Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/iOo_Ff0ghsAn1GGSajHN3KhWwHQ.roa
File: iOo_Ff0ghsAn1GGSajHN3KhWwHQ.roa (raw, json)
Hash identifier: 5gnwu3bbN652bWLIzVmLdT2RVvRBo5dYAIXYD/2+c2o=
Subject key identifier: 88:EA:3F:15:FD:20:86:C0:27:D4:61:92:6A:31:CD:DC:A8:56:C0:74
Certificate issuer: /CN=662f55d377127f28ce26b78fd83becf41becad4b
Certificate serial: 018722381FFF89D78596ED3A3D79D5B1F6E9
Authority key identifier: 66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/iOo_Ff0ghsAn1GGSajHN3KhWwHQ.roa
Signing time: Mon 27 Mar 2023 08:38:36 +0000
ROA not before: Mon 27 Mar 2023 08:38:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49683
IP address blocks: 185.122.164.0/24 maxlen: 24
185.122.165.0/24 maxlen: 24
185.122.166.0/24 maxlen: 24
185.122.167.0/24 maxlen: 24
185.168.192.0/24 maxlen: 24
185.168.193.0/24 maxlen: 24
185.168.194.0/24 maxlen: 24
185.168.195.0/24 maxlen: 24
185.85.240.0/24 maxlen: 24
185.85.243.0/24 maxlen: 24
185.85.241.0/24 maxlen: 24
185.85.242.0/24 maxlen: 24
31.25.234.0/24 maxlen: 24
185.184.68.0/24 maxlen: 24
185.184.69.0/24 maxlen: 24
185.184.70.0/24 maxlen: 24
185.184.71.0/24 maxlen: 24
185.116.236.0/24 maxlen: 24
185.116.237.0/24 maxlen: 24
185.116.239.0/24 maxlen: 24
185.44.64.0/24 maxlen: 24
185.44.65.0/24 maxlen: 24
185.44.66.0/24 maxlen: 24
185.44.67.0/24 maxlen: 24
185.189.58.0/24 maxlen: 24
185.189.56.0/24 maxlen: 24
185.189.57.0/24 maxlen: 24
185.189.59.0/24 maxlen: 24
2a0a:2f00:1::/48 maxlen: 48
2a0a:2f00:3::/48 maxlen: 48
2a0a:2f00:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:22:38:1f:ff:89:d7:85:96:ed:3a:3d:79:d5:b1:f6:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=662f55d377127f28ce26b78fd83becf41becad4b
Validity
Not Before: Mar 27 08:38:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88ea3f15fd2086c027d461926a31cddca856c074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fe:7f:31:26:8b:0a:af:2a:6a:20:b9:f8:b2:
cf:77:dd:b2:ce:6d:5e:c7:6d:e1:f3:34:26:2b:03:
d1:a6:17:eb:7e:92:4e:7f:c3:ae:44:74:59:8b:61:
77:e5:89:f0:fd:c3:26:62:7a:83:e5:2d:e5:e1:4d:
fa:3c:d2:f4:21:c8:de:60:48:f9:11:7c:d5:b3:9d:
b8:34:f4:55:92:f9:6c:4d:9b:93:79:69:a7:f4:7d:
21:da:4f:a0:23:a7:85:67:64:59:83:80:e6:37:cd:
e9:35:cd:2e:a0:12:96:ef:28:73:f7:2d:af:ec:7b:
9e:6e:d4:eb:8a:32:f8:0d:fc:76:de:c4:56:66:54:
5d:3b:8c:42:dc:0f:75:15:34:3a:40:90:a4:6d:b7:
b7:bb:71:34:db:69:42:ec:a6:0c:64:10:0a:6c:e0:
e5:b9:39:87:73:dc:f4:e5:73:0b:1d:c2:bf:a1:ab:
5a:01:33:7c:6f:d6:6d:96:52:45:ee:c8:d7:38:66:
68:6f:3c:b5:f1:ac:99:8a:57:05:1c:e2:6f:1d:62:
06:3b:8c:20:9a:3a:8c:69:79:60:bc:9a:24:02:ae:
3e:99:8f:71:76:fa:71:8d:8a:45:d8:59:18:e4:0b:
40:ba:00:68:3f:0a:ac:83:9d:70:5c:6c:13:d9:4e:
86:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:EA:3F:15:FD:20:86:C0:27:D4:61:92:6A:31:CD:DC:A8:56:C0:74
X509v3 Authority Key Identifier:
keyid:66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/iOo_Ff0ghsAn1GGSajHN3KhWwHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.234.0/24
185.44.64.0/22
185.85.240.0/22
185.116.236.0/23
185.116.239.0/24
185.122.164.0/22
185.168.192.0/22
185.184.68.0/22
185.189.56.0/22
IPv6:
2a0a:2f00:1::-2a0a:2f00:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2e:f8:27:cd:4d:ea:ff:13:5b:75:d2:f4:94:e8:1f:dc:f7:16:
b2:bb:49:97:7f:e5:95:38:76:47:f0:e3:39:8d:19:cd:0b:f3:
05:6e:23:c6:a5:05:7f:3a:fe:3a:21:44:ba:3e:c6:c2:83:69:
f8:d3:05:db:32:a7:f8:32:4a:58:31:f6:0c:30:aa:e9:93:ab:
9e:ca:a4:71:71:4b:e2:dc:04:0b:4f:11:dd:f8:d2:0d:9f:ea:
5e:7a:5b:6a:4e:ef:38:02:5b:78:5d:9e:8b:1a:4a:0a:4f:e4:
65:60:03:f6:6d:cd:84:cc:17:9a:0e:31:31:a7:88:97:46:fc:
f7:87:75:32:9e:b6:db:05:f5:d6:be:e6:d0:9f:12:82:a1:69:
a0:98:82:a6:45:73:0c:a0:d1:57:22:67:5d:5c:ac:15:14:f5:
aa:06:eb:de:1d:9e:72:40:44:bb:76:2e:4f:e8:6a:af:84:04:
59:89:4c:7a:aa:8f:98:9e:32:cc:7c:fe:61:c4:e9:d7:26:e5:
56:40:a6:47:00:95:65:b4:bb:da:5a:26:83:b9:9e:14:6b:02:
55:27:d4:ff:20:6c:22:bf:d1:5a:64:a0:ff:53:5b:b8:60:a9:
81:cd:48:8d:f3:36:2f:65:61:25:ad:6e:1c:e0:2f:28:8c:90:
76:c1:04:97
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYciOB//ideFlu06PXnVsfbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MmY1NWQzNzcxMjdmMjhjZTI2Yjc4ZmQ4M2JlY2Y0MWJl
Y2FkNGIwHhcNMjMwMzI3MDgzODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGVhM2YxNWZkMjA4NmMwMjdkNDYxOTI2YTMxY2RkY2E4NTZjMDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApP5/MSaLCq8qaiC5+LLPd92yzm1e
x23h8zQmKwPRphfrfpJOf8OuRHRZi2F35Ynw/cMmYnqD5S3l4U36PNL0IcjeYEj5
EXzVs524NPRVkvlsTZuTeWmn9H0h2k+gI6eFZ2RZg4DmN83pNc0uoBKW7yhz9y2v
7HuebtTrijL4Dfx23sRWZlRdO4xC3A91FTQ6QJCkbbe3u3E022lC7KYMZBAKbODl
uTmHc9z05XMLHcK/oataATN8b9ZtllJF7sjXOGZobzy18ayZilcFHOJvHWIGO4wg
mjqMaXlgvJokAq4+mY9xdvpxjYpF2FkY5AtAugBoPwqsg51wXGwT2U6GQwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFIjqPxX9IIbAJ9RhkmoxzdyoVsB0MB8GA1UdIwQY
MBaAFGYvVdN3En8ozia3j9g77PQb7K1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgt
OGJlMTQ2MjUzMzU2LzEvaU9vX0ZmMGdoc0FuMUdHU2FqSE4zS2hXd0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgtOGJlMTQ2MjUzMzU2
LzEvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjA8BAIAATA2AwQAHxnqAwQC
uSxAAwQCuVXwAwQBuXTsAwQAuXTvAwQCuXqkAwQCuajAAwQCubhEAwQCub04MBoE
AgACMBQwEgMHACoKLwAAAQMHAioKLwAAADANBgkqhkiG9w0BAQsFAAOCAQEALvgn
zU3q/xNbddL0lOgf3PcWsrtJl3/llTh2R/DjOY0ZzQvzBW4jxqUFfzr+OiFEuj7G
woNp+NMF2zKn+DJKWDH2DDCq6ZOrnsqkcXFL4twEC08R3fjSDZ/qXnpbak7vOAJb
eF2eixpKCk/kZWAD9m3NhMwXmg4xMaeIl0b894d1Mp622wX11r7m0J8SgqFpoJiC
pkVzDKDRVyJnXVysFRT1qgbr3h2eckBEu3YuT+hqr4QEWYlMeqqPmJ4yzHz+YcTp
1yblVkCmRwCVZbS72lomg7meFGsCVSfU/yBsIr/RWmSg/1NbuGCpgc1IjfM2L2Vh
Ja1uHOAvKIyQdsEElw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:51 2024 by rpki-client on console-ams.rpki-client.org