Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/misg7N9imj5rKYhOGueHa9QjQCc.roa
File: misg7N9imj5rKYhOGueHa9QjQCc.roa (raw, json)
Hash identifier: Vv/Fm/TQ/LXxlCHXyh9xomC4MiuIAVTpHvnNkeuHJbE=
Subject key identifier: 9A:2B:20:EC:DF:62:9A:3E:6B:29:88:4E:1A:E7:87:6B:D4:23:40:27
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 018F2DB0A61656389DCD088C35EA5174B087
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/misg7N9imj5rKYhOGueHa9QjQCc.roa
Signing time: Tue 30 Apr 2024 06:28:22 +0000
ROA not before: Tue 30 Apr 2024 06:28:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201453
IP address blocks: 185.160.228.0/22 maxlen: 22
185.160.228.0/24 maxlen: 24
185.160.229.0/24 maxlen: 24
185.160.230.0/24 maxlen: 24
185.160.231.0/24 maxlen: 24
185.177.42.0/24 maxlen: 24
185.177.43.0/24 maxlen: 24
185.230.144.0/24 maxlen: 24
185.232.132.0/22 maxlen: 22
185.232.134.0/24 maxlen: 24
185.232.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 10:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2d:b0:a6:16:56:38:9d:cd:08:8c:35:ea:51:74:b0:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Apr 30 06:28:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a2b20ecdf629a3e6b29884e1ae7876bd4234027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d2:b6:64:67:e5:07:38:ec:d0:49:3d:34:da:
16:ae:05:1a:61:76:4b:d1:69:16:95:f3:7f:00:42:
cd:a2:ff:07:ee:30:06:90:af:4c:bc:76:69:08:b8:
20:93:44:22:0d:08:de:2f:c7:ac:3c:ce:a6:b0:48:
d6:ae:42:c5:b4:cd:f6:95:79:49:73:6b:03:a9:0f:
fd:ac:d1:c8:9f:94:ba:ac:fe:74:ed:9d:9e:fb:69:
65:b0:fa:6a:f1:6d:35:26:da:f5:66:38:e7:ec:bb:
51:1f:39:3c:c4:eb:6b:4d:7d:94:f0:99:7e:c2:9a:
14:a2:6a:af:8c:52:07:cd:67:d2:3d:80:93:3f:9b:
11:51:5d:0d:d8:eb:5c:ae:1c:e9:0a:c2:dd:c4:e0:
2d:48:b1:3f:ac:2f:1a:04:81:e5:e7:68:74:c3:34:
71:2a:80:da:23:e7:c9:91:13:ed:b7:ce:27:74:40:
20:71:28:ae:48:b1:7c:cf:0d:f7:a4:46:18:b3:c7:
e2:3e:d3:37:3f:b4:00:45:40:3c:fe:54:cd:76:29:
1c:1a:ca:7e:e6:e9:79:69:ce:14:10:1c:ef:7d:73:
77:20:a3:27:52:d9:45:09:39:6f:1c:6a:76:3e:f5:
4a:31:48:85:b0:e9:7b:62:c6:cb:10:f4:ce:1e:00:
56:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2B:20:EC:DF:62:9A:3E:6B:29:88:4E:1A:E7:87:6B:D4:23:40:27
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/misg7N9imj5rKYhOGueHa9QjQCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.228.0/22
185.177.42.0/23
185.230.144.0/24
185.232.132.0/22
Signature Algorithm: sha256WithRSAEncryption
71:29:71:b5:c1:76:a6:47:f0:d2:57:7a:4c:11:9a:09:7a:7c:
08:65:bd:e0:82:a5:eb:69:d0:a7:99:69:bf:7c:3e:a1:56:f5:
c9:69:0f:b3:2e:a1:4e:ca:93:eb:bd:e0:00:75:f1:9a:32:c7:
97:85:c2:bc:4c:50:d9:f7:96:37:aa:4c:9d:41:75:97:81:14:
b2:47:5e:d6:19:f4:dd:89:ee:10:5e:6f:ff:26:f8:b2:91:37:
2e:0f:9c:44:c8:2c:2a:de:96:e2:05:44:aa:88:90:f5:38:9b:
cc:93:ea:00:51:1e:c9:22:8b:74:83:d0:36:09:45:27:9c:3e:
46:92:df:8e:bc:18:42:21:a9:3d:74:fc:ce:2e:f0:92:bb:52:
b6:f0:6e:66:91:6b:25:5d:95:99:ea:06:16:2b:69:7c:b7:15:
97:96:db:1d:13:86:ec:37:ed:82:3e:15:42:31:c5:6c:0d:83:
a1:1b:5b:c1:f2:53:90:1d:77:2f:f4:de:34:09:ad:ea:41:a3:
89:ec:91:ea:44:af:7d:1d:f3:c6:47:66:f8:7a:9b:cd:ab:14:
f8:98:b6:0e:4f:ac:d0:72:a9:80:f3:07:b2:e5:c4:22:52:e8:
31:ee:8b:2a:e7:bb:de:97:1e:85:25:f3:a5:03:27:0e:ec:fc:
78:aa:17:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8tsKYWVjidzQiMNepRdLCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjQwNDMwMDYyODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTJiMjBlY2RmNjI5YTNlNmIyOTg4NGUxYWU3ODc2YmQ0MjM0MDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9K2ZGflBzjs0Ek9NNoWrgUaYXZL
0WkWlfN/AELNov8H7jAGkK9MvHZpCLggk0QiDQjeL8esPM6msEjWrkLFtM32lXlJ
c2sDqQ/9rNHIn5S6rP507Z2e+2llsPpq8W01Jtr1Zjjn7LtRHzk8xOtrTX2U8Jl+
wpoUomqvjFIHzWfSPYCTP5sRUV0N2OtcrhzpCsLdxOAtSLE/rC8aBIHl52h0wzRx
KoDaI+fJkRPtt84ndEAgcSiuSLF8zw33pEYYs8fiPtM3P7QARUA8/lTNdikcGsp+
5ul5ac4UEBzvfXN3IKMnUtlFCTlvHGp2PvVKMUiFsOl7YsbLEPTOHgBWNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJorIOzfYpo+aymIThrnh2vUI0AnMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvbWlzZzdOOWltajVyS1loT0d1ZUhhOVFqUUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuaDkAwQB
ubEqAwQAueaQAwQCueiEMA0GCSqGSIb3DQEBCwUAA4IBAQBxKXG1wXamR/DSV3pM
EZoJenwIZb3ggqXradCnmWm/fD6hVvXJaQ+zLqFOypPrveAAdfGaMseXhcK8TFDZ
95Y3qkydQXWXgRSyR17WGfTdie4QXm//JviykTcuD5xEyCwq3pbiBUSqiJD1OJvM
k+oAUR7JIot0g9A2CUUnnD5Gkt+OvBhCIak9dPzOLvCSu1K28G5mkWslXZWZ6gYW
K2l8txWXltsdE4bsN+2CPhVCMcVsDYOhG1vB8lOQHXcv9N40Ca3qQaOJ7JHqRK99
HfPGR2b4epvNqxT4mLYOT6zQcqmA8wey5cQiUugx7osq57velx6FJfOlAycO7Px4
qhdJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:06 2024 by rpki-client on console-ams.rpki-client.org