Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/1KcMoS3TRCGcZnUtKdYbpNUHU4I.roa
File: 1KcMoS3TRCGcZnUtKdYbpNUHU4I.roa (raw, json)
Hash identifier: Fm7sLneFM9b/tDMiJH7AfMk/Wqunu+cZuXIFQIvUxh8=
Subject key identifier: D4:A7:0C:A1:2D:D3:44:21:9C:66:75:2D:29:D6:1B:A4:D5:07:53:82
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018571D7CD14B78D3A14D63A5FB78DA35F76
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/1KcMoS3TRCGcZnUtKdYbpNUHU4I.roa
Signing time: Mon 02 Jan 2023 09:37:26 +0000
ROA not before: Mon 02 Jan 2023 09:37:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49367
IP address blocks: 185.213.21.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
2a11:840:23::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:cd:14:b7:8d:3a:14:d6:3a:5f:b7:8d:a3:5f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 2 09:37:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4a70ca12dd344219c66752d29d61ba4d5075382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:49:19:bd:b0:b3:0e:45:18:3d:38:da:0e:9f:
33:f9:d7:e4:71:7b:df:16:1e:3f:d1:86:90:b5:54:
b9:4a:97:81:3d:d5:3d:85:42:71:3d:9d:fe:aa:7a:
58:43:b3:ac:c5:8c:d3:29:b4:8a:54:66:18:43:00:
14:e9:ad:21:c2:b3:e9:f9:1a:ff:e4:25:16:d5:7f:
3b:d4:88:02:83:84:34:53:cf:9d:93:f8:89:b2:08:
ee:83:d0:bf:8d:df:54:ad:1b:ed:c5:83:36:eb:5a:
bc:74:54:12:b1:a2:e7:60:ed:28:9b:68:51:60:98:
46:85:35:1b:f0:28:f4:cb:2d:f6:1b:64:4b:fe:9f:
e8:c6:63:a0:9e:80:5b:41:4b:0f:2d:70:21:89:be:
7d:09:89:e9:57:56:2d:d2:13:9c:a8:21:51:42:1f:
92:3b:36:1c:d7:9d:dc:64:8f:0c:14:e0:c1:b8:54:
ec:99:54:b1:24:f9:3c:b6:66:18:e1:4c:18:03:5b:
c3:ed:ee:ff:65:cc:eb:62:8e:16:79:9d:f3:4f:c3:
08:db:03:38:5e:97:24:3c:97:be:f7:63:4d:c1:a4:
e5:7e:f3:15:47:5e:d2:af:2a:b5:51:33:f6:db:27:
c1:14:6b:ce:0d:20:27:a9:cf:38:4a:0a:b0:13:09:
e9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A7:0C:A1:2D:D3:44:21:9C:66:75:2D:29:D6:1B:A4:D5:07:53:82
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/1KcMoS3TRCGcZnUtKdYbpNUHU4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.20.0/23
IPv6:
2a11:840:23::/48
Signature Algorithm: sha256WithRSAEncryption
36:3f:42:dd:a0:d5:1b:05:29:27:7c:c8:b4:4d:79:7c:b4:85:
6e:d2:39:e0:93:ca:8f:69:70:ee:7b:e6:3e:35:ee:cf:74:bb:
e3:9e:4b:a2:0f:a7:cc:dd:bf:8c:5d:65:60:47:95:0b:35:83:
8a:ba:7b:32:05:42:5a:bd:49:dd:d8:18:fd:ea:51:c2:d3:59:
1f:c6:4e:58:b2:ae:43:03:8a:ab:2a:36:a3:d5:49:0f:b0:3f:
fd:c4:50:b0:f1:53:4b:01:a4:0c:e8:05:91:50:f7:74:ed:a2:
08:81:e9:d8:e7:a9:a6:f7:46:17:79:97:6a:27:d1:fd:f1:1c:
08:16:4c:f8:dd:70:34:21:b7:60:65:44:b0:91:ac:c3:ba:e2:
97:1f:8e:ac:52:b6:28:62:66:6c:22:a9:a1:0e:22:38:49:37:
fc:34:14:18:bf:ff:63:71:a3:ab:e9:19:14:23:b1:dc:63:16:
27:09:0e:4d:81:b2:af:ae:e0:2b:4d:f5:98:a0:e9:f3:cb:ea:
dd:fe:16:0b:03:cf:fe:39:82:e7:72:5e:36:9b:81:36:83:b1:
ae:46:8f:e4:de:40:b7:df:00:fb:45:50:19:ca:05:36:aa:0e:
25:57:ca:c1:05:36:46:e0:49:a9:95:eb:6c:90:52:b3:e0:c7:
9d:b4:34:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVx180Ut406FNY6X7eNo192MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjMwMTAyMDkzNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGE3MGNhMTJkZDM0NDIxOWM2Njc1MmQyOWQ2MWJhNGQ1MDc1MzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkkZvbCzDkUYPTjaDp8z+dfkcXvf
Fh4/0YaQtVS5SpeBPdU9hUJxPZ3+qnpYQ7OsxYzTKbSKVGYYQwAU6a0hwrPp+Rr/
5CUW1X871IgCg4Q0U8+dk/iJsgjug9C/jd9UrRvtxYM261q8dFQSsaLnYO0om2hR
YJhGhTUb8Cj0yy32G2RL/p/oxmOgnoBbQUsPLXAhib59CYnpV1Yt0hOcqCFRQh+S
OzYc153cZI8MFODBuFTsmVSxJPk8tmYY4UwYA1vD7e7/ZczrYo4WeZ3zT8MI2wM4
XpckPJe+92NNwaTlfvMVR17Sryq1UTP22yfBFGvODSAnqc84SgqwEwnpiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNSnDKEt00QhnGZ1LSnWG6TVB1OCMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvMUtjTW9TM1RSQ0djWm5VdEtkWWJwTlVIVTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBudUUMA8E
AgACMAkDBwAqEQhAACMwDQYJKoZIhvcNAQELBQADggEBADY/Qt2g1RsFKSd8yLRN
eXy0hW7SOeCTyo9pcO575j417s90u+OeS6IPp8zdv4xdZWBHlQs1g4q6ezIFQlq9
Sd3YGP3qUcLTWR/GTliyrkMDiqsqNqPVSQ+wP/3EULDxU0sBpAzoBZFQ93TtogiB
6djnqab3Rhd5l2on0f3xHAgWTPjdcDQht2BlRLCRrMO64pcfjqxStihiZmwiqaEO
IjhJN/w0FBi//2Nxo6vpGRQjsdxjFicJDk2Bsq+u4CtN9Zig6fPL6t3+FgsDz/45
gudyXjabgTaDsa5Gj+TeQLffAPtFUBnKBTaqDiVXysEFNkbgSamV62yQUrPgx520
NKs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org