Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/kneUYc3pJg7X6cZJ7fAWojli68o.roa
File: kneUYc3pJg7X6cZJ7fAWojli68o.roa (raw, json)
Hash identifier: Ph81F4PTb8464cq8GKxJDpysFoWmCFt1TzPInSI2Rio=
Subject key identifier: 92:77:94:61:CD:E9:26:0E:D7:E9:C6:49:ED:F0:16:A2:39:62:EB:CA
Certificate issuer: /CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Certificate serial: 018D5F81D139857C6672A57216CDC9770D4E
Authority key identifier: 5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/kneUYc3pJg7X6cZJ7fAWojli68o.roa
Signing time: Wed 31 Jan 2024 12:32:39 +0000
ROA not before: Wed 31 Jan 2024 12:32:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203709
IP address blocks: 185.214.138.0/24 maxlen: 24
185.214.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 11:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:81:d1:39:85:7c:66:72:a5:72:16:cd:c9:77:0d:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Validity
Not Before: Jan 31 12:32:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92779461cde9260ed7e9c649edf016a23962ebca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4a:59:c9:88:55:7b:52:40:29:ee:09:ea:10:
45:ca:e9:fb:24:ac:3f:04:28:5d:e3:81:52:08:00:
19:e7:14:fe:58:49:d9:d4:e9:f3:01:41:fe:ba:c4:
e6:bf:c3:5f:60:be:46:e1:6f:64:d8:b3:7c:fc:74:
35:bf:12:c5:fc:59:99:56:49:54:8d:d5:cf:77:13:
d7:c1:ae:26:cf:39:38:c9:a7:d4:21:1e:0e:f4:12:
ea:71:c3:38:f1:52:cc:0c:21:fa:ef:bf:7f:23:c8:
14:cb:fa:ba:4a:39:7c:12:2f:22:2c:2c:7e:c3:58:
9c:33:61:bd:66:dd:2e:50:81:4b:17:b9:b2:8e:93:
94:e1:b0:3b:af:f7:a6:6d:9c:37:8d:7d:f7:f8:a5:
26:08:de:9e:02:15:fd:32:6d:02:f7:4b:9d:dc:84:
e8:00:07:07:b7:39:a9:4b:fa:42:60:b3:57:fe:06:
f8:d3:94:3d:67:cc:f4:54:ea:31:3f:d0:8c:3a:3d:
f2:7a:f7:aa:d2:20:ac:1b:57:24:24:a2:d7:41:ae:
15:ee:6b:3a:f3:dd:dc:ba:ab:15:9d:8a:ba:46:2f:
b9:9b:c9:44:70:8b:59:e7:52:97:c9:9e:15:07:eb:
6c:e7:41:13:45:be:e6:65:b0:25:35:43:47:fe:7b:
4a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:77:94:61:CD:E9:26:0E:D7:E9:C6:49:ED:F0:16:A2:39:62:EB:CA
X509v3 Authority Key Identifier:
keyid:5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/kneUYc3pJg7X6cZJ7fAWojli68o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.138.0/23
Signature Algorithm: sha256WithRSAEncryption
11:e1:28:ef:03:e1:63:7e:ba:8a:f1:8b:6c:da:a1:72:c4:26:
3e:6d:88:78:71:0f:90:96:5f:3f:64:7e:04:25:e3:13:02:3f:
de:0c:0c:bc:f8:f9:7e:b1:df:b5:8d:26:57:f0:b8:7f:05:d9:
3b:49:8f:98:b1:7b:a5:35:9d:6f:f5:fb:1c:4d:14:c0:c1:50:
88:63:3d:98:b4:d2:06:14:48:84:9e:23:51:f0:b5:12:96:b4:
e9:f4:f6:13:00:b8:e4:90:f5:20:5e:86:25:e2:b6:73:8a:a0:
54:e7:e3:16:ea:a9:a9:89:89:cf:12:93:2c:bc:50:85:7d:d2:
9f:16:1b:9e:18:11:ed:0a:6f:e0:11:34:a8:32:c0:88:b0:94:
00:6b:48:c8:86:06:70:14:2c:d6:f7:db:6f:e0:df:e3:ef:c9:
ae:1c:ce:aa:c7:fe:bc:ec:be:ca:b0:71:49:08:8b:eb:34:58:
5b:76:d0:63:32:76:c6:18:29:7f:7c:4c:59:5c:b6:05:b0:b5:
93:07:73:9c:63:f6:05:b0:ac:ea:39:ad:ed:54:01:cf:34:67:
73:37:d2:14:7f:f0:fd:09:4d:d1:3f:c2:1e:68:e0:8d:e4:d5:
6a:dd:76:5a:a7:98:a6:da:1c:ae:07:2d:e2:3e:f8:01:62:59:
c0:9b:7d:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1fgdE5hXxmcqVyFs3Jdw1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTM5YjBjZWQzOGQ3NWNjNjNlZDUwZDZlNWNlNzJiYmI1
YjRiMTAwHhcNMjQwMTMxMTIzMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjc3OTQ2MWNkZTkyNjBlZDdlOWM2NDllZGYwMTZhMjM5NjJlYmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEpZyYhVe1JAKe4J6hBFyun7JKw/
BChd44FSCAAZ5xT+WEnZ1OnzAUH+usTmv8NfYL5G4W9k2LN8/HQ1vxLF/FmZVklU
jdXPdxPXwa4mzzk4yafUIR4O9BLqccM48VLMDCH6779/I8gUy/q6Sjl8Ei8iLCx+
w1icM2G9Zt0uUIFLF7myjpOU4bA7r/embZw3jX33+KUmCN6eAhX9Mm0C90ud3ITo
AAcHtzmpS/pCYLNX/gb405Q9Z8z0VOoxP9CMOj3yeveq0iCsG1ckJKLXQa4V7ms6
893cuqsVnYq6Ri+5m8lEcItZ51KXyZ4VB+ts50ETRb7mZbAlNUNH/ntKWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJ3lGHN6SYO1+nGSe3wFqI5YuvKMB8GA1UdIwQY
MBaAFFqTmwztONdcxj7VDW5c5yu7W0sQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgt
ZDYwYjNiNmNjYTZlLzEva25lVVljM3BKZzdYNmNaSjdmQVdvamxpNjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgtZDYwYjNiNmNjYTZl
LzEvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudaKMA0G
CSqGSIb3DQEBCwUAA4IBAQAR4SjvA+FjfrqK8Yts2qFyxCY+bYh4cQ+Qll8/ZH4E
JeMTAj/eDAy8+Pl+sd+1jSZX8Lh/Bdk7SY+YsXulNZ1v9fscTRTAwVCIYz2YtNIG
FEiEniNR8LUSlrTp9PYTALjkkPUgXoYl4rZziqBU5+MW6qmpiYnPEpMsvFCFfdKf
FhueGBHtCm/gETSoMsCIsJQAa0jIhgZwFCzW99tv4N/j78muHM6qx/687L7KsHFJ
CIvrNFhbdtBjMnbGGCl/fExZXLYFsLWTB3OcY/YFsKzqOa3tVAHPNGdzN9IUf/D9
CU3RP8IeaOCN5NVq3XZap5im2hyuBy3iPvgBYlnAm31Y
-----END CERTIFICATE-----
Generated at Wed May 22 15:21:16 2024 by rpki-client on console-ams.rpki-client.org