Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/PkA5DCS8dgQI1kHEcHp5FZG1IGw.roa
File: PkA5DCS8dgQI1kHEcHp5FZG1IGw.roa (raw, json)
Hash identifier: DgUppWdXaEWUVVSE7pAnRXIz4and1SwFEgdyYDodsSs=
Subject key identifier: 3E:40:39:0C:24:BC:76:04:08:D6:41:C4:70:7A:79:15:91:B5:20:6C
Certificate issuer: /CN=3a5ec28e841f29f380a7ce2cb5cd5673700821fd
Certificate serial: 01856F14AFB962CA4AA19B945A7B6F773EE9
Authority key identifier: 3A:5E:C2:8E:84:1F:29:F3:80:A7:CE:2C:B5:CD:56:73:70:08:21:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ol7CjoQfKfOAp84stc1Wc3AIIf0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/PkA5DCS8dgQI1kHEcHp5FZG1IGw.roa
Signing time: Sun 01 Jan 2023 20:45:04 +0000
ROA not before: Sun 01 Jan 2023 20:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 185.161.148.0/24 maxlen: 24
185.180.192.0/24 maxlen: 24
185.180.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:af:b9:62:ca:4a:a1:9b:94:5a:7b:6f:77:3e:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a5ec28e841f29f380a7ce2cb5cd5673700821fd
Validity
Not Before: Jan 1 20:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e40390c24bc760408d641c4707a791591b5206c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2b:09:e8:d7:84:62:7d:e2:92:7f:0e:85:7a:
8b:51:3a:35:26:5b:d9:a8:67:bc:2f:19:57:83:d0:
9e:bb:f6:d0:d4:ff:c1:86:a5:07:ea:70:b5:15:87:
15:d6:01:fb:04:62:8e:94:a6:e6:e6:fa:ef:cc:33:
1c:58:2e:a3:8f:9f:e5:ec:d0:02:43:99:fc:c1:9a:
f9:00:ae:4c:39:ad:da:7a:0c:ac:7f:78:1e:9a:e7:
97:32:33:96:5b:4a:d2:23:14:42:37:c4:fc:cc:3d:
e6:49:84:ff:a0:04:69:89:62:cc:80:79:c8:50:2b:
03:1f:af:eb:8e:29:2f:bc:40:31:e5:55:ec:01:c7:
a4:8a:36:89:8e:33:19:97:f2:19:21:e2:b3:5a:ec:
c9:67:ce:6f:25:08:92:61:8e:74:dd:82:e6:00:f9:
a5:e1:38:39:1b:ff:0e:f3:31:0a:3b:da:bd:26:ac:
17:0d:f3:18:7d:20:da:3f:d2:0d:f9:44:93:5b:5a:
7d:3f:a9:87:79:be:65:b1:ba:b1:1f:52:0c:ec:10:
dd:90:1d:92:6d:90:d1:ee:a8:c6:e4:13:e7:9b:2e:
4b:fd:cd:2c:0f:f5:6c:bb:5b:07:64:62:3c:53:5e:
bc:ff:b0:8f:e8:d0:13:3a:13:c6:c1:f8:55:c3:65:
b4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:40:39:0C:24:BC:76:04:08:D6:41:C4:70:7A:79:15:91:B5:20:6C
X509v3 Authority Key Identifier:
keyid:3A:5E:C2:8E:84:1F:29:F3:80:A7:CE:2C:B5:CD:56:73:70:08:21:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ol7CjoQfKfOAp84stc1Wc3AIIf0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/PkA5DCS8dgQI1kHEcHp5FZG1IGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/Ol7CjoQfKfOAp84stc1Wc3AIIf0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.148.0/24
185.180.192.0/24
185.180.194.0/24
Signature Algorithm: sha256WithRSAEncryption
38:0d:57:ff:fb:4e:f9:7c:e4:69:23:a7:22:ed:ce:ff:aa:70:
c6:b3:2c:23:1a:47:5b:e8:bf:05:33:27:f3:12:ef:d7:7c:e4:
24:e9:cc:61:92:d4:0c:f3:c7:aa:0d:f1:1e:fa:fc:1d:bd:9f:
ec:20:f3:8a:1b:e1:f5:9b:9d:36:a0:4d:5f:59:89:1e:5c:58:
c9:7c:e0:17:21:fe:83:a9:a5:5f:0e:36:ae:fc:17:82:b9:6c:
f7:02:d4:0f:96:90:6c:7e:e9:f2:d2:65:68:9c:c2:e1:e6:11:
11:a6:fe:fd:1c:39:4a:de:b8:75:df:17:56:f1:41:b6:96:0e:
f7:17:a6:c5:6d:a6:fb:c2:9c:e7:e4:87:0b:cd:b4:20:c6:9f:
ec:ab:38:a1:e9:bb:9f:6c:e7:48:c6:25:a6:99:f4:9b:f8:b0:
bc:ec:52:5a:22:24:49:a7:00:4b:50:81:53:cc:43:9e:cf:47:
aa:a1:37:d0:83:b0:06:e3:e1:48:46:d5:4c:d1:eb:01:03:93:
2b:46:f5:f8:27:e6:69:62:32:02:76:74:9f:cf:36:a7:b1:24:
a0:9f:ae:3d:ad:10:27:dd:d9:8f:3e:3d:fa:f1:0e:2e:19:60:
cb:4c:73:f3:d5:c4:4f:be:80:dc:8a:ff:26:18:35:e4:71:f0:
53:d9:90:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvFK+5YspKoZuUWntvdz7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNWVjMjhlODQxZjI5ZjM4MGE3Y2UyY2I1Y2Q1NjczNzAw
ODIxZmQwHhcNMjMwMTAxMjA0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQwMzkwYzI0YmM3NjA0MDhkNjQxYzQ3MDdhNzkxNTkxYjUyMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCsJ6NeEYn3ikn8OhXqLUTo1JlvZ
qGe8LxlXg9Ceu/bQ1P/BhqUH6nC1FYcV1gH7BGKOlKbm5vrvzDMcWC6jj5/l7NAC
Q5n8wZr5AK5MOa3aegysf3gemueXMjOWW0rSIxRCN8T8zD3mSYT/oARpiWLMgHnI
UCsDH6/rjikvvEAx5VXsAcekijaJjjMZl/IZIeKzWuzJZ85vJQiSYY503YLmAPml
4Tg5G/8O8zEKO9q9JqwXDfMYfSDaP9IN+USTW1p9P6mHeb5lsbqxH1IM7BDdkB2S
bZDR7qjG5BPnmy5L/c0sD/Vsu1sHZGI8U168/7CP6NATOhPGwfhVw2W0twIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD5AOQwkvHYECNZBxHB6eRWRtSBsMB8GA1UdIwQY
MBaAFDpewo6EHynzgKfOLLXNVnNwCCH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2w3Q2pvUWZLZk9BcDg0c3RjMVdjM0FJSWYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jMTIwMjAtYTFhMS00MDBlLTkxZjMt
ODM1NTk5MjYwZmY2LzEvUGtBNURDUzhkZ1FJMWtIRWNIcDVGWkcxSUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jMTIwMjAtYTFhMS00MDBlLTkxZjMtODM1NTk5MjYwZmY2
LzEvT2w3Q2pvUWZLZk9BcDg0c3RjMVdjM0FJSWYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuaGUAwQA
ubTAAwQAubTCMA0GCSqGSIb3DQEBCwUAA4IBAQA4DVf/+075fORpI6ci7c7/qnDG
sywjGkdb6L8FMyfzEu/XfOQk6cxhktQM88eqDfEe+vwdvZ/sIPOKG+H1m502oE1f
WYkeXFjJfOAXIf6DqaVfDjau/BeCuWz3AtQPlpBsfuny0mVonMLh5hERpv79HDlK
3rh13xdW8UG2lg73F6bFbab7wpzn5IcLzbQgxp/sqzih6bufbOdIxiWmmfSb+LC8
7FJaIiRJpwBLUIFTzEOez0eqoTfQg7AG4+FIRtVM0esBA5MrRvX4J+ZpYjICdnSf
zzansSSgn649rRAn3dmPPj368Q4uGWDLTHPz1cRPvoDciv8mGDXkcfBT2ZDv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:01 2024 by rpki-client on console-ams.rpki-client.org