Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/4Y-OcsbGbu_r8qIrRubRy4N7A7M.roa
File: 4Y-OcsbGbu_r8qIrRubRy4N7A7M.roa (raw, json)
Hash identifier: RnZ7sIqgDcsTlaHusrXV3mMX1nThDbo2jbypt6iFiTw=
Subject key identifier: E1:8F:8E:72:C6:C6:6E:EF:EB:F2:A2:2B:46:E6:D1:CB:83:7B:03:B3
Certificate issuer: /CN=24d9bb0530dfe3228f83b0861392e2845934b698
Certificate serial: 01856F2FD31ED5777CDE2181F26C2F040586
Authority key identifier: 24:D9:BB:05:30:DF:E3:22:8F:83:B0:86:13:92:E2:84:59:34:B6:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JNm7BTDf4yKPg7CGE5LihFk0tpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/4Y-OcsbGbu_r8qIrRubRy4N7A7M.roa
Signing time: Sun 01 Jan 2023 21:14:43 +0000
ROA not before: Sun 01 Jan 2023 21:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204504
IP address blocks: 185.134.168.0/24 maxlen: 24
185.134.168.0/22 maxlen: 22
185.134.171.0/24 maxlen: 24
185.134.170.0/24 maxlen: 24
185.134.169.0/24 maxlen: 24
2a0e:3e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:d3:1e:d5:77:7c:de:21:81:f2:6c:2f:04:05:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24d9bb0530dfe3228f83b0861392e2845934b698
Validity
Not Before: Jan 1 21:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e18f8e72c6c66eefebf2a22b46e6d1cb837b03b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b6:92:82:a9:0f:7f:3a:60:73:84:49:a8:66:
96:8a:17:92:98:98:a3:ba:e6:b1:d2:d1:c9:19:5a:
7e:26:b1:b5:d5:5f:98:1e:f4:7f:58:b2:89:f6:84:
63:b3:6f:1e:7c:bc:e9:88:3f:5c:d2:c4:1d:cd:c8:
ac:db:fb:69:06:53:f0:35:c6:bf:98:01:d5:8b:e8:
0e:24:46:1e:06:1f:a4:41:4a:45:b2:65:60:9b:95:
69:af:5f:64:55:d2:25:4b:7b:31:cf:8a:32:b9:b5:
84:34:94:20:a6:9a:59:8f:be:0b:18:22:3e:b2:37:
a4:ee:1a:48:cf:1e:07:88:3b:0a:bd:ce:c9:6c:31:
e4:bf:c4:7a:bf:42:6c:58:09:cd:fc:1d:3e:89:b0:
be:6f:64:78:c8:7c:d7:18:46:c7:0c:68:ba:c6:99:
8a:4d:f1:19:8a:68:cd:8f:67:fb:ba:83:16:ed:71:
85:e0:00:86:cd:d3:9d:b2:fd:19:a8:fa:99:1a:35:
a9:33:1a:62:85:a1:32:fc:78:2b:2f:91:b5:a0:d9:
30:61:8a:ca:91:76:cc:85:79:0d:5a:27:09:33:b9:
77:86:10:a4:f3:94:f7:1f:7a:bd:ec:ec:5b:30:55:
fa:22:77:49:fb:15:c7:a1:bd:fc:c3:9f:21:9e:ed:
97:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8F:8E:72:C6:C6:6E:EF:EB:F2:A2:2B:46:E6:D1:CB:83:7B:03:B3
X509v3 Authority Key Identifier:
keyid:24:D9:BB:05:30:DF:E3:22:8F:83:B0:86:13:92:E2:84:59:34:B6:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNm7BTDf4yKPg7CGE5LihFk0tpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/4Y-OcsbGbu_r8qIrRubRy4N7A7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/JNm7BTDf4yKPg7CGE5LihFk0tpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.168.0/22
IPv6:
2a0e:3e80::/29
Signature Algorithm: sha256WithRSAEncryption
33:d8:bf:58:a4:6a:65:96:fc:d4:41:b1:95:a1:2e:ff:a1:b5:
ab:4a:bf:7b:73:0c:55:e5:16:4b:62:16:78:61:c5:35:ed:77:
e4:88:a8:e9:a8:90:0d:e5:d7:18:60:84:d7:cd:d9:3e:6c:11:
11:41:a0:70:06:cf:eb:69:fd:96:df:47:87:2f:7e:50:cd:b4:
e5:a3:82:f5:ca:5c:61:2a:76:e7:c7:28:1f:83:14:72:67:c9:
6b:57:a1:5b:94:1d:4c:17:a2:20:4b:01:19:3f:6c:7d:d0:c5:
85:9f:65:05:11:67:de:70:dc:7e:85:ee:a8:bd:17:96:6a:cd:
57:3f:d7:1e:da:c3:a7:a8:ef:83:14:59:07:2c:fa:61:d5:3a:
a2:d0:7e:ae:44:70:b2:f3:f4:c8:00:4d:5d:df:65:6b:cb:fc:
ff:c9:2d:6a:2c:25:18:8f:fd:67:df:8f:38:75:d0:6e:79:97:
74:cb:46:b8:fd:f2:02:52:0d:a3:68:7c:65:d1:f5:3a:59:99:
60:09:7c:02:59:98:24:a4:1d:a4:ca:0f:f6:8a:f5:18:81:5e:
21:0a:b6:15:f6:01:96:a9:81:4e:ca:90:6e:d2:cf:3c:7b:7a:
c5:4e:9f:d1:1d:22:41:bc:9b:e5:4a:c8:9a:2d:fe:40:69:48:
35:cc:6a:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvL9Me1Xd83iGB8mwvBAWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZDliYjA1MzBkZmUzMjI4ZjgzYjA4NjEzOTJlMjg0NTkz
NGI2OTgwHhcNMjMwMTAxMjExNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMThmOGU3MmM2YzY2ZWVmZWJmMmEyMmI0NmU2ZDFjYjgzN2IwM2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLaSgqkPfzpgc4RJqGaWiheSmJij
uuax0tHJGVp+JrG11V+YHvR/WLKJ9oRjs28efLzpiD9c0sQdzcis2/tpBlPwNca/
mAHVi+gOJEYeBh+kQUpFsmVgm5Vpr19kVdIlS3sxz4oyubWENJQgpppZj74LGCI+
sjek7hpIzx4HiDsKvc7JbDHkv8R6v0JsWAnN/B0+ibC+b2R4yHzXGEbHDGi6xpmK
TfEZimjNj2f7uoMW7XGF4ACGzdOdsv0ZqPqZGjWpMxpihaEy/HgrL5G1oNkwYYrK
kXbMhXkNWicJM7l3hhCk85T3H3q97OxbMFX6IndJ+xXHob38w58hnu2X8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOGPjnLGxm7v6/KiK0bm0cuDewOzMB8GA1UdIwQY
MBaAFCTZuwUw3+Mij4OwhhOS4oRZNLaYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk5tN0JURGY0eUtQZzdDR0U1TGloRmswdHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hOTk3OWMtZDk4OS00NmZmLWI5MWUt
NGVhMzAxMWRhYjZjLzEvNFktT2NzYkdidV9yOHFJclJ1YlJ5NE43QTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hOTk3OWMtZDk4OS00NmZmLWI5MWUtNGVhMzAxMWRhYjZj
LzEvSk5tN0JURGY0eUtQZzdDR0U1TGloRmswdHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYaoMA0E
AgACMAcDBQMqDj6AMA0GCSqGSIb3DQEBCwUAA4IBAQAz2L9YpGpllvzUQbGVoS7/
obWrSr97cwxV5RZLYhZ4YcU17XfkiKjpqJAN5dcYYITXzdk+bBERQaBwBs/raf2W
30eHL35QzbTlo4L1ylxhKnbnxygfgxRyZ8lrV6FblB1MF6IgSwEZP2x90MWFn2UF
EWfecNx+he6ovReWas1XP9ce2sOnqO+DFFkHLPph1Tqi0H6uRHCy8/TIAE1d32Vr
y/z/yS1qLCUYj/1n3484ddBueZd0y0a4/fICUg2jaHxl0fU6WZlgCXwCWZgkpB2k
yg/2ivUYgV4hCrYV9gGWqYFOypBu0s88e3rFTp/RHSJBvJvlSsiaLf5AaUg1zGo6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:57 2024 by rpki-client on console-fra.rpki-client.org