Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/pmP2r9YEJd3OlJYqGHuy4_F9Too.roa
File: pmP2r9YEJd3OlJYqGHuy4_F9Too.roa (raw, json)
Hash identifier: ocBVVDGWC67Ma4vOHGqtIULlKueUUlRuPsribJzmWoE=
Subject key identifier: A6:63:F6:AF:D6:04:25:DD:CE:94:96:2A:18:7B:B2:E3:F1:7D:4E:8A
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 0187321B2CE4567FDE22A30660AE3FF2F861
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/pmP2r9YEJd3OlJYqGHuy4_F9Too.roa
Signing time: Thu 30 Mar 2023 10:40:54 +0000
ROA not before: Thu 30 Mar 2023 10:40:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3262
IP address blocks: 185.177.40.0/24 maxlen: 24
185.177.41.0/24 maxlen: 24
185.226.229.0/24 maxlen: 24
185.220.166.0/24 maxlen: 24
185.220.165.0/24 maxlen: 24
185.220.164.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.232.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:32:1b:2c:e4:56:7f:de:22:a3:06:60:ae:3f:f2:f8:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Mar 30 10:40:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a663f6afd60425ddce94962a187bb2e3f17d4e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:86:88:3c:f0:fd:ea:d1:53:9b:02:38:42:3f:
0c:3c:71:df:43:6c:e9:21:91:aa:64:99:fc:48:50:
c7:dc:41:11:c5:56:b9:16:f2:b3:03:11:27:0f:78:
af:48:b3:dd:39:ff:dc:53:25:fa:e6:5e:d0:fa:54:
ba:8c:7f:41:c0:ab:24:5b:0c:d2:0f:e2:02:2c:52:
db:f6:be:40:e7:d4:0e:09:c0:b7:81:b4:7a:1f:82:
70:bb:b4:97:39:51:46:3b:d3:9a:cb:3b:dc:32:4e:
57:8e:ba:bf:7a:4a:d8:4e:17:25:d0:63:0f:f5:f5:
71:6b:7b:49:b0:a7:d5:d5:49:4c:04:c9:b9:95:10:
4c:b4:99:0d:e2:ec:f6:77:ce:31:d1:58:b1:94:6e:
ce:60:77:77:b0:22:97:31:8c:d6:dc:3c:02:f7:8b:
11:12:f9:b4:93:3d:9d:47:e1:8c:72:b2:90:5b:ef:
75:75:a5:50:af:b7:5d:62:bd:f5:69:cc:04:2e:d8:
53:63:58:cc:1a:90:45:90:cd:12:5d:4d:e9:51:dc:
70:90:ed:92:52:56:59:0c:f0:81:0a:32:b9:9d:9c:
f6:2c:30:ca:c4:a8:8a:dc:b2:6e:38:90:37:08:b4:
fd:86:aa:cb:91:ce:99:15:d4:b1:96:10:00:0d:66:
aa:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:63:F6:AF:D6:04:25:DD:CE:94:96:2A:18:7B:B2:E3:F1:7D:4E:8A
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/pmP2r9YEJd3OlJYqGHuy4_F9Too.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.40.0/23
185.220.164.0/22
185.226.229.0/24
185.232.132.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:6d:fa:15:d7:59:cd:51:c1:14:b1:e7:a3:b2:77:e1:a3:c1:
bb:9d:fe:41:ab:1e:bf:dd:41:b2:28:a6:e3:c2:e2:22:08:28:
4c:d6:53:07:2e:a8:df:a3:a4:2f:65:5b:4c:1b:17:c3:83:fb:
e7:a7:39:cc:16:3a:bd:8d:30:7c:a2:66:a2:ee:d5:9d:c2:a1:
00:de:14:9d:be:70:80:23:3c:3d:83:ad:0e:2a:5f:dc:3d:db:
5d:1c:9a:fd:8e:49:0d:af:ef:cf:2e:3f:67:f2:8a:31:49:47:
16:9c:cf:3f:78:67:f8:c7:b7:50:d3:11:0b:8c:a0:16:b3:b0:
a7:d9:b2:b0:38:35:f4:de:c8:1a:c9:97:4e:27:5d:08:19:8f:
d8:19:a1:3b:b1:d0:40:e8:1a:a6:64:97:90:fa:c2:9a:ec:25:
90:9b:09:42:4b:1b:73:84:19:b2:31:f9:72:74:a5:ff:d4:91:
2a:a0:1f:91:65:34:0e:48:fe:a6:f9:ca:af:67:f3:0a:29:8e:
f0:69:13:51:92:20:33:ac:29:39:e2:54:6e:ea:0e:54:34:ef:
ac:17:f2:75:9e:1f:59:37:73:54:1f:aa:80:a1:90:68:cd:fe:
5c:2f:33:49:ac:7a:ef:ce:fd:ce:b7:bc:b0:05:d0:52:46:8a:
f4:92:ea:32
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYcyGyzkVn/eIqMGYK4/8vhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjMwMzMwMTA0MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjYzZjZhZmQ2MDQyNWRkY2U5NDk2MmExODdiYjJlM2YxN2Q0ZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIaIPPD96tFTmwI4Qj8MPHHfQ2zp
IZGqZJn8SFDH3EERxVa5FvKzAxEnD3ivSLPdOf/cUyX65l7Q+lS6jH9BwKskWwzS
D+ICLFLb9r5A59QOCcC3gbR6H4Jwu7SXOVFGO9OayzvcMk5Xjrq/ekrYThcl0GMP
9fVxa3tJsKfV1UlMBMm5lRBMtJkN4uz2d84x0VixlG7OYHd3sCKXMYzW3DwC94sR
Evm0kz2dR+GMcrKQW+91daVQr7ddYr31acwELthTY1jMGpBFkM0SXU3pUdxwkO2S
UlZZDPCBCjK5nZz2LDDKxKiK3LJuOJA3CLT9hqrLkc6ZFdSxlhAADWaqJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKZj9q/WBCXdzpSWKhh7suPxfU6KMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvcG1QMnI5WUVKZDNPbEpZcUdIdXk0X0Y5VG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBubEoAwQC
udykAwQAueLlAwQAueiEMA0GCSqGSIb3DQEBCwUAA4IBAQCPbfoV11nNUcEUseej
snfho8G7nf5Bqx6/3UGyKKbjwuIiCChM1lMHLqjfo6QvZVtMGxfDg/vnpznMFjq9
jTB8omai7tWdwqEA3hSdvnCAIzw9g60OKl/cPdtdHJr9jkkNr+/PLj9n8ooxSUcW
nM8/eGf4x7dQ0xELjKAWs7Cn2bKwODX03sgayZdOJ10IGY/YGaE7sdBA6BqmZJeQ
+sKa7CWQmwlCSxtzhBmyMflydKX/1JEqoB+RZTQOSP6m+cqvZ/MKKY7waRNRkiAz
rCk54lRu6g5UNO+sF/J1nh9ZN3NUH6qAoZBozf5cLzNJrHrvzv3Ot7ywBdBSRor0
kuoy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:06 2024 by rpki-client on console-ams.rpki-client.org