Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/iUzg4PPyUQ3EkFre8FbP4vqih7Y.roa
File: iUzg4PPyUQ3EkFre8FbP4vqih7Y.roa (raw, json)
Hash identifier: j0n+w8yII0rL7qMgpPuymRwZkcE+nOetvs5DSb1vSQQ=
Subject key identifier: 89:4C:E0:E0:F3:F2:51:0D:C4:90:5A:DE:F0:56:CF:E2:FA:A2:87:B6
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 01856EB912843ACF154AE3568063AD90B910
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/iUzg4PPyUQ3EkFre8FbP4vqih7Y.roa
Signing time: Sun 01 Jan 2023 19:05:00 +0000
ROA not before: Sun 01 Jan 2023 19:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 193.0.181.0/24 maxlen: 24
185.125.87.0/24 maxlen: 24
193.0.182.0/24 maxlen: 24
193.0.180.0/24 maxlen: 24
185.125.86.0/24 maxlen: 24
185.71.229.0/24 maxlen: 24
185.71.230.0/24 maxlen: 24
185.71.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Mar 2023 20:46:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:12:84:3a:cf:15:4a:e3:56:80:63:ad:90:b9:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Jan 1 19:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=894ce0e0f3f2510dc4905adef056cfe2faa287b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4a:32:05:e6:7d:30:34:9b:75:e1:d4:ff:69:
16:35:7a:fc:b0:d5:e6:c4:77:d2:27:73:89:f6:0c:
7b:7d:1c:55:8b:c7:90:60:99:58:2f:bc:0d:cb:8d:
03:6e:7a:de:8a:ad:7c:8b:a2:0a:8e:1c:2d:5e:e3:
1e:3e:68:ee:2f:be:61:ff:4b:bd:e3:8e:21:a4:ea:
0e:5c:40:c4:d8:b5:6e:b7:22:19:59:e6:a5:0f:6d:
87:ae:55:35:be:ad:3c:32:ba:08:f6:8b:a5:93:36:
76:d3:2c:4e:16:76:14:9b:93:58:57:f3:17:96:c3:
68:fe:45:c2:98:b6:a8:9b:98:57:aa:fa:df:59:70:
93:b6:fc:f0:d4:df:74:2b:87:03:40:a0:46:e6:ca:
79:60:67:c2:03:c4:d5:22:37:f2:ba:2e:c6:81:de:
26:8f:e1:8d:dc:09:7b:27:49:90:c0:27:1c:92:da:
02:46:f7:c3:95:2b:67:af:ea:04:cd:7f:d8:96:34:
76:97:e3:37:33:5c:56:5e:f0:33:ff:4d:b4:41:71:
0d:df:46:a0:c4:b9:5b:fa:76:e8:bc:70:af:7b:5a:
14:f9:bd:b1:4b:91:0f:4c:a9:56:3c:35:27:12:52:
8b:98:d6:e6:0d:a9:f1:67:36:1b:ed:d0:4c:eb:14:
20:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:4C:E0:E0:F3:F2:51:0D:C4:90:5A:DE:F0:56:CF:E2:FA:A2:87:B6
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/iUzg4PPyUQ3EkFre8FbP4vqih7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0-185.71.230.255
185.125.86.0/23
193.0.180.0-193.0.182.255
Signature Algorithm: sha256WithRSAEncryption
2e:5d:25:2b:ca:9d:48:9b:1b:bb:9c:53:64:ac:aa:56:37:f6:
c7:d9:bb:a7:6a:6c:ad:67:45:15:57:1f:f1:cd:d0:e4:87:15:
b9:c3:9b:da:f0:91:70:f6:4d:bc:48:e3:44:c1:63:1a:e6:7a:
06:86:48:23:12:42:b6:d6:bb:95:a2:b0:8f:ff:64:23:68:af:
87:27:f1:08:f5:80:29:12:4d:f8:fd:95:51:9c:b7:d4:3f:fa:
8a:ff:44:84:74:ac:ff:ca:fe:82:13:ad:c4:74:4c:be:c7:44:
40:b6:82:93:d6:1f:30:63:c8:ec:45:13:39:55:33:c9:39:49:
97:f7:9e:15:3f:63:f0:92:ef:70:67:2a:8b:14:dc:f8:8c:77:
7d:b2:44:5f:39:66:00:42:0b:d4:a1:35:91:b8:91:ad:17:f8:
87:d8:d6:bb:27:b4:dd:4b:db:dc:36:b6:40:36:f8:47:70:b6:
48:7e:04:13:cd:4b:8b:c0:8a:64:66:ba:fe:02:06:39:7b:3e:
81:35:37:ca:3d:80:97:9f:e9:e7:4b:85:de:11:cb:6f:e0:48:
6b:83:84:f7:7a:98:42:ff:3d:73:a0:66:c5:2a:af:43:1a:c2:
db:9d:f9:db:59:3d:50:21:01:05:95:dd:87:1a:08:6d:32:52:
87:98:c2:fa
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVuuRKEOs8VSuNWgGOtkLkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjRjN2VjZmEzN2QyNDg3MTUyZmI5YmJiYWI1MGJlNzlk
ZTI2MTkwHhcNMjMwMTAxMTkwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTRjZTBlMGYzZjI1MTBkYzQ5MDVhZGVmMDU2Y2ZlMmZhYTI4N2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEoyBeZ9MDSbdeHU/2kWNXr8sNXm
xHfSJ3OJ9gx7fRxVi8eQYJlYL7wNy40Dbnreiq18i6IKjhwtXuMePmjuL75h/0u9
444hpOoOXEDE2LVutyIZWealD22HrlU1vq08MroI9oulkzZ20yxOFnYUm5NYV/MX
lsNo/kXCmLaom5hXqvrfWXCTtvzw1N90K4cDQKBG5sp5YGfCA8TVIjfyui7Ggd4m
j+GN3Al7J0mQwCccktoCRvfDlStnr+oEzX/YljR2l+M3M1xWXvAz/020QXEN30ag
xLlb+nbovHCve1oU+b2xS5EPTKlWPDUnElKLmNbmDanxZzYb7dBM6xQgMwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIlM4ODz8lENxJBa3vBWz+L6ooe2MB8GA1UdIwQY
MBaAFD4kx+z6N9JIcVL7m7urUL553iYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMt
NDkzZDc3NGFhMWZmLzEvaVV6ZzRQUHlVUTNFa0ZyZThGYlA0dnFpaDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMtNDkzZDc3NGFhMWZm
LzEvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAK5R+QD
BAC5R+YDBAG5fVYwDAMEAsEAtAMEAMEAtjANBgkqhkiG9w0BAQsFAAOCAQEALl0l
K8qdSJsbu5xTZKyqVjf2x9m7p2psrWdFFVcf8c3Q5IcVucOb2vCRcPZNvEjjRMFj
GuZ6BoZIIxJCtta7laKwj/9kI2ivhyfxCPWAKRJN+P2VUZy31D/6iv9EhHSs/8r+
ghOtxHRMvsdEQLaCk9YfMGPI7EUTOVUzyTlJl/eeFT9j8JLvcGcqixTc+Ix3fbJE
XzlmAEIL1KE1kbiRrRf4h9jWuye03Uvb3Da2QDb4R3C2SH4EE81Li8CKZGa6/gIG
OXs+gTU3yj2Al5/p50uF3hHLb+BIa4OE93qYQv89c6BmxSqvQxrC253521k9UCEB
BZXdhxoIbTJSh5jC+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:15 2024 by rpki-client on console-ams.rpki-client.org