Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/54RwAJdQ75Cme86jqc2leWwVen4.roa
File: 54RwAJdQ75Cme86jqc2leWwVen4.roa (raw, json)
Hash identifier: rY34I3uPHfx+Npv6KaGeZ9kQqeHx8YOKrm6dpOj0aEk=
Subject key identifier: E7:84:70:00:97:50:EF:90:A6:7B:CE:A3:A9:CD:A5:79:6C:15:7A:7E
Certificate issuer: /CN=a184409e5c183bbcc31535f4c7eee4782cd67be3
Certificate serial: 01856FCBB398B62805E240CA52A06CA088F2
Authority key identifier: A1:84:40:9E:5C:18:3B:BC:C3:15:35:F4:C7:EE:E4:78:2C:D6:7B:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYRAnlwYO7zDFTX0x-7keCzWe-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/54RwAJdQ75Cme86jqc2leWwVen4.roa
Signing time: Mon 02 Jan 2023 00:04:58 +0000
ROA not before: Mon 02 Jan 2023 00:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203216
IP address blocks: 185.137.88.0/22 maxlen: 24
185.137.88.0/24 maxlen: 24
185.137.91.0/24 maxlen: 24
185.137.90.0/24 maxlen: 24
185.137.89.0/24 maxlen: 24
2a07:3300::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Apr 2023 11:17:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:b3:98:b6:28:05:e2:40:ca:52:a0:6c:a0:88:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a184409e5c183bbcc31535f4c7eee4782cd67be3
Validity
Not Before: Jan 2 00:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e78470009750ef90a67bcea3a9cda5796c157a7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:37:24:cf:b2:7c:95:b7:7b:dd:5c:7f:63:4b:
c3:3e:55:3f:d7:c8:6f:83:b9:68:dd:f2:1f:47:12:
59:c9:ba:47:88:e3:51:3f:fe:81:8c:e1:60:d3:4b:
bc:bc:54:20:74:7e:bf:be:07:96:b7:b8:d6:36:c6:
7a:72:10:bb:33:9d:0f:bf:b0:11:f0:58:3c:25:e1:
5e:ca:ae:be:12:39:b6:7f:f7:2f:53:1c:b8:4a:e5:
33:9d:0d:6c:50:b1:80:03:a4:cf:5b:82:d9:5c:d1:
b2:7b:96:45:cb:b4:64:93:4d:ed:48:2c:f3:3b:db:
6f:8f:53:bd:9c:96:02:3a:f2:cd:3d:c4:01:19:33:
14:1d:ae:a8:b3:f6:13:84:7b:aa:6e:86:ea:2d:5b:
90:11:bd:ed:78:c3:7f:c4:fc:0f:25:61:27:ba:cb:
a5:22:47:2e:5c:59:cf:30:1d:a2:90:9a:1f:14:47:
1d:44:57:19:d9:12:77:8a:67:41:fb:eb:70:ec:a8:
50:55:60:37:f9:e0:b1:22:37:e4:84:88:07:c1:f3:
76:55:1c:e2:36:d7:91:2f:2f:e5:6e:03:5f:bf:2a:
ec:55:8b:1a:64:0a:83:a2:bf:e9:68:96:e4:f5:18:
ca:b8:15:7c:d2:d8:a9:c6:c9:7a:59:ae:b4:82:24:
f2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:84:70:00:97:50:EF:90:A6:7B:CE:A3:A9:CD:A5:79:6C:15:7A:7E
X509v3 Authority Key Identifier:
keyid:A1:84:40:9E:5C:18:3B:BC:C3:15:35:F4:C7:EE:E4:78:2C:D6:7B:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYRAnlwYO7zDFTX0x-7keCzWe-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/54RwAJdQ75Cme86jqc2leWwVen4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/oYRAnlwYO7zDFTX0x-7keCzWe-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.88.0/22
IPv6:
2a07:3300::/29
Signature Algorithm: sha256WithRSAEncryption
63:e2:d3:8a:2b:4d:3d:12:b3:01:c3:a9:22:63:40:32:82:06:
b2:30:fd:48:36:57:93:cb:b4:fb:7c:4b:21:20:1e:e1:99:16:
61:06:3e:78:4b:af:19:7f:6b:04:a6:71:b4:01:ad:07:a0:b2:
0e:00:12:14:85:9b:28:ab:65:f2:9e:65:e7:d6:33:d6:6b:bb:
92:39:45:d1:18:bb:43:2b:f6:b8:46:0e:17:0b:5e:ab:bc:a6:
af:1c:d5:79:77:d2:dc:d5:9a:8e:cc:5e:72:35:9e:84:1c:2e:
91:d5:a8:f4:5d:cd:47:1f:d7:81:a7:df:53:70:1f:86:a3:59:
2f:ba:09:dc:9b:89:30:13:ae:b9:06:5a:a3:dd:7e:cb:2d:f0:
2b:43:26:98:98:24:33:4b:8a:4b:b8:a5:89:6a:8e:24:00:a8:
0a:e2:6f:2f:83:96:95:c7:00:3f:7e:25:2b:03:0a:4f:af:c9:
1d:8e:3b:e7:28:39:bc:6b:72:0b:a5:38:34:85:41:c6:d2:3f:
d3:b0:00:78:04:9c:14:ca:00:ce:05:76:3c:da:98:e0:4f:89:
d7:af:55:9a:0f:b6:b4:fe:68:60:17:9b:48:c1:03:d6:fe:79:
a6:14:94:f6:f4:c3:46:e4:c0:99:e6:f6:e2:74:31:f5:a9:64:
86:e6:8a:9f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvy7OYtigF4kDKUqBsoIjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODQ0MDllNWMxODNiYmNjMzE1MzVmNGM3ZWVlNDc4MmNk
NjdiZTMwHhcNMjMwMTAyMDAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzg0NzAwMDk3NTBlZjkwYTY3YmNlYTNhOWNkYTU3OTZjMTU3YTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzckz7J8lbd73Vx/Y0vDPlU/18hv
g7lo3fIfRxJZybpHiONRP/6BjOFg00u8vFQgdH6/vgeWt7jWNsZ6chC7M50Pv7AR
8Fg8JeFeyq6+Ejm2f/cvUxy4SuUznQ1sULGAA6TPW4LZXNGye5ZFy7Rkk03tSCzz
O9tvj1O9nJYCOvLNPcQBGTMUHa6os/YThHuqbobqLVuQEb3teMN/xPwPJWEnusul
IkcuXFnPMB2ikJofFEcdRFcZ2RJ3imdB++tw7KhQVWA3+eCxIjfkhIgHwfN2VRzi
NteRLy/lbgNfvyrsVYsaZAqDor/paJbk9RjKuBV80tipxsl6Wa60giTyPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOeEcACXUO+QpnvOo6nNpXlsFXp+MB8GA1UdIwQY
MBaAFKGEQJ5cGDu8wxU19Mfu5Hgs1nvjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lSQW5sd1lPN3pERlRYMHgtN2tlQ3pXZS1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8xZTk2OTQtYzI4NS00Y2NmLTk0M2It
YzJiN2NmZjA2NjFjLzEvNTRSd0FKZFE3NUNtZTg2anFjMmxlV3dWZW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8xZTk2OTQtYzI4NS00Y2NmLTk0M2ItYzJiN2NmZjA2NjFj
LzEvb1lSQW5sd1lPN3pERlRYMHgtN2tlQ3pXZS1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYlYMA0E
AgACMAcDBQMqBzMAMA0GCSqGSIb3DQEBCwUAA4IBAQBj4tOKK009ErMBw6kiY0Ay
ggayMP1INleTy7T7fEshIB7hmRZhBj54S68Zf2sEpnG0Aa0HoLIOABIUhZsoq2Xy
nmXn1jPWa7uSOUXRGLtDK/a4Rg4XC16rvKavHNV5d9Lc1ZqOzF5yNZ6EHC6R1aj0
Xc1HH9eBp99TcB+Go1kvugncm4kwE665Blqj3X7LLfArQyaYmCQzS4pLuKWJao4k
AKgK4m8vg5aVxwA/fiUrAwpPr8kdjjvnKDm8a3ILpTg0hUHG0j/TsAB4BJwUygDO
BXY82pjgT4nXr1WaD7a0/mhgF5tIwQPW/nmmFJT29MNG5MCZ5vbidDH1qWSG5oqf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:51 2024 by rpki-client on console-ams.rpki-client.org