Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/nhI2vPZnLOZT_3Z7qaO0UHIQLjw.roa
File: nhI2vPZnLOZT_3Z7qaO0UHIQLjw.roa (raw, json)
Hash identifier: TSeISym5onFdApY4nBg3kaD/9QI2uE27lsv4eD2OpEQ=
Subject key identifier: 9E:12:36:BC:F6:67:2C:E6:53:FF:76:7B:A9:A3:B4:50:72:10:2E:3C
Certificate issuer: /CN=61ba0be7cce380e6bb74e3c5fcea081e9799ae54
Certificate serial: 01856DCB08D358E7090B199664AACEF7AFC2
Authority key identifier: 61:BA:0B:E7:CC:E3:80:E6:BB:74:E3:C5:FC:EA:08:1E:97:99:AE:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/nhI2vPZnLOZT_3Z7qaO0UHIQLjw.roa
Signing time: Sun 01 Jan 2023 14:45:00 +0000
ROA not before: Sun 01 Jan 2023 14:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24631
IP address blocks: 185.137.24.0/24 maxlen: 24
185.137.25.0/24 maxlen: 24
185.137.27.0/24 maxlen: 24
185.191.78.0/24 maxlen: 24
185.191.77.0/24 maxlen: 24
185.191.76.0/24 maxlen: 24
185.191.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Feb 2023 10:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:cb:08:d3:58:e7:09:0b:19:96:64:aa:ce:f7:af:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61ba0be7cce380e6bb74e3c5fcea081e9799ae54
Validity
Not Before: Jan 1 14:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e1236bcf6672ce653ff767ba9a3b45072102e3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:e8:4f:d3:2a:b9:26:90:fd:46:6b:39:82:92:
c4:ac:08:49:0f:46:b0:a0:81:73:39:05:7f:2f:e3:
cf:a7:34:ee:24:47:5d:f9:78:0f:a6:c3:f2:a8:8d:
e9:60:d2:f6:46:08:aa:65:87:7b:93:46:25:e8:db:
98:2c:bf:22:4c:02:ef:80:46:76:60:11:9f:b5:db:
c8:67:49:fe:e3:42:ee:a7:9c:c2:a1:a6:2b:ff:ad:
7d:5e:a6:16:9d:bd:57:81:58:80:b5:89:72:71:eb:
ef:b8:9a:e0:62:f8:dd:77:dd:5b:06:a9:7c:dd:3a:
c7:45:1b:11:3b:75:05:36:96:0a:fc:b3:aa:8c:48:
7b:66:50:d4:33:1a:b2:df:98:0e:13:8d:ee:14:d8:
9c:40:e6:e3:5a:0d:b6:33:36:78:fb:82:c4:a3:0c:
bb:6d:53:02:0d:43:f5:98:6e:0e:62:cd:0e:e6:75:
2e:b8:e0:5b:61:65:c5:ec:0c:79:1b:af:58:56:1b:
eb:ec:55:18:ad:01:31:bf:ba:98:fd:4b:72:76:fc:
4d:8a:4c:bc:f0:c5:a6:a1:3d:3a:f4:27:8a:38:03:
9f:cd:98:63:c7:0c:5b:91:79:40:0e:09:89:d1:a4:
73:6f:f6:10:f6:f4:83:c4:89:61:9c:da:a7:a4:26:
ec:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:12:36:BC:F6:67:2C:E6:53:FF:76:7B:A9:A3:B4:50:72:10:2E:3C
X509v3 Authority Key Identifier:
keyid:61:BA:0B:E7:CC:E3:80:E6:BB:74:E3:C5:FC:EA:08:1E:97:99:AE:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/nhI2vPZnLOZT_3Z7qaO0UHIQLjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/YboL58zjgOa7dOPF_OoIHpeZrlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.24.0/23
185.137.27.0/24
185.191.76.0/22
Signature Algorithm: sha256WithRSAEncryption
15:44:89:da:99:e7:b1:57:f5:fa:73:50:58:2a:e6:31:c0:fc:
e3:8a:f0:fd:d5:94:5c:4a:12:96:48:f3:ff:11:61:3f:e3:a2:
b8:67:26:8f:3a:82:70:7a:37:97:46:a6:0a:61:61:7d:9c:0d:
e6:4f:f9:83:ab:4f:44:4d:cb:43:3c:b0:3d:82:19:90:72:ec:
c4:62:fe:c1:34:ac:15:cb:e1:c2:59:e8:98:e7:f8:20:ae:9c:
1d:a4:63:4d:a0:75:f5:5e:07:a9:4e:15:ed:25:52:5e:e4:1e:
83:d4:f4:31:9f:1c:ad:b2:d6:b6:be:38:79:c9:d6:a5:39:7a:
37:11:2c:56:45:5c:93:da:23:9b:e7:80:f6:c1:e1:30:c6:93:
02:3e:65:91:c0:4f:92:0c:d7:12:d8:aa:6f:3f:e6:34:37:69:
d8:38:47:93:be:25:46:f5:f2:3b:83:cd:15:81:d1:c2:3b:5d:
26:90:e0:dd:78:93:2d:55:3b:db:e7:76:1c:35:d8:e4:1f:66:
0a:65:8e:15:b4:ba:17:0c:0f:cc:34:d8:89:c7:84:af:4c:b2:
dc:e8:06:eb:5b:c1:ea:97:bc:f6:d0:ac:d8:24:00:c8:4e:ce:
b3:55:b4:6d:5d:91:7e:68:ff:2a:64:11:50:54:72:de:e3:91:
08:8d:19:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtywjTWOcJCxmWZKrO96/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYmEwYmU3Y2NlMzgwZTZiYjc0ZTNjNWZjZWEwODFlOTc5
OWFlNTQwHhcNMjMwMTAxMTQ0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTEyMzZiY2Y2NjcyY2U2NTNmZjc2N2JhOWEzYjQ1MDcyMTAyZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8+hP0yq5JpD9Rms5gpLErAhJD0aw
oIFzOQV/L+PPpzTuJEdd+XgPpsPyqI3pYNL2RgiqZYd7k0Yl6NuYLL8iTALvgEZ2
YBGftdvIZ0n+40Lup5zCoaYr/619XqYWnb1XgViAtYlycevvuJrgYvjdd91bBql8
3TrHRRsRO3UFNpYK/LOqjEh7ZlDUMxqy35gOE43uFNicQObjWg22MzZ4+4LEowy7
bVMCDUP1mG4OYs0O5nUuuOBbYWXF7Ax5G69YVhvr7FUYrQExv7qY/UtydvxNiky8
8MWmoT069CeKOAOfzZhjxwxbkXlADgmJ0aRzb/YQ9vSDxIlhnNqnpCbscwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ4SNrz2ZyzmU/92e6mjtFByEC48MB8GA1UdIwQY
MBaAFGG6C+fM44Dmu3TjxfzqCB6Xma5UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJvTDU4empnT2E3ZE9QRl9Pb0lIcGVacmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hMmUzN2QtNGJhNS00MTY1LTlmZDIt
MjEwZDQ4MmE0YjkzLzEvbmhJMnZQWm5MT1pUXzNaN3FhTzBVSElRTGp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hMmUzN2QtNGJhNS00MTY1LTlmZDItMjEwZDQ4MmE0Yjkz
LzEvWWJvTDU4empnT2E3ZE9QRl9Pb0lIcGVacmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuYkYAwQA
uYkbAwQCub9MMA0GCSqGSIb3DQEBCwUAA4IBAQAVRInameexV/X6c1BYKuYxwPzj
ivD91ZRcShKWSPP/EWE/46K4ZyaPOoJwejeXRqYKYWF9nA3mT/mDq09ETctDPLA9
ghmQcuzEYv7BNKwVy+HCWeiY5/ggrpwdpGNNoHX1XgepThXtJVJe5B6D1PQxnxyt
sta2vjh5ydalOXo3ESxWRVyT2iOb54D2weEwxpMCPmWRwE+SDNcS2KpvP+Y0N2nY
OEeTviVG9fI7g80VgdHCO10mkODdeJMtVTvb53YcNdjkH2YKZY4VtLoXDA/MNNiJ
x4SvTLLc6AbrW8Hql7z20KzYJADITs6zVbRtXZF+aP8qZBFQVHLe45EIjRnY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:37 2024 by rpki-client on console-ams.rpki-client.org