Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/1-a83oN6rMbNiw1-qfvP2xjTMSI0.roa
File: 1-a83oN6rMbNiw1-qfvP2xjTMSI0.roa (raw, json)
Hash identifier: 98z0AoXl3DFS5sRUIMQiCK0Sirq6MAo8dXWlqkSqwcg=
Subject key identifier: F9:AF:37:A0:DE:AB:31:B3:62:C3:5F:AA:7E:F3:F6:C6:34:CC:48:8D
Certificate issuer: /CN=215a409d27b9a69346324004694da11beae02dbb
Certificate serial: 018CC3489E9E34DE18232FAB347A82A7730F
Authority key identifier: 21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/1-a83oN6rMbNiw1-qfvP2xjTMSI0.roa
Signing time: Mon 01 Jan 2024 04:29:25 +0000
ROA not before: Mon 01 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50500
IP address blocks: 185.114.88.0/24 maxlen: 24
185.114.89.0/24 maxlen: 24
185.114.90.0/24 maxlen: 24
185.114.91.0/24 maxlen: 24
185.134.176.0/24 maxlen: 24
185.134.177.0/24 maxlen: 24
185.134.178.0/24 maxlen: 24
185.134.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 19:45:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:9e:9e:34:de:18:23:2f:ab:34:7a:82:a7:73:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215a409d27b9a69346324004694da11beae02dbb
Validity
Not Before: Jan 1 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9af37a0deab31b362c35faa7ef3f6c634cc488d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:59:d5:21:70:48:ff:b0:cd:f0:1c:03:d3:59:
67:bd:ef:f1:2a:da:6e:a2:47:27:87:88:88:d9:eb:
72:1c:72:20:26:1f:2d:ae:5e:a5:82:73:9c:ef:6c:
e4:97:e8:d4:c3:d4:59:a1:24:70:ac:0b:5a:6c:26:
d3:d3:0b:3d:7b:10:f4:8e:62:1c:3a:5f:76:16:93:
a0:c9:c5:e3:4d:5c:9f:fc:7b:c9:f9:86:95:0a:65:
b3:a6:b3:3e:c8:69:c9:db:81:31:99:b5:e0:5f:c7:
ab:a2:7a:8b:c1:83:48:85:39:be:cb:52:22:52:27:
5e:f8:1d:32:a2:1e:c5:7b:b1:06:f4:76:79:f4:05:
3b:b3:f4:12:85:eb:04:f9:b4:15:51:c5:c3:25:ee:
97:93:51:76:73:05:10:43:10:72:3a:5a:c2:b0:c9:
9a:be:62:3a:87:6e:65:01:0d:2a:f1:0b:ad:5c:ed:
d0:ed:b7:bc:f1:22:b0:e7:11:3d:92:fd:25:b1:5f:
8c:c5:0d:0a:ce:16:3f:33:98:5a:6c:25:cd:69:30:
84:9e:43:67:ed:4f:27:ca:1d:de:79:d2:ed:ee:be:
e5:83:9a:49:01:93:cd:cb:cf:96:60:0d:74:ce:87:
5d:a4:98:f5:32:68:97:d7:d5:00:ac:c0:77:e0:45:
64:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AF:37:A0:DE:AB:31:B3:62:C3:5F:AA:7E:F3:F6:C6:34:CC:48:8D
X509v3 Authority Key Identifier:
keyid:21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/1-a83oN6rMbNiw1-qfvP2xjTMSI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.88.0/22
185.134.176.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:9f:aa:92:12:76:bb:bd:34:c5:cc:f5:e4:1d:1a:ba:a6:89:
94:7e:88:af:fc:06:78:0a:51:d1:e1:a5:e4:a9:5f:8a:7e:93:
dc:a3:5f:8a:ab:b6:3b:37:a1:ff:ff:54:bb:f2:7d:48:59:1d:
ce:f8:d9:97:c2:e1:99:6b:a7:df:a1:c2:55:e9:38:86:b1:8e:
ca:61:f4:44:10:17:37:d1:77:7a:c1:d6:96:c0:44:00:5e:37:
e4:41:98:1c:42:1d:4f:0a:eb:39:fa:dc:04:f1:74:f3:5f:6e:
2f:fc:70:11:21:09:12:a7:41:91:e0:fd:d1:a1:5c:cb:14:c2:
a7:03:20:95:11:75:1e:3a:e1:70:4a:a4:93:02:d0:98:d1:37:
5e:9f:52:90:87:a8:47:61:80:40:03:3e:ec:6f:8a:8b:42:1b:
d3:62:e8:69:01:7a:32:6c:fe:22:7c:7d:46:7f:0c:45:f6:af:
04:ae:96:f2:49:98:56:59:aa:36:51:52:25:b1:49:46:d5:cb:
dd:83:1e:be:67:20:1e:25:f5:45:a4:8c:06:b3:29:62:50:95:
47:b0:ba:19:7f:20:74:35:a2:5d:54:5e:b1:9e:a6:08:31:44:
9f:06:8f:f2:70:51:d3:5a:f7:ad:62:a0:1b:55:54:33:f3:36:
fa:2d:cc:4c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzDSJ6eNN4YIy+rNHqCp3MPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNWE0MDlkMjdiOWE2OTM0NjMyNDAwNDY5NGRhMTFiZWFl
MDJkYmIwHhcNMjQwMTAxMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFmMzdhMGRlYWIzMWIzNjJjMzVmYWE3ZWYzZjZjNjM0Y2M0ODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1nVIXBI/7DN8BwD01lnve/xKtpu
okcnh4iI2etyHHIgJh8trl6lgnOc72zkl+jUw9RZoSRwrAtabCbT0ws9exD0jmIc
Ol92FpOgycXjTVyf/HvJ+YaVCmWzprM+yGnJ24ExmbXgX8eronqLwYNIhTm+y1Ii
Uide+B0yoh7Fe7EG9HZ59AU7s/QShesE+bQVUcXDJe6Xk1F2cwUQQxByOlrCsMma
vmI6h25lAQ0q8QutXO3Q7be88SKw5xE9kv0lsV+MxQ0KzhY/M5habCXNaTCEnkNn
7U8nyh3eedLt7r7lg5pJAZPNy8+WYA10zoddpJj1MmiX19UArMB34EVkEwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPmvN6DeqzGzYsNfqn7z9sY0zEiNMB8GA1UdIwQY
MBaAFCFaQJ0nuaaTRjJABGlNoRvq4C27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2Ut
OThkMmZlZTBmODdhLzEvMS1hODNvTjZyTWJOaXcxLXFmdlAyeGpUTVNJMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvZjBjOWUzLTFjNDAtNGYzMy05NWNlLTk4ZDJmZWUwZjg3
YS8xL0lWcEFuU2U1cHBOR01rQUVhVTJoRy1yZ0xicy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlyWAME
ArmGsDANBgkqhkiG9w0BAQsFAAOCAQEALZ+qkhJ2u700xcz15B0auqaJlH6Ir/wG
eApR0eGl5Klfin6T3KNfiqu2Ozeh//9Uu/J9SFkdzvjZl8LhmWun36HCVek4hrGO
ymH0RBAXN9F3esHWlsBEAF435EGYHEIdTwrrOfrcBPF0819uL/xwESEJEqdBkeD9
0aFcyxTCpwMglRF1HjrhcEqkkwLQmNE3Xp9SkIeoR2GAQAM+7G+Ki0Ib02LoaQF6
Mmz+Inx9Rn8MRfavBK6W8kmYVlmqNlFSJbFJRtXL3YMevmcgHiX1RaSMBrMpYlCV
R7C6GX8gdDWiXVResZ6mCDFEnwaP8nBR01r3rWKgG1VUM/M2+i3MTA==
-----END CERTIFICATE-----
Generated at Mon Jan 29 22:38:17 2024 by rpki-client on console-ams.rpki-client.org