Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/9ab3a5-1c46-4be0-8937-ad4bd7f23ce4/1/1-twnuPu9MQZkQmavkf-lE7ls3kc.roa
File: 1-twnuPu9MQZkQmavkf-lE7ls3kc.roa (raw, json)
Hash identifier: S2R0YZb+my+STNn1fERaxHGaDz9ssudY8TlW0ZgxxwI=
Subject key identifier: FA:DC:27:B8:FB:BD:31:06:64:42:66:AF:91:FF:A5:13:B9:6C:DE:47
Certificate issuer: /CN=462231e713f0f834bd09c3f76e12e250e773c290
Certificate serial: 018CC3B729D28195971B3381213BD1411DEB
Authority key identifier: 46:22:31:E7:13:F0:F8:34:BD:09:C3:F7:6E:12:E2:50:E7:73:C2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RiIx5xPw-DS9CcP3bhLiUOdzwpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/9ab3a5-1c46-4be0-8937-ad4bd7f23ce4/1/1-twnuPu9MQZkQmavkf-lE7ls3kc.roa
Signing time: Mon 01 Jan 2024 06:30:10 +0000
ROA not before: Mon 01 Jan 2024 06:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42687
IP address blocks: 185.182.168.0/22 maxlen: 22
185.182.170.0/23 maxlen: 23
185.219.242.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 07:58:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:29:d2:81:95:97:1b:33:81:21:3b:d1:41:1d:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=462231e713f0f834bd09c3f76e12e250e773c290
Validity
Not Before: Jan 1 06:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fadc27b8fbbd3106644266af91ffa513b96cde47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:24:f1:da:08:ad:f1:71:f6:3e:64:01:0b:c6:
96:86:e6:cf:46:0a:ff:11:d1:ab:d0:13:ed:b4:db:
89:97:3b:31:59:13:ef:fd:82:24:04:ad:8e:0d:dd:
55:46:8a:87:eb:7d:99:86:d8:c4:58:fd:8d:b1:66:
df:36:39:3c:c9:6a:9e:d5:f3:e5:72:d6:1d:19:ca:
34:14:de:3b:ca:00:d1:26:72:35:4f:78:ba:72:4b:
e9:b4:e1:8c:20:c3:8d:45:e5:fd:41:61:29:17:49:
ca:30:d3:e6:5b:89:98:11:7d:06:1e:73:03:eb:da:
b5:0b:ef:9d:a0:48:df:a7:45:19:0c:d4:ff:7e:d0:
dc:a2:c2:a8:87:1e:e7:11:91:05:af:ac:c8:16:61:
2b:f5:56:61:a9:8d:08:2b:ac:8a:2c:8d:55:32:f0:
e4:e4:54:6d:6d:0b:75:ff:ff:80:09:dc:e0:3a:02:
fe:8e:3e:60:5b:a2:5d:34:19:37:37:c3:61:5f:59:
cc:4e:f4:97:e5:c0:d6:ea:61:f7:58:58:3c:ec:08:
78:1c:d8:39:1f:9d:66:70:82:a3:de:f9:f9:1d:00:
04:50:2d:3a:53:0d:b5:ae:9c:ff:f1:16:bf:11:3a:
d7:af:0f:b0:cb:f2:3c:54:9e:a8:d0:c7:58:4f:d5:
14:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DC:27:B8:FB:BD:31:06:64:42:66:AF:91:FF:A5:13:B9:6C:DE:47
X509v3 Authority Key Identifier:
keyid:46:22:31:E7:13:F0:F8:34:BD:09:C3:F7:6E:12:E2:50:E7:73:C2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RiIx5xPw-DS9CcP3bhLiUOdzwpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9ab3a5-1c46-4be0-8937-ad4bd7f23ce4/1/1-twnuPu9MQZkQmavkf-lE7ls3kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9ab3a5-1c46-4be0-8937-ad4bd7f23ce4/1/RiIx5xPw-DS9CcP3bhLiUOdzwpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.168.0/22
185.219.242.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:c7:f0:ec:ff:89:61:78:23:84:24:ab:4f:55:e9:df:00:ee:
05:db:48:3e:dd:a3:d2:11:47:83:58:81:70:58:a0:71:c0:62:
ca:2c:4b:2e:4e:4c:54:ba:75:fb:98:51:5b:06:c4:4f:51:e8:
d0:84:5f:b4:0d:0f:eb:80:7e:dc:f2:14:92:13:45:81:13:1b:
cb:4d:6a:7c:64:d2:a3:76:e2:28:fa:1e:5d:b1:ad:21:28:3d:
81:77:02:c4:a7:f0:76:b2:6b:f2:5a:82:39:4b:b6:6e:dc:4b:
ed:ee:69:3e:41:04:87:14:84:62:0a:db:36:bb:ae:a2:bf:75:
fd:67:4a:80:e7:e5:d5:6b:4a:a4:12:9b:0a:1d:33:9f:83:83:
b2:b9:59:e1:ec:cf:74:c6:e9:6f:16:30:ae:73:3c:45:2f:9c:
f7:bc:df:0c:a7:94:bf:1c:a9:eb:7b:21:82:cc:f9:b5:d0:1e:
5b:de:b6:cb:6c:d1:b8:17:b2:46:66:5f:2e:5e:a8:a5:95:ad:
7d:10:e0:e1:a6:29:34:c0:6f:85:ac:85:9a:1f:77:85:7d:eb:
c6:f6:a5:60:ef:d3:ec:31:a6:51:b7:7b:eb:ee:73:d4:ba:1b:
5c:b8:27:e6:97:b0:a5:e2:a8:9a:ce:26:cd:2a:d5:b1:25:31:
e3:99:be:6b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzDtynSgZWXGzOBITvRQR3rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MjIzMWU3MTNmMGY4MzRiZDA5YzNmNzZlMTJlMjUwZTc3
M2MyOTAwHhcNMjQwMTAxMDYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWRjMjdiOGZiYmQzMTA2NjQ0MjY2YWY5MWZmYTUxM2I5NmNkZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyTx2git8XH2PmQBC8aWhubPRgr/
EdGr0BPttNuJlzsxWRPv/YIkBK2ODd1VRoqH632ZhtjEWP2NsWbfNjk8yWqe1fPl
ctYdGco0FN47ygDRJnI1T3i6ckvptOGMIMONReX9QWEpF0nKMNPmW4mYEX0GHnMD
69q1C++doEjfp0UZDNT/ftDcosKohx7nEZEFr6zIFmEr9VZhqY0IK6yKLI1VMvDk
5FRtbQt1//+ACdzgOgL+jj5gW6JdNBk3N8NhX1nMTvSX5cDW6mH3WFg87Ah4HNg5
H51mcIKj3vn5HQAEUC06Uw21rpz/8Ra/ETrXrw+wy/I8VJ6o0MdYT9UUgQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPrcJ7j7vTEGZEJmr5H/pRO5bN5HMB8GA1UdIwQY
MBaAFEYiMecT8Pg0vQnD924S4lDnc8KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmlJeDV4UHctRFM5Q2NQM2JoTGlVT2R6d3BBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85YWIzYTUtMWM0Ni00YmUwLTg5Mzct
YWQ0YmQ3ZjIzY2U0LzEvMS10d251UHU5TVFaa1FtYXZrZi1sRTdsczNrYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvOWFiM2E1LTFjNDYtNGJlMC04OTM3LWFkNGJkN2YyM2Nl
NC8xL1JpSXg1eFB3LURTOUNjUDNiaExpVU9kendwQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArm2qAME
Abnb8jANBgkqhkiG9w0BAQsFAAOCAQEAPMfw7P+JYXgjhCSrT1Xp3wDuBdtIPt2j
0hFHg1iBcFigccBiyixLLk5MVLp1+5hRWwbET1Ho0IRftA0P64B+3PIUkhNFgRMb
y01qfGTSo3biKPoeXbGtISg9gXcCxKfwdrJr8lqCOUu2btxL7e5pPkEEhxSEYgrb
Nruuor91/WdKgOfl1WtKpBKbCh0zn4ODsrlZ4ezPdMbpbxYwrnM8RS+c97zfDKeU
vxyp63shgsz5tdAeW962y2zRuBeyRmZfLl6opZWtfRDg4aYpNMBvhayFmh93hX3r
xvalYO/T7DGmUbd76+5z1LobXLgn5pewpeKoms4mzSrVsSUx45m+aw==
-----END CERTIFICATE-----
Generated at Mon Jun 10 11:57:16 2024 by rpki-client on console-ams.rpki-client.org