Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1XXJPa0Q0AtW4Z-qe5pnMcEk_w0.roa
File: 1XXJPa0Q0AtW4Z-qe5pnMcEk_w0.roa (raw, json)
Hash identifier: O578W52uIlblljffUiYJjD4+z1hfPPQXvu6sUdSNWl4=
Subject key identifier: D5:75:C9:3D:AD:10:D0:0B:56:E1:9F:AA:7B:9A:67:31:C1:24:FF:0D
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0187758E8AA59E99C4FB73E6FA1BF146B302
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1XXJPa0Q0AtW4Z-qe5pnMcEk_w0.roa
Signing time: Wed 12 Apr 2023 13:01:28 +0000
ROA not before: Wed 12 Apr 2023 13:01:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207710
IP address blocks: 185.95.102.0/23 maxlen: 24
185.95.101.0/24 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/24 maxlen: 24
185.81.187.0/24 maxlen: 24
185.96.38.0/24 maxlen: 24
185.89.104.0/23 maxlen: 24
185.89.108.0/22 maxlen: 24
185.97.1.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:8e:8a:a5:9e:99:c4:fb:73:e6:fa:1b:f1:46:b3:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Apr 12 13:01:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d575c93dad10d00b56e19faa7b9a6731c124ff0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:36:30:30:59:46:a4:3f:0f:3d:af:4d:ae:29:
81:ab:75:eb:47:c1:fe:6a:15:f3:e1:5b:bb:c2:08:
4c:99:8d:ab:9e:7b:ef:a1:1e:ca:00:5e:92:cc:51:
62:c3:f5:3d:06:69:34:c8:bb:3c:81:34:a8:6c:e3:
ba:d4:e0:da:d8:50:5a:f3:1b:07:66:42:06:a2:ae:
a8:2c:1f:80:14:ad:77:7f:28:eb:24:1d:10:6d:0f:
4f:f7:00:41:33:0c:8c:23:3e:8a:53:5a:a7:2f:64:
b6:65:84:4a:af:8d:17:1a:ac:75:49:d1:cd:e4:56:
ef:64:55:19:4e:18:d4:e0:ec:c3:9c:35:4d:9a:67:
0a:df:72:83:7a:97:c4:39:44:c1:46:19:50:19:52:
fe:08:10:3e:aa:2f:60:fd:a8:f1:78:31:50:00:66:
f6:16:f1:ee:9d:a2:b4:0b:d8:aa:41:05:3f:2b:e3:
8c:11:33:17:84:e5:d4:57:16:21:55:af:e7:cb:b4:
52:a9:1a:db:35:58:18:0c:fa:96:e9:5b:a8:c7:60:
2d:31:1c:1a:c7:42:a4:78:59:b2:2b:d8:78:10:2e:
ee:8a:44:80:73:a1:43:09:1b:60:e5:61:60:ef:ec:
d5:4a:85:cd:d5:6e:0b:77:fe:06:95:17:8b:1f:48:
69:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:75:C9:3D:AD:10:D0:0B:56:E1:9F:AA:7B:9A:67:31:C1:24:FF:0D
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/1XXJPa0Q0AtW4Z-qe5pnMcEk_w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.174.0/24
185.81.184.0/24
185.81.187.0/24
185.89.104.0/23
185.89.108.0/22
185.95.101.0-185.95.103.255
185.96.38.0/24
185.97.1.0/24
185.97.3.0/24
Signature Algorithm: sha256WithRSAEncryption
11:8f:20:c6:24:cd:c6:15:f6:e8:cb:f8:5c:87:48:20:bd:b3:
8e:a8:94:31:41:7e:ce:0a:ff:1e:af:12:4c:44:89:8c:09:a7:
84:23:65:95:9b:b3:f5:64:4f:55:d4:4f:51:e1:ff:4b:00:1e:
2b:af:e8:3a:22:1e:8d:68:fa:6e:56:5c:58:e9:a9:72:d8:5a:
34:1c:a3:f2:c5:9a:b9:4b:8a:7c:ac:5a:bb:01:4c:a3:cf:28:
b8:cf:f8:0b:45:cc:60:9f:63:48:3f:a8:72:e0:37:b7:f0:2d:
40:f2:61:a8:b3:08:fd:cc:d1:d8:d3:8c:ee:7e:d7:d3:ab:9e:
50:b2:28:0d:0f:27:01:51:d9:a0:00:57:4b:c3:e4:4a:f1:37:
b7:64:69:fd:41:0b:a1:8f:2a:bc:93:db:9b:16:12:5e:65:9e:
7b:17:3e:d5:9c:8a:2a:9a:a4:8d:55:b6:b4:59:8e:2f:6b:4c:
68:43:1c:a1:4a:f5:0a:93:22:fe:cc:13:01:b0:b3:87:0e:a3:
ee:ee:4e:3c:2b:a6:4c:a2:79:8a:3a:f6:83:ad:31:7a:a1:72:
73:cb:88:f1:38:8d:2c:b5:fb:27:1a:16:e3:66:60:39:8d:76:
be:25:60:3a:59:5d:2f:1a:49:4e:2a:c3:92:15:73:0d:23:13:
72:47:86:88
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYd1joqlnpnE+3Pm+hvxRrMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwNDEyMTMwMTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTc1YzkzZGFkMTBkMDBiNTZlMTlmYWE3YjlhNjczMWMxMjRmZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjYwMFlGpD8PPa9NrimBq3XrR8H+
ahXz4Vu7wghMmY2rnnvvoR7KAF6SzFFiw/U9Bmk0yLs8gTSobOO61ODa2FBa8xsH
ZkIGoq6oLB+AFK13fyjrJB0QbQ9P9wBBMwyMIz6KU1qnL2S2ZYRKr40XGqx1SdHN
5FbvZFUZThjU4OzDnDVNmmcK33KDepfEOUTBRhlQGVL+CBA+qi9g/ajxeDFQAGb2
FvHunaK0C9iqQQU/K+OMETMXhOXUVxYhVa/ny7RSqRrbNVgYDPqW6Vuox2AtMRwa
x0KkeFmyK9h4EC7uikSAc6FDCRtg5WFg7+zVSoXN1W4Ld/4GlReLH0hppQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFNV1yT2tENALVuGfqnuaZzHBJP8NMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvMVhYSlBhMFEwQXRXNFotcWU1cG5NY0VrX3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAuVGuAwQA
uVG4AwQAuVG7AwQBuVloAwQCuVlsMAwDBAC5X2UDBAO5X2ADBAC5YCYDBAC5YQED
BAC5YQMwDQYJKoZIhvcNAQELBQADggEBABGPIMYkzcYV9ujL+FyHSCC9s46olDFB
fs4K/x6vEkxEiYwJp4QjZZWbs/VkT1XUT1Hh/0sAHiuv6DoiHo1o+m5WXFjpqXLY
WjQco/LFmrlLinysWrsBTKPPKLjP+AtFzGCfY0g/qHLgN7fwLUDyYaizCP3M0djT
jO5+19OrnlCyKA0PJwFR2aAAV0vD5ErxN7dkaf1BC6GPKryT25sWEl5lnnsXPtWc
iiqapI1VtrRZji9rTGhDHKFK9QqTIv7MEwGws4cOo+7uTjwrpkyieYo69oOtMXqh
cnPLiPE4jSy1+ycaFuNmYDmNdr4lYDpZXS8aSU4qw5IVcw0jE3JHhog=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org