Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/ijvRVCwzL0fgCaJbvRE7mgKdOnM.roa
File: ijvRVCwzL0fgCaJbvRE7mgKdOnM.roa (raw, json)
Hash identifier: gc+Od6VokA2F9bnoXp81KeXLNhkNdrzUfYyLqsXa8Bw=
Subject key identifier: 8A:3B:D1:54:2C:33:2F:47:E0:09:A2:5B:BD:11:3B:9A:02:9D:3A:73
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018A41BE9928AFD9BD36DD5451CBC8D334CF
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/ijvRVCwzL0fgCaJbvRE7mgKdOnM.roa
Signing time: Tue 29 Aug 2023 14:42:04 +0000
ROA not before: Tue 29 Aug 2023 14:42:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31586
IP address blocks: 185.69.232.0/22 maxlen: 24
185.84.72.0/22 maxlen: 24
141.255.176.0/22 maxlen: 24
185.105.204.0/22 maxlen: 24
141.255.180.0/22 maxlen: 24
185.105.216.0/22 maxlen: 24
2a05:a282::/32 maxlen: 48
2a05:2500::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 04 Dec 2023 13:51:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:41:be:99:28:af:d9:bd:36:dd:54:51:cb:c8:d3:34:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Aug 29 14:42:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a3bd1542c332f47e009a25bbd113b9a029d3a73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d3:52:b5:f5:49:12:dd:bb:94:c4:61:7c:70:
1d:f8:09:7b:f7:60:a7:4f:8d:b7:77:5f:b1:36:7d:
b7:5d:78:d1:04:6b:73:0e:6d:80:bc:3f:a9:0a:f4:
d5:42:ed:ce:90:2f:f1:8e:24:98:ca:b6:d7:1b:34:
1c:3c:c2:92:5b:16:c9:88:24:62:d2:f2:bc:7f:88:
8c:84:8a:37:dd:b0:d2:01:f3:f0:d0:d1:cd:87:89:
4d:6b:1c:7e:d4:8c:d0:e9:aa:33:6c:3b:24:a2:d8:
c0:06:5b:35:51:d9:8f:53:06:02:9c:78:8b:a0:b4:
03:4e:d7:1b:92:03:c3:c6:15:fa:83:8f:70:55:1a:
89:97:d2:e0:3d:74:58:dc:cc:5e:3a:12:93:ee:07:
fd:2f:25:85:29:38:9b:2e:11:56:cc:8e:4e:b0:b6:
68:c9:9e:75:4f:2e:79:d3:d9:66:35:b5:3b:3c:4a:
85:06:e0:07:5f:39:8b:85:cf:82:26:c9:22:5b:78:
eb:b3:89:0f:7c:de:ed:da:4a:d5:c1:b0:06:6a:3c:
9d:a4:8c:18:1f:6e:ec:f2:78:57:1a:e9:16:ba:16:
06:75:47:65:b9:06:42:b3:d3:1b:cd:89:bb:03:2f:
99:a9:61:f2:39:bf:62:17:15:b8:a5:a0:bd:ba:31:
76:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:3B:D1:54:2C:33:2F:47:E0:09:A2:5B:BD:11:3B:9A:02:9D:3A:73
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/ijvRVCwzL0fgCaJbvRE7mgKdOnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.255.176.0/21
185.69.232.0/22
185.84.72.0/22
185.105.204.0/22
185.105.216.0/22
IPv6:
2a05:2500::/32
2a05:a282::/32
Signature Algorithm: sha256WithRSAEncryption
3a:fd:94:58:40:7c:11:ce:85:43:1e:4d:fa:f1:b6:7e:f1:3e:
16:20:b5:55:8a:53:a3:a5:71:d6:9e:5b:22:08:bd:29:d0:8e:
ad:b4:e7:40:44:a9:c6:de:a9:16:08:84:3a:90:5b:93:8f:3a:
7d:f4:21:24:cd:13:d2:19:d0:5e:13:21:8e:61:bc:25:d2:17:
24:1e:77:c7:bd:62:d1:b0:b8:c2:c9:ca:83:8d:da:77:75:1b:
fc:c4:8d:ab:1f:6a:2a:28:6f:6b:18:0a:35:ae:fd:ff:10:18:
b1:c8:cf:57:94:0e:2f:c2:9e:6a:11:21:76:64:d6:b6:e3:29:
5a:92:23:3d:44:76:1e:d9:19:8c:06:b1:60:ba:3a:1e:21:51:
32:36:d6:aa:d5:32:14:db:56:35:b4:e3:2e:29:0d:7a:d5:05:
90:d9:65:9a:8c:2e:68:d0:3a:03:9b:e9:c6:c7:63:f8:25:c8:
32:75:1a:30:40:c5:86:72:08:37:27:3e:13:56:e2:6f:0e:1f:
ae:98:3a:f9:ff:06:a1:5e:f1:56:b7:dd:13:71:df:2f:75:b9:
58:58:3a:8c:51:37:3f:97:07:6f:d2:97:78:39:ba:b0:0d:43:
fd:58:d8:62:5f:cf:ce:4d:d7:39:46:83:20:ba:8d:d5:94:23:
e0:2f:68:3e
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYpBvpkor9m9Nt1UUcvI0zTPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjMwODI5MTQ0MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTNiZDE1NDJjMzMyZjQ3ZTAwOWEyNWJiZDExM2I5YTAyOWQzYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNNStfVJEt27lMRhfHAd+Al792Cn
T423d1+xNn23XXjRBGtzDm2AvD+pCvTVQu3OkC/xjiSYyrbXGzQcPMKSWxbJiCRi
0vK8f4iMhIo33bDSAfPw0NHNh4lNaxx+1IzQ6aozbDskotjABls1UdmPUwYCnHiL
oLQDTtcbkgPDxhX6g49wVRqJl9LgPXRY3MxeOhKT7gf9LyWFKTibLhFWzI5OsLZo
yZ51Ty5509lmNbU7PEqFBuAHXzmLhc+CJskiW3jrs4kPfN7t2krVwbAGajydpIwY
H27s8nhXGukWuhYGdUdluQZCs9MbzYm7Ay+ZqWHyOb9iFxW4paC9ujF2RQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFIo70VQsMy9H4AmiW70RO5oCnTpzMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvaWp2UlZDd3pMMGZnQ2FKYnZSRTdtZ0tkT25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDjf+wAwQC
uUXoAwQCuVRIAwQCuWnMAwQCuWnYMBQEAgACMA4DBQAqBSUAAwUAKgWigjANBgkq
hkiG9w0BAQsFAAOCAQEAOv2UWEB8Ec6FQx5N+vG2fvE+FiC1VYpTo6Vx1p5bIgi9
KdCOrbTnQESpxt6pFgiEOpBbk486ffQhJM0T0hnQXhMhjmG8JdIXJB53x71i0bC4
wsnKg43ad3Ub/MSNqx9qKihvaxgKNa79/xAYscjPV5QOL8KeahEhdmTWtuMpWpIj
PUR2HtkZjAaxYLo6HiFRMjbWqtUyFNtWNbTjLikNetUFkNllmowuaNA6A5vpxsdj
+CXIMnUaMEDFhnIINyc+E1bibw4frpg6+f8GoV7xVrfdE3HfL3W5WFg6jFE3P5cH
b9KXeDm6sA1D/VjYYl/Pzk3XOUaDILqN1ZQj4C9oPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:04 2024 by rpki-client on console-ams.rpki-client.org