Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/pLS9Z0lgBD9nIcEIbVRHap19cco.roa
File: pLS9Z0lgBD9nIcEIbVRHap19cco.roa (raw, json)
Hash identifier: OJk7ovxBK6DBhkHf0mrRyJEqNxvwqatmkKjWdp/vF7I=
Subject key identifier: A4:B4:BD:67:49:60:04:3F:67:21:C1:08:6D:54:47:6A:9D:7D:71:CA
Certificate issuer: /CN=a72d178c8e53f52131c1fb64743c960cf897fd0c
Certificate serial: 01856E01C2CCC6F19A3467200A5ED53541F7
Authority key identifier: A7:2D:17:8C:8E:53:F5:21:31:C1:FB:64:74:3C:96:0C:F8:97:FD:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/py0XjI5T9SExwftkdDyWDPiX_Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/pLS9Z0lgBD9nIcEIbVRHap19cco.roa
Signing time: Sun 01 Jan 2023 15:44:47 +0000
ROA not before: Sun 01 Jan 2023 15:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203965
IP address blocks: 185.118.172.0/24 maxlen: 24
185.118.172.0/22 maxlen: 22
185.118.175.0/24 maxlen: 24
185.118.174.0/24 maxlen: 24
185.118.173.0/24 maxlen: 24
2a06:9380::/29 maxlen: 48
2a06:9380:172::/48 maxlen: 48
2a06:9380:173::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:c2:cc:c6:f1:9a:34:67:20:0a:5e:d5:35:41:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a72d178c8e53f52131c1fb64743c960cf897fd0c
Validity
Not Before: Jan 1 15:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4b4bd674960043f6721c1086d54476a9d7d71ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4f:37:cd:b9:ac:75:79:0c:95:f6:a9:ef:08:
d9:2b:00:a5:3a:cd:57:b0:f1:cb:ff:27:90:86:ba:
87:54:b1:b3:e6:30:07:a2:c4:99:3c:76:0b:00:9f:
bb:c5:f9:66:6b:b6:04:49:be:e0:eb:ce:53:b2:6a:
ee:37:5f:b8:40:8f:e4:99:10:85:52:ab:8b:a2:7f:
19:41:13:6f:7e:a8:ec:6f:74:f8:dd:5a:77:34:9b:
e3:bf:39:6d:22:3c:e4:53:5d:ef:08:61:78:ba:8c:
13:ef:e6:8a:1f:d2:dc:b2:07:bd:51:b4:bc:81:26:
5f:7b:5b:97:e2:60:c1:33:6d:68:3b:b6:8f:02:4b:
77:84:f2:d2:b6:d1:7d:01:1d:44:11:40:0a:d3:4c:
e2:2f:dd:db:18:37:eb:05:38:42:38:3c:7b:ca:6d:
f8:26:1a:51:ed:a8:be:ec:e9:eb:f5:a9:be:40:99:
f6:f4:c8:78:8e:b7:6a:fa:d6:f7:34:6e:40:9d:50:
6a:3a:2c:b9:96:60:a1:a5:d9:57:94:3a:fe:30:31:
42:50:dc:74:8d:3b:ca:69:93:be:c2:3b:e4:1e:0b:
7a:91:a4:ef:56:90:79:7a:be:43:0f:5a:81:9e:d2:
2a:b9:91:90:ac:4c:f2:11:08:73:9a:02:fb:12:b9:
8b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B4:BD:67:49:60:04:3F:67:21:C1:08:6D:54:47:6A:9D:7D:71:CA
X509v3 Authority Key Identifier:
keyid:A7:2D:17:8C:8E:53:F5:21:31:C1:FB:64:74:3C:96:0C:F8:97:FD:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/py0XjI5T9SExwftkdDyWDPiX_Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/pLS9Z0lgBD9nIcEIbVRHap19cco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/py0XjI5T9SExwftkdDyWDPiX_Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.172.0/22
IPv6:
2a06:9380::/29
Signature Algorithm: sha256WithRSAEncryption
95:02:f6:89:d3:4a:97:71:6f:7f:56:b7:a0:bf:8c:ee:c3:7a:
22:d3:60:8b:7e:bc:e7:6f:90:70:3c:55:ed:8d:71:d6:fd:8b:
8c:21:2b:1d:0a:ab:a1:c1:0e:32:6e:fd:04:41:3b:78:c1:03:
d0:02:41:39:48:a6:19:db:69:1c:cb:c5:8c:d8:33:36:3f:31:
01:94:6c:49:77:b0:7a:9f:75:40:3e:50:d4:78:c3:e4:c7:4c:
01:4e:45:b1:f2:12:8e:c6:ba:97:b4:f8:35:5c:06:9d:e9:8f:
dc:ae:72:e7:94:1f:49:e9:05:0b:d9:24:1c:64:8d:93:e2:4e:
62:23:02:77:fe:24:45:ba:f3:7e:ed:4b:95:68:f2:00:05:51:
28:34:42:d9:f0:df:e5:b0:bf:03:e1:7b:5e:11:e4:a9:d9:fc:
5d:6a:ab:a5:9f:6b:ec:48:0b:f1:91:75:4e:7f:b8:15:a9:af:
f0:fd:f8:ea:61:bc:2b:6a:98:ff:21:9b:81:32:61:79:63:60:
1d:4d:42:c7:2f:4a:f0:7b:43:cb:5d:80:df:0f:fa:68:20:6e:
fc:ac:83:54:ac:a7:d5:fd:fe:3a:b1:2b:59:b6:46:2e:b6:e9:
eb:13:ce:5d:27:ae:99:03:58:3c:44:39:68:03:54:85:08:f9:
04:4b:75:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuAcLMxvGaNGcgCl7VNUH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MmQxNzhjOGU1M2Y1MjEzMWMxZmI2NDc0M2M5NjBjZjg5
N2ZkMGMwHhcNMjMwMTAxMTU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGI0YmQ2NzQ5NjAwNDNmNjcyMWMxMDg2ZDU0NDc2YTlkN2Q3MWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU83zbmsdXkMlfap7wjZKwClOs1X
sPHL/yeQhrqHVLGz5jAHosSZPHYLAJ+7xflma7YESb7g685TsmruN1+4QI/kmRCF
UquLon8ZQRNvfqjsb3T43Vp3NJvjvzltIjzkU13vCGF4uowT7+aKH9Lcsge9UbS8
gSZfe1uX4mDBM21oO7aPAkt3hPLSttF9AR1EEUAK00ziL93bGDfrBThCODx7ym34
JhpR7ai+7Onr9am+QJn29Mh4jrdq+tb3NG5AnVBqOiy5lmChpdlXlDr+MDFCUNx0
jTvKaZO+wjvkHgt6kaTvVpB5er5DD1qBntIquZGQrEzyEQhzmgL7ErmLhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKS0vWdJYAQ/ZyHBCG1UR2qdfXHKMB8GA1UdIwQY
MBaAFKctF4yOU/UhMcH7ZHQ8lgz4l/0MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHkwWGpJNVQ5U0V4d2Z0a2REeVdEUGlYX1F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYjgxM2EtNWU4Ni00NWIwLTk5Y2Qt
MjhiOWQyNjFlY2IxLzEvcExTOVowbGdCRDluSWNFSWJWUkhhcDE5Y2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYjgxM2EtNWU4Ni00NWIwLTk5Y2QtMjhiOWQyNjFlY2Ix
LzEvcHkwWGpJNVQ5U0V4d2Z0a2REeVdEUGlYX1F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXasMA0E
AgACMAcDBQMqBpOAMA0GCSqGSIb3DQEBCwUAA4IBAQCVAvaJ00qXcW9/Vregv4zu
w3oi02CLfrznb5BwPFXtjXHW/YuMISsdCquhwQ4ybv0EQTt4wQPQAkE5SKYZ22kc
y8WM2DM2PzEBlGxJd7B6n3VAPlDUeMPkx0wBTkWx8hKOxrqXtPg1XAad6Y/crnLn
lB9J6QUL2SQcZI2T4k5iIwJ3/iRFuvN+7UuVaPIABVEoNELZ8N/lsL8D4XteEeSp
2fxdaquln2vsSAvxkXVOf7gVqa/w/fjqYbwrapj/IZuBMmF5Y2AdTULHL0rwe0PL
XYDfD/poIG78rINUrKfV/f46sStZtkYutunrE85dJ66ZA1g8RDloA1SFCPkES3Vt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:17 2024 by rpki-client on console-fra.rpki-client.org