Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/iIZpg6Ho1sVX4llrgERQGRMy4Ok.roa
File: iIZpg6Ho1sVX4llrgERQGRMy4Ok.roa (raw, json)
Hash identifier: V5Fsqhat0yPBza8Q2Axe7w7N8ShgqQT/eZaz6tR6rwM=
Subject key identifier: 88:86:69:83:A1:E8:D6:C5:57:E2:59:6B:80:44:50:19:13:32:E0:E9
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 018FE9E28619B66223C4F93C9FFEDAF0A6D2
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/iIZpg6Ho1sVX4llrgERQGRMy4Ok.roa
Signing time: Wed 05 Jun 2024 19:31:27 +0000
ROA not before: Wed 05 Jun 2024 19:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34871
IP address blocks: 185.240.148.0/23 maxlen: 23
185.240.148.0/24 maxlen: 24
185.240.151.0/24 maxlen: 24
195.238.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 05:21:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e9:e2:86:19:b6:62:23:c4:f9:3c:9f:fe:da:f0:a6:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jun 5 19:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88866983a1e8d6c557e2596b804450191332e0e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:5c:39:3b:4f:13:3b:f3:67:28:de:eb:10:8d:
f2:e9:ec:36:58:09:54:cc:35:c5:db:2c:16:ee:5f:
4e:b1:ec:eb:b6:26:13:78:a0:8b:bf:48:e3:26:e4:
aa:c4:49:c8:5b:0b:e4:97:96:21:cd:69:7d:ef:0e:
1f:30:48:85:6e:23:d9:02:e4:1f:c3:b5:58:3a:e0:
41:05:5a:ad:0a:20:13:e7:75:34:af:e7:d9:6a:21:
2f:6c:00:6b:c9:1a:81:1a:0a:50:64:99:19:55:0f:
58:02:2c:4d:21:a3:16:df:d5:82:35:dc:d7:fe:7a:
77:e1:f7:00:5f:b8:ca:7e:53:3f:75:2c:85:32:17:
a0:5f:7d:ac:d2:8a:0c:e8:5b:c6:a1:9f:5e:17:5b:
dc:db:ff:39:16:e5:ee:4d:97:b9:27:cd:72:57:ae:
be:f6:60:80:56:7f:f0:31:59:00:27:28:ca:2b:55:
8f:9e:90:fb:88:80:95:bd:31:41:c8:bb:30:5e:ba:
74:91:2e:c0:8a:6d:ba:9c:7c:ca:6a:1e:89:87:0e:
b1:da:92:e9:fc:c4:b4:d4:a3:0f:eb:95:a6:42:40:
1c:76:cb:0e:69:17:04:e5:7f:71:47:69:be:e7:02:
d1:9e:33:ea:db:f4:fe:80:a7:19:9d:bd:91:e9:2f:
1c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:86:69:83:A1:E8:D6:C5:57:E2:59:6B:80:44:50:19:13:32:E0:E9
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/iIZpg6Ho1sVX4llrgERQGRMy4Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.148.0/23
185.240.151.0/24
195.238.240.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:59:a2:e3:af:43:31:c7:07:16:be:43:53:24:c3:38:3c:96:
fc:a8:ef:ed:b9:60:1e:cd:85:8e:7f:21:84:0b:f9:c9:b6:c6:
b3:f9:20:58:a3:7d:8d:85:01:fb:c8:aa:30:5d:50:12:11:59:
a4:7b:4f:9a:2b:78:b5:5c:27:c4:5a:88:5c:61:16:d8:fa:6e:
81:75:a5:ae:f1:94:e5:96:a0:40:e0:9b:db:2e:48:ec:3b:6f:
0f:ac:9e:7f:b7:c3:8a:30:57:78:7d:98:50:81:c0:a2:48:a8:
9c:8e:ed:db:f6:2f:10:85:a5:8a:3d:bd:3b:61:fb:33:eb:8b:
cd:47:59:86:e2:94:48:9b:ed:31:ea:29:47:5e:a5:e7:52:d4:
54:28:10:e8:a4:a8:e8:46:a7:3d:b3:06:77:6b:38:59:b8:25:
cf:a7:46:7c:5b:d2:59:2f:2e:d3:88:d7:81:ff:58:e4:6b:ca:
cb:cd:4e:a3:b5:0f:28:eb:71:1b:8f:e0:75:25:28:71:d7:f7:
99:8e:29:f8:13:6d:40:1f:46:73:bc:a7:e3:fb:43:4b:a1:6f:
6d:1c:20:78:87:13:eb:d6:8c:0d:50:41:6a:ef:65:53:62:b3:
f5:8c:cd:d2:d9:d9:9b:79:c1:9a:9e:ec:c6:ce:16:bc:0c:b0:
06:3e:bb:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/p4oYZtmIjxPk8n/7a8KbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjQwNjA1MTkzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODg2Njk4M2ExZThkNmM1NTdlMjU5NmI4MDQ0NTAxOTEzMzJlMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Fw5O08TO/NnKN7rEI3y6ew2WAlU
zDXF2ywW7l9OsezrtiYTeKCLv0jjJuSqxEnIWwvkl5YhzWl97w4fMEiFbiPZAuQf
w7VYOuBBBVqtCiAT53U0r+fZaiEvbABryRqBGgpQZJkZVQ9YAixNIaMW39WCNdzX
/np34fcAX7jKflM/dSyFMhegX32s0ooM6FvGoZ9eF1vc2/85FuXuTZe5J81yV66+
9mCAVn/wMVkAJyjKK1WPnpD7iICVvTFByLswXrp0kS7Aim26nHzKah6Jhw6x2pLp
/MS01KMP65WmQkAcdssOaRcE5X9xR2m+5wLRnjPq2/T+gKcZnb2R6S8cEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIiGaYOh6NbFV+JZa4BEUBkTMuDpMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvaUlacGc2SG8xc1ZYNGxscmdFUlFHUk15NE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBufCUAwQA
ufCXAwQAw+7wMA0GCSqGSIb3DQEBCwUAA4IBAQBfWaLjr0MxxwcWvkNTJMM4PJb8
qO/tuWAezYWOfyGEC/nJtsaz+SBYo32NhQH7yKowXVASEVmke0+aK3i1XCfEWohc
YRbY+m6BdaWu8ZTllqBA4JvbLkjsO28PrJ5/t8OKMFd4fZhQgcCiSKicju3b9i8Q
haWKPb07Yfsz64vNR1mG4pRIm+0x6ilHXqXnUtRUKBDopKjoRqc9swZ3azhZuCXP
p0Z8W9JZLy7TiNeB/1jka8rLzU6jtQ8o63Ebj+B1JShx1/eZjin4E21AH0ZzvKfj
+0NLoW9tHCB4hxPr1owNUEFq72VTYrP1jM3S2dmbecGanuzGzha8DLAGPrt6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:25 2025 by rpki-client