Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/0730d1-fee3-4654-9dea-e187be9b6c23/1/G9W-qhpA1B5ih1pFfYi5VLmpmt0.roa
File: G9W-qhpA1B5ih1pFfYi5VLmpmt0.roa (raw, json)
Hash identifier: X3qO8Tf3M753MbgKHadV8/A+UllcqciQW/pJQb2fcUs=
Subject key identifier: 1B:D5:BE:AA:1A:40:D4:1E:62:87:5A:45:7D:88:B9:54:B9:A9:9A:DD
Certificate issuer: /CN=842e178a85d6c30b572b20261c44f8e7a4bfc272
Certificate serial: 018572A7DDA4DD6E4F8BECE3A7BF95CBBEC9
Authority key identifier: 84:2E:17:8A:85:D6:C3:0B:57:2B:20:26:1C:44:F8:E7:A4:BF:C2:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hC4XioXWwwtXKyAmHET456S_wnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/0730d1-fee3-4654-9dea-e187be9b6c23/1/G9W-qhpA1B5ih1pFfYi5VLmpmt0.roa
Signing time: Mon 02 Jan 2023 13:24:41 +0000
ROA not before: Mon 02 Jan 2023 13:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204706
IP address blocks: 185.143.130.0/24 maxlen: 24
185.143.131.0/24 maxlen: 24
185.143.128.0/24 maxlen: 24
185.143.129.0/24 maxlen: 24
2a0c:f080::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:dd:a4:dd:6e:4f:8b:ec:e3:a7:bf:95:cb:be:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=842e178a85d6c30b572b20261c44f8e7a4bfc272
Validity
Not Before: Jan 2 13:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bd5beaa1a40d41e62875a457d88b954b9a99add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:15:65:a5:71:19:e3:f1:ec:40:6c:32:a5:0a:
31:52:46:d5:4a:7f:3f:28:8d:14:16:2c:a2:f9:8e:
08:50:f7:ed:72:8b:68:0d:20:2e:52:f9:a8:03:71:
a4:cb:1c:36:57:1e:60:e5:ea:3f:86:18:0d:e4:4b:
39:1c:eb:f6:3f:b8:3b:4f:38:5d:86:da:04:23:0d:
2c:b8:ba:b8:9b:4a:49:c8:65:4b:0d:0c:fb:26:1e:
bf:e1:7f:ff:2e:20:77:8a:91:63:17:ed:f0:f8:63:
ac:64:a2:89:89:1f:4e:08:28:11:3b:94:6f:67:31:
ff:7b:cf:c5:59:1c:58:4d:02:ff:1a:f2:f8:29:8c:
de:1d:f8:30:e8:bd:80:3f:df:93:5e:7f:b2:01:5a:
b6:0b:5a:b4:a6:d0:51:60:63:25:c9:fd:52:3b:0a:
93:5e:42:f9:9c:d7:1d:e9:91:50:29:5b:ab:db:4b:
25:09:57:5c:be:e6:3e:db:b5:ed:0b:ff:0b:08:2e:
cf:d8:83:19:72:5d:47:9e:39:fb:c4:f2:66:22:6d:
1a:8b:56:7a:56:75:58:48:9f:21:b5:94:c9:a1:af:
0e:a8:91:bc:79:7f:89:d0:27:c7:78:f5:dc:bf:53:
c9:c4:37:4f:a1:9e:a1:92:82:8e:ee:4a:c9:e1:51:
ab:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D5:BE:AA:1A:40:D4:1E:62:87:5A:45:7D:88:B9:54:B9:A9:9A:DD
X509v3 Authority Key Identifier:
keyid:84:2E:17:8A:85:D6:C3:0B:57:2B:20:26:1C:44:F8:E7:A4:BF:C2:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hC4XioXWwwtXKyAmHET456S_wnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0730d1-fee3-4654-9dea-e187be9b6c23/1/G9W-qhpA1B5ih1pFfYi5VLmpmt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0730d1-fee3-4654-9dea-e187be9b6c23/1/hC4XioXWwwtXKyAmHET456S_wnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.128.0/22
IPv6:
2a0c:f080::/30
Signature Algorithm: sha256WithRSAEncryption
18:0d:a4:fc:d9:b7:4e:8a:68:e8:8a:e8:f6:d0:24:2f:62:ab:
79:e4:2f:ff:46:f2:11:00:50:39:6b:e4:d8:e1:3c:56:c6:a4:
e6:64:45:84:62:c4:9e:a3:96:e7:64:82:3a:a7:10:31:09:8a:
b7:32:8f:32:ed:93:69:db:20:cb:58:a5:af:ec:32:bd:ae:39:
d2:c6:7a:99:99:d5:22:da:bb:94:91:96:e6:de:b4:ac:20:a7:
dd:3c:9e:fe:8e:91:c5:f2:1a:6e:e8:b4:a7:95:6e:26:d2:76:
75:3f:20:9d:09:81:cd:69:fe:5b:d4:4f:8f:99:a9:7c:e1:d2:
f5:c7:5f:df:1b:ff:35:79:d5:2f:5d:a5:2e:da:3c:0c:fe:17:
d9:42:a3:96:68:f2:d3:10:87:e0:e9:c7:b3:46:29:b5:16:ff:
f2:1b:0c:09:43:ec:ec:b3:b7:53:80:69:e0:1a:f3:7a:89:f2:
d4:58:dc:1f:e0:31:1e:2d:cf:5e:7e:ee:48:10:f2:32:03:71:
e3:3f:3d:5b:95:5e:42:b2:36:2f:c8:a8:36:19:9d:d8:22:8a:
fe:af:cb:f3:57:41:cd:ed:29:a0:1b:fc:ec:93:df:d6:87:79:
ae:f8:d6:d8:60:c8:bf:8a:8e:a3:5a:be:1d:8a:f6:a9:78:35:
4d:68:70:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyp92k3W5Pi+zjp7+Vy77JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MmUxNzhhODVkNmMzMGI1NzJiMjAyNjFjNDRmOGU3YTRi
ZmMyNzIwHhcNMjMwMTAyMTMyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQ1YmVhYTFhNDBkNDFlNjI4NzVhNDU3ZDg4Yjk1NGI5YTk5YWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxVlpXEZ4/HsQGwypQoxUkbVSn8/
KI0UFiyi+Y4IUPftcotoDSAuUvmoA3Gkyxw2Vx5g5eo/hhgN5Es5HOv2P7g7Tzhd
htoEIw0suLq4m0pJyGVLDQz7Jh6/4X//LiB3ipFjF+3w+GOsZKKJiR9OCCgRO5Rv
ZzH/e8/FWRxYTQL/GvL4KYzeHfgw6L2AP9+TXn+yAVq2C1q0ptBRYGMlyf1SOwqT
XkL5nNcd6ZFQKVur20slCVdcvuY+27XtC/8LCC7P2IMZcl1Hnjn7xPJmIm0ai1Z6
VnVYSJ8htZTJoa8OqJG8eX+J0CfHePXcv1PJxDdPoZ6hkoKO7krJ4VGrewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBvVvqoaQNQeYodaRX2IuVS5qZrdMB8GA1UdIwQY
MBaAFIQuF4qF1sMLVysgJhxE+Oekv8JyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEM0WGlvWFd3d3RYS3lBbUhFVDQ1NlNfd25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8wNzMwZDEtZmVlMy00NjU0LTlkZWEt
ZTE4N2JlOWI2YzIzLzEvRzlXLXFocEExQjVpaDFwRmZZaTVWTG1wbXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8wNzMwZDEtZmVlMy00NjU0LTlkZWEtZTE4N2JlOWI2YzIz
LzEvaEM0WGlvWFd3d3RYS3lBbUhFVDQ1NlNfd25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY+AMA0E
AgACMAcDBQIqDPCAMA0GCSqGSIb3DQEBCwUAA4IBAQAYDaT82bdOimjoiuj20CQv
Yqt55C//RvIRAFA5a+TY4TxWxqTmZEWEYsSeo5bnZII6pxAxCYq3Mo8y7ZNp2yDL
WKWv7DK9rjnSxnqZmdUi2ruUkZbm3rSsIKfdPJ7+jpHF8hpu6LSnlW4m0nZ1PyCd
CYHNaf5b1E+Pmal84dL1x1/fG/81edUvXaUu2jwM/hfZQqOWaPLTEIfg6cezRim1
Fv/yGwwJQ+zss7dTgGngGvN6ifLUWNwf4DEeLc9efu5IEPIyA3HjPz1blV5CsjYv
yKg2GZ3YIor+r8vzV0HN7SmgG/zsk9/Wh3mu+NbYYMi/io6jWr4divapeDVNaHAW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:50 2024 by rpki-client on console-ams.rpki-client.org