Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/1G7rrmsBi7ftheR3wViDZlRlVSg.roa
File: 1G7rrmsBi7ftheR3wViDZlRlVSg.roa (raw, json)
Hash identifier: P/GgFRx+nGfhaTUrhSTraMV0M/SrA/RkEdqPDqiQyhc=
Subject key identifier: D4:6E:EB:AE:6B:01:8B:B7:ED:85:E4:77:C1:58:83:66:54:65:55:28
Certificate issuer: /CN=aac223fb1942115e48a9754207292d00a082ecdf
Certificate serial: 018D40EC69986843191C3408B337B50183ED
Authority key identifier: AA:C2:23:FB:19:42:11:5E:48:A9:75:42:07:29:2D:00:A0:82:EC:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/1G7rrmsBi7ftheR3wViDZlRlVSg.roa
Signing time: Thu 25 Jan 2024 14:00:51 +0000
ROA not before: Thu 25 Jan 2024 14:00:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199362
IP address blocks: 185.17.20.0/22 maxlen: 22
185.144.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 29 Jan 2024 09:59:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:ec:69:98:68:43:19:1c:34:08:b3:37:b5:01:83:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aac223fb1942115e48a9754207292d00a082ecdf
Validity
Not Before: Jan 25 14:00:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d46eebae6b018bb7ed85e477c158836654655528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:74:48:c2:03:e4:5a:2a:9f:0a:58:c7:8c:ed:
fc:3f:35:79:47:a8:b3:0a:35:0a:0d:19:87:cc:73:
7c:4d:f6:27:c4:14:a9:a7:e5:95:95:b4:9f:16:b5:
e9:fd:22:a7:0a:3a:43:99:ea:cf:22:09:97:b7:da:
ca:8a:1b:a6:e5:f4:6c:9e:45:04:40:d9:39:b2:f3:
94:bd:bb:0b:0c:10:7d:57:98:e6:4d:00:b9:91:8c:
89:f5:c2:bb:67:ef:e1:6d:ca:4e:3f:01:45:37:24:
3d:c6:a6:ab:8d:0f:db:5e:00:cc:64:a7:9b:73:fe:
b8:51:1c:da:f7:d0:3a:16:67:82:7b:e7:03:c4:ab:
27:13:18:7f:53:b8:45:ae:12:ce:37:e4:89:f5:6b:
87:50:cf:26:84:13:3c:01:91:76:a5:fa:c9:c2:8e:
99:6e:b2:81:9b:ad:d5:a7:ed:21:75:69:b3:4b:ab:
ae:35:a9:5e:f0:62:8a:a5:2a:77:50:61:b8:f2:50:
3c:2b:60:29:db:98:65:d3:e1:66:5a:cb:74:76:35:
95:fc:2a:d5:60:5f:ea:c2:39:bb:89:7c:05:2f:e6:
35:09:35:09:24:44:53:cd:16:22:bc:e5:31:97:89:
cc:0e:0d:c1:28:2c:7e:03:8e:ca:34:ff:f3:c2:04:
25:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:6E:EB:AE:6B:01:8B:B7:ED:85:E4:77:C1:58:83:66:54:65:55:28
X509v3 Authority Key Identifier:
keyid:AA:C2:23:FB:19:42:11:5E:48:A9:75:42:07:29:2D:00:A0:82:EC:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/1G7rrmsBi7ftheR3wViDZlRlVSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.20.0/22
185.144.120.0/22
Signature Algorithm: sha256WithRSAEncryption
93:d9:87:23:1f:62:ec:4b:be:8c:dc:e4:68:8e:ec:db:f9:a7:
45:bb:9d:15:3e:b1:7b:1f:36:90:5b:47:5d:a5:80:4f:eb:38:
35:ba:59:bb:41:40:7a:bd:5d:55:a1:2a:61:84:0f:2d:50:10:
11:dc:dd:a8:c8:1c:1d:c9:fc:60:09:41:6a:bb:f8:46:3b:90:
18:75:91:e3:de:0d:20:54:fb:0a:59:68:22:83:1b:2e:66:fe:
d9:c3:f1:6e:89:ac:49:21:8a:e1:5c:b0:b8:d4:cd:54:58:09:
ef:1d:0a:fd:93:74:0b:62:95:9c:ea:cf:e7:f8:a6:f3:ed:b1:
bf:17:b1:75:a6:d0:4e:37:6e:e3:47:35:d2:a8:cd:64:38:22:
eb:6b:b9:91:a2:24:61:1c:6c:a1:26:51:08:e5:58:3d:22:7c:
52:4e:6d:f9:76:5f:ca:d8:6b:11:cc:ba:ee:3f:69:5f:d9:a0:
25:fb:34:7a:6d:20:2d:f7:ef:1e:0d:03:8e:b6:b8:aa:3c:4c:
e6:57:92:2a:b3:9a:0c:8f:8a:95:92:d8:6d:bf:40:7b:e5:b4:
47:45:4e:c1:ca:6b:03:96:b4:a6:21:9e:e3:a5:46:77:f4:c6:
8d:7b:39:20:43:5e:b7:fc:7d:e9:d4:db:c8:ab:31:12:16:a2:
07:f6:cb:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1A7GmYaEMZHDQIsze1AYPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYzIyM2ZiMTk0MjExNWU0OGE5NzU0MjA3MjkyZDAwYTA4
MmVjZGYwHhcNMjQwMTI1MTQwMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDZlZWJhZTZiMDE4YmI3ZWQ4NWU0NzdjMTU4ODM2NjU0NjU1NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnRIwgPkWiqfCljHjO38PzV5R6iz
CjUKDRmHzHN8TfYnxBSpp+WVlbSfFrXp/SKnCjpDmerPIgmXt9rKihum5fRsnkUE
QNk5svOUvbsLDBB9V5jmTQC5kYyJ9cK7Z+/hbcpOPwFFNyQ9xqarjQ/bXgDMZKeb
c/64URza99A6FmeCe+cDxKsnExh/U7hFrhLON+SJ9WuHUM8mhBM8AZF2pfrJwo6Z
brKBm63Vp+0hdWmzS6uuNale8GKKpSp3UGG48lA8K2Ap25hl0+FmWst0djWV/CrV
YF/qwjm7iXwFL+Y1CTUJJERTzRYivOUxl4nMDg3BKCx+A47KNP/zwgQlPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNRu665rAYu37YXkd8FYg2ZUZVUoMB8GA1UdIwQY
MBaAFKrCI/sZQhFeSKl1QgcpLQCgguzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82MGViNDgtMjc5ZC00YWZlLThkOGEt
MWRhYTk1MWM3MWI3LzEvMUc3cnJtc0JpN2Z0aGVSM3dWaURabFJsVlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82MGViNDgtMjc5ZC00YWZlLThkOGEtMWRhYTk1MWM3MWI3
LzEvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuREUAwQC
uZB4MA0GCSqGSIb3DQEBCwUAA4IBAQCT2YcjH2LsS76M3ORojuzb+adFu50VPrF7
HzaQW0ddpYBP6zg1ulm7QUB6vV1VoSphhA8tUBAR3N2oyBwdyfxgCUFqu/hGO5AY
dZHj3g0gVPsKWWgigxsuZv7Zw/FuiaxJIYrhXLC41M1UWAnvHQr9k3QLYpWc6s/n
+Kbz7bG/F7F1ptBON27jRzXSqM1kOCLra7mRoiRhHGyhJlEI5Vg9InxSTm35dl/K
2GsRzLruP2lf2aAl+zR6bSAt9+8eDQOOtriqPEzmV5Iqs5oMj4qVkthtv0B75bRH
RU7BymsDlrSmIZ7jpUZ39MaNezkgQ163/H3p1NvIqzESFqIH9svE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org