Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/aIn5VocAfgcXju73DFiM7lGZ9f8.roa
File: aIn5VocAfgcXju73DFiM7lGZ9f8.roa (raw, json)
Hash identifier: JoK+0MwNBoQNYWeXDayMK3fPHwUxNjei98s8pjAHkA0=
Subject key identifier: 68:89:F9:56:87:00:7E:07:17:8E:EE:F7:0C:58:8C:EE:51:99:F5:FF
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 018CC500F90904EEF36074AFC11F07CDD9D2
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/aIn5VocAfgcXju73DFiM7lGZ9f8.roa
Signing time: Mon 01 Jan 2024 12:30:24 +0000
ROA not before: Mon 01 Jan 2024 12:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211783
IP address blocks: 185.197.137.0/24 maxlen: 24
185.197.136.0/22 maxlen: 22
185.197.136.0/24 maxlen: 24
185.197.139.0/24 maxlen: 24
185.197.138.0/24 maxlen: 24
2a0a:7a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f9:09:04:ee:f3:60:74:af:c1:1f:07:cd:d9:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: Jan 1 12:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6889f95687007e07178eeef70c588cee5199f5ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:90:ab:eb:08:35:e5:ac:b0:91:75:f4:7d:56:
17:58:7f:47:a8:a4:14:c2:dc:56:a6:c6:2f:61:96:
8a:0d:f0:9d:17:a6:8a:42:2b:87:86:5a:d0:41:82:
51:2d:4e:2a:b1:fb:3d:28:fa:11:2f:4d:a9:ae:ba:
fa:8b:ad:0c:b9:bc:af:d1:ef:3c:cb:84:c1:1e:da:
4a:23:8b:c4:e3:f8:8b:15:c6:51:19:dd:df:6d:07:
28:b6:15:37:fa:91:d3:ea:15:72:7e:4f:d8:59:fa:
c0:32:73:00:c4:4d:b3:0c:eb:05:be:11:62:50:81:
c4:55:ef:04:47:73:fe:a8:43:a9:6d:0f:03:a2:14:
7a:2f:04:fb:10:b5:ee:4f:60:b9:51:93:d0:68:4c:
7b:73:4f:c8:10:1d:48:60:21:48:50:f8:37:e1:be:
84:c6:29:60:16:6d:0f:42:9e:d6:6e:d5:7c:1b:92:
5f:34:cf:9e:5d:2a:7e:ed:f8:96:06:39:ff:db:d1:
5c:fe:36:93:51:15:a8:40:b1:3b:d0:20:e3:d5:d3:
53:0f:2f:4b:fb:13:1d:1f:e5:fa:8a:65:a2:8c:aa:
d5:df:b8:6f:a9:7b:9e:44:25:af:2a:61:9b:61:a6:
7f:f2:16:e0:78:8b:eb:71:b4:43:83:67:fe:e2:58:
d2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:89:F9:56:87:00:7E:07:17:8E:EE:F7:0C:58:8C:EE:51:99:F5:FF
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/aIn5VocAfgcXju73DFiM7lGZ9f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.136.0/22
IPv6:
2a0a:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
6c:b3:93:52:b1:75:cd:e5:7a:68:b8:1e:d4:a6:6e:3c:85:3c:
d0:c4:f0:64:83:ef:21:39:e9:3d:dd:1c:19:6f:76:10:c4:e0:
a1:f6:39:a8:5a:d2:c0:c8:20:1d:b2:03:c7:f4:ca:31:10:c0:
ac:96:0e:56:89:5c:07:f2:22:51:3b:2f:9d:db:2f:cc:70:bc:
53:22:7a:b7:d1:b0:d4:e8:08:b8:5e:bd:4d:03:6b:be:03:a0:
20:48:5c:a5:9b:9c:8e:24:97:12:74:21:09:0a:0d:a3:4b:9e:
50:eb:c3:48:3a:21:d1:05:3e:1f:eb:d7:53:8d:f8:ae:ef:2d:
66:94:51:6c:50:36:52:e5:2f:21:67:86:a4:f2:3a:6a:f6:72:
82:0a:f0:8d:9b:32:dc:c6:01:8f:35:c8:44:f5:47:b5:04:5b:
cd:fa:a2:8c:4f:1c:2b:08:67:7f:02:b3:c5:1c:6d:c0:82:89:
f1:84:1e:fe:55:66:5b:d2:d6:4b:2a:8d:f5:75:eb:00:84:2b:
53:34:c1:f4:50:39:71:5b:f1:a3:9d:b5:d5:12:cb:7c:ff:28:
12:dc:49:cc:36:7f:44:2a:fb:27:9f:f5:67:73:21:d2:0b:1e:
2a:bb:57:0b:9c:6e:f6:09:a2:2c:84:0c:22:4c:56:8a:9d:b4:
92:75:fa:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAPkJBO7zYHSvwR8HzdnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm
MTI2N2EwHhcNMjQwMTAxMTIzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODg5Zjk1Njg3MDA3ZTA3MTc4ZWVlZjcwYzU4OGNlZTUxOTlmNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJCr6wg15aywkXX0fVYXWH9HqKQU
wtxWpsYvYZaKDfCdF6aKQiuHhlrQQYJRLU4qsfs9KPoRL02prrr6i60Mubyv0e88
y4TBHtpKI4vE4/iLFcZRGd3fbQcothU3+pHT6hVyfk/YWfrAMnMAxE2zDOsFvhFi
UIHEVe8ER3P+qEOpbQ8DohR6LwT7ELXuT2C5UZPQaEx7c0/IEB1IYCFIUPg34b6E
xilgFm0PQp7WbtV8G5JfNM+eXSp+7fiWBjn/29Fc/jaTURWoQLE70CDj1dNTDy9L
+xMdH+X6imWijKrV37hvqXueRCWvKmGbYaZ/8hbgeIvrcbRDg2f+4ljS3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGiJ+VaHAH4HF47u9wxYjO5RmfX/MB8GA1UdIwQY
MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt
MmIzYjRjNzgwNDE5LzEvYUluNVZvY0FmZ2NYanU3M0RGaU03bEdaOWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5
LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucWIMA0E
AgACMAcDBQMqCnpAMA0GCSqGSIb3DQEBCwUAA4IBAQBss5NSsXXN5XpouB7Upm48
hTzQxPBkg+8hOek93RwZb3YQxOCh9jmoWtLAyCAdsgPH9MoxEMCslg5WiVwH8iJR
Oy+d2y/McLxTInq30bDU6Ai4Xr1NA2u+A6AgSFylm5yOJJcSdCEJCg2jS55Q68NI
OiHRBT4f69dTjfiu7y1mlFFsUDZS5S8hZ4ak8jpq9nKCCvCNmzLcxgGPNchE9Ue1
BFvN+qKMTxwrCGd/ArPFHG3AgonxhB7+VWZb0tZLKo31desAhCtTNMH0UDlxW/Gj
nbXVEst8/ygS3EnMNn9EKvsnn/VncyHSCx4qu1cLnG72CaIshAwiTFaKnbSSdfpw
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:18 2025 by rpki-client