTUzMGNlYjlmMmM4NGZl
ZmUwYTMwHhcNMjQwMTAxMTYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjU5YWMxNjgxMjQ0YjZiNjQyOWEwMWUxOGE0MTE2YjA0NDNiMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBRHS6ynknjvhmnw1e1A67KEm8Ui
olrFbwB3wziByEpCayBI5/B2WF8uYoooPYKXJ/rIBViP3+s/3ODFp0LCsuhrTec/
WW4+7J7nEjNKbG9XGznsow+9l/A4UKLNoDdnXIaQwWOaZG2rInrv3vEGppol1hS1
J5Idfq1I1fAcHxaz7HfB1GV8NKWoR6Wx1hE7LscuTMUav3liGPqD0Va9Ykrc7UP1
nUagBw8C47ZZwdtYc//Oe+i647OhD9Pw112AfNmN6H3L0fbFSW8JzFrytegjPthC
mZhCZXgPyfRoAmAAVGtBVQm6OSBJ/P484P3KCCMQ5d596xGoWhdCfuWq3wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPZZrBaBJEtrZCmgHhikEWsEQ7ORMB8GA1UdIwQY
MBaAFBPVn9aD41cNY4lVMM658shP7+CjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTlXZjFvUGpWdzFqaVZVd3pybnl5RV92NEtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80MTBlYWYtZjgyZC00N2ZmLTk5MjYt
MGIxYjMwODk1NjAyLzEvOWxtc0ZvRWtTMnRrS2FBZUdLUVJhd1JEczVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80MTBlYWYtZjgyZC00N2ZmLTk5MjYtMGIxYjMwODk1NjAy
LzEvRTlXZjFvUGpWdzFqaVZVd3pybnl5RV92NEtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQEUROQAwQD
shdQAwQCuRC8AwQCuXO4AwQCuaQEMBQEAgACMA4DBQAqABpoAwUDKgp8ADANBgkq
hkiG9w0BAQsFAAOCAQEAbjj2rQj8BSW9LJL2u88Wd1XLa/82AflXRJCaS7GT3jk+
gKtx4DRYjW7SZCMoAeP5dApWhnCUCOZ9Cfeww5ajGxO+oyCmyWHGR9pTyXF+31/U
O4mmew8MKuCqa9HBdhmIfMOIowt7JdKbY/3zIGUTSy9u1+erbxdtaSpIU28SpMKN
e7AuE/KjNAJQqh94f43PXgw1aAF6rJtHBLEXTjs0NrWPzKqgdJtYdpBMSvS3FxBw
OIY879WpeNex9JE3UHOwOx7lcYlB8rdqc6rTQ/2glI49Mz75du0vcKa2OgEThrCh
XhCC+T7pwyQgzZ2uIbdpMKvEs7GHS9qqXIyVTa3mRg==
-----END CERTIFICATE-----
Generated at Tue Feb 20 09:36:47 2024 by rpki-client on console-ams.rpki-client.org