Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/kaNIc1LJQfPKq3Qar9crzL04UEM.roa
File: kaNIc1LJQfPKq3Qar9crzL04UEM.roa (raw, json)
Hash identifier: 9tpNs2inay/RaxaeznfJeoHRTgFv6vJO/XO+ot/ikyI=
Subject key identifier: 91:A3:48:73:52:C9:41:F3:CA:AB:74:1A:AF:D7:2B:CC:BD:38:50:43
Certificate issuer: /CN=039b01353e51a3a87e835963bd8833ed81853d77
Certificate serial: 01872DCAAA6A94BFB97C1C6D8B47086B398A
Authority key identifier: 03:9B:01:35:3E:51:A3:A8:7E:83:59:63:BD:88:33:ED:81:85:3D:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/kaNIc1LJQfPKq3Qar9crzL04UEM.roa
Signing time: Wed 29 Mar 2023 14:34:29 +0000
ROA not before: Wed 29 Mar 2023 14:34:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203318
IP address blocks: 185.138.80.0/22 maxlen: 24
185.214.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 10:13:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:ca:aa:6a:94:bf:b9:7c:1c:6d:8b:47:08:6b:39:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=039b01353e51a3a87e835963bd8833ed81853d77
Validity
Not Before: Mar 29 14:34:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91a3487352c941f3caab741aafd72bccbd385043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:0d:6d:59:3e:45:81:23:1b:5a:81:3c:f8:85:
5d:d1:43:45:b8:66:cf:b5:ed:db:22:40:09:2c:71:
8e:db:3c:c2:ca:57:76:34:bc:2c:ca:83:22:42:1b:
82:b3:c8:97:2f:16:aa:1f:22:1e:e0:02:5a:f8:94:
8c:5a:ff:0e:8f:a0:f9:e4:8a:ad:04:23:4a:2b:73:
82:f1:69:99:4c:ef:c2:17:7f:ca:91:25:6f:f3:3f:
7b:ec:8d:df:8f:88:a1:d7:f9:49:ff:51:75:cb:88:
80:7b:37:d4:7a:09:a3:1f:c1:1e:af:7d:cd:31:1a:
ba:a0:66:25:df:fe:b8:45:a1:d2:c2:c7:1d:fc:17:
0d:02:4a:b7:d9:f1:bc:89:39:a4:3b:09:2d:e9:5f:
cc:c3:42:b7:f4:95:aa:04:2d:b6:0c:9e:cb:38:7f:
0e:4c:f2:bf:d4:17:6a:a7:95:91:38:0d:9f:72:11:
5d:5b:22:91:10:23:1b:05:21:0f:f5:db:8c:40:dd:
5b:1e:28:df:a7:38:51:07:94:c4:4e:4b:3f:a3:dd:
85:0d:4e:0b:ee:17:4f:cf:3e:ed:e9:c5:92:da:68:
b7:11:dc:49:fd:49:75:9b:75:f1:f2:93:7e:79:16:
84:95:ef:79:86:af:36:85:36:fa:4f:f1:b8:ca:7c:
86:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A3:48:73:52:C9:41:F3:CA:AB:74:1A:AF:D7:2B:CC:BD:38:50:43
X509v3 Authority Key Identifier:
keyid:03:9B:01:35:3E:51:A3:A8:7E:83:59:63:BD:88:33:ED:81:85:3D:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/kaNIc1LJQfPKq3Qar9crzL04UEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.80.0/22
185.214.73.0/24
Signature Algorithm: sha256WithRSAEncryption
47:b2:59:9d:b8:17:b3:d8:d3:e3:f1:10:cb:89:9f:48:da:a9:
d1:6d:08:52:4a:07:f5:0c:4c:9f:b6:33:1e:32:f9:3e:c9:20:
4e:76:58:88:3e:20:76:be:f1:4c:30:28:88:56:fb:e9:03:69:
40:d6:59:2b:b9:c7:f0:67:0d:08:dd:32:1d:d4:5a:f7:6f:d7:
90:68:4f:b2:94:6c:90:01:60:59:a5:4c:89:ea:b1:73:f4:df:
b0:f4:85:50:b9:a6:eb:f9:cd:d0:12:21:27:9f:a5:10:94:6d:
8a:fa:93:24:aa:ae:a1:4b:b4:94:95:c8:84:24:ed:22:5a:a5:
08:5f:7b:85:ac:1f:0d:3c:5b:08:5e:da:92:2d:c9:0b:66:d1:
11:e1:58:bf:f5:4e:c4:01:19:8d:f2:0f:a5:32:13:55:cc:e7:
6b:45:65:2d:b8:8b:7f:d3:60:39:b3:9b:9c:f0:d5:bb:a2:33:
4c:5c:6b:db:6d:74:a9:e4:fc:a1:57:4a:27:11:db:f3:01:13:
a7:7e:5b:1a:dc:e3:a8:07:15:a6:12:b9:c5:4c:eb:d3:29:e6:
d7:81:00:33:4d:87:50:35:c0:c3:16:bc:8c:df:63:9d:a6:b1:
4f:cd:44:9b:fd:a6:cc:78:aa:fd:f9:00:65:98:49:39:48:02:
41:dc:ae:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYctyqpqlL+5fBxti0cIazmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzOWIwMTM1M2U1MWEzYTg3ZTgzNTk2M2JkODgzM2VkODE4
NTNkNzcwHhcNMjMwMzI5MTQzNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWEzNDg3MzUyYzk0MWYzY2FhYjc0MWFhZmQ3MmJjY2JkMzg1MDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4A1tWT5FgSMbWoE8+IVd0UNFuGbP
te3bIkAJLHGO2zzCyld2NLwsyoMiQhuCs8iXLxaqHyIe4AJa+JSMWv8Oj6D55Iqt
BCNKK3OC8WmZTO/CF3/KkSVv8z977I3fj4ih1/lJ/1F1y4iAezfUegmjH8Eer33N
MRq6oGYl3/64RaHSwscd/BcNAkq32fG8iTmkOwkt6V/Mw0K39JWqBC22DJ7LOH8O
TPK/1Bdqp5WROA2fchFdWyKRECMbBSEP9duMQN1bHijfpzhRB5TETks/o92FDU4L
7hdPzz7t6cWS2mi3EdxJ/Ul1m3Xx8pN+eRaEle95hq82hTb6T/G4ynyGiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJGjSHNSyUHzyqt0Gq/XK8y9OFBDMB8GA1UdIwQY
MBaAFAObATU+UaOofoNZY72IM+2BhT13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTVzQk5UNVJvNmgtZzFsanZZZ3o3WUdGUFhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8yY2Y4OGYtMmM2YS00YjQ4LWEyNWUt
NGE4YjZiNDA4MmIxLzEva2FOSWMxTEpRZlBLcTNRYXI5Y3J6TDA0VUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8yY2Y4OGYtMmM2YS00YjQ4LWEyNWUtNGE4YjZiNDA4MmIx
LzEvQTVzQk5UNVJvNmgtZzFsanZZZ3o3WUdGUFhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYpQAwQA
udZJMA0GCSqGSIb3DQEBCwUAA4IBAQBHslmduBez2NPj8RDLiZ9I2qnRbQhSSgf1
DEyftjMeMvk+ySBOdliIPiB2vvFMMCiIVvvpA2lA1lkrucfwZw0I3TId1Fr3b9eQ
aE+ylGyQAWBZpUyJ6rFz9N+w9IVQuabr+c3QEiEnn6UQlG2K+pMkqq6hS7SUlciE
JO0iWqUIX3uFrB8NPFsIXtqSLckLZtER4Vi/9U7EARmN8g+lMhNVzOdrRWUtuIt/
02A5s5uc8NW7ojNMXGvbbXSp5PyhV0onEdvzAROnflsa3OOoBxWmErnFTOvTKebX
gQAzTYdQNcDDFryM32OdprFPzUSb/abMeKr9+QBlmEk5SAJB3K7m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:26 2024 by rpki-client on console-ams.rpki-client.org