Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/NHrY9wNJ_sow0UL84gZSatwK2rY.roa
File: NHrY9wNJ_sow0UL84gZSatwK2rY.roa (raw, json)
Hash identifier: sDZK8hn97X3WJwqRwCE8ur2TDqDzc4eztp2zJjaGEBc=
Subject key identifier: 34:7A:D8:F7:03:49:FE:CA:30:D1:42:FC:E2:06:52:6A:DC:0A:DA:B6
Certificate issuer: /CN=7a0cfd5a51013e5fd6caf809878047a605ee9d6d
Certificate serial: 018573B19A7A7D45B85243C004BDDF8EFBAE
Authority key identifier: 7A:0C:FD:5A:51:01:3E:5F:D6:CA:F8:09:87:80:47:A6:05:EE:9D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egz9WlEBPl_WyvgJh4BHpgXunW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/NHrY9wNJ_sow0UL84gZSatwK2rY.roa
Signing time: Mon 02 Jan 2023 18:14:57 +0000
ROA not before: Mon 02 Jan 2023 18:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198551
IP address blocks: 185.76.0.0/22 maxlen: 24
185.208.60.0/22 maxlen: 24
185.226.16.0/22 maxlen: 24
212.84.56.0/21 maxlen: 24
185.218.32.0/22 maxlen: 24
185.206.116.0/22 maxlen: 24
185.204.204.0/22 maxlen: 24
185.204.208.0/22 maxlen: 24
185.234.140.0/22 maxlen: 24
185.171.112.0/22 maxlen: 24
2a0a:d100::/29 maxlen: 32
2a00:dfc0::/29 maxlen: 29
2a00:dfc2::/32 maxlen: 32
2a00:dfc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:b1:9a:7a:7d:45:b8:52:43:c0:04:bd:df:8e:fb:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a0cfd5a51013e5fd6caf809878047a605ee9d6d
Validity
Not Before: Jan 2 18:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=347ad8f70349feca30d142fce206526adc0adab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:00:99:76:8c:25:40:2d:37:00:99:33:92:f0:
5c:f4:4c:6a:32:2f:05:34:79:20:f6:40:87:88:f9:
87:07:e5:03:7e:a1:b1:71:61:e1:98:cf:24:39:32:
fb:02:5d:c1:29:ba:70:a1:91:69:3d:82:53:00:88:
6e:71:f7:9f:42:49:4c:d0:a6:52:6c:19:c9:fd:3d:
e7:1f:fc:84:0b:d0:70:94:19:46:9e:2c:e5:18:8e:
8a:2f:e3:d6:64:cb:73:b6:5e:8a:d2:6b:29:89:55:
8a:45:5f:f7:cb:91:9b:e9:0a:7e:41:5d:8f:b2:44:
df:16:fc:57:69:10:c6:9e:ca:50:99:7e:d9:3b:2d:
69:72:bf:56:05:4a:ca:ea:7d:4f:01:ea:94:31:92:
e9:11:40:55:61:35:68:2b:37:07:13:41:ad:e7:af:
11:22:ce:35:2a:43:61:1c:ed:e9:33:4b:54:f2:c4:
1d:b0:10:b2:bd:ec:6a:d1:34:be:26:43:c5:19:98:
53:8d:90:b8:6f:03:6d:86:e6:fc:65:62:1c:06:50:
f5:0a:31:c8:19:74:f0:f0:e1:d3:ea:48:bb:f3:83:
77:e3:38:7d:e6:90:de:71:4c:e0:68:18:eb:51:de:
64:11:c2:9f:fd:d4:7f:c8:8c:8e:3f:d1:33:e9:d3:
10:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7A:D8:F7:03:49:FE:CA:30:D1:42:FC:E2:06:52:6A:DC:0A:DA:B6
X509v3 Authority Key Identifier:
keyid:7A:0C:FD:5A:51:01:3E:5F:D6:CA:F8:09:87:80:47:A6:05:EE:9D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egz9WlEBPl_WyvgJh4BHpgXunW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/NHrY9wNJ_sow0UL84gZSatwK2rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/egz9WlEBPl_WyvgJh4BHpgXunW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.0.0/22
185.171.112.0/22
185.204.204.0-185.204.211.255
185.206.116.0/22
185.208.60.0/22
185.218.32.0/22
185.226.16.0/22
185.234.140.0/22
212.84.56.0/21
IPv6:
2a00:dfc0::/29
2a0a:d100::/29
Signature Algorithm: sha256WithRSAEncryption
3c:40:7c:24:70:81:43:de:bb:67:c3:a3:21:ec:6b:2b:03:fb:
25:47:42:d3:a0:30:85:c9:3f:fa:26:96:e0:a6:87:4c:79:48:
72:8f:09:25:d6:87:a9:63:7d:fc:89:aa:18:ef:a4:22:d3:22:
64:79:40:c1:ae:e0:63:74:f5:08:1d:50:5f:df:63:dd:62:6c:
34:42:4e:57:32:e4:37:c4:6f:35:a4:46:fa:8d:8a:d0:2e:5e:
87:4d:20:e5:c0:c4:a5:20:15:b4:45:a9:aa:4b:ec:8b:b4:15:
7a:9e:fc:48:6d:e9:c7:fd:c9:be:3a:20:23:0e:74:bc:2b:62:
2d:02:fc:7d:02:cf:bc:e8:ba:c3:d5:78:dd:34:25:e1:be:b1:
22:cc:26:f9:54:77:84:c5:86:9a:62:d8:12:72:6b:6c:9e:58:
37:21:98:19:54:0c:94:24:aa:21:d9:7e:c7:60:56:84:34:71:
ab:b0:e2:22:d1:d0:93:d0:b6:c4:0d:42:26:76:4c:29:fe:27:
a8:53:15:19:5e:b1:2a:c1:d2:e2:9e:a7:e1:f0:6a:06:5a:5b:
ab:a4:9e:4c:8c:05:7e:e7:50:e9:ed:81:a0:27:11:f3:a0:8c:
46:fb:8d:97:db:f1:59:62:71:27:b8:ab:e7:ca:86:8b:5a:ad:
a4:45:c8:b9
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVzsZp6fUW4UkPABL3fjvuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMGNmZDVhNTEwMTNlNWZkNmNhZjgwOTg3ODA0N2E2MDVl
ZTlkNmQwHhcNMjMwMTAyMTgxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdhZDhmNzAzNDlmZWNhMzBkMTQyZmNlMjA2NTI2YWRjMGFkYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtACZdowlQC03AJkzkvBc9ExqMi8F
NHkg9kCHiPmHB+UDfqGxcWHhmM8kOTL7Al3BKbpwoZFpPYJTAIhucfefQklM0KZS
bBnJ/T3nH/yEC9BwlBlGnizlGI6KL+PWZMtztl6K0mspiVWKRV/3y5Gb6Qp+QV2P
skTfFvxXaRDGnspQmX7ZOy1pcr9WBUrK6n1PAeqUMZLpEUBVYTVoKzcHE0Gt568R
Is41KkNhHO3pM0tU8sQdsBCyvexq0TS+JkPFGZhTjZC4bwNthub8ZWIcBlD1CjHI
GXTw8OHT6ki784N34zh95pDecUzgaBjrUd5kEcKf/dR/yIyOP9Ez6dMQTQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFDR62PcDSf7KMNFC/OIGUmrcCtq2MB8GA1UdIwQY
MBaAFHoM/VpRAT5f1sr4CYeAR6YF7p1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWd6OVdsRUJQbF9XeXZnSmg0QkhwZ1h1blcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lZTA0ZDgtNDlkYy00MDlmLTkyZmMt
ZGQ1NjIzMDQ4ZWEyLzEvTkhyWTl3Tkpfc293MFVMODRnWlNhdHdLMnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lZTA0ZDgtNDlkYy00MDlmLTkyZmMtZGQ1NjIzMDQ4ZWEy
LzEvZWd6OVdsRUJQbF9XeXZnSmg0QkhwZ1h1blcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQCuUwAAwQC
uatwMAwDBAK5zMwDBAK5zNADBAK5znQDBAK50DwDBAK52iADBAK54hADBAK56owD
BAPUVDgwFAQCAAIwDgMFAyoA38ADBQMqCtEAMA0GCSqGSIb3DQEBCwUAA4IBAQA8
QHwkcIFD3rtnw6Mh7GsrA/slR0LToDCFyT/6JpbgpodMeUhyjwkl1oepY338iaoY
76Qi0yJkeUDBruBjdPUIHVBf32PdYmw0Qk5XMuQ3xG81pEb6jYrQLl6HTSDlwMSl
IBW0RamqS+yLtBV6nvxIbenH/cm+OiAjDnS8K2ItAvx9As+86LrD1XjdNCXhvrEi
zCb5VHeExYaaYtgScmtsnlg3IZgZVAyUJKoh2X7HYFaENHGrsOIi0dCT0LbEDUIm
dkwp/ieoUxUZXrEqwdLinqfh8GoGWlurpJ5MjAV+51Dp7YGgJxHzoIxG+42X2/FZ
YnEnuKvnyoaLWq2kRci5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:14 2024 by rpki-client on console-fra.rpki-client.org