Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/dN2Yvg5QtGuCndGCZzqJWIpAbkQ.roa
File: dN2Yvg5QtGuCndGCZzqJWIpAbkQ.roa (raw, json)
Hash identifier: ydILps+vtNDy21p7Eqhpy9Cbsrjb7gfWi+0nIaKVPH0=
Subject key identifier: 74:DD:98:BE:0E:50:B4:6B:82:9D:D1:82:67:3A:89:58:8A:40:6E:44
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 018D2FF8A88BACFB517833E495FFC1B66804
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/dN2Yvg5QtGuCndGCZzqJWIpAbkQ.roa
Signing time: Mon 22 Jan 2024 07:00:41 +0000
ROA not before: Mon 22 Jan 2024 07:00:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.81.28.0/22 maxlen: 24
188.64.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 06:52:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2f:f8:a8:8b:ac:fb:51:78:33:e4:95:ff:c1:b6:68:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Jan 22 07:00:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74dd98be0e50b46b829dd182673a89588a406e44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bb:27:19:c2:04:7b:d1:51:e0:e9:1a:d5:e2:
2a:48:29:2f:8f:26:2a:8b:43:63:22:73:d1:a0:7c:
7f:c8:47:54:91:73:34:95:2f:92:f4:e7:f2:ac:14:
19:c3:68:0e:8b:cb:3e:1b:21:aa:dd:60:a9:aa:d1:
91:6b:36:ce:d4:fd:85:09:d8:4b:31:59:d4:d7:83:
1d:2c:27:e7:fe:67:24:1b:9d:e8:cc:be:27:56:8b:
49:e5:23:2c:64:81:dc:12:7b:54:89:6c:d9:93:97:
bb:49:7b:87:12:6a:08:27:70:a7:be:f8:95:ec:61:
a7:cf:43:a7:de:63:a1:50:45:1a:cb:99:07:13:d1:
51:94:bc:0f:8d:a9:b3:4e:b5:d9:1a:21:e0:b4:21:
cf:bd:06:b5:80:15:3c:6d:fc:59:c9:18:40:62:fb:
07:35:2c:1a:87:97:8b:a3:db:9e:50:c7:09:36:b4:
96:10:4d:5e:e0:2f:49:dd:10:8e:99:f6:a0:b6:8f:
7b:a7:28:01:8b:4b:d5:b9:01:1f:47:f3:bd:f5:e5:
aa:24:21:02:b5:4e:c4:cc:ab:10:dd:ac:9c:96:12:
69:b0:13:b3:eb:80:7d:b0:23:cc:3b:91:a1:68:4b:
21:d6:70:f6:09:c2:30:91:7f:ae:05:a8:f1:96:04:
28:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:DD:98:BE:0E:50:B4:6B:82:9D:D1:82:67:3A:89:58:8A:40:6E:44
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/dN2Yvg5QtGuCndGCZzqJWIpAbkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.28.0/22
188.64.108.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:aa:86:01:d3:2c:4c:da:87:26:1d:2e:b5:a5:c1:5d:6f:34:
0e:ba:96:7b:db:6b:e9:89:4f:b2:66:e5:dc:4e:ba:5e:cf:b4:
c5:26:70:49:2d:b5:1e:38:05:a9:4e:94:1a:99:2f:4f:c3:68:
8f:5b:03:97:96:5d:df:e5:7c:20:1c:7a:f8:3f:3c:df:a9:b2:
1d:7a:49:bc:53:d1:53:48:94:b8:9d:a2:ca:1b:d8:ac:c7:e8:
34:b8:da:85:d0:3f:b7:e5:a1:d0:b6:0b:46:26:94:f4:fd:8b:
80:5f:b5:1f:77:dc:e6:df:a2:1b:00:79:6e:bd:bd:de:ce:1f:
85:54:1c:43:30:e4:5e:35:21:55:29:fd:60:51:45:64:09:36:
8a:e7:5e:e6:00:5c:72:83:12:8e:05:a2:b1:25:49:01:f9:49:
d8:69:d4:92:76:de:24:2a:9e:ea:8b:44:0e:28:0d:d6:c0:b4:
7e:c2:0d:2d:b7:70:81:93:b5:f7:ca:92:1d:fd:75:04:4e:24:
34:4b:ba:63:47:6f:6a:1d:f8:2c:43:a4:ff:51:1c:f8:71:f1:
98:2d:e9:24:cd:72:56:81:05:7c:a4:98:1c:28:4e:df:17:fb:
46:88:42:d9:62:9b:d9:17:82:26:94:09:a3:1d:8f:93:81:27:
f2:e5:7a:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0v+KiLrPtReDPklf/BtmgEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjQwMTIyMDcwMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGRkOThiZTBlNTBiNDZiODI5ZGQxODI2NzNhODk1ODhhNDA2ZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7snGcIEe9FR4Oka1eIqSCkvjyYq
i0NjInPRoHx/yEdUkXM0lS+S9OfyrBQZw2gOi8s+GyGq3WCpqtGRazbO1P2FCdhL
MVnU14MdLCfn/mckG53ozL4nVotJ5SMsZIHcEntUiWzZk5e7SXuHEmoIJ3CnvviV
7GGnz0On3mOhUEUay5kHE9FRlLwPjamzTrXZGiHgtCHPvQa1gBU8bfxZyRhAYvsH
NSwah5eLo9ueUMcJNrSWEE1e4C9J3RCOmfagto97pygBi0vVuQEfR/O99eWqJCEC
tU7EzKsQ3ayclhJpsBOz64B9sCPMO5GhaEsh1nD2CcIwkX+uBajxlgQoNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHTdmL4OULRrgp3Rgmc6iViKQG5EMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvZE4yWXZnNVF0R3VDbmRHQ1p6cUpXSXBBYmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVEcAwQC
vEBsMA0GCSqGSIb3DQEBCwUAA4IBAQCiqoYB0yxM2ocmHS61pcFdbzQOupZ722vp
iU+yZuXcTrpez7TFJnBJLbUeOAWpTpQamS9Pw2iPWwOXll3f5XwgHHr4PzzfqbId
ekm8U9FTSJS4naLKG9isx+g0uNqF0D+35aHQtgtGJpT0/YuAX7Ufd9zm36IbAHlu
vb3ezh+FVBxDMOReNSFVKf1gUUVkCTaK517mAFxygxKOBaKxJUkB+UnYadSSdt4k
Kp7qi0QOKA3WwLR+wg0tt3CBk7X3ypId/XUETiQ0S7pjR29qHfgsQ6T/URz4cfGY
LekkzXJWgQV8pJgcKE7fF/tGiELZYpvZF4ImlAmjHY+TgSfy5XrC
-----END CERTIFICATE-----
Generated at Mon Jan 29 11:27:41 2024 by rpki-client on console-fra.rpki-client.org