Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/IO5FnuUQbEhewwQGG8BeyCDuYVo.roa
File: IO5FnuUQbEhewwQGG8BeyCDuYVo.roa (raw, json)
Hash identifier: 8SEpGdiDKOm6EC8JQtIumZvGBpLX7lMLn93uFEBE1wQ=
Subject key identifier: 20:EE:45:9E:E5:10:6C:48:5E:C3:04:06:1B:C0:5E:C8:20:EE:61:5A
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 018C825F81E94E1C41CE4851A92131CE2E5B
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/IO5FnuUQbEhewwQGG8BeyCDuYVo.roa
Signing time: Tue 19 Dec 2023 13:59:06 +0000
ROA not before: Tue 19 Dec 2023 13:59:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 217.144.176.0/22 maxlen: 32
217.144.184.0/22 maxlen: 32
185.136.32.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:5f:81:e9:4e:1c:41:ce:48:51:a9:21:31:ce:2e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Dec 19 13:59:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20ee459ee5106c485ec304061bc05ec820ee615a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:37:26:e7:41:8b:6c:2e:71:f6:58:0f:aa:3f:
b0:f5:4d:7d:e8:e1:db:a8:44:da:58:d5:e7:ad:c5:
2a:64:fd:16:37:92:e4:58:0d:dd:ed:48:ab:d0:bd:
31:bf:34:63:c9:65:c9:08:e5:67:f2:aa:dd:f7:4a:
f6:6d:cb:f2:44:29:6d:18:89:e2:ee:b7:7c:3c:d0:
02:a9:98:f9:ab:e7:c6:7e:71:7b:b1:a2:06:c0:d5:
b3:89:d6:fb:81:47:30:4b:07:dc:8c:d0:9a:c5:40:
2a:a9:0f:ff:34:b4:c8:db:25:df:86:55:df:44:e3:
41:a9:18:50:d0:20:69:0f:b5:0a:6e:69:a2:65:ef:
fa:59:53:dd:bd:c9:5d:fa:11:34:2e:04:56:7a:74:
ce:2d:3c:5e:ce:d0:8d:36:8d:22:03:aa:4c:0f:37:
00:ad:26:0e:80:eb:83:6a:fb:d0:d4:30:b9:3e:35:
4c:a9:88:a9:a1:5b:e5:68:d1:b3:34:75:ce:0e:59:
56:5b:a1:f8:e3:eb:2f:c7:53:ce:31:8c:c2:fd:8b:
40:dd:5d:a9:1a:9d:d2:53:59:22:b0:2b:2f:91:bd:
ee:e5:78:e4:f6:14:41:cd:a0:96:de:20:11:6d:04:
73:3f:a2:67:d7:d9:40:b3:d2:d1:72:72:44:f6:a0:
00:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:EE:45:9E:E5:10:6C:48:5E:C3:04:06:1B:C0:5E:C8:20:EE:61:5A
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/IO5FnuUQbEhewwQGG8BeyCDuYVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.32.0/22
217.144.176.0/22
217.144.184.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:64:f7:8b:d0:19:d3:64:91:5e:dd:0d:1f:b1:f6:bb:2c:1d:
6c:1e:7d:88:f7:ca:d2:56:fa:fb:01:e1:1f:cc:07:f6:cb:1f:
6f:01:cd:59:98:8c:f5:8c:b1:d5:2e:64:0d:13:2b:63:fd:51:
c6:4c:bd:e5:9f:9f:0b:2f:e3:bb:dc:a2:2d:1f:3a:5f:1f:2e:
b9:c0:2a:5b:09:16:ae:78:ac:46:ab:78:a4:e5:d8:93:62:40:
ef:0f:ec:9a:82:ea:5e:10:31:50:27:85:47:a9:fe:a2:5a:55:
d9:c1:06:9a:d7:0f:0a:c9:5a:f0:3b:de:f1:f7:ed:81:9e:39:
a3:63:1e:1e:d9:13:69:c1:1d:01:7e:59:7d:65:ab:7e:dc:ae:
ae:fe:6b:83:84:01:d4:f0:b2:77:e9:fe:0e:a3:56:70:71:99:
65:1e:3c:da:64:10:85:8f:7e:49:a9:eb:b7:5a:d9:22:a8:75:
55:cd:62:eb:22:46:c6:72:75:10:f1:98:c6:b0:42:a1:27:ac:
e7:2b:48:03:7d:3a:22:cb:b6:b2:a4:00:5b:d5:f1:86:a1:d2:
ff:77:d6:58:28:07:d0:3b:d0:75:76:04:bd:7d:4d:bc:e8:8a:
e0:bc:82:96:f8:67:5d:7c:ca:a1:6e:76:1d:9d:1f:42:35:34:
87:ff:8a:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyCX4HpThxBzkhRqSExzi5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjMxMjE5MTM1OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGVlNDU5ZWU1MTA2YzQ4NWVjMzA0MDYxYmMwNWVjODIwZWU2MTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTcm50GLbC5x9lgPqj+w9U196OHb
qETaWNXnrcUqZP0WN5LkWA3d7Uir0L0xvzRjyWXJCOVn8qrd90r2bcvyRCltGIni
7rd8PNACqZj5q+fGfnF7saIGwNWzidb7gUcwSwfcjNCaxUAqqQ//NLTI2yXfhlXf
RONBqRhQ0CBpD7UKbmmiZe/6WVPdvcld+hE0LgRWenTOLTxeztCNNo0iA6pMDzcA
rSYOgOuDavvQ1DC5PjVMqYipoVvlaNGzNHXODllWW6H44+svx1POMYzC/YtA3V2p
Gp3SU1kisCsvkb3u5Xjk9hRBzaCW3iARbQRzP6Jn19lAs9LRcnJE9qAAYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCDuRZ7lEGxIXsMEBhvAXsgg7mFaMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvSU81Rm51VVFiRWhld3dRR0c4QmV5Q0R1WVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuYggAwQC
2ZCwAwQC2ZC4MA0GCSqGSIb3DQEBCwUAA4IBAQBuZPeL0BnTZJFe3Q0fsfa7LB1s
Hn2I98rSVvr7AeEfzAf2yx9vAc1ZmIz1jLHVLmQNEytj/VHGTL3ln58LL+O73KIt
HzpfHy65wCpbCRaueKxGq3ik5diTYkDvD+yagupeEDFQJ4VHqf6iWlXZwQaa1w8K
yVrwO97x9+2BnjmjYx4e2RNpwR0Bfll9Zat+3K6u/muDhAHU8LJ36f4Oo1ZwcZll
HjzaZBCFj35Jqeu3WtkiqHVVzWLrIkbGcnUQ8ZjGsEKhJ6znK0gDfToiy7aypABb
1fGGodL/d9ZYKAfQO9B1dgS9fU286IrgvIKW+GddfMqhbnYdnR9CNTSH/4rF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:08 2024 by rpki-client on console-ams.rpki-client.org