Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/K9AftsgpLVJt0AEAdMWbPMkmY4o.roa
File: K9AftsgpLVJt0AEAdMWbPMkmY4o.roa (raw, json)
Hash identifier: mOA92tuOiSfCWau373hKM/D+ccGr0vl8ZNzySQt05+4=
Subject key identifier: 2B:D0:1F:B6:C8:29:2D:52:6D:D0:01:00:74:C5:9B:3C:C9:26:63:8A
Certificate issuer: /CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Certificate serial: 01856CAF1663A3BBFF88465BB60B3EF17F56
Authority key identifier: 09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/K9AftsgpLVJt0AEAdMWbPMkmY4o.roa
Signing time: Sun 01 Jan 2023 09:34:51 +0000
ROA not before: Sun 01 Jan 2023 09:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42926
IP address blocks: 194.110.171.0/24 maxlen: 24
194.110.170.0/24 maxlen: 24
194.110.168.0/24 maxlen: 24
185.84.183.0/24 maxlen: 24
185.84.182.0/24 maxlen: 24
185.84.181.0/24 maxlen: 24
185.84.180.0/24 maxlen: 24
2a05:a740::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 11 Apr 2023 07:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:16:63:a3:bb:ff:88:46:5b:b6:0b:3e:f1:7f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Validity
Not Before: Jan 1 09:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bd01fb6c8292d526dd0010074c59b3cc926638a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:61:07:81:4b:d8:37:96:bb:92:ff:3b:90:0b:
93:a9:dc:00:8b:ed:e0:87:d2:eb:62:e7:fe:e1:3d:
63:10:85:10:f5:a6:c2:14:f4:15:0c:23:d5:e2:e0:
20:41:e2:7d:54:71:ac:97:6b:95:80:eb:50:29:f4:
84:c6:e9:14:23:09:8f:4a:7e:38:a7:33:fb:35:e7:
60:53:c7:b3:14:29:eb:20:fd:7e:58:96:ab:b9:40:
43:9f:ed:44:a1:f9:a0:91:f6:b8:67:46:3a:d0:ec:
e5:1e:1d:d8:3e:13:ec:97:f3:8a:b0:c2:57:76:44:
af:be:70:25:a0:f2:c2:d6:5f:2d:cb:a1:1b:ad:7b:
72:25:16:a7:32:e2:2b:75:61:9f:49:15:43:76:72:
d0:1b:0c:ed:fe:65:d3:d6:31:56:12:05:ea:27:e1:
cb:60:ae:dc:57:03:bd:58:8d:df:20:c0:16:4e:78:
00:66:29:0d:73:91:f4:d1:52:6b:96:52:84:a1:7e:
de:0d:6f:2e:ff:52:d5:ad:60:e2:7e:a4:16:98:65:
c0:5b:2c:64:0a:fb:fc:a8:83:1b:84:f1:5d:f4:86:
ba:c2:3b:8d:44:9e:97:b1:ed:43:54:27:d6:07:18:
aa:a5:a2:2c:f2:6d:c9:42:c5:f9:f9:7f:68:df:60:
50:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D0:1F:B6:C8:29:2D:52:6D:D0:01:00:74:C5:9B:3C:C9:26:63:8A
X509v3 Authority Key Identifier:
keyid:09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/K9AftsgpLVJt0AEAdMWbPMkmY4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/CSU4hqAlCgTsab4Au_hDPC8BS3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.180.0/22
194.110.168.0/24
194.110.170.0/23
IPv6:
2a05:a740::/29
Signature Algorithm: sha256WithRSAEncryption
7f:4a:2f:07:36:74:1e:af:5d:17:d1:9a:dc:5b:84:86:8f:4b:
b5:91:77:ab:47:64:6a:64:d7:a8:f7:16:92:c1:08:74:51:1f:
fe:fa:a7:6b:2e:ca:47:1a:ad:18:e7:10:45:d8:6b:49:e6:f8:
42:33:2e:92:e8:3b:28:1f:9d:f8:a6:4c:97:69:91:c7:0c:d6:
c8:a4:2c:e8:17:c6:bd:bb:ce:bb:44:56:93:27:c8:f7:e8:f4:
45:9b:c5:94:fb:7f:b7:56:da:64:11:e5:c3:81:97:76:1e:00:
6a:1b:ae:63:e5:bf:a3:a3:e4:bd:c6:4c:f6:bd:ab:94:b8:0e:
c0:dd:0d:bc:db:3e:58:10:e5:26:c2:61:4c:8b:f6:26:17:d0:
99:0a:8f:2e:00:a9:57:eb:84:30:45:7f:8e:55:0b:b1:84:8e:
f9:a2:5f:a7:55:85:04:c9:f4:6b:e7:12:90:45:bf:6b:5e:4e:
c8:51:33:cf:50:0a:29:42:12:a9:4c:d6:52:90:43:d0:5e:75:
b1:cf:2c:3c:7b:d8:d9:1f:50:23:da:a0:75:88:15:3c:b5:8a:
10:bf:22:f4:93:bf:a9:26:f9:4e:1b:ea:7f:59:20:5a:9f:69:
ee:1e:b3:2f:72:af:e2:dd:38:66:92:fc:27:eb:c4:e2:6b:e8:
cf:96:23:4c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsrxZjo7v/iEZbtgs+8X9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MjUzODg2YTAyNTBhMDRlYzY5YmUwMGJiZjg0MzNjMmYw
MTRiN2MwHhcNMjMwMTAxMDkzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQwMWZiNmM4MjkyZDUyNmRkMDAxMDA3NGM1OWIzY2M5MjY2MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2EHgUvYN5a7kv87kAuTqdwAi+3g
h9LrYuf+4T1jEIUQ9abCFPQVDCPV4uAgQeJ9VHGsl2uVgOtQKfSExukUIwmPSn44
pzP7NedgU8ezFCnrIP1+WJaruUBDn+1Eofmgkfa4Z0Y60OzlHh3YPhPsl/OKsMJX
dkSvvnAloPLC1l8ty6EbrXtyJRanMuIrdWGfSRVDdnLQGwzt/mXT1jFWEgXqJ+HL
YK7cVwO9WI3fIMAWTngAZikNc5H00VJrllKEoX7eDW8u/1LVrWDifqQWmGXAWyxk
Cvv8qIMbhPFd9Ia6wjuNRJ6Xse1DVCfWBxiqpaIs8m3JQsX5+X9o32BQxQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCvQH7bIKS1SbdABAHTFmzzJJmOKMB8GA1UdIwQY
MBaAFAklOIagJQoE7Gm+ALv4QzwvAUt8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAt
MTE0YWQ0MWNmMzMxLzEvSzlBZnRzZ3BMVkp0MEFFQWRNV2JQTWttWTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAtMTE0YWQ0MWNmMzMx
LzEvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVS0AwQA
wm6oAwQBwm6qMA0EAgACMAcDBQMqBadAMA0GCSqGSIb3DQEBCwUAA4IBAQB/Si8H
NnQer10X0ZrcW4SGj0u1kXerR2RqZNeo9xaSwQh0UR/++qdrLspHGq0Y5xBF2GtJ
5vhCMy6S6DsoH534pkyXaZHHDNbIpCzoF8a9u867RFaTJ8j36PRFm8WU+3+3Vtpk
EeXDgZd2HgBqG65j5b+jo+S9xkz2vauUuA7A3Q282z5YEOUmwmFMi/YmF9CZCo8u
AKlX64QwRX+OVQuxhI75ol+nVYUEyfRr5xKQRb9rXk7IUTPPUAopQhKpTNZSkEPQ
XnWxzyw8e9jZH1Aj2qB1iBU8tYoQvyL0k7+pJvlOG+p/WSBan2nuHrMvcq/i3Thm
kvwn68Tia+jPliNM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:44 2024 by rpki-client on console-fra.rpki-client.org