Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/8aKFgwZSypp5Ng74i5PEIosq7M0.roa
File: 8aKFgwZSypp5Ng74i5PEIosq7M0.roa (raw, json)
Hash identifier: /MAnSox8C/i7Eil7TWWKD9qvtzyEoH4r7pSQpdTyBjI=
Subject key identifier: F1:A2:85:83:06:52:CA:9A:79:36:0E:F8:8B:93:C4:22:8B:2A:EC:CD
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018572D5CDBC8E1CEBAFB8DD852AD9A6F392
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/8aKFgwZSypp5Ng74i5PEIosq7M0.roa
Signing time: Mon 02 Jan 2023 14:14:52 +0000
ROA not before: Mon 02 Jan 2023 14:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202723
IP address blocks: 185.112.59.0/24 maxlen: 24
185.177.237.0/24 maxlen: 24
185.105.47.0/24 maxlen: 24
185.24.109.0/24 maxlen: 24
185.77.138.0/24 maxlen: 24
185.77.139.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:cd:bc:8e:1c:eb:af:b8:dd:85:2a:d9:a6:f3:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 2 14:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1a285830652ca9a79360ef88b93c4228b2aeccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:34:f1:12:4d:60:16:34:dd:dd:86:9e:fc:f7:
13:1b:de:68:0c:d5:71:e1:97:d3:98:69:e0:75:c2:
d8:9a:a1:a6:54:43:54:cc:4c:21:dc:67:c3:05:8e:
f5:90:88:cc:3d:2a:3c:bb:3a:e6:82:e7:da:f0:67:
6b:81:83:b8:03:b7:00:70:b5:bf:d6:4a:3b:06:cf:
62:f9:8c:35:77:82:2a:36:b3:d5:cc:af:7d:3d:94:
9e:aa:87:3c:c2:31:85:e1:6c:05:2f:8e:3e:82:05:
a8:87:f3:dc:2e:d7:8b:5b:b8:84:a7:18:70:8d:d5:
3c:41:b8:61:f7:3e:b8:d3:74:a9:33:d0:9d:9a:19:
28:ba:fc:cb:2b:80:f5:08:a0:c9:29:a5:92:76:a9:
63:27:9b:8c:4c:a7:e8:7b:72:a8:af:fc:3e:e0:d4:
d4:aa:38:e8:0a:7d:81:ec:bf:cf:d4:92:b9:5a:a5:
b6:9d:50:8f:25:06:ae:1e:3d:2c:cc:84:cb:90:08:
2a:fd:09:0a:48:bb:f3:07:c5:c8:6d:04:7b:31:4a:
04:b9:9e:9c:f2:1d:79:59:5a:ae:a4:73:cb:6d:bd:
f9:2b:37:18:d8:43:93:bd:0d:49:5b:5b:5e:05:5c:
1f:5d:3e:ce:86:a1:75:8f:ee:0e:73:5b:2e:96:16:
07:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A2:85:83:06:52:CA:9A:79:36:0E:F8:8B:93:C4:22:8B:2A:EC:CD
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/8aKFgwZSypp5Ng74i5PEIosq7M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.109.0/24
185.77.138.0/23
185.105.47.0/24
185.112.59.0/24
185.177.237.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:bc:2d:f7:09:48:c1:66:94:b9:24:73:fe:58:09:f5:57:38:
50:b8:c2:4b:d8:bf:95:fb:e0:7b:d2:fd:ee:42:bc:41:45:40:
90:05:12:86:f5:2a:f8:e2:8e:02:57:e9:63:16:54:24:f5:47:
49:aa:d7:6d:23:ea:b4:a0:55:bc:e5:8a:60:d9:bf:57:04:80:
4c:12:cf:30:03:50:24:a6:03:05:6d:76:53:1d:eb:b9:ae:18:
d0:37:af:e6:8b:c4:4b:e8:b5:a5:f4:74:86:b2:4d:0c:26:02:
05:be:77:18:f7:1b:f0:85:e1:b8:f4:fe:b6:3f:1a:3f:3b:88:
b2:2c:f4:19:77:a2:15:78:d1:42:54:e8:87:90:6b:e7:a3:6a:
2c:3f:8c:f5:6f:ec:8f:fc:a0:4b:9a:c1:43:11:22:54:18:73:
45:05:79:be:33:27:bb:80:34:20:db:96:df:48:8e:38:54:eb:
12:b6:5a:a0:d9:a3:bd:ef:f9:86:82:45:53:90:d3:83:c2:63:
ba:9b:0f:52:04:3e:6a:4f:d5:06:4b:c8:bf:93:4c:ed:8b:1b:
f2:21:07:ca:36:29:06:2c:b0:04:19:da:42:da:39:dd:b7:bf:
bf:f8:c6:32:6b:9c:18:52:d5:50:22:e5:f7:14:45:2c:48:da:
7a:8d:de:46
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVy1c28jhzrr7jdhSrZpvOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMTAyMTQxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWEyODU4MzA2NTJjYTlhNzkzNjBlZjg4YjkzYzQyMjhiMmFlY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzTxEk1gFjTd3Yae/PcTG95oDNVx
4ZfTmGngdcLYmqGmVENUzEwh3GfDBY71kIjMPSo8uzrmgufa8GdrgYO4A7cAcLW/
1ko7Bs9i+Yw1d4IqNrPVzK99PZSeqoc8wjGF4WwFL44+ggWoh/PcLteLW7iEpxhw
jdU8Qbhh9z6403SpM9CdmhkouvzLK4D1CKDJKaWSdqljJ5uMTKfoe3Kor/w+4NTU
qjjoCn2B7L/P1JK5WqW2nVCPJQauHj0szITLkAgq/QkKSLvzB8XIbQR7MUoEuZ6c
8h15WVqupHPLbb35KzcY2EOTvQ1JW1teBVwfXT7OhqF1j+4Oc1sulhYHowIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPGihYMGUsqaeTYO+IuTxCKLKuzNMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvOGFLRmd3WlN5cHA1Tmc3NGk1UEVJb3NxN00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuRhtAwQB
uU2KAwQAuWkvAwQAuXA7AwQAubHtMA0GCSqGSIb3DQEBCwUAA4IBAQBuvC33CUjB
ZpS5JHP+WAn1VzhQuMJL2L+V++B70v3uQrxBRUCQBRKG9Sr44o4CV+ljFlQk9UdJ
qtdtI+q0oFW85Ypg2b9XBIBMEs8wA1AkpgMFbXZTHeu5rhjQN6/mi8RL6LWl9HSG
sk0MJgIFvncY9xvwheG49P62Pxo/O4iyLPQZd6IVeNFCVOiHkGvno2osP4z1b+yP
/KBLmsFDESJUGHNFBXm+Mye7gDQg25bfSI44VOsStlqg2aO97/mGgkVTkNODwmO6
mw9SBD5qT9UGS8i/k0ztixvyIQfKNikGLLAEGdpC2jndt7+/+MYya5wYUtVQIuX3
FEUsSNp6jd5G
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-ams.rpki-client.org