Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/k7Zq8XLUUUs-qL0E8BYRHHSr0fw.roa
File: k7Zq8XLUUUs-qL0E8BYRHHSr0fw.roa (raw, json)
Hash identifier: miEv5Til4z73g9osmsEpaNKsTQQiIFrpj4oATd+HI+A=
Subject key identifier: 93:B6:6A:F1:72:D4:51:4B:3E:A8:BD:04:F0:16:11:1C:74:AB:D1:FC
Certificate issuer: /CN=09d1a634bbb7aefad87d121a5fe545648738c8c5
Certificate serial: 0185704BE35D089FB6267A203AF20332ECE1
Authority key identifier: 09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/k7Zq8XLUUUs-qL0E8BYRHHSr0fw.roa
Signing time: Mon 02 Jan 2023 02:24:59 +0000
ROA not before: Mon 02 Jan 2023 02:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 185.254.133.0/24 maxlen: 24
185.254.134.0/24 maxlen: 24
185.254.135.0/24 maxlen: 24
185.121.28.0/24 maxlen: 24
185.121.29.0/24 maxlen: 24
185.121.30.0/24 maxlen: 24
185.121.31.0/24 maxlen: 24
185.40.185.0/24 maxlen: 24
185.40.186.0/24 maxlen: 24
185.40.184.0/24 maxlen: 24
185.40.187.0/24 maxlen: 24
185.254.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:e3:5d:08:9f:b6:26:7a:20:3a:f2:03:32:ec:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09d1a634bbb7aefad87d121a5fe545648738c8c5
Validity
Not Before: Jan 2 02:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93b66af172d4514b3ea8bd04f016111c74abd1fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:79:3f:b8:f8:bc:13:ae:55:48:fe:10:45:aa:
4e:51:8d:ae:86:fc:5e:41:27:6e:14:98:6f:1a:89:
15:bd:87:a6:48:c6:18:70:39:ff:b4:6f:63:a8:f3:
84:81:aa:ba:71:f3:ba:d1:ef:41:b1:45:a7:39:f2:
e7:e5:4b:10:b2:f7:04:ca:7d:2d:b3:b6:f8:b5:66:
62:97:1e:7b:1c:a0:03:22:23:46:b2:56:cd:55:54:
f1:4b:ee:8b:29:14:23:6f:a6:39:d4:18:47:e7:8d:
f4:8b:0d:ef:84:fc:05:b2:af:84:e4:1a:22:1e:fa:
26:b4:2b:61:3f:e1:91:28:bd:87:94:80:66:f0:77:
69:ea:aa:39:76:28:48:0a:65:8f:23:83:a5:6a:09:
05:a6:01:b6:75:51:c5:f8:aa:7b:b9:f7:d5:61:5c:
e6:d7:4a:23:69:6b:6b:6d:78:9f:99:f4:34:ff:e7:
9c:30:d2:a5:b7:d4:53:97:f0:c2:3e:48:29:c8:66:
ef:02:6d:1d:66:3c:2a:d6:fe:14:f4:8d:c1:3d:52:
32:8b:1d:3a:99:44:3a:07:cc:7e:fe:98:6b:f8:e3:
9b:49:ff:e5:86:cc:1d:7a:ce:e1:d0:57:29:d8:9a:
97:37:c9:b0:8a:af:7a:6d:67:f0:78:78:60:63:c2:
d4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B6:6A:F1:72:D4:51:4B:3E:A8:BD:04:F0:16:11:1C:74:AB:D1:FC
X509v3 Authority Key Identifier:
keyid:09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/k7Zq8XLUUUs-qL0E8BYRHHSr0fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.184.0/22
185.121.28.0/22
185.254.132.0/22
Signature Algorithm: sha256WithRSAEncryption
61:48:28:ae:aa:99:4c:b5:a8:bc:94:4e:87:16:ca:10:85:05:
6f:62:02:ce:b4:36:ca:96:3f:18:27:47:db:eb:ec:41:32:f3:
51:cd:7e:e5:0b:ff:33:97:6e:19:7a:59:3b:45:38:6b:72:ff:
76:88:28:54:e0:d8:86:6f:0d:ce:9a:d7:11:95:38:ce:53:7c:
ef:21:6b:8b:b5:06:fe:e8:47:44:6f:7e:61:10:7f:b4:99:0b:
e1:63:8b:a7:82:92:f4:f9:0f:a5:ac:c8:b3:43:20:52:64:07:
ae:3c:a2:f2:b3:be:e5:e1:b4:89:45:8f:73:a7:bc:02:d0:9d:
eb:d5:9e:00:ea:3f:53:3e:c8:cf:d6:d5:cb:48:e5:5f:21:3d:
77:c4:ea:bd:0e:ab:44:80:1a:72:ef:1a:62:92:41:23:a5:39:
28:ea:da:62:d4:62:da:7d:03:c4:41:c6:ad:dc:7e:53:25:a0:
cb:3d:a7:be:b8:5d:dd:23:3d:c3:37:e7:32:a5:31:78:e9:ba:
86:31:78:42:e6:47:4f:35:83:8e:b9:05:b0:12:fe:ea:33:83:
b5:92:46:99:47:35:d1:a2:93:f9:a7:aa:79:25:67:1f:36:65:
01:e3:72:f2:22:a2:65:e2:2c:4f:5c:e0:5f:34:cc:a0:48:81:
2b:52:88:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwS+NdCJ+2JnogOvIDMuzhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZDFhNjM0YmJiN2FlZmFkODdkMTIxYTVmZTU0NTY0ODcz
OGM4YzUwHhcNMjMwMTAyMDIyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2I2NmFmMTcyZDQ1MTRiM2VhOGJkMDRmMDE2MTExYzc0YWJkMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnk/uPi8E65VSP4QRapOUY2uhvxe
QSduFJhvGokVvYemSMYYcDn/tG9jqPOEgaq6cfO60e9BsUWnOfLn5UsQsvcEyn0t
s7b4tWZilx57HKADIiNGslbNVVTxS+6LKRQjb6Y51BhH5430iw3vhPwFsq+E5Boi
HvomtCthP+GRKL2HlIBm8Hdp6qo5dihICmWPI4OlagkFpgG2dVHF+Kp7uffVYVzm
10ojaWtrbXifmfQ0/+ecMNKlt9RTl/DCPkgpyGbvAm0dZjwq1v4U9I3BPVIyix06
mUQ6B8x+/phr+OObSf/lhswdes7h0Fcp2JqXN8mwiq96bWfweHhgY8LUjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJO2avFy1FFLPqi9BPAWERx0q9H8MB8GA1UdIwQY
MBaAFAnRpjS7t6762H0SGl/lRWSHOMjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjIt
NWU1YjhiMjgwNTlhLzEvazdacThYTFVVVXMtcUwwRThCWVJISFNyMGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjItNWU1YjhiMjgwNTlh
LzEvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuSi4AwQC
uXkcAwQCuf6EMA0GCSqGSIb3DQEBCwUAA4IBAQBhSCiuqplMtai8lE6HFsoQhQVv
YgLOtDbKlj8YJ0fb6+xBMvNRzX7lC/8zl24Zelk7RThrcv92iChU4NiGbw3OmtcR
lTjOU3zvIWuLtQb+6EdEb35hEH+0mQvhY4ungpL0+Q+lrMizQyBSZAeuPKLys77l
4bSJRY9zp7wC0J3r1Z4A6j9TPsjP1tXLSOVfIT13xOq9DqtEgBpy7xpikkEjpTko
6tpi1GLafQPEQcat3H5TJaDLPae+uF3dIz3DN+cypTF46bqGMXhC5kdPNYOOuQWw
Ev7qM4O1kkaZRzXRopP5p6p5JWcfNmUB43LyIqJl4ixPXOBfNMygSIErUoiP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:04 2024 by rpki-client on console-fra.rpki-client.org