Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/i3tZeCKin4HLebT77R4KisZ73D8.roa
File: i3tZeCKin4HLebT77R4KisZ73D8.roa (raw, json)
Hash identifier: SRKFUKzneegqJYi4ufBOms4u4CPMBToeYnraIVJhmjg=
Subject key identifier: 8B:7B:59:78:22:A2:9F:81:CB:79:B4:FB:ED:1E:0A:8A:C6:7B:DC:3F
Certificate issuer: /CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Certificate serial: 018CF1B290F853FE274E6032DB26F94B19B3
Authority key identifier: 5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/i3tZeCKin4HLebT77R4KisZ73D8.roa
Signing time: Wed 10 Jan 2024 04:47:40 +0000
ROA not before: Wed 10 Jan 2024 04:47:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29298
IP address blocks: 188.65.232.0/22 maxlen: 22
188.65.238.0/23 maxlen: 23
185.23.230.0/24 maxlen: 24
185.23.231.0/24 maxlen: 24
195.135.237.0/24 maxlen: 24
195.135.238.0/24 maxlen: 24
195.135.239.0/24 maxlen: 24
195.135.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 07:16:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f1:b2:90:f8:53:fe:27:4e:60:32:db:26:f9:4b:19:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Validity
Not Before: Jan 10 04:47:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b7b597822a29f81cb79b4fbed1e0a8ac67bdc3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d7:f5:46:6e:a5:c4:a8:10:cc:9a:11:73:83:
8d:64:4d:7f:0e:f4:26:a3:2b:d1:20:ae:3b:8e:56:
fa:30:b2:96:ea:6a:f2:20:34:df:49:60:44:bf:32:
22:62:f0:13:56:58:d5:c9:4e:6d:ff:21:85:82:ae:
a9:1b:9b:54:06:0f:4a:6d:4a:8a:6b:76:90:4e:f1:
a6:dd:43:ea:b7:4e:42:af:06:11:81:85:e4:4b:20:
91:dd:4e:43:93:04:23:c6:fc:65:8c:f6:be:7f:4d:
24:ac:14:ee:24:ed:a1:b1:4d:8b:56:ac:39:3d:0a:
70:0c:04:97:24:0d:f8:80:cd:9a:20:17:bb:29:76:
9f:a0:4e:34:95:84:2c:02:c3:58:47:ed:70:8a:7c:
fe:cf:44:59:36:27:d3:fe:00:b7:c4:86:f7:42:3e:
df:f6:ab:59:77:f1:43:3a:b7:78:3e:17:72:d5:21:
cc:87:52:5c:26:93:a8:56:4b:cb:2c:68:3d:f0:c7:
ed:02:b5:94:52:1c:24:11:d2:f7:1e:58:62:c8:0a:
3a:0e:ac:8e:70:89:c5:96:f1:a2:8e:bf:0f:b4:bc:
84:a1:d7:79:28:9d:62:eb:22:30:93:b8:9d:b7:c5:
f5:b6:f7:d8:6e:5f:1a:7c:81:47:a0:fe:9e:b2:f2:
b4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:7B:59:78:22:A2:9F:81:CB:79:B4:FB:ED:1E:0A:8A:C6:7B:DC:3F
X509v3 Authority Key Identifier:
keyid:5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/i3tZeCKin4HLebT77R4KisZ73D8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.230.0/23
188.65.232.0/22
188.65.238.0/23
195.135.236.0/22
Signature Algorithm: sha256WithRSAEncryption
68:e9:25:92:cf:0c:58:f0:21:8b:12:d4:8b:02:0c:78:27:3b:
85:22:7c:ad:97:b3:0a:6e:60:f5:07:fd:db:46:84:60:ff:e3:
cf:a4:bd:77:85:12:56:c2:42:4d:d5:e7:ab:5a:38:51:0f:bb:
61:35:5b:fe:d0:1b:a0:fc:31:5a:c1:8d:0f:d4:2f:d2:5c:53:
5e:fc:3b:46:6e:84:f5:6e:bb:04:bd:54:2a:a4:7d:ab:cf:61:
c9:29:19:6d:f3:79:9c:91:07:e1:a5:aa:02:af:66:3f:65:0d:
f7:c2:69:07:9f:2e:94:26:23:18:d3:14:a7:1d:a0:dd:51:0f:
10:a9:06:c5:15:45:1a:2c:6a:85:b5:f8:80:f2:1f:b4:ba:5e:
41:a5:a6:d8:d3:0d:fb:ee:2a:20:b8:65:c7:fe:6e:e0:20:f6:
da:b1:87:87:17:c6:d2:b2:4f:27:e5:8c:aa:36:48:82:33:c7:
2b:60:99:b8:58:9c:39:1c:9a:f2:b7:f5:78:37:e5:4e:29:2b:
0c:72:b7:35:0d:88:cb:d4:2e:3b:64:c1:99:d3:cc:25:42:05:
a0:4e:f3:98:82:05:5a:a8:7b:1b:f0:f7:7c:43:0f:fb:77:5d:
7a:73:e4:e3:17:68:11:45:d0:09:7e:9a:96:5d:36:45:99:32:
b1:28:df:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzxspD4U/4nTmAy2yb5SxmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYzYyNDVjYTgyMDg5OWQ3ZWI0MTQwMzAyYzIxMDQxYjVk
YmNhMDYwHhcNMjQwMTEwMDQ0NzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjdiNTk3ODIyYTI5ZjgxY2I3OWI0ZmJlZDFlMGE4YWM2N2JkYzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tf1Rm6lxKgQzJoRc4ONZE1/DvQm
oyvRIK47jlb6MLKW6mryIDTfSWBEvzIiYvATVljVyU5t/yGFgq6pG5tUBg9KbUqK
a3aQTvGm3UPqt05CrwYRgYXkSyCR3U5DkwQjxvxljPa+f00krBTuJO2hsU2LVqw5
PQpwDASXJA34gM2aIBe7KXafoE40lYQsAsNYR+1winz+z0RZNifT/gC3xIb3Qj7f
9qtZd/FDOrd4Phdy1SHMh1JcJpOoVkvLLGg98MftArWUUhwkEdL3HlhiyAo6DqyO
cInFlvGijr8PtLyEodd5KJ1i6yIwk7idt8X1tvfYbl8afIFHoP6esvK0QwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIt7WXgiop+By3m0++0eCorGe9w/MB8GA1UdIwQY
MBaAFF3GJFyoIImdfrQUAwLCEEG128oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDkt
MDc0ZWQ3MGI0NjczLzEvaTN0WmVDS2luNEhMZWJUNzdSNEtpc1o3M0Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDktMDc0ZWQ3MGI0Njcz
LzEvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBuRfmAwQC
vEHoAwQBvEHuAwQCw4fsMA0GCSqGSIb3DQEBCwUAA4IBAQBo6SWSzwxY8CGLEtSL
Agx4JzuFInytl7MKbmD1B/3bRoRg/+PPpL13hRJWwkJN1eerWjhRD7thNVv+0Bug
/DFawY0P1C/SXFNe/DtGboT1brsEvVQqpH2rz2HJKRlt83mckQfhpaoCr2Y/ZQ33
wmkHny6UJiMY0xSnHaDdUQ8QqQbFFUUaLGqFtfiA8h+0ul5BpabY0w377ioguGXH
/m7gIPbasYeHF8bSsk8n5YyqNkiCM8crYJm4WJw5HJryt/V4N+VOKSsMcrc1DYjL
1C47ZMGZ08wlQgWgTvOYggVaqHsb8Pd8Qw/7d116c+TjF2gRRdAJfpqWXTZFmTKx
KN+6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:08 2024 by rpki-client on console-ams.rpki-client.org