Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/ba7fd6-b3a8-4931-ac05-ab4887c63ea5/1/ah0MRSwZ_Xnel0qBKSSibc6skRg.roa
File: ah0MRSwZ_Xnel0qBKSSibc6skRg.roa (raw, json)
Hash identifier: 6J3lHDvmTDddBnMhsAga9jaYVN75OiszTLi+2YQF88Y=
Subject key identifier: 6A:1D:0C:45:2C:19:FD:79:DE:97:4A:81:29:24:A2:6D:CE:AC:91:18
Certificate issuer: /CN=2ae2d17fd5bb9d7611113c586a410802c785edf2
Certificate serial: 01856D6F88F9F2595DEC9F0C9423FDF4AFBC
Authority key identifier: 2A:E2:D1:7F:D5:BB:9D:76:11:11:3C:58:6A:41:08:02:C7:85:ED:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KuLRf9W7nXYRETxYakEIAseF7fI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/ba7fd6-b3a8-4931-ac05-ab4887c63ea5/1/ah0MRSwZ_Xnel0qBKSSibc6skRg.roa
Signing time: Sun 01 Jan 2023 13:05:04 +0000
ROA not before: Sun 01 Jan 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200509
IP address blocks: 185.66.56.0/22 maxlen: 22
185.66.58.0/24 maxlen: 24
185.66.57.0/24 maxlen: 24
185.66.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:88:f9:f2:59:5d:ec:9f:0c:94:23:fd:f4:af:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ae2d17fd5bb9d7611113c586a410802c785edf2
Validity
Not Before: Jan 1 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a1d0c452c19fd79de974a812924a26dceac9118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cf:bc:32:35:83:07:00:3d:38:1e:87:64:f8:
8e:70:71:97:20:5c:09:11:92:32:65:bf:87:36:d4:
a4:13:54:01:49:f1:dc:d4:06:f2:6f:ef:3f:c6:15:
2c:78:69:86:e5:e9:5b:83:56:b3:38:00:e0:18:89:
19:cc:0c:2c:71:60:90:7d:77:77:1d:14:d4:94:0c:
7e:08:f3:c1:a9:92:70:1f:68:e5:c1:ff:6e:1c:5a:
39:b2:1f:7b:e5:d8:71:96:00:45:80:da:05:8b:f4:
4d:d9:92:f0:c7:d1:09:87:40:e0:99:18:19:4c:1c:
9c:e3:46:9c:35:31:97:b7:96:66:63:74:51:60:31:
7b:16:af:c0:5b:ef:b2:43:ea:56:d1:24:c4:66:e3:
dc:90:b1:d2:91:5b:ae:96:17:61:99:d4:a6:51:ec:
66:c9:33:7a:91:f8:f9:e2:20:12:e1:65:73:cc:26:
44:a7:3a:af:9a:92:24:19:b2:ce:a4:60:17:b7:e4:
d6:7f:62:e9:d9:5c:f5:c8:9b:52:96:31:76:55:28:
73:1d:3e:bf:8d:c0:52:3e:aa:b9:85:69:7d:b1:c8:
83:98:b8:d9:8a:27:99:e1:31:38:ba:54:0d:0a:7e:
37:c3:9f:2a:16:c2:4a:04:6f:19:06:00:eb:7b:3c:
48:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:1D:0C:45:2C:19:FD:79:DE:97:4A:81:29:24:A2:6D:CE:AC:91:18
X509v3 Authority Key Identifier:
keyid:2A:E2:D1:7F:D5:BB:9D:76:11:11:3C:58:6A:41:08:02:C7:85:ED:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KuLRf9W7nXYRETxYakEIAseF7fI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ba7fd6-b3a8-4931-ac05-ab4887c63ea5/1/ah0MRSwZ_Xnel0qBKSSibc6skRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ba7fd6-b3a8-4931-ac05-ab4887c63ea5/1/KuLRf9W7nXYRETxYakEIAseF7fI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.56.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:e0:9b:32:f8:c5:05:85:56:ca:da:f3:42:16:ba:6e:f1:45:
7a:b5:32:8b:b8:19:fc:1a:b4:57:85:e7:fc:a9:28:ce:3f:f7:
70:90:04:f7:19:43:96:07:98:46:9d:57:4f:69:c1:bc:48:8c:
1c:7d:bd:f0:b2:6c:40:23:5b:c3:11:d8:dc:d0:25:a3:67:c9:
f8:00:25:fc:66:c0:d3:6a:9c:39:17:15:a2:31:74:ce:53:1c:
60:e6:58:7d:06:7d:47:f8:4d:58:66:99:f4:6b:16:de:b6:9c:
ac:9b:74:aa:72:b4:66:30:79:14:d5:21:71:b3:0a:b9:c8:e4:
d1:c8:24:2d:b5:17:24:18:d4:55:3a:0d:4f:0a:bb:3c:32:37:
ea:b6:ce:ca:07:7c:0c:90:26:c8:2f:7c:c6:43:c3:c6:02:e2:
b2:01:6a:a5:90:d0:09:59:a4:c1:0f:45:23:53:1d:fd:fc:b2:
12:ed:2e:02:88:9e:1f:c6:65:00:0e:f9:7c:f1:dd:3e:9e:c3:
43:09:a0:f7:6a:9e:4d:35:0a:e4:e5:a1:d3:be:f6:1e:a8:fd:
6c:b9:0d:03:ae:89:36:78:c0:1e:92:a3:5d:b0:9c:7a:f7:08:
e2:49:71:72:2a:b7:f3:0d:7c:c4:aa:2f:b6:0d:66:20:fd:04:
a6:b1:0b:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb4j58lld7J8MlCP99K+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZTJkMTdmZDViYjlkNzYxMTExM2M1ODZhNDEwODAyYzc4
NWVkZjIwHhcNMjMwMTAxMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTFkMGM0NTJjMTlmZDc5ZGU5NzRhODEyOTI0YTI2ZGNlYWM5MTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM+8MjWDBwA9OB6HZPiOcHGXIFwJ
EZIyZb+HNtSkE1QBSfHc1Abyb+8/xhUseGmG5elbg1azOADgGIkZzAwscWCQfXd3
HRTUlAx+CPPBqZJwH2jlwf9uHFo5sh975dhxlgBFgNoFi/RN2ZLwx9EJh0DgmRgZ
TByc40acNTGXt5ZmY3RRYDF7Fq/AW++yQ+pW0STEZuPckLHSkVuulhdhmdSmUexm
yTN6kfj54iAS4WVzzCZEpzqvmpIkGbLOpGAXt+TWf2Lp2Vz1yJtSljF2VShzHT6/
jcBSPqq5hWl9sciDmLjZiieZ4TE4ulQNCn43w58qFsJKBG8ZBgDrezxIbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGodDEUsGf153pdKgSkkom3OrJEYMB8GA1UdIwQY
MBaAFCri0X/Vu512ERE8WGpBCALHhe3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3VMUmY5VzduWFlSRVR4WWFrRUlBc2VGN2ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iYTdmZDYtYjNhOC00OTMxLWFjMDUt
YWI0ODg3YzYzZWE1LzEvYWgwTVJTd1pfWG5lbDBxQktTU2liYzZza1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iYTdmZDYtYjNhOC00OTMxLWFjMDUtYWI0ODg3YzYzZWE1
LzEvS3VMUmY5VzduWFlSRVR4WWFrRUlBc2VGN2ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUI4MA0G
CSqGSIb3DQEBCwUAA4IBAQAM4Jsy+MUFhVbK2vNCFrpu8UV6tTKLuBn8GrRXhef8
qSjOP/dwkAT3GUOWB5hGnVdPacG8SIwcfb3wsmxAI1vDEdjc0CWjZ8n4ACX8ZsDT
apw5FxWiMXTOUxxg5lh9Bn1H+E1YZpn0axbetpysm3SqcrRmMHkU1SFxswq5yOTR
yCQttRckGNRVOg1PCrs8Mjfqts7KB3wMkCbIL3zGQ8PGAuKyAWqlkNAJWaTBD0Uj
Ux39/LIS7S4CiJ4fxmUADvl88d0+nsNDCaD3ap5NNQrk5aHTvvYeqP1suQ0Drok2
eMAekqNdsJx69wjiSXFyKrfzDXzEqi+2DWYg/QSmsQvJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:08 2024 by rpki-client on console-fra.rpki-client.org