Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/neOZOPi3gArmsIaePkb4RjTukug.roa
File: neOZOPi3gArmsIaePkb4RjTukug.roa (raw, json)
Hash identifier: tyyGI2WDOMR6QqzIKWMIAC3yGy16UpGBBLS7yUb8no8=
Subject key identifier: 9D:E3:99:38:F8:B7:80:0A:E6:B0:86:9E:3E:46:F8:46:34:EE:92:E8
Certificate issuer: /CN=a184409e5c183bbcc31535f4c7eee4782cd67be3
Certificate serial: 01875B6FBD65AC7D66CD8B2B26FFF781FB5A
Authority key identifier: A1:84:40:9E:5C:18:3B:BC:C3:15:35:F4:C7:EE:E4:78:2C:D6:7B:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYRAnlwYO7zDFTX0x-7keCzWe-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/neOZOPi3gArmsIaePkb4RjTukug.roa
Signing time: Fri 07 Apr 2023 11:17:42 +0000
ROA not before: Fri 07 Apr 2023 11:17:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203216
IP address blocks: 185.137.88.0/24 maxlen: 24
185.137.88.0/22 maxlen: 24
185.137.91.0/24 maxlen: 24
185.137.90.0/24 maxlen: 24
185.137.89.0/24 maxlen: 24
2a07:3300::/29 maxlen: 48
2a07:3300::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Apr 2023 11:26:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5b:6f:bd:65:ac:7d:66:cd:8b:2b:26:ff:f7:81:fb:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a184409e5c183bbcc31535f4c7eee4782cd67be3
Validity
Not Before: Apr 7 11:17:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9de39938f8b7800ae6b0869e3e46f84634ee92e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:57:7b:7c:ab:0e:1c:6c:91:44:24:c3:fa:88:
74:10:6b:bf:06:3e:63:a2:3f:cf:f3:07:0f:fe:65:
bc:8b:1a:f0:0a:6f:73:bd:00:28:d0:14:49:2d:52:
6e:15:ab:26:48:8c:f4:94:f9:85:42:01:74:70:c7:
34:90:9d:7a:4b:4d:3a:f2:11:a5:42:8d:5c:6a:36:
63:fc:81:de:9a:cd:03:17:eb:71:e2:16:0c:fa:9d:
9a:00:5b:25:e4:cd:15:95:1e:30:41:74:08:0c:a0:
e4:5d:a4:9f:23:e3:ad:55:d1:a1:4f:55:d1:50:10:
85:de:0b:97:14:65:2f:02:07:ab:73:f6:0f:87:f8:
d9:e1:a2:bf:37:20:c3:97:82:b3:c8:eb:85:db:ba:
04:46:4c:f8:58:9e:56:3e:82:b0:6a:5a:ff:40:85:
ab:81:1d:89:e6:1e:28:37:0e:3e:c4:a5:a1:2c:32:
84:71:d2:dc:0d:56:6b:66:2d:47:3d:87:2d:6b:7f:
8f:bb:ed:c7:52:fa:88:53:6e:0d:e0:ec:7f:ee:85:
24:4c:f1:00:12:22:80:ee:4f:4a:39:77:73:b7:65:
7e:aa:06:ee:99:fd:32:9c:b6:41:66:42:5b:7e:6a:
c1:02:d7:1b:d4:aa:84:ee:92:72:33:7a:10:94:02:
f5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E3:99:38:F8:B7:80:0A:E6:B0:86:9E:3E:46:F8:46:34:EE:92:E8
X509v3 Authority Key Identifier:
keyid:A1:84:40:9E:5C:18:3B:BC:C3:15:35:F4:C7:EE:E4:78:2C:D6:7B:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYRAnlwYO7zDFTX0x-7keCzWe-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/neOZOPi3gArmsIaePkb4RjTukug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/oYRAnlwYO7zDFTX0x-7keCzWe-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.88.0/22
IPv6:
2a07:3300::/29
Signature Algorithm: sha256WithRSAEncryption
3d:3a:88:fc:20:74:be:3e:2f:61:b8:41:ae:70:59:d3:1d:05:
67:47:17:d8:7c:23:57:46:ba:81:6c:5b:2a:2e:df:3c:ae:f8:
93:af:4f:f9:86:f7:1c:df:4e:48:65:90:a8:11:76:d4:5c:92:
d9:10:7a:6f:4f:94:14:8b:1f:4b:c6:be:42:41:53:38:7f:d0:
3a:3e:fb:c1:de:21:07:5e:af:77:15:db:27:5a:1e:53:2f:39:
39:5c:66:cd:1f:d3:a3:03:58:23:28:23:4d:5e:39:3b:16:91:
77:5e:c6:ac:02:7f:b4:16:a5:ea:34:83:18:a5:8a:34:5b:b5:
83:9b:aa:77:ae:c0:5f:83:69:43:70:ec:66:fd:ce:c3:ee:88:
6b:6a:ce:66:68:1a:cc:9c:2b:2f:ba:b7:79:ba:e9:f3:13:13:
7d:c7:17:84:08:fa:70:70:1d:56:6e:dd:f9:ec:0a:71:76:0e:
3f:b3:1f:06:21:d4:07:89:c6:91:10:c3:48:0a:4a:e0:10:3b:
50:5d:e8:d0:5c:7c:1d:48:60:12:ae:d0:9b:31:af:a8:c6:33:
d9:d9:2f:7f:f6:fe:78:ee:b8:cd:f1:44:67:64:7d:d9:a3:2c:
7e:ac:02:9f:fe:53:6e:a9:d3:b1:26:9c:df:ac:5c:7f:23:56:
92:21:6f:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYdbb71lrH1mzYsrJv/3gftaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODQ0MDllNWMxODNiYmNjMzE1MzVmNGM3ZWVlNDc4MmNk
NjdiZTMwHhcNMjMwNDA3MTExNzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGUzOTkzOGY4Yjc4MDBhZTZiMDg2OWUzZTQ2Zjg0NjM0ZWU5MmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAild7fKsOHGyRRCTD+oh0EGu/Bj5j
oj/P8wcP/mW8ixrwCm9zvQAo0BRJLVJuFasmSIz0lPmFQgF0cMc0kJ16S0068hGl
Qo1cajZj/IHems0DF+tx4hYM+p2aAFsl5M0VlR4wQXQIDKDkXaSfI+OtVdGhT1XR
UBCF3guXFGUvAgerc/YPh/jZ4aK/NyDDl4KzyOuF27oERkz4WJ5WPoKwalr/QIWr
gR2J5h4oNw4+xKWhLDKEcdLcDVZrZi1HPYcta3+Pu+3HUvqIU24N4Ox/7oUkTPEA
EiKA7k9KOXdzt2V+qgbumf0ynLZBZkJbfmrBAtcb1KqE7pJyM3oQlAL1qwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ3jmTj4t4AK5rCGnj5G+EY07pLoMB8GA1UdIwQY
MBaAFKGEQJ5cGDu8wxU19Mfu5Hgs1nvjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lSQW5sd1lPN3pERlRYMHgtN2tlQ3pXZS1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8xZTk2OTQtYzI4NS00Y2NmLTk0M2It
YzJiN2NmZjA2NjFjLzEvbmVPWk9QaTNnQXJtc0lhZVBrYjRSalR1a3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8xZTk2OTQtYzI4NS00Y2NmLTk0M2ItYzJiN2NmZjA2NjFj
LzEvb1lSQW5sd1lPN3pERlRYMHgtN2tlQ3pXZS1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYlYMA0E
AgACMAcDBQMqBzMAMA0GCSqGSIb3DQEBCwUAA4IBAQA9Ooj8IHS+Pi9huEGucFnT
HQVnRxfYfCNXRrqBbFsqLt88rviTr0/5hvcc305IZZCoEXbUXJLZEHpvT5QUix9L
xr5CQVM4f9A6PvvB3iEHXq93FdsnWh5TLzk5XGbNH9OjA1gjKCNNXjk7FpF3Xsas
An+0FqXqNIMYpYo0W7WDm6p3rsBfg2lDcOxm/c7D7ohras5maBrMnCsvurd5uunz
ExN9xxeECPpwcB1Wbt357Apxdg4/sx8GIdQHicaREMNICkrgEDtQXejQXHwdSGAS
rtCbMa+oxjPZ2S9/9v547rjN8URnZH3Zoyx+rAKf/lNuqdOxJpzfrFx/I1aSIW9t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:51 2024 by rpki-client on console-ams.rpki-client.org