Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/aEM-hZIddMs7w8ob7R4u30yRgYM.roa
File: aEM-hZIddMs7w8ob7R4u30yRgYM.roa (raw, json)
Hash identifier: TtH9c/O5+WLHWlUQXsvzwri5A6S6PERMvVMCqhJTKks=
Subject key identifier: 68:43:3E:85:92:1D:74:CB:3B:C3:CA:1B:ED:1E:2E:DF:4C:91:81:83
Certificate issuer: /CN=61ba0be7cce380e6bb74e3c5fcea081e9799ae54
Certificate serial: 01860C93CBA113A81C7A2737B773EEAC0AC8
Authority key identifier: 61:BA:0B:E7:CC:E3:80:E6:BB:74:E3:C5:FC:EA:08:1E:97:99:AE:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/aEM-hZIddMs7w8ob7R4u30yRgYM.roa
Signing time: Wed 01 Feb 2023 10:44:17 +0000
ROA not before: Wed 01 Feb 2023 10:44:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24631
IP address blocks: 185.137.24.0/24 maxlen: 24
185.137.26.0/24 maxlen: 24
185.137.25.0/24 maxlen: 24
185.137.27.0/24 maxlen: 24
185.191.78.0/24 maxlen: 24
185.191.77.0/24 maxlen: 24
185.191.76.0/24 maxlen: 24
185.191.79.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:93:cb:a1:13:a8:1c:7a:27:37:b7:73:ee:ac:0a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61ba0be7cce380e6bb74e3c5fcea081e9799ae54
Validity
Not Before: Feb 1 10:44:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68433e85921d74cb3bc3ca1bed1e2edf4c918183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:65:7b:c5:dd:45:82:4e:29:c8:55:41:41:e9:
8c:0c:ad:bd:18:9d:19:ff:eb:20:b0:7c:c5:64:f4:
97:7f:57:a8:c1:3d:44:98:85:05:ec:78:26:47:62:
53:e1:7f:96:c8:d2:19:e1:f2:45:fd:05:56:9b:ae:
9e:c4:b1:b0:c9:13:9b:65:3b:d2:8f:1e:e0:ef:36:
c3:78:a0:d8:2a:67:00:05:b7:55:ab:2a:55:5f:6c:
71:e5:49:fb:26:d2:c8:99:a1:41:ba:98:92:6a:c8:
f4:f1:8c:0a:c6:99:05:5c:df:8e:9c:2c:a0:21:42:
a8:5e:b1:1b:f8:37:22:4c:72:ce:df:01:26:f6:cf:
20:48:5e:ed:95:c7:51:5b:fe:8a:9d:b1:e1:fb:d8:
c7:0b:12:3e:8f:ed:1b:49:ed:86:2d:67:43:57:c4:
07:62:76:35:ab:ec:b3:a6:89:16:86:7a:ce:38:d8:
85:dd:ea:d9:6a:00:6c:7e:b2:b4:56:2b:de:cf:a8:
24:50:1e:d7:43:d2:0b:8d:98:c9:11:a8:31:eb:54:
28:f8:c0:a8:83:78:53:26:aa:ca:bb:cc:a0:7c:a5:
2f:83:74:8a:5d:df:8a:14:23:f4:d0:df:bd:51:3c:
30:cf:58:97:78:13:02:f6:8a:14:37:a1:08:49:72:
52:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:43:3E:85:92:1D:74:CB:3B:C3:CA:1B:ED:1E:2E:DF:4C:91:81:83
X509v3 Authority Key Identifier:
keyid:61:BA:0B:E7:CC:E3:80:E6:BB:74:E3:C5:FC:EA:08:1E:97:99:AE:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/aEM-hZIddMs7w8ob7R4u30yRgYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/YboL58zjgOa7dOPF_OoIHpeZrlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.24.0/22
185.191.76.0/22
Signature Algorithm: sha256WithRSAEncryption
cc:dd:62:24:8b:f9:0c:20:4b:a7:2a:60:e3:48:97:28:ed:0c:
bc:eb:c4:1c:7f:4d:71:3c:e2:94:ba:94:48:11:a1:25:b4:6e:
61:96:57:ed:9b:6f:3b:0c:e6:39:c1:5b:72:46:09:65:aa:e6:
07:22:b1:3d:ba:43:a5:90:90:4a:58:fd:71:f6:b8:a6:c0:42:
df:56:67:f4:87:d2:e0:46:d8:c5:fe:d3:76:42:b8:98:b2:e0:
09:04:0d:83:00:06:87:5f:0b:70:3a:70:be:a7:68:a6:94:b8:
f9:44:30:00:4d:a6:43:c2:c1:77:67:bb:1c:ac:9d:36:92:ed:
d1:54:5b:38:ea:47:d7:1e:49:7e:8f:b6:04:b6:83:73:6c:32:
da:b6:54:eb:42:ef:1f:f5:62:03:ea:ad:93:47:19:b4:2d:ea:
82:87:aa:b7:0a:4b:47:b3:a1:d8:24:fd:fc:e6:0b:19:97:b1:
de:2a:06:50:86:9d:d5:81:43:02:32:b5:cc:59:02:af:8d:8d:
33:ea:9c:5f:fb:1e:fd:e3:a8:e6:0f:98:25:6c:81:2b:4e:34:
62:1c:e2:98:78:c8:68:e8:48:0b:c0:a2:20:65:e0:c6:f4:a3:
19:89:d3:b6:58:cd:65:49:7b:fc:90:ec:78:bd:ca:0b:9a:45:
e7:4a:d6:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYMk8uhE6gceic3t3PurArIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYmEwYmU3Y2NlMzgwZTZiYjc0ZTNjNWZjZWEwODFlOTc5
OWFlNTQwHhcNMjMwMjAxMTA0NDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQzM2U4NTkyMWQ3NGNiM2JjM2NhMWJlZDFlMmVkZjRjOTE4MTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWV7xd1Fgk4pyFVBQemMDK29GJ0Z
/+sgsHzFZPSXf1eowT1EmIUF7HgmR2JT4X+WyNIZ4fJF/QVWm66exLGwyRObZTvS
jx7g7zbDeKDYKmcABbdVqypVX2xx5Un7JtLImaFBupiSasj08YwKxpkFXN+OnCyg
IUKoXrEb+DciTHLO3wEm9s8gSF7tlcdRW/6KnbHh+9jHCxI+j+0bSe2GLWdDV8QH
YnY1q+yzpokWhnrOONiF3erZagBsfrK0Vivez6gkUB7XQ9ILjZjJEagx61Qo+MCo
g3hTJqrKu8ygfKUvg3SKXd+KFCP00N+9UTwwz1iXeBMC9ooUN6EISXJSHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGhDPoWSHXTLO8PKG+0eLt9MkYGDMB8GA1UdIwQY
MBaAFGG6C+fM44Dmu3TjxfzqCB6Xma5UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJvTDU4empnT2E3ZE9QRl9Pb0lIcGVacmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hMmUzN2QtNGJhNS00MTY1LTlmZDIt
MjEwZDQ4MmE0YjkzLzEvYUVNLWhaSWRkTXM3dzhvYjdSNHUzMHlSZ1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hMmUzN2QtNGJhNS00MTY1LTlmZDItMjEwZDQ4MmE0Yjkz
LzEvWWJvTDU4empnT2E3ZE9QRl9Pb0lIcGVacmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYkYAwQC
ub9MMA0GCSqGSIb3DQEBCwUAA4IBAQDM3WIki/kMIEunKmDjSJco7Qy868Qcf01x
POKUupRIEaEltG5hllftm287DOY5wVtyRgllquYHIrE9ukOlkJBKWP1x9rimwELf
Vmf0h9LgRtjF/tN2QriYsuAJBA2DAAaHXwtwOnC+p2imlLj5RDAATaZDwsF3Z7sc
rJ02ku3RVFs46kfXHkl+j7YEtoNzbDLatlTrQu8f9WID6q2TRxm0LeqCh6q3CktH
s6HYJP385gsZl7HeKgZQhp3VgUMCMrXMWQKvjY0z6pxf+x7946jmD5glbIErTjRi
HOKYeMho6EgLwKIgZeDG9KMZidO2WM1lSXv8kOx4vcoLmkXnStZ/
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:15 2024 by rpki-client on console-fra.rpki-client.org