Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/IewY5gt-BXk79aAr-j7G3kxl2JI.roa
File: IewY5gt-BXk79aAr-j7G3kxl2JI.roa (raw, json)
Hash identifier: rWUhbjRAPxVD2ahfwoAxcbM8NB05VAmgDogIguhF62k=
Subject key identifier: 21:EC:18:E6:0B:7E:05:79:3B:F5:A0:2B:FA:3E:C6:DE:4C:65:D8:92
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 018D5A7A95BD6776BB0BF9391BFB5D1286EC
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/IewY5gt-BXk79aAr-j7G3kxl2JI.roa
Signing time: Tue 30 Jan 2024 13:06:39 +0000
ROA not before: Tue 30 Jan 2024 13:06:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 185.136.32.0/22 maxlen: 32
217.144.176.0/22 maxlen: 32
217.144.180.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 11 Nov 2024 09:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:7a:95:bd:67:76:bb:0b:f9:39:1b:fb:5d:12:86:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jan 30 13:06:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21ec18e60b7e05793bf5a02bfa3ec6de4c65d892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:13:72:93:41:d7:6a:72:a0:b4:18:6b:67:e0:
ac:49:3b:a7:d9:11:11:9a:75:bf:59:cb:1c:f0:31:
c9:35:db:95:d9:85:60:96:fd:83:c5:81:5b:4b:b4:
16:1a:c8:b1:7a:e6:cc:16:0e:e3:26:9f:f1:6e:ec:
d3:e1:80:fe:c9:87:4a:6a:47:ca:83:33:c4:be:be:
68:ff:4f:d8:1a:e0:ce:cb:ae:39:9c:80:92:d3:74:
e5:ce:9f:10:27:46:d6:75:e2:cd:36:c9:83:9d:19:
61:cf:b4:c4:6b:52:28:49:04:c9:c4:7a:e0:d8:91:
56:47:cd:2f:f8:c9:d7:a2:6c:e5:d8:cf:85:5d:71:
6f:e3:d7:06:c8:12:88:ed:c7:c4:af:87:5a:3f:f2:
6a:6a:7f:aa:97:de:49:79:71:23:12:d0:68:59:52:
c6:af:d1:81:6c:90:b1:47:0c:2b:4e:31:07:dd:a3:
f2:98:24:27:7b:d6:c4:ee:89:29:f5:79:e4:8f:6b:
b6:97:19:d6:57:80:c7:13:1a:23:eb:21:cf:bf:54:
ab:1c:31:8d:77:58:c8:43:8b:a7:c1:a6:a0:50:62:
a3:07:28:e8:20:8e:fb:a3:dc:0e:76:61:be:e2:5f:
c3:c9:20:5b:7d:a4:e6:15:5b:57:fc:5c:fd:18:8a:
ce:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:EC:18:E6:0B:7E:05:79:3B:F5:A0:2B:FA:3E:C6:DE:4C:65:D8:92
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/IewY5gt-BXk79aAr-j7G3kxl2JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.32.0/22
217.144.176.0/21
Signature Algorithm: sha256WithRSAEncryption
35:21:bd:60:f9:ef:e2:95:99:7c:47:28:a2:77:bb:3d:42:4a:
43:12:44:e8:4c:d8:ab:5d:9b:22:d9:d5:b1:3d:e8:f6:0b:dc:
98:3d:2a:20:f5:81:77:fd:81:c5:21:f3:ea:dc:5d:88:07:3d:
ce:b9:06:b1:47:a5:a1:e6:e8:19:bc:0d:88:00:99:ff:5e:eb:
3c:f3:ff:9f:f2:fc:71:99:35:24:f8:99:0f:37:e0:e6:c4:5d:
96:e5:85:8d:7a:ac:17:d3:dc:2b:4b:f4:e9:d8:84:7e:47:b1:
69:38:dd:6b:db:6b:bf:1d:e5:70:fc:8b:35:f9:87:96:58:99:
c6:36:d4:e0:3c:7d:f8:fa:d7:e1:d5:ee:2c:e9:16:c3:ee:d6:
50:8c:94:c1:30:35:cf:28:40:0c:f0:b3:b4:a0:42:5d:42:cf:
59:79:e5:fd:71:b7:8d:28:58:d3:74:6c:ad:36:98:41:f0:74:
5a:43:f9:36:15:d8:f1:91:33:73:c7:b0:6a:93:40:e1:6c:d5:
c1:39:55:05:68:6f:51:82:d9:f3:81:70:d6:58:63:d6:c1:68:
9e:15:86:96:8d:12:d5:74:9a:b2:f1:4b:a4:94:ee:14:8b:68:
89:1a:a3:36:e8:7c:72:d5:e6:f7:bd:37:3f:80:15:ae:89:14:
fe:50:11:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1aepW9Z3a7C/k5G/tdEobsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQwMTMwMTMwNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWVjMThlNjBiN2UwNTc5M2JmNWEwMmJmYTNlYzZkZTRjNjVkODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxNyk0HXanKgtBhrZ+CsSTun2RER
mnW/Wcsc8DHJNduV2YVglv2DxYFbS7QWGsixeubMFg7jJp/xbuzT4YD+yYdKakfK
gzPEvr5o/0/YGuDOy645nICS03Tlzp8QJ0bWdeLNNsmDnRlhz7TEa1IoSQTJxHrg
2JFWR80v+MnXomzl2M+FXXFv49cGyBKI7cfEr4daP/Jqan+ql95JeXEjEtBoWVLG
r9GBbJCxRwwrTjEH3aPymCQne9bE7okp9Xnkj2u2lxnWV4DHExoj6yHPv1SrHDGN
d1jIQ4unwaagUGKjByjoII77o9wOdmG+4l/DySBbfaTmFVtX/Fz9GIrOawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCHsGOYLfgV5O/WgK/o+xt5MZdiSMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvSWV3WTVndC1CWGs3OWFBci1qN0cza3hsMkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYggAwQD
2ZCwMA0GCSqGSIb3DQEBCwUAA4IBAQA1Ib1g+e/ilZl8Ryiid7s9QkpDEkToTNir
XZsi2dWxPej2C9yYPSog9YF3/YHFIfPq3F2IBz3OuQaxR6Wh5ugZvA2IAJn/Xus8
8/+f8vxxmTUk+JkPN+DmxF2W5YWNeqwX09wrS/Tp2IR+R7FpON1r22u/HeVw/Is1
+YeWWJnGNtTgPH34+tfh1e4s6RbD7tZQjJTBMDXPKEAM8LO0oEJdQs9ZeeX9cbeN
KFjTdGytNphB8HRaQ/k2FdjxkTNzx7Bqk0DhbNXBOVUFaG9RgtnzgXDWWGPWwWie
FYaWjRLVdJqy8UuklO4Ui2iJGqM26Hxy1eb3vTc/gBWuiRT+UBHl
-----END CERTIFICATE-----
Generated at Mon Nov 11 12:47:38 2024 by rpki-client on console-fra.rpki-client.org