Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/knYIVtPUDDSSaxlYCHEYedpkZiY.roa
File: knYIVtPUDDSSaxlYCHEYedpkZiY.roa (raw, json)
Hash identifier: XH1n/36Fc+oRNA4r5ygqt0xd2pJDQz7nmLNOyVT13gk=
Subject key identifier: 92:76:08:56:D3:D4:0C:34:92:6B:19:58:08:71:18:79:DA:64:66:26
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0186120A984C0EC385C81151C99E98931A3C
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/knYIVtPUDDSSaxlYCHEYedpkZiY.roa
Signing time: Thu 02 Feb 2023 12:12:09 +0000
ROA not before: Thu 02 Feb 2023 12:12:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 185.166.196.0/24 maxlen: 24
185.166.197.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
194.31.174.0/24 maxlen: 24
37.220.83.0/24 maxlen: 24
37.220.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Feb 2023 16:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:0a:98:4c:0e:c3:85:c8:11:51:c9:9e:98:93:1a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 2 12:12:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92760856d3d40c34926b195808711879da646626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d7:31:b4:cb:bf:74:5e:03:e3:be:fb:b1:c0:
81:10:cf:ba:79:e9:00:ec:5d:15:6d:51:b5:de:30:
83:45:b4:df:1a:18:79:05:b8:64:9e:53:e6:30:9b:
42:08:27:90:24:a9:7a:a7:cb:62:f4:8a:59:46:82:
6f:2c:bd:3c:67:ad:65:5f:c3:c1:57:85:1b:b4:60:
b7:bd:45:a7:b5:99:a6:f6:12:c4:1f:6c:74:53:91:
a4:6f:5c:4e:50:bb:c2:e9:40:70:70:fa:6e:10:f3:
17:81:75:a3:d4:4d:18:25:8f:57:77:04:90:c8:c4:
50:a2:57:5f:69:a7:75:71:e1:fa:97:1d:08:f6:e8:
1d:c5:4b:82:cd:50:d8:56:9a:3b:94:17:e2:a9:21:
ad:8d:66:72:bc:07:b4:4c:c6:50:a9:7c:c8:80:e7:
be:a9:5a:9a:f1:10:fc:05:d9:2d:d7:c6:3c:a6:3a:
1d:49:58:e5:fc:08:0c:3a:22:a5:4d:62:15:b3:48:
cf:d1:6b:66:e6:b9:7c:01:b9:48:e1:cb:8d:ef:2c:
37:c0:c7:19:dd:83:f1:a0:91:a8:5d:20:a9:7b:6e:
cb:0c:11:5a:24:f3:7a:d0:fc:b1:99:22:5a:69:c3:
e8:35:b9:9e:7b:a1:c8:55:e0:ae:70:12:d9:74:d1:
9b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:76:08:56:D3:D4:0C:34:92:6B:19:58:08:71:18:79:DA:64:66:26
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/knYIVtPUDDSSaxlYCHEYedpkZiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.82.0/23
185.166.196.0/23
194.31.173.0-194.31.174.255
Signature Algorithm: sha256WithRSAEncryption
a6:e8:6c:2e:c2:10:77:73:90:68:48:47:13:a4:94:60:27:49:
4b:48:59:48:7d:62:67:09:f2:0f:87:f5:18:99:4f:9d:b7:5f:
fb:38:04:aa:9c:23:0d:fb:f0:21:cd:16:23:27:d9:b5:a8:50:
80:b3:08:df:cd:88:84:13:8b:af:03:58:b9:7c:f7:7a:44:80:
58:a7:f2:35:ec:75:bd:4a:04:18:00:71:34:86:c3:1f:ab:32:
05:b9:06:62:72:5d:8b:36:d7:7c:2b:f7:ec:ad:8f:c3:fe:21:
da:02:8c:5c:73:60:95:24:23:b9:2c:8e:6c:a0:f8:44:80:13:
a1:db:08:d9:bc:9e:5c:58:e0:bb:b1:8e:f3:b2:5a:53:e3:81:
f4:5a:58:44:5c:fa:bc:44:09:57:6b:cd:aa:12:5b:a3:e2:30:
db:87:86:e4:f5:ec:6c:aa:6b:42:b7:fc:32:d5:dd:d9:58:36:
64:dc:1a:67:61:d5:bd:2a:e1:c8:46:62:2f:6f:35:f6:68:b0:
0d:2e:f3:47:29:08:6f:9d:32:0a:af:b0:33:27:f6:5a:60:74:
2f:0d:28:a8:3a:3c:3e:10:26:20:11:5a:68:aa:14:2c:c6:ba:
8a:75:2d:e6:fd:15:6c:fd:c5:9e:f5:7e:68:ce:18:2c:40:f6:
a0:1b:4e:bf
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYYSCphMDsOFyBFRyZ6Ykxo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMjAyMTIxMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjc2MDg1NmQzZDQwYzM0OTI2YjE5NTgwODcxMTg3OWRhNjQ2NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNcxtMu/dF4D4777scCBEM+6eekA
7F0VbVG13jCDRbTfGhh5BbhknlPmMJtCCCeQJKl6p8ti9IpZRoJvLL08Z61lX8PB
V4UbtGC3vUWntZmm9hLEH2x0U5Gkb1xOULvC6UBwcPpuEPMXgXWj1E0YJY9XdwSQ
yMRQoldfaad1ceH6lx0I9ugdxUuCzVDYVpo7lBfiqSGtjWZyvAe0TMZQqXzIgOe+
qVqa8RD8Bdkt18Y8pjodSVjl/AgMOiKlTWIVs0jP0Wtm5rl8AblI4cuN7yw3wMcZ
3YPxoJGoXSCpe27LDBFaJPN60PyxmSJaacPoNbmee6HIVeCucBLZdNGb0wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJJ2CFbT1Aw0kmsZWAhxGHnaZGYmMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEva25ZSVZ0UFVERFNTYXhsWUNIRVllZHBrWmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBJdxSAwQB
uabEMAwDBADCH60DBADCH64wDQYJKoZIhvcNAQELBQADggEBAKbobC7CEHdzkGhI
RxOklGAnSUtIWUh9YmcJ8g+H9RiZT523X/s4BKqcIw378CHNFiMn2bWoUICzCN/N
iIQTi68DWLl893pEgFin8jXsdb1KBBgAcTSGwx+rMgW5BmJyXYs213wr9+ytj8P+
IdoCjFxzYJUkI7ksjmyg+ESAE6HbCNm8nlxY4LuxjvOyWlPjgfRaWERc+rxECVdr
zaoSW6PiMNuHhuT17Gyqa0K3/DLV3dlYNmTcGmdh1b0q4chGYi9vNfZosA0u80cp
CG+dMgqvsDMn9lpgdC8NKKg6PD4QJiARWmiqFCzGuop1Leb9FWz9xZ71fmjOGCxA
9qAbTr8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org