Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/k69YA0miMDuc7lfdUvGfJUZ07KI.roa
File: k69YA0miMDuc7lfdUvGfJUZ07KI.roa (raw, json)
Hash identifier: SQMXLXHzgedJya3cbvs7KGtBogPyTth7lozpE1M/PbU=
Subject key identifier: 93:AF:58:03:49:A2:30:3B:9C:EE:57:DD:52:F1:9F:25:46:74:EC:A2
Certificate issuer: /CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Certificate serial: 01856E01D5DB7416AFA69A02D3189B2DEA50
Authority key identifier: A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/k69YA0miMDuc7lfdUvGfJUZ07KI.roa
Signing time: Sun 01 Jan 2023 15:44:52 +0000
ROA not before: Sun 01 Jan 2023 15:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.66.203.0/24 maxlen: 24
185.66.202.0/24 maxlen: 24
185.237.4.0/24 maxlen: 24
185.237.7.0/24 maxlen: 24
185.237.6.0/24 maxlen: 24
185.237.5.0/24 maxlen: 24
82.115.214.0/24 maxlen: 24
2a07:e3c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:d5:db:74:16:af:a6:9a:02:d3:18:9b:2d:ea:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Validity
Not Before: Jan 1 15:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93af580349a2303b9cee57dd52f19f254674eca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:20:88:f3:30:9c:74:d9:e3:7e:d7:a9:d9:20:
57:a1:a1:17:f1:0c:9a:58:e6:10:f3:c1:ad:62:5e:
61:2b:35:8e:4c:a6:8e:b7:d9:47:12:9d:f4:6c:f9:
cd:93:db:36:7e:ea:1c:06:5e:30:d1:e5:57:06:d4:
cf:60:ae:e2:be:25:f9:ae:28:c9:43:13:21:5e:d1:
08:3f:d5:62:30:92:43:ea:8b:b6:dd:af:d7:6c:0b:
71:7c:1e:c4:2f:74:30:cd:f0:ba:11:05:d9:c1:43:
41:50:9b:a6:cc:24:58:5d:eb:56:e7:af:3c:59:a2:
ef:e6:31:8c:46:c9:0a:ec:3a:ec:d5:8b:ee:e5:86:
4c:64:eb:72:c3:e9:fd:a7:ef:9f:42:aa:98:b9:b3:
d0:06:42:fa:8f:c6:b3:c6:6d:90:57:54:31:a1:08:
22:90:a9:a3:d5:b3:4f:50:29:86:87:3c:f4:21:d8:
6d:8f:4e:58:6c:4e:8c:78:9b:e2:9b:0c:13:24:b2:
35:4d:39:41:be:f6:3b:ce:84:0c:92:79:a1:e3:9c:
ba:8e:d3:e2:bf:90:f4:27:c9:07:0e:e4:d5:4d:13:
3d:fb:d3:01:2c:f3:76:10:ef:ac:c3:3f:5c:4f:48:
4b:76:45:82:d4:7a:ee:9c:f7:05:33:42:2c:4d:23:
8b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:AF:58:03:49:A2:30:3B:9C:EE:57:DD:52:F1:9F:25:46:74:EC:A2
X509v3 Authority Key Identifier:
keyid:A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/k69YA0miMDuc7lfdUvGfJUZ07KI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/qIAb4jY_IRvS9XgYrer5wNvhS9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.214.0/24
185.66.202.0/23
185.237.4.0/22
IPv6:
2a07:e3c0::/48
Signature Algorithm: sha256WithRSAEncryption
54:a9:38:f9:38:cb:66:21:41:c7:a1:c7:c7:f5:c2:e1:1c:62:
3f:40:a8:1b:60:cb:ed:7b:df:51:0d:ad:37:e1:f1:49:63:a2:
a0:3e:ff:19:86:37:da:fa:76:41:9c:cd:2e:59:3b:5f:ce:ad:
47:b2:88:ef:ac:e5:b7:b0:b6:73:9e:11:97:af:6f:5c:b7:6f:
4b:54:c2:99:4c:f6:bb:49:87:aa:dc:f3:b2:75:20:66:32:5c:
5e:d2:ff:6f:f2:fa:14:73:16:fc:b5:00:bd:c5:37:d0:f1:9a:
0e:92:63:4c:46:30:c7:2a:af:4c:ff:1c:59:78:01:cb:d1:ab:
e0:a1:89:79:5a:bf:54:a2:1b:e2:de:e3:4f:3b:96:17:e8:14:
ae:e8:98:fc:ae:c7:69:bf:0e:c1:c1:d9:45:8b:f6:be:29:91:
cc:02:05:7e:e3:5a:37:3b:ed:67:cf:94:b5:20:6b:21:d7:db:
ad:29:f5:5c:3d:96:ec:6a:b9:6f:ce:bf:a8:9c:04:7b:81:f6:
59:cb:c6:71:27:07:ff:c7:e9:b2:c2:24:46:27:8e:03:2a:5f:
47:9b:ca:70:c1:91:a4:1c:24:d2:44:03:5d:65:b4:e0:b6:e1:
fd:43:b3:a2:0c:5f:4d:76:33:ab:29:91:ff:72:60:4e:4e:06:
25:5c:10:a5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVuAdXbdBavppoC0xibLepQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODAxYmUyMzYzZjIxMWJkMmY1NzgxOGFkZWFmOWMwZGJl
MTRiZGIwHhcNMjMwMTAxMTU0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2FmNTgwMzQ5YTIzMDNiOWNlZTU3ZGQ1MmYxOWYyNTQ2NzRlY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyCI8zCcdNnjftep2SBXoaEX8Qya
WOYQ88GtYl5hKzWOTKaOt9lHEp30bPnNk9s2fuocBl4w0eVXBtTPYK7iviX5rijJ
QxMhXtEIP9ViMJJD6ou23a/XbAtxfB7EL3QwzfC6EQXZwUNBUJumzCRYXetW5688
WaLv5jGMRskK7Drs1Yvu5YZMZOtyw+n9p++fQqqYubPQBkL6j8azxm2QV1QxoQgi
kKmj1bNPUCmGhzz0Idhtj05YbE6MeJvimwwTJLI1TTlBvvY7zoQMknmh45y6jtPi
v5D0J8kHDuTVTRM9+9MBLPN2EO+swz9cT0hLdkWC1HrunPcFM0IsTSOL1wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJOvWANJojA7nO5X3VLxnyVGdOyiMB8GA1UdIwQY
MBaAFKiAG+I2PyEb0vV4GK3q+cDb4UvbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlBYjRqWV9JUnZTOVhnWXJlcjV3TnZoUzlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84MTFlNzMtY2YzMC00OTRkLWFjYWMt
ODQyMGFlOWUwNjIyLzEvazY5WUEwbWlNRHVjN2xmZFV2R2ZKVVowN0tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84MTFlNzMtY2YzMC00OTRkLWFjYWMtODQyMGFlOWUwNjIy
LzEvcUlBYjRqWV9JUnZTOVhnWXJlcjV3TnZoUzlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAUnPWAwQB
uULKAwQCue0EMA8EAgACMAkDBwAqB+PAAAAwDQYJKoZIhvcNAQELBQADggEBAFSp
OPk4y2YhQcehx8f1wuEcYj9AqBtgy+1731ENrTfh8UljoqA+/xmGN9r6dkGczS5Z
O1/OrUeyiO+s5bewtnOeEZevb1y3b0tUwplM9rtJh6rc87J1IGYyXF7S/2/y+hRz
Fvy1AL3FN9Dxmg6SY0xGMMcqr0z/HFl4AcvRq+ChiXlav1SiG+Le4087lhfoFK7o
mPyux2m/DsHB2UWL9r4pkcwCBX7jWjc77WfPlLUgayHX260p9Vw9luxquW/Ov6ic
BHuB9lnLxnEnB//H6bLCJEYnjgMqX0ebynDBkaQcJNJEA11ltOC24f1Ds6IMX012
M6spkf9yYE5OBiVcEKU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:35 2024 by rpki-client on console-ams.rpki-client.org