Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/8aInC5vBbfib3wMEdpPc8rsQRMU.roa
File: 8aInC5vBbfib3wMEdpPc8rsQRMU.roa (raw, json)
Hash identifier: CYEgny5N8f1sbv/OzlyiWg9mlT6QQig2bb23NW+wMgo=
Subject key identifier: F1:A2:27:0B:9B:C1:6D:F8:9B:DF:03:04:76:93:DC:F2:BB:10:44:C5
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 0186125E2EEE29FCA04BDA931B116B7A7522
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/8aInC5vBbfib3wMEdpPc8rsQRMU.roa
Signing time: Thu 02 Feb 2023 13:43:27 +0000
ROA not before: Thu 02 Feb 2023 13:43:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206385
IP address blocks: 37.230.136.0/24 maxlen: 24
185.2.33.0/24 maxlen: 24
178.170.253.0/24 maxlen: 24
37.18.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:5e:2e:ee:29:fc:a0:4b:da:93:1b:11:6b:7a:75:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Feb 2 13:43:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1a2270b9bc16df89bdf03047693dcf2bb1044c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:3e:f8:14:47:05:28:bc:21:0c:fd:02:7a:f8:
d9:8b:54:ea:53:9f:ac:e4:8d:60:52:35:fb:29:f9:
13:54:0f:b7:05:69:5b:79:fd:88:62:38:5a:83:83:
57:23:0f:dd:a4:0c:30:6f:de:8f:27:dd:80:6c:5c:
99:d6:3b:a3:03:55:8b:23:4e:a7:90:e1:c0:10:94:
08:31:90:20:1c:13:a5:ea:10:6d:07:a9:68:a2:23:
dd:a8:d6:52:d8:59:a7:2f:d6:6a:a1:d9:a4:3c:c9:
4f:4d:b9:70:9a:bd:1c:e4:1a:c6:3d:e2:a2:30:5b:
50:1e:f4:9a:79:bd:8a:c1:be:c7:cb:7b:f0:26:70:
fc:4a:78:58:3d:49:95:08:41:33:fe:a9:86:30:90:
e9:10:de:4c:f4:8f:65:b4:e1:f3:7c:f8:de:71:e8:
d0:35:ec:a4:b7:04:da:f3:70:6e:7d:15:00:07:66:
04:1d:17:34:28:67:5d:c5:e9:95:25:6a:78:de:f9:
5b:c0:24:35:a1:bf:05:6d:51:ee:ec:26:dd:f6:fb:
7f:fb:e7:6c:2e:1e:03:61:5b:51:a2:34:aa:72:92:
dc:7d:6c:59:4c:58:41:95:8b:fc:19:97:95:73:e6:
68:b9:fa:48:6d:34:96:88:41:92:15:74:65:a3:39:
38:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A2:27:0B:9B:C1:6D:F8:9B:DF:03:04:76:93:DC:F2:BB:10:44:C5
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/8aInC5vBbfib3wMEdpPc8rsQRMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.41.0/24
37.230.136.0/24
178.170.253.0/24
185.2.33.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:83:50:ac:50:51:4f:d6:c9:1d:6a:60:df:63:e8:7e:a8:39:
3f:4b:78:ad:56:c8:83:a1:bf:2c:0a:c7:d8:e9:40:43:f2:6a:
fc:2a:bf:37:9a:f0:b3:08:a7:78:16:4b:df:01:37:a1:2b:9b:
75:d2:39:34:65:4c:13:8b:05:25:77:35:e6:84:c5:6d:15:06:
94:cb:fc:52:6e:cf:a1:1b:a9:b0:09:a6:95:03:c6:fa:41:c1:
dc:f0:90:2c:a5:4b:56:27:0e:bc:05:07:61:09:8d:ea:c0:9c:
f9:cf:fe:75:81:c3:bb:d4:ed:60:b7:93:8c:a8:54:d0:5c:45:
eb:df:af:04:d6:03:f5:2e:ae:b4:c2:38:ec:2c:2d:2b:ee:8d:
c3:43:2f:94:84:74:ce:74:79:42:3a:77:2c:bf:ad:27:2a:1a:
08:b5:1e:55:bd:f3:03:8d:fc:36:5d:04:b2:a3:dd:44:22:7f:
ed:1f:3d:26:87:18:6f:af:e4:5c:89:8e:ec:b8:b2:44:83:fd:
90:90:54:ba:74:0f:07:6b:e8:24:6e:c7:23:45:47:fe:71:33:
1e:fc:24:00:47:95:4b:0d:36:5a:ea:0d:76:a4:07:44:4c:63:
ff:bb:12:d5:c6:2a:81:c7:f1:15:f3:e2:20:92:5b:a5:62:04:
30:69:1d:fa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYSXi7uKfygS9qTGxFrenUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMjAyMTM0MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWEyMjcwYjliYzE2ZGY4OWJkZjAzMDQ3NjkzZGNmMmJiMTA0NGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgD74FEcFKLwhDP0CevjZi1TqU5+s
5I1gUjX7KfkTVA+3BWlbef2IYjhag4NXIw/dpAwwb96PJ92AbFyZ1jujA1WLI06n
kOHAEJQIMZAgHBOl6hBtB6looiPdqNZS2FmnL9ZqodmkPMlPTblwmr0c5BrGPeKi
MFtQHvSaeb2Kwb7Hy3vwJnD8SnhYPUmVCEEz/qmGMJDpEN5M9I9ltOHzfPjecejQ
NeyktwTa83BufRUAB2YEHRc0KGddxemVJWp43vlbwCQ1ob8FbVHu7Cbd9vt/++ds
Lh4DYVtRojSqcpLcfWxZTFhBlYv8GZeVc+ZoufpIbTSWiEGSFXRlozk44wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPGiJwubwW34m98DBHaT3PK7EETFMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvOGFJbkM1dkJiZmliM3dNRWRwUGM4cnNRUk1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJRIpAwQA
JeaIAwQAsqr9AwQAuQIhMA0GCSqGSIb3DQEBCwUAA4IBAQA8g1CsUFFP1skdamDf
Y+h+qDk/S3itVsiDob8sCsfY6UBD8mr8Kr83mvCzCKd4FkvfATehK5t10jk0ZUwT
iwUldzXmhMVtFQaUy/xSbs+hG6mwCaaVA8b6QcHc8JAspUtWJw68BQdhCY3qwJz5
z/51gcO71O1gt5OMqFTQXEXr368E1gP1Lq60wjjsLC0r7o3DQy+UhHTOdHlCOncs
v60nKhoItR5VvfMDjfw2XQSyo91EIn/tHz0mhxhvr+RciY7suLJEg/2QkFS6dA8H
a+gkbscjRUf+cTMe/CQAR5VLDTZa6g12pAdETGP/uxLVxiqBx/EV8+IgklulYgQw
aR36
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org