Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/Kqz4WOgHV7ked-gdcjtI-0RpU_0.roa
File: Kqz4WOgHV7ked-gdcjtI-0RpU_0.roa (raw, json)
Hash identifier: j9fS1rXTpu/zVvD45GWQf5RYo0izXkZvKAalAiky7+0=
Subject key identifier: 2A:AC:F8:58:E8:07:57:B9:1E:77:E8:1D:72:3B:48:FB:44:69:53:FD
Certificate issuer: /CN=7ed500164f0738135b9aec04e38fc24cb90e0f5f
Certificate serial: 0185708CB88C3283CA99CBAA80A8D9A11C25
Authority key identifier: 7E:D5:00:16:4F:07:38:13:5B:9A:EC:04:E3:8F:C2:4C:B9:0E:0F:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/Kqz4WOgHV7ked-gdcjtI-0RpU_0.roa
Signing time: Mon 02 Jan 2023 03:35:48 +0000
ROA not before: Mon 02 Jan 2023 03:35:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204279
IP address blocks: 185.108.250.0/24 maxlen: 24
185.108.249.0/24 maxlen: 24
185.108.248.0/22 maxlen: 24
178.249.192.0/23 maxlen: 24
178.249.192.0/21 maxlen: 24
178.249.194.0/23 maxlen: 24
153.94.16.0/20 maxlen: 24
2a06:4942:200::/40 maxlen: 40
2a06:4942::/41 maxlen: 41
2a01:a4a0::/32 maxlen: 32
2a06:4940::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:b8:8c:32:83:ca:99:cb:aa:80:a8:d9:a1:1c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ed500164f0738135b9aec04e38fc24cb90e0f5f
Validity
Not Before: Jan 2 03:35:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2aacf858e80757b91e77e81d723b48fb446953fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:44:fb:2b:f0:90:a7:97:22:d8:30:c9:cb:2a:
e7:48:53:bd:25:b1:46:1d:3f:fc:f5:b6:ea:be:a1:
7e:4d:4e:b7:ce:c2:65:f1:7f:b4:1b:5c:5b:15:71:
25:6a:5a:28:e4:fb:0e:dd:17:5c:49:04:33:d1:37:
f9:7e:3f:42:4d:cf:d9:ed:85:51:0d:35:7b:ac:fa:
08:40:de:93:7d:fb:1b:4a:0c:cc:11:80:43:bb:e9:
93:14:35:85:0b:20:8e:a7:8a:83:1a:c0:c9:aa:b5:
65:40:8a:fb:c4:f1:2a:7a:d5:dd:87:f4:65:7b:56:
cb:26:0b:46:16:99:a3:d6:b7:a0:a2:73:cd:ca:af:
8a:d0:0b:ee:f4:53:cb:51:3e:ce:a1:94:b0:c6:3d:
c3:b0:9e:6d:49:a6:53:10:83:f8:b0:2d:1d:7d:2d:
66:a8:df:7a:49:ec:02:05:2c:9e:5c:38:a6:1a:a0:
7e:0d:35:f1:c8:98:ac:c9:d8:66:f2:70:47:30:97:
7d:f0:43:72:0f:da:ad:e6:b4:f7:5d:89:29:bf:5f:
c7:33:f4:e9:d4:ea:1f:91:c7:3c:00:df:21:8b:f6:
d9:b3:98:f2:28:04:cb:da:05:fb:9f:09:c8:6d:f8:
4f:e6:b2:2e:87:6d:67:54:05:88:2b:d4:3b:3f:22:
b6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:AC:F8:58:E8:07:57:B9:1E:77:E8:1D:72:3B:48:FB:44:69:53:FD
X509v3 Authority Key Identifier:
keyid:7E:D5:00:16:4F:07:38:13:5B:9A:EC:04:E3:8F:C2:4C:B9:0E:0F:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/Kqz4WOgHV7ked-gdcjtI-0RpU_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/ftUAFk8HOBNbmuwE44_CTLkOD18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.94.16.0/20
178.249.192.0/21
185.108.248.0/22
IPv6:
2a01:a4a0::/32
2a06:4940::/29
Signature Algorithm: sha256WithRSAEncryption
89:ee:d9:aa:21:0f:08:5f:dd:31:89:f2:f1:7d:8b:4d:2d:0b:
01:bc:ff:79:b9:06:81:b2:52:78:71:bc:af:d6:c0:12:82:5f:
7c:26:f2:83:e6:6f:9e:8c:6b:86:59:04:0f:af:32:dd:55:22:
b9:40:df:8b:c6:98:59:cb:e0:ba:e9:65:1a:5a:6d:04:8d:f8:
02:3f:0c:30:85:62:ed:6b:66:33:f5:39:e1:bf:be:ed:ae:f2:
a3:ba:aa:ec:23:d1:72:34:24:f1:c8:a9:2a:6a:21:db:1b:30:
44:3e:7e:d5:a2:d8:1b:d9:3d:08:e4:8c:b5:a6:4b:08:68:77:
b4:7a:84:d0:5c:ee:dd:c1:1b:63:b7:79:2d:66:ac:20:58:a3:
f8:3c:4d:1e:1b:32:d1:5d:de:87:99:5d:bd:c6:71:61:d7:82:
73:f8:df:c7:e6:f8:02:75:33:07:f0:75:85:3c:88:b4:78:3a:
12:2c:b1:c1:c7:e5:f3:c9:f2:c9:61:37:0c:0d:c0:a4:01:78:
02:f3:61:07:64:b3:35:3b:98:2e:7c:8d:f0:cb:16:1c:df:1e:
cd:73:cb:a8:ad:e7:1b:a7:dd:77:1f:d6:2b:5a:8a:53:12:d0:
6f:23:ec:aa:9d:b4:29:06:31:b0:22:39:2e:16:ec:f7:74:16:
8c:9b:84:86
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVwjLiMMoPKmcuqgKjZoRwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZDUwMDE2NGYwNzM4MTM1YjlhZWMwNGUzOGZjMjRjYjkw
ZTBmNWYwHhcNMjMwMTAyMDMzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWFjZjg1OGU4MDc1N2I5MWU3N2U4MWQ3MjNiNDhmYjQ0Njk1M2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikT7K/CQp5ci2DDJyyrnSFO9JbFG
HT/89bbqvqF+TU63zsJl8X+0G1xbFXElaloo5PsO3RdcSQQz0Tf5fj9CTc/Z7YVR
DTV7rPoIQN6TffsbSgzMEYBDu+mTFDWFCyCOp4qDGsDJqrVlQIr7xPEqetXdh/Rl
e1bLJgtGFpmj1regonPNyq+K0Avu9FPLUT7OoZSwxj3DsJ5tSaZTEIP4sC0dfS1m
qN96SewCBSyeXDimGqB+DTXxyJisydhm8nBHMJd98ENyD9qt5rT3XYkpv1/HM/Tp
1Oofkcc8AN8hi/bZs5jyKATL2gX7nwnIbfhP5rIuh21nVAWIK9Q7PyK25wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCqs+FjoB1e5HnfoHXI7SPtEaVP9MB8GA1UdIwQY
MBaAFH7VABZPBzgTW5rsBOOPwky5Dg9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnRVQUZrOEhPQk5ibXV3RTQ0X0NUTGtPRDE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85YzUzNTktMzQ1Mi00MmYzLTg4MGIt
ODJkOWE5ZWI0MzBjLzEvS3F6NFdPZ0hWN2tlZC1nZGNqdEktMFJwVV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85YzUzNTktMzQ1Mi00MmYzLTg4MGItODJkOWE5ZWI0MzBj
LzEvZnRVQUZrOEhPQk5ibXV3RTQ0X0NUTGtPRDE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQEmV4QAwQD
svnAAwQCuWz4MBQEAgACMA4DBQAqAaSgAwUDKgZJQDANBgkqhkiG9w0BAQsFAAOC
AQEAie7ZqiEPCF/dMYny8X2LTS0LAbz/ebkGgbJSeHG8r9bAEoJffCbyg+Zvnoxr
hlkED68y3VUiuUDfi8aYWcvguullGlptBI34Aj8MMIVi7WtmM/U54b++7a7yo7qq
7CPRcjQk8cipKmoh2xswRD5+1aLYG9k9COSMtaZLCGh3tHqE0Fzu3cEbY7d5LWas
IFij+DxNHhsy0V3eh5ldvcZxYdeCc/jfx+b4AnUzB/B1hTyItHg6Eiyxwcfl88ny
yWE3DA3ApAF4AvNhB2SzNTuYLnyN8MsWHN8ezXPLqK3nG6fddx/WK1qKUxLQbyPs
qp20KQYxsCI5Lhbs93QWjJuEhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:48 2024 by rpki-client on console-ams.rpki-client.org