Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/tGUWPHflz4U14a52rY3zrqRi1B8.roa
File: tGUWPHflz4U14a52rY3zrqRi1B8.roa (raw, json)
Hash identifier: LQsW108AEl6RbmavxqvEo+7egbsVUr2E6jNCftv8hnQ=
Subject key identifier: B4:65:16:3C:77:E5:CF:85:35:E1:AE:76:AD:8D:F3:AE:A4:62:D4:1F
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 018F2DA4BFB7D38C4267D1D024A3896B7CFC
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/tGUWPHflz4U14a52rY3zrqRi1B8.roa
Signing time: Tue 30 Apr 2024 06:15:22 +0000
ROA not before: Tue 30 Apr 2024 06:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204175
IP address blocks: 185.220.166.0/23 maxlen: 23
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.232.132.0/24 maxlen: 24
185.232.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 10:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2d:a4:bf:b7:d3:8c:42:67:d1:d0:24:a3:89:6b:7c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Apr 30 06:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b465163c77e5cf8535e1ae76ad8df3aea462d41f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:11:cb:3e:7f:a6:74:d8:6f:cc:31:85:55:eb:
49:96:17:10:d0:fd:66:c6:74:ad:ba:4f:dd:3d:73:
80:d0:6a:86:d2:38:c8:b5:3c:ec:70:c3:55:f9:e8:
f4:6a:b9:3e:90:dd:d3:b6:86:b4:49:cc:3f:7e:09:
db:bc:75:ac:e8:ff:3e:af:0d:41:b6:0e:c7:b2:9c:
86:dd:c9:84:41:d3:88:d0:d3:0f:5c:34:28:f2:f4:
90:36:0d:12:80:10:f4:81:64:58:6a:fd:90:93:35:
8f:f8:ef:5e:88:54:b2:25:6a:de:4f:a5:43:2e:7c:
e7:f0:f8:06:19:2b:0f:de:3c:a3:da:31:4a:cd:59:
16:d3:30:2c:34:f1:3c:51:37:e4:cf:db:10:25:dd:
5f:7a:0f:07:15:2d:4d:66:da:af:85:1b:9e:23:ff:
f6:6f:f8:63:97:71:d6:cb:cf:63:78:cf:19:47:a6:
af:29:5b:a5:e0:b5:16:de:90:92:43:e5:39:73:01:
db:ad:2d:2c:31:8c:4c:7a:3c:82:a7:40:8e:cc:66:
4b:9e:57:dc:0e:8a:0b:57:e3:c9:61:30:36:00:bd:
33:cb:79:0b:f1:52:e3:db:7b:c0:f1:7d:1d:28:22:
2f:92:38:1b:1d:f2:d9:dc:f5:ba:5c:dc:4f:65:69:
70:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:65:16:3C:77:E5:CF:85:35:E1:AE:76:AD:8D:F3:AE:A4:62:D4:1F
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/tGUWPHflz4U14a52rY3zrqRi1B8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.166.0/23
185.232.132.0/23
Signature Algorithm: sha256WithRSAEncryption
79:8e:a6:7d:49:36:cd:c2:ec:7a:50:9a:d4:f2:53:fe:15:4d:
99:16:e1:c1:df:5d:8a:3c:85:13:00:35:24:8e:c3:c2:9b:e6:
39:fd:c1:96:1b:fd:70:2c:9d:7a:3d:04:96:55:53:eb:21:a1:
d9:60:5a:b6:25:a5:dd:54:6f:31:a2:79:53:12:17:6e:a6:ed:
b2:81:1f:4a:15:93:3b:f2:df:b8:d0:f3:21:1b:a6:54:13:a9:
07:b2:98:87:76:36:c6:f5:07:52:f7:69:d3:60:1c:a4:47:3c:
4a:bb:2c:f7:07:59:1a:66:8b:87:97:a6:b4:2d:0e:ce:ae:97:
32:e6:2b:3e:4e:6c:e5:64:ab:db:58:9f:d8:ea:57:36:60:66:
6c:ee:ab:5f:a3:79:be:53:bc:91:ba:30:22:3d:f6:16:b1:6d:
b8:75:d4:8f:c3:0e:41:93:a6:a0:39:c6:dd:2b:b2:f7:2a:5b:
45:92:31:3e:87:15:89:4f:74:cb:50:58:a2:20:28:78:f4:f0:
0b:9b:ed:de:b4:a8:d8:67:a0:65:25:ca:e2:20:f3:9c:f9:78:
19:82:db:14:73:4b:ef:8c:b9:bc:cd:c9:36:20:1d:89:ee:d6:
a3:f6:7a:9e:82:de:80:3c:ca:33:31:50:6a:80:50:81:64:82:
85:e1:9e:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8tpL+304xCZ9HQJKOJa3z8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjQwNDMwMDYxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDY1MTYzYzc3ZTVjZjg1MzVlMWFlNzZhZDhkZjNhZWE0NjJkNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxHLPn+mdNhvzDGFVetJlhcQ0P1m
xnStuk/dPXOA0GqG0jjItTzscMNV+ej0ark+kN3Ttoa0Scw/fgnbvHWs6P8+rw1B
tg7HspyG3cmEQdOI0NMPXDQo8vSQNg0SgBD0gWRYav2QkzWP+O9eiFSyJWreT6VD
Lnzn8PgGGSsP3jyj2jFKzVkW0zAsNPE8UTfkz9sQJd1feg8HFS1NZtqvhRueI//2
b/hjl3HWy89jeM8ZR6avKVul4LUW3pCSQ+U5cwHbrS0sMYxMejyCp0COzGZLnlfc
DooLV+PJYTA2AL0zy3kL8VLj23vA8X0dKCIvkjgbHfLZ3PW6XNxPZWlwXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLRlFjx35c+FNeGudq2N866kYtQfMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvdEdVV1BIZmx6NFUxNGE1MnJZM3pycVJpMUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBudymAwQB
ueiEMA0GCSqGSIb3DQEBCwUAA4IBAQB5jqZ9STbNwux6UJrU8lP+FU2ZFuHB312K
PIUTADUkjsPCm+Y5/cGWG/1wLJ16PQSWVVPrIaHZYFq2JaXdVG8xonlTEhdupu2y
gR9KFZM78t+40PMhG6ZUE6kHspiHdjbG9QdS92nTYBykRzxKuyz3B1kaZouHl6a0
LQ7Orpcy5is+TmzlZKvbWJ/Y6lc2YGZs7qtfo3m+U7yRujAiPfYWsW24ddSPww5B
k6agOcbdK7L3KltFkjE+hxWJT3TLUFiiICh49PALm+3etKjYZ6BlJcriIPOc+XgZ
gtsUc0vvjLm8zck2IB2J7taj9nqegt6APMozMVBqgFCBZIKF4Z6b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:06 2024 by rpki-client on console-ams.rpki-client.org