Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/kapb43B2yGVxBzUf6_Dlgr9Q5LY.roa
File: kapb43B2yGVxBzUf6_Dlgr9Q5LY.roa (raw, json)
Hash identifier: 9A0aNL62RdKmITcagfTx8YDP640cswfj6T4K+oNa9JQ=
Subject key identifier: 91:AA:5B:E3:70:76:C8:65:71:07:35:1F:EB:F0:E5:82:BF:50:E4:B6
Certificate issuer: /CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Certificate serial: 018B2E44B1CADA5BE620D1E609158B08CD9D
Authority key identifier: 2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/kapb43B2yGVxBzUf6_Dlgr9Q5LY.roa
Signing time: Sat 14 Oct 2023 12:58:55 +0000
ROA not before: Sat 14 Oct 2023 12:58:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210619
IP address blocks: 185.137.223.0/24 maxlen: 24
185.137.221.0/24 maxlen: 24
2a0a:a501::/48 maxlen: 48
2a0a:a502::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2e:44:b1:ca:da:5b:e6:20:d1:e6:09:15:8b:08:cd:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Validity
Not Before: Oct 14 12:58:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91aa5be37076c8657107351febf0e582bf50e4b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:30:b9:9c:58:51:6b:63:b8:48:c2:6c:3a:c3:
d6:54:32:eb:28:fb:b1:8f:0b:ce:4f:13:4b:26:01:
0f:80:c0:5d:72:b9:2c:9a:9e:5f:2d:bb:cf:88:02:
39:b2:11:6b:d8:80:79:52:5e:53:20:a0:57:4d:72:
8a:c2:4f:20:c5:62:d6:29:5c:52:45:be:55:aa:6d:
92:93:29:bb:5b:b4:ff:3f:0e:53:2a:d2:48:e1:f8:
fa:77:e8:f6:65:ce:07:4e:da:f1:56:89:de:ee:44:
13:8b:3d:0f:00:7d:1d:0a:24:98:f9:c1:a6:81:51:
37:27:d8:80:e5:59:78:c8:c3:38:09:68:db:a4:54:
bc:96:2a:e2:e0:c0:fa:80:e2:7e:a3:3b:e1:70:39:
7d:7b:e2:1f:cf:1a:cd:5c:d5:a0:90:15:1a:39:0f:
66:95:6e:a7:7c:34:99:46:48:f7:c8:bb:74:63:e1:
39:68:f9:7b:f0:e9:07:34:68:df:47:b8:d8:f1:b5:
19:0c:fd:3b:d2:69:56:b7:27:f3:d8:60:ea:39:f9:
11:a2:1c:bd:de:9a:79:b7:fc:85:39:f6:1e:8a:b5:
48:17:06:7d:d0:81:75:56:a3:fa:f6:37:b6:48:5b:
8a:a9:58:25:58:f1:2f:e6:ba:69:ee:12:e1:76:e9:
80:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:AA:5B:E3:70:76:C8:65:71:07:35:1F:EB:F0:E5:82:BF:50:E4:B6
X509v3 Authority Key Identifier:
keyid:2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/kapb43B2yGVxBzUf6_Dlgr9Q5LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/L3pGS4lIQbO5QOCzV7hl45Ox3UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.221.0/24
185.137.223.0/24
IPv6:
2a0a:a501::/48
2a0a:a502::/48
Signature Algorithm: sha256WithRSAEncryption
5c:17:24:b4:49:8c:7a:1d:05:10:76:07:81:41:f2:10:ed:58:
98:3e:00:be:31:d5:9f:b8:9c:7b:e4:6a:f5:d7:d3:91:d0:40:
f9:b3:1a:fc:17:03:40:f7:63:cb:00:e4:20:c9:0d:81:f7:d7:
a1:fa:0c:35:e9:86:d7:42:11:3b:a8:99:22:9d:3f:64:ed:60:
bc:d3:14:e2:3f:11:40:48:c7:e3:73:b2:53:9a:28:80:fa:1e:
ff:a8:6e:96:b8:c4:29:95:41:27:7f:8b:3c:e8:9b:64:31:37:
65:f3:21:88:69:b9:f1:1a:f2:07:03:8b:7f:9d:a8:c6:2b:3c:
3e:84:6a:e9:09:1f:99:4c:06:f4:ae:83:74:96:9b:9d:9e:5e:
69:24:a8:5f:85:46:35:e0:fb:b4:a2:64:38:35:eb:a6:fa:69:
1e:a7:32:11:e3:f0:1a:49:9d:4b:e5:83:df:9b:3c:f5:08:f5:
82:97:22:dc:fe:23:7c:ef:93:f3:35:e5:fd:1a:1c:b1:d8:c6:
f9:9c:fc:cd:c3:0a:1a:26:bf:95:12:ce:b4:e5:07:04:7a:e0:
c7:82:c0:81:ad:77:96:14:a2:0c:5e:2c:73:6d:04:90:71:8a:
d6:f1:b6:0f:0c:5c:29:f0:ba:86:4a:01:58:8b:55:46:f6:fe:
c7:6a:4e:e8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYsuRLHK2lvmINHmCRWLCM2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmN2E0NjRiODk0ODQxYjNiOTQwZTBiMzU3Yjg2NWUzOTNi
MWRkNDYwHhcNMjMxMDE0MTI1ODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWFhNWJlMzcwNzZjODY1NzEwNzM1MWZlYmYwZTU4MmJmNTBlNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojC5nFhRa2O4SMJsOsPWVDLrKPux
jwvOTxNLJgEPgMBdcrksmp5fLbvPiAI5shFr2IB5Ul5TIKBXTXKKwk8gxWLWKVxS
Rb5Vqm2Skym7W7T/Pw5TKtJI4fj6d+j2Zc4HTtrxVone7kQTiz0PAH0dCiSY+cGm
gVE3J9iA5Vl4yMM4CWjbpFS8liri4MD6gOJ+ozvhcDl9e+IfzxrNXNWgkBUaOQ9m
lW6nfDSZRkj3yLt0Y+E5aPl78OkHNGjfR7jY8bUZDP070mlWtyfz2GDqOfkRohy9
3pp5t/yFOfYeirVIFwZ90IF1VqP69je2SFuKqVglWPEv5rpp7hLhdumABQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJGqW+NwdshlcQc1H+vw5YK/UOS2MB8GA1UdIwQY
MBaAFC96RkuJSEGzuUDgs1e4ZeOTsd1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEt
MTAxNDRjMWJjYWZjLzEva2FwYjQzQjJ5R1Z4QnpVZjZfRGxncjlRNUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEtMTAxNDRjMWJjYWZj
LzEvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuYndAwQA
uYnfMBgEAgACMBIDBwAqCqUBAAADBwAqCqUCAAAwDQYJKoZIhvcNAQELBQADggEB
AFwXJLRJjHodBRB2B4FB8hDtWJg+AL4x1Z+4nHvkavXX05HQQPmzGvwXA0D3Y8sA
5CDJDYH316H6DDXphtdCETuomSKdP2TtYLzTFOI/EUBIx+NzslOaKID6Hv+obpa4
xCmVQSd/izzom2QxN2XzIYhpufEa8gcDi3+dqMYrPD6EaukJH5lMBvSug3SWm52e
XmkkqF+FRjXg+7SiZDg166b6aR6nMhHj8BpJnUvlg9+bPPUI9YKXItz+I3zvk/M1
5f0aHLHYxvmc/M3DChomv5USzrTlBwR64MeCwIGtd5YUogxeLHNtBJBxitbxtg8M
XCnwuoZKAViLVUb2/sdqTug=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:59 2024 by rpki-client on console-ams.rpki-client.org