Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d6eafb-b329-4e12-825c-eb5b9a7da86b/1/KtOxN5U-tdiUvGyymv4WAa5deBA.roa
File: KtOxN5U-tdiUvGyymv4WAa5deBA.roa (raw, json)
Hash identifier: glgdVS6zEfavPpqikx39EOWrCtBm98oZXqBRjsTN0aQ=
Subject key identifier: 2A:D3:B1:37:95:3E:B5:D8:94:BC:6C:B2:9A:FE:16:01:AE:5D:78:10
Certificate issuer: /CN=c972aaec8733d45f7a0003510180b4ae2d4bbe8e
Certificate serial: 01857142DE5F836D7CEE224D2A4B7AF71F1A
Authority key identifier: C9:72:AA:EC:87:33:D4:5F:7A:00:03:51:01:80:B4:AE:2D:4B:BE:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yXKq7Icz1F96AANRAYC0ri1Lvo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/d6eafb-b329-4e12-825c-eb5b9a7da86b/1/KtOxN5U-tdiUvGyymv4WAa5deBA.roa
Signing time: Mon 02 Jan 2023 06:54:45 +0000
ROA not before: Mon 02 Jan 2023 06:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208103
IP address blocks: 185.182.181.0/24 maxlen: 24
185.182.180.0/24 maxlen: 24
185.182.183.0/24 maxlen: 24
185.182.180.0/22 maxlen: 22
185.182.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:de:5f:83:6d:7c:ee:22:4d:2a:4b:7a:f7:1f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c972aaec8733d45f7a0003510180b4ae2d4bbe8e
Validity
Not Before: Jan 2 06:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ad3b137953eb5d894bc6cb29afe1601ae5d7810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d1:77:bb:76:f4:69:f0:79:2e:ea:f1:83:68:
19:b9:ac:10:71:b3:c8:63:3f:36:94:a8:4c:8f:d8:
76:d2:cf:43:3c:8c:3f:bf:de:86:2c:05:52:d4:c9:
ea:09:d8:11:bf:69:bd:c4:30:f4:1a:00:90:2c:e5:
4e:e7:de:d6:51:e0:32:e6:e7:94:b3:bd:3b:95:c0:
ff:68:25:0c:0f:24:56:38:56:97:ee:2f:1a:31:ee:
1d:14:e9:9b:15:37:b7:f1:90:d6:9a:1c:fd:a5:4a:
89:ff:47:7d:c9:de:65:df:16:df:89:14:d9:0f:4c:
c9:bd:4a:63:7f:fc:e5:f8:3f:ef:1a:7e:54:7b:8e:
0c:55:f4:3f:65:d9:ba:73:e4:47:7d:36:68:a0:69:
3a:2b:4d:5f:05:a4:b1:56:0e:c1:46:e0:e2:9a:2f:
84:06:0d:d9:07:bb:69:26:0c:69:6e:f3:8c:7a:73:
37:92:35:0e:b5:4b:4d:2b:7b:bc:c4:39:c2:84:5e:
9a:f7:37:13:43:8e:de:05:cc:71:cf:e6:43:62:a3:
b7:54:10:ff:fe:93:7f:bd:3d:7d:1e:8f:4b:78:2f:
bb:d6:71:96:db:4f:f4:ae:5e:ad:26:a8:98:e9:e1:
a1:33:b3:85:4b:34:a2:8b:80:b8:21:3a:07:a6:34:
5d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D3:B1:37:95:3E:B5:D8:94:BC:6C:B2:9A:FE:16:01:AE:5D:78:10
X509v3 Authority Key Identifier:
keyid:C9:72:AA:EC:87:33:D4:5F:7A:00:03:51:01:80:B4:AE:2D:4B:BE:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yXKq7Icz1F96AANRAYC0ri1Lvo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d6eafb-b329-4e12-825c-eb5b9a7da86b/1/KtOxN5U-tdiUvGyymv4WAa5deBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d6eafb-b329-4e12-825c-eb5b9a7da86b/1/yXKq7Icz1F96AANRAYC0ri1Lvo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.180.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:25:c4:4d:22:4c:99:9e:75:6a:7c:81:db:27:90:6e:6a:72:
1b:42:75:90:ea:06:1e:95:54:51:35:f1:f4:ec:13:9a:ed:72:
9d:d7:04:52:ca:1d:55:09:d1:d2:4d:5a:34:c7:e9:94:bd:e8:
19:3d:9a:68:bd:c6:14:ba:5f:3c:d9:69:4f:7a:d6:73:48:15:
b4:da:4b:bf:6c:dd:6f:c8:a9:c5:31:9f:f0:96:c6:bb:fc:e9:
46:33:25:31:e6:60:4c:a7:eb:78:8c:60:5c:08:da:79:57:29:
a5:28:d8:17:0c:96:cf:0f:30:79:fd:b5:91:0c:23:c8:d2:89:
b4:db:9e:07:e2:8e:ba:a0:a6:79:15:99:f7:e8:9c:2a:03:9c:
53:bd:02:3d:80:c3:81:cd:0e:a7:7a:aa:df:70:23:03:ce:a3:
bd:c1:5c:eb:78:50:61:40:0e:a7:e6:19:de:8b:50:2d:fa:ef:
2b:00:62:09:6c:a8:b4:ab:40:d6:ac:2d:c5:2e:40:73:bc:fa:
2d:57:e3:f7:33:93:07:f5:e0:15:b1:b8:6f:81:81:cf:85:0b:
a4:ba:14:dd:92:03:bb:b2:1a:4d:2c:33:c2:46:56:b1:d1:6d:
b2:b7:d2:b8:96:2d:8f:75:dc:d3:d4:6e:66:f6:3a:26:9c:a1:
da:b6:a1:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxQt5fg2187iJNKkt69x8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NzJhYWVjODczM2Q0NWY3YTAwMDM1MTAxODBiNGFlMmQ0
YmJlOGUwHhcNMjMwMTAyMDY1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQzYjEzNzk1M2ViNWQ4OTRiYzZjYjI5YWZlMTYwMWFlNWQ3ODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNF3u3b0afB5Lurxg2gZuawQcbPI
Yz82lKhMj9h20s9DPIw/v96GLAVS1MnqCdgRv2m9xDD0GgCQLOVO597WUeAy5ueU
s707lcD/aCUMDyRWOFaX7i8aMe4dFOmbFTe38ZDWmhz9pUqJ/0d9yd5l3xbfiRTZ
D0zJvUpjf/zl+D/vGn5Ue44MVfQ/Zdm6c+RHfTZooGk6K01fBaSxVg7BRuDimi+E
Bg3ZB7tpJgxpbvOMenM3kjUOtUtNK3u8xDnChF6a9zcTQ47eBcxxz+ZDYqO3VBD/
/pN/vT19Ho9LeC+71nGW20/0rl6tJqiY6eGhM7OFSzSii4C4IToHpjRdxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrTsTeVPrXYlLxsspr+FgGuXXgQMB8GA1UdIwQY
MBaAFMlyquyHM9RfegADUQGAtK4tS76OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVhLcTdJY3oxRjk2QUFOUkFZQzByaTFMdm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kNmVhZmItYjMyOS00ZTEyLTgyNWMt
ZWI1YjlhN2RhODZiLzEvS3RPeE41VS10ZGlVdkd5eW12NFdBYTVkZUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kNmVhZmItYjMyOS00ZTEyLTgyNWMtZWI1YjlhN2RhODZi
LzEveVhLcTdJY3oxRjk2QUFOUkFZQzByaTFMdm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuba0MA0G
CSqGSIb3DQEBCwUAA4IBAQBcJcRNIkyZnnVqfIHbJ5BuanIbQnWQ6gYelVRRNfH0
7BOa7XKd1wRSyh1VCdHSTVo0x+mUvegZPZpovcYUul882WlPetZzSBW02ku/bN1v
yKnFMZ/wlsa7/OlGMyUx5mBMp+t4jGBcCNp5VymlKNgXDJbPDzB5/bWRDCPI0om0
254H4o66oKZ5FZn36JwqA5xTvQI9gMOBzQ6neqrfcCMDzqO9wVzreFBhQA6n5hne
i1At+u8rAGIJbKi0q0DWrC3FLkBzvPotV+P3M5MH9eAVsbhvgYHPhQukuhTdkgO7
shpNLDPCRlax0W2yt9K4li2PddzT1G5m9jomnKHatqGO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:49 2024 by rpki-client on console-fra.rpki-client.org