Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/a-igvwNE2THh7Cd113lsoIywGSY.roa
File: a-igvwNE2THh7Cd113lsoIywGSY.roa (raw, json)
Hash identifier: jKwd2RekEZ/ToxdOgVdPl9sPwjvfcIKEP25vT4GkCX0=
Subject key identifier: 6B:E8:A0:BF:03:44:D9:31:E1:EC:27:75:D7:79:6C:A0:8C:B0:19:26
Certificate issuer: /CN=9a754c71d62cb23948d9119eda772fde38e67b67
Certificate serial: 018570D51C8D007C912C92E8B3C1D20F124C
Authority key identifier: 9A:75:4C:71:D6:2C:B2:39:48:D9:11:9E:DA:77:2F:DE:38:E6:7B:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnVMcdYssjlI2RGe2ncv3jjme2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/a-igvwNE2THh7Cd113lsoIywGSY.roa
Signing time: Mon 02 Jan 2023 04:54:52 +0000
ROA not before: Mon 02 Jan 2023 04:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199286
IP address blocks: 194.110.137.0/24 maxlen: 24
194.110.117.0/24 maxlen: 24
185.122.71.0/24 maxlen: 24
185.122.68.0/22 maxlen: 22
185.122.69.0/24 maxlen: 24
185.122.68.0/24 maxlen: 24
185.122.70.0/24 maxlen: 24
194.110.132.0/24 maxlen: 24
185.12.137.0/24 maxlen: 24
185.12.136.0/22 maxlen: 22
185.12.139.0/24 maxlen: 24
185.12.138.0/24 maxlen: 24
185.12.136.0/24 maxlen: 24
194.110.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:1c:8d:00:7c:91:2c:92:e8:b3:c1:d2:0f:12:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a754c71d62cb23948d9119eda772fde38e67b67
Validity
Not Before: Jan 2 04:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6be8a0bf0344d931e1ec2775d7796ca08cb01926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e6:fa:6b:69:3c:50:30:ab:59:40:99:87:77:
dc:46:26:bf:8a:7c:72:55:1a:f2:b6:82:a1:a6:5b:
28:4a:5d:bc:ef:a1:b7:1b:b5:d8:6b:f1:f9:d9:6e:
1f:4f:68:b5:6e:76:d1:b0:4f:9f:e7:fa:49:13:2e:
ac:62:53:88:65:cd:b8:5f:03:7d:d1:26:a1:b4:45:
ce:c0:84:b4:79:c4:59:82:0f:16:f5:a8:1d:50:2e:
e9:f5:d0:f5:81:0e:67:ed:3b:75:b2:be:98:3a:2b:
04:89:d2:bf:84:95:ad:e5:d8:c3:95:ae:67:6b:56:
cc:2a:ff:25:cb:67:1e:5e:81:6f:28:8a:67:8e:dc:
e5:35:61:53:e7:c2:29:47:6c:5e:19:30:f9:6e:b8:
d0:f0:23:9e:e7:8a:95:bc:ad:92:8e:bf:3e:97:7b:
58:0a:ac:d9:fb:9f:f5:83:08:50:a5:eb:0f:5a:e5:
73:93:14:fb:64:13:72:69:ae:4a:7a:09:38:cc:2b:
04:a0:ad:a9:5d:77:18:07:35:24:dd:ba:47:80:a5:
e7:0b:6a:c4:cf:5d:f1:7a:a4:31:4b:52:2d:1d:df:
15:f4:71:15:81:e9:15:c6:d1:11:ff:9e:ab:1d:ac:
08:ad:c2:e0:7d:f1:a0:92:ad:9b:b1:44:82:9f:bb:
6e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E8:A0:BF:03:44:D9:31:E1:EC:27:75:D7:79:6C:A0:8C:B0:19:26
X509v3 Authority Key Identifier:
keyid:9A:75:4C:71:D6:2C:B2:39:48:D9:11:9E:DA:77:2F:DE:38:E6:7B:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnVMcdYssjlI2RGe2ncv3jjme2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/a-igvwNE2THh7Cd113lsoIywGSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/mnVMcdYssjlI2RGe2ncv3jjme2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.136.0/22
185.122.68.0/22
194.110.74.0/24
194.110.117.0/24
194.110.132.0/24
194.110.137.0/24
Signature Algorithm: sha256WithRSAEncryption
55:29:6f:f4:67:83:46:42:6d:2c:3f:e0:a3:74:03:fb:e5:76:
26:be:e0:8c:51:ff:73:60:9a:cc:8c:53:92:5f:ca:9e:3f:20:
c2:28:8f:72:92:8d:48:65:66:c7:fc:01:2f:ae:75:33:58:39:
ce:db:26:87:25:db:db:27:94:64:4c:d5:4a:e3:e2:88:fa:d6:
d8:1d:eb:91:cd:46:b6:2a:59:18:30:0d:21:c4:4f:7f:22:2a:
f2:32:65:38:aa:bc:4b:50:36:c4:df:26:50:f7:8f:a7:02:78:
9f:e0:c4:a9:77:bd:2a:79:92:a3:17:2d:09:31:c7:ab:96:2d:
80:c7:d2:b2:00:13:97:af:eb:05:1e:64:78:34:08:21:5f:82:
93:4a:19:04:a2:01:e7:17:14:94:8a:72:35:e3:65:57:28:30:
a9:4e:ea:5e:b1:e9:c9:59:41:3d:ed:70:6b:bf:8c:0a:a6:2e:
a9:0f:d7:63:e6:d2:68:b3:1d:ac:8b:d8:f9:8b:2b:4b:bc:aa:
66:15:cf:89:c0:55:6b:b3:26:48:3b:59:b5:e7:14:c6:8b:30:
33:16:58:fa:ad:5a:09:13:da:c3:a3:f9:27:0d:79:a7:4a:30:
a8:39:69:cf:5a:73:9b:78:73:a4:6f:64:ba:b3:e6:99:ff:45:
fb:3f:99:8b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVw1RyNAHyRLJLos8HSDxJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzU0YzcxZDYyY2IyMzk0OGQ5MTE5ZWRhNzcyZmRlMzhl
NjdiNjcwHhcNMjMwMTAyMDQ1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmU4YTBiZjAzNDRkOTMxZTFlYzI3NzVkNzc5NmNhMDhjYjAxOTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreb6a2k8UDCrWUCZh3fcRia/inxy
VRrytoKhplsoSl2876G3G7XYa/H52W4fT2i1bnbRsE+f5/pJEy6sYlOIZc24XwN9
0SahtEXOwIS0ecRZgg8W9agdUC7p9dD1gQ5n7Tt1sr6YOisEidK/hJWt5djDla5n
a1bMKv8ly2ceXoFvKIpnjtzlNWFT58IpR2xeGTD5brjQ8COe54qVvK2Sjr8+l3tY
CqzZ+5/1gwhQpesPWuVzkxT7ZBNyaa5Kegk4zCsEoK2pXXcYBzUk3bpHgKXnC2rE
z13xeqQxS1ItHd8V9HEVgekVxtER/56rHawIrcLgffGgkq2bsUSCn7tukQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGvooL8DRNkx4ewnddd5bKCMsBkmMB8GA1UdIwQY
MBaAFJp1THHWLLI5SNkRntp3L9445ntnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5WTWNkWXNzamxJMlJHZTJuY3YzamptZTJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80ZDJlNjctNWFjMi00MjdkLThiN2It
ZDI1YTlkZjE1OTI1LzEvYS1pZ3Z3TkUyVEhoN0NkMTEzbHNvSXl3R1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS80ZDJlNjctNWFjMi00MjdkLThiN2ItZDI1YTlkZjE1OTI1
LzEvbW5WTWNkWXNzamxJMlJHZTJuY3YzamptZTJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuQyIAwQC
uXpEAwQAwm5KAwQAwm51AwQAwm6EAwQAwm6JMA0GCSqGSIb3DQEBCwUAA4IBAQBV
KW/0Z4NGQm0sP+CjdAP75XYmvuCMUf9zYJrMjFOSX8qePyDCKI9yko1IZWbH/AEv
rnUzWDnO2yaHJdvbJ5RkTNVK4+KI+tbYHeuRzUa2KlkYMA0hxE9/IiryMmU4qrxL
UDbE3yZQ94+nAnif4MSpd70qeZKjFy0JMcerli2Ax9KyABOXr+sFHmR4NAghX4KT
ShkEogHnFxSUinI142VXKDCpTupesenJWUE97XBrv4wKpi6pD9dj5tJosx2si9j5
iytLvKpmFc+JwFVrsyZIO1m15xTGizAzFlj6rVoJE9rDo/knDXmnSjCoOWnPWnOb
eHOkb2S6s+aZ/0X7P5mL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:12 2024 by rpki-client on console-ams.rpki-client.org