Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/1-3d4jqnIrI9P0VDkC1gpzQti_5E.roa
File: 1-3d4jqnIrI9P0VDkC1gpzQti_5E.roa (raw, json)
Hash identifier: SwBTUQufoGEnrMU0n8JTK+U3AOfZV8WaaMTSZN2c7s4=
Subject key identifier: FB:77:78:8E:A9:C8:AC:8F:4F:D1:50:E4:0B:58:29:CD:0B:62:FF:91
Certificate issuer: /CN=8536146119b044539082e326cca903200b8d4b1a
Certificate serial: 01856CAF175AA8BE31EFEC214A7A10EABCF9
Authority key identifier: 85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/1-3d4jqnIrI9P0VDkC1gpzQti_5E.roa
Signing time: Sun 01 Jan 2023 09:34:52 +0000
ROA not before: Sun 01 Jan 2023 09:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212552
IP address blocks: 185.110.191.0/24 maxlen: 24
193.163.201.0/24 maxlen: 24
185.221.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Jan 2023 12:44:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:17:5a:a8:be:31:ef:ec:21:4a:7a:10:ea:bc:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8536146119b044539082e326cca903200b8d4b1a
Validity
Not Before: Jan 1 09:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb77788ea9c8ac8f4fd150e40b5829cd0b62ff91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:90:d0:35:37:3b:bd:d4:9e:95:d4:8f:bb:a8:
d1:2a:79:3b:04:ad:e3:94:af:0c:65:ab:b4:dd:37:
fe:ac:02:8e:26:96:53:d7:84:3e:4a:97:26:62:f6:
51:24:e2:58:79:2a:2a:f7:ed:a6:1e:9c:27:f8:ca:
64:1f:aa:84:d9:9f:8f:cc:a7:e6:3f:68:b5:ba:c1:
b5:40:e0:1c:82:91:a9:f1:f4:fb:a5:24:be:09:f6:
34:69:c4:15:f7:92:a6:a6:00:59:5d:59:de:70:99:
8b:65:e2:03:16:58:6f:1f:77:49:08:8b:62:a6:71:
36:7e:2a:3b:27:e2:6e:76:a9:8e:6b:b5:45:5d:d4:
94:96:7d:5d:d5:af:e6:8c:14:51:6e:e8:ba:bc:c7:
55:e8:6c:5a:42:32:17:54:da:50:3d:9b:17:7b:2c:
4e:8a:06:56:e3:57:26:74:74:08:95:3f:24:45:8a:
27:30:eb:3b:1b:be:2f:91:be:30:a3:b3:0f:9d:e8:
9b:e0:82:95:f0:fc:fa:80:35:43:d7:14:e0:23:5e:
fc:85:70:8b:cf:9a:00:e0:af:32:2b:2e:f5:fa:3f:
23:1a:4d:cc:f5:4b:da:4b:c8:c3:cc:28:6d:76:89:
ae:91:8f:fb:5a:a3:bc:2d:8d:0d:ac:91:9a:02:69:
ea:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:77:78:8E:A9:C8:AC:8F:4F:D1:50:E4:0B:58:29:CD:0B:62:FF:91
X509v3 Authority Key Identifier:
keyid:85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/1-3d4jqnIrI9P0VDkC1gpzQti_5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.191.0/24
185.221.237.0/24
193.163.201.0/24
Signature Algorithm: sha256WithRSAEncryption
16:eb:d7:42:ff:27:31:74:53:d1:4f:96:6b:43:d8:ae:ae:6b:
ae:8d:bd:8c:64:61:af:4a:32:c6:88:98:3a:1f:64:a8:d5:61:
41:df:9e:71:5a:4a:5b:ce:38:40:55:0b:92:e3:9d:39:d6:c2:
65:50:38:47:b3:a2:b4:31:89:f1:e9:03:62:c8:e1:12:dc:9e:
6c:54:65:b6:bf:c5:37:1f:42:b4:a6:be:76:d0:3a:b7:0f:ea:
97:59:5e:b4:18:c1:15:8a:25:21:5a:ad:2c:93:2c:4d:d6:4d:
af:1c:9a:8c:58:a9:42:07:98:a5:4b:3d:d8:be:3e:11:5c:bf:
aa:04:93:02:38:0c:9b:d4:42:fb:dd:a1:da:9a:ef:45:30:07:
d2:4f:c9:a7:57:c2:44:2f:32:6f:ea:61:77:02:db:90:77:cb:
14:da:b0:fb:18:cb:79:3e:75:de:61:3e:8d:a4:19:8b:6e:61:
f6:a5:d5:7e:41:a3:e7:79:84:b7:b2:4e:5b:9f:fc:8f:1e:aa:
72:5a:42:80:7a:13:5d:7c:ff:fe:eb:8a:e5:c6:2b:50:d5:c0:
ec:58:af:a9:53:fb:63:e8:5b:8e:d1:2e:f5:10:2d:67:fa:3e:
ed:73:0b:95:cf:d5:60:e5:b1:2d:83:b8:10:04:3f:7a:86:e2:
7a:37:0a:8d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVsrxdaqL4x7+whSnoQ6rz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzYxNDYxMTliMDQ0NTM5MDgyZTMyNmNjYTkwMzIwMGI4
ZDRiMWEwHhcNMjMwMTAxMDkzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjc3Nzg4ZWE5YzhhYzhmNGZkMTUwZTQwYjU4MjljZDBiNjJmZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpDQNTc7vdSeldSPu6jRKnk7BK3j
lK8MZau03Tf+rAKOJpZT14Q+SpcmYvZRJOJYeSoq9+2mHpwn+MpkH6qE2Z+PzKfm
P2i1usG1QOAcgpGp8fT7pSS+CfY0acQV95KmpgBZXVnecJmLZeIDFlhvH3dJCIti
pnE2fio7J+JudqmOa7VFXdSUln1d1a/mjBRRbui6vMdV6GxaQjIXVNpQPZsXeyxO
igZW41cmdHQIlT8kRYonMOs7G74vkb4wo7MPneib4IKV8Pz6gDVD1xTgI178hXCL
z5oA4K8yKy71+j8jGk3M9UvaS8jDzChtdomukY/7WqO8LY0NrJGaAmnq2wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPt3eI6pyKyPT9FQ5AtYKc0LYv+RMB8GA1UdIwQY
MBaAFIU2FGEZsERTkILjJsypAyALjUsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMt
MGM2NzIxN2NjOTZiLzEvMS0zZDRqcW5Jckk5UDBWRGtDMWdwelF0aV81RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDYvNWQ1ZjkzLWFjNWEtNDFlMy04MGMzLTBjNjcyMTdjYzk2
Yi8xL2hUWVVZUm13UkZPUWd1TW16S2tESUF1TlN4by5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALluvwME
ALnd7QMEAMGjyTANBgkqhkiG9w0BAQsFAAOCAQEAFuvXQv8nMXRT0U+Wa0PYrq5r
ro29jGRhr0oyxoiYOh9kqNVhQd+ecVpKW844QFULkuOdOdbCZVA4R7OitDGJ8ekD
YsjhEtyebFRltr/FNx9CtKa+dtA6tw/ql1letBjBFYolIVqtLJMsTdZNrxyajFip
QgeYpUs92L4+EVy/qgSTAjgMm9RC+92h2prvRTAH0k/Jp1fCRC8yb+phdwLbkHfL
FNqw+xjLeT513mE+jaQZi25h9qXVfkGj53mEt7JOW5/8jx6qclpCgHoTXXz//uuK
5cYrUNXA7FivqVP7Y+hbjtEu9RAtZ/o+7XMLlc/VYOWxLYO4EAQ/eobiejcKjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:09 2024 by rpki-client on console-ams.rpki-client.org