Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9d54cb-7ceb-458f-bd77-b2283c9a536f/1/XwFK1N9ooJWWG5Azq23zzrfUOg4.roa
File: XwFK1N9ooJWWG5Azq23zzrfUOg4.roa (raw, json)
Hash identifier: jbC9Hv/oAKTZ8mxGuJNFyPQ6xz20d3/qMXtHbiY71e8=
Subject key identifier: 5F:01:4A:D4:DF:68:A0:95:96:1B:90:33:AB:6D:F3:CE:B7:D4:3A:0E
Certificate issuer: /CN=912f169fc744cbe895a9f85edab796d4ac700029
Certificate serial: 018CC425046CD684491D746015E0BEE2A159
Authority key identifier: 91:2F:16:9F:C7:44:CB:E8:95:A9:F8:5E:DA:B7:96:D4:AC:70:00:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kS8Wn8dEy-iVqfhe2reW1KxwACk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9d54cb-7ceb-458f-bd77-b2283c9a536f/1/XwFK1N9ooJWWG5Azq23zzrfUOg4.roa
Signing time: Mon 01 Jan 2024 08:30:09 +0000
ROA not before: Mon 01 Jan 2024 08:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43594
IP address blocks: 185.184.232.0/22 maxlen: 22
185.184.233.0/24 maxlen: 24
185.184.232.0/24 maxlen: 24
185.184.234.0/24 maxlen: 24
2a0b:4380::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 29 Feb 2024 09:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:04:6c:d6:84:49:1d:74:60:15:e0:be:e2:a1:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=912f169fc744cbe895a9f85edab796d4ac700029
Validity
Not Before: Jan 1 08:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f014ad4df68a095961b9033ab6df3ceb7d43a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8a:a7:6f:76:af:5d:14:51:80:13:c5:9c:a5:
a3:34:74:68:ea:b5:dd:1d:8d:79:e5:4f:42:d1:3e:
88:d0:a1:b6:c5:29:32:08:90:3c:46:2a:40:29:38:
75:13:9d:90:87:05:3a:43:9f:9b:34:24:bb:d8:d6:
e8:cf:2a:30:4b:04:29:40:a7:47:79:32:b2:31:9b:
a8:61:a2:b5:f6:eb:c3:d8:40:93:44:4a:c1:a1:6e:
da:10:a2:1f:e7:e2:80:9f:98:9f:dc:42:0d:61:c4:
fa:59:6e:7c:7f:69:3f:29:f1:5a:92:59:a0:c0:aa:
b3:d1:54:da:e2:49:0d:dd:6b:83:2e:36:fc:0e:ca:
4f:67:90:20:47:d8:40:24:b1:d1:71:89:9e:a2:7b:
2e:d3:de:d6:6e:9f:04:01:5b:77:4d:af:3c:e9:07:
1a:17:5a:09:3a:93:d5:dd:a4:82:a5:23:db:4d:0b:
15:33:3c:30:83:dc:d5:ff:9c:4e:db:5e:e4:ca:80:
b0:2d:1f:61:c5:ce:6c:9c:17:8b:a3:ab:55:c1:f8:
16:34:d3:f0:ce:b1:ba:0d:cc:3c:b8:4d:af:ba:46:
14:b4:16:9a:67:99:da:3e:03:0e:96:4f:1d:d8:4e:
b2:30:42:72:da:55:4f:03:78:85:26:5c:68:df:ee:
7e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:01:4A:D4:DF:68:A0:95:96:1B:90:33:AB:6D:F3:CE:B7:D4:3A:0E
X509v3 Authority Key Identifier:
keyid:91:2F:16:9F:C7:44:CB:E8:95:A9:F8:5E:DA:B7:96:D4:AC:70:00:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kS8Wn8dEy-iVqfhe2reW1KxwACk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9d54cb-7ceb-458f-bd77-b2283c9a536f/1/XwFK1N9ooJWWG5Azq23zzrfUOg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9d54cb-7ceb-458f-bd77-b2283c9a536f/1/kS8Wn8dEy-iVqfhe2reW1KxwACk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.232.0/22
IPv6:
2a0b:4380::/32
Signature Algorithm: sha256WithRSAEncryption
79:2e:5b:6e:33:44:e9:bb:4d:96:7a:16:c9:8d:48:21:16:99:
77:9b:00:61:b6:4f:31:72:3f:4e:12:35:eb:50:d8:1d:04:28:
e1:d3:43:f5:ef:e0:80:f4:6c:0b:9a:ca:58:3d:1d:ee:d2:10:
54:b4:00:48:7a:a7:9e:50:05:89:b0:1b:6b:a3:a6:9b:59:93:
fa:1a:c3:a1:94:93:b6:4a:f0:05:12:3f:8f:13:11:bf:1d:ff:
60:a0:3e:15:5c:f1:11:4f:60:a1:9a:6a:ef:79:c6:72:12:fb:
17:21:27:a7:ad:0e:c2:a7:b2:c4:f5:bd:0e:4a:cf:e3:a8:ac:
0e:c2:61:0e:66:77:62:a4:8c:64:b6:07:8a:07:dc:cf:d2:a2:
ea:54:3a:60:a0:f2:15:1b:2d:4c:a7:18:89:03:69:c0:f1:e5:
5e:98:56:bf:1c:19:6a:d8:40:32:7b:ed:3f:ec:06:c8:be:ca:
14:54:27:c7:8c:ae:e7:b0:92:9d:91:85:70:40:34:56:82:eb:
95:05:a7:53:ca:a1:1c:85:d0:6f:89:84:9f:de:82:a0:51:7d:
2d:94:04:2c:9d:70:57:b4:fb:31:58:59:f6:17:e7:e6:43:46:
10:f9:53:78:04:38:0e:c0:71:4a:48:20:54:6b:34:c8:b2:32:
00:51:17:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJQRs1oRJHXRgFeC+4qFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMmYxNjlmYzc0NGNiZTg5NWE5Zjg1ZWRhYjc5NmQ0YWM3
MDAwMjkwHhcNMjQwMTAxMDgzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjAxNGFkNGRmNjhhMDk1OTYxYjkwMzNhYjZkZjNjZWI3ZDQzYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIqnb3avXRRRgBPFnKWjNHRo6rXd
HY155U9C0T6I0KG2xSkyCJA8RipAKTh1E52QhwU6Q5+bNCS72NbozyowSwQpQKdH
eTKyMZuoYaK19uvD2ECTRErBoW7aEKIf5+KAn5if3EINYcT6WW58f2k/KfFaklmg
wKqz0VTa4kkN3WuDLjb8DspPZ5AgR9hAJLHRcYmeonsu097Wbp8EAVt3Ta886Qca
F1oJOpPV3aSCpSPbTQsVMzwwg9zV/5xO217kyoCwLR9hxc5snBeLo6tVwfgWNNPw
zrG6Dcw8uE2vukYUtBaaZ5naPgMOlk8d2E6yMEJy2lVPA3iFJlxo3+5+jQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF8BStTfaKCVlhuQM6tt88631DoOMB8GA1UdIwQY
MBaAFJEvFp/HRMvolan4Xtq3ltSscAApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1M4V244ZEV5LWlWcWZoZTJyZVcxS3h3QUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85ZDU0Y2ItN2NlYi00NThmLWJkNzct
YjIyODNjOWE1MzZmLzEvWHdGSzFOOW9vSldXRzVBenEyM3p6cmZVT2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85ZDU0Y2ItN2NlYi00NThmLWJkNzctYjIyODNjOWE1MzZm
LzEva1M4V244ZEV5LWlWcWZoZTJyZVcxS3h3QUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubjoMA0E
AgACMAcDBQAqC0OAMA0GCSqGSIb3DQEBCwUAA4IBAQB5LltuM0Tpu02WehbJjUgh
Fpl3mwBhtk8xcj9OEjXrUNgdBCjh00P17+CA9GwLmspYPR3u0hBUtABIeqeeUAWJ
sBtro6abWZP6GsOhlJO2SvAFEj+PExG/Hf9goD4VXPERT2ChmmrvecZyEvsXISen
rQ7Cp7LE9b0OSs/jqKwOwmEOZndipIxktgeKB9zP0qLqVDpgoPIVGy1MpxiJA2nA
8eVemFa/HBlq2EAye+0/7AbIvsoUVCfHjK7nsJKdkYVwQDRWguuVBadTyqEchdBv
iYSf3oKgUX0tlAQsnXBXtPsxWFn2F+fmQ0YQ+VN4BDgOwHFKSCBUazTIsjIAUReT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:47 2024 by rpki-client on console-fra.rpki-client.org