Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9faf24-05e1-4db9-9aaf-501618411c76/1/1-9Xs3zd7icb_ri0DCsPpb-ut_uc.roa
File: 1-9Xs3zd7icb_ri0DCsPpb-ut_uc.roa (raw, json)
Hash identifier: K9gefFwYuCbXT21ozjCuzTJLaWLxgToGo/IwNnN0kGI=
Subject key identifier: FB:D5:EC:DF:37:7B:89:C6:FF:AE:2D:03:0A:C3:E9:6F:EB:AD:FE:E7
Certificate issuer: /CN=9eb3143a2e73f209e69d97c4b8f78cda5f437005
Certificate serial: 018C1BD87C2C59C1BB357B7B9F44B85269EE
Authority key identifier: 9E:B3:14:3A:2E:73:F2:09:E6:9D:97:C4:B8:F7:8C:DA:5F:43:70:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrMUOi5z8gnmnZfEuPeM2l9DcAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9faf24-05e1-4db9-9aaf-501618411c76/1/1-9Xs3zd7icb_ri0DCsPpb-ut_uc.roa
Signing time: Wed 29 Nov 2023 16:10:21 +0000
ROA not before: Wed 29 Nov 2023 16:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25577
IP address blocks: 185.229.20.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:d8:7c:2c:59:c1:bb:35:7b:7b:9f:44:b8:52:69:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb3143a2e73f209e69d97c4b8f78cda5f437005
Validity
Not Before: Nov 29 16:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbd5ecdf377b89c6ffae2d030ac3e96febadfee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:86:e5:be:c7:36:13:0b:12:e6:78:b7:e7:b0:
68:18:6f:fc:1c:a8:61:9e:3b:b0:9e:89:21:96:f6:
22:2e:69:dd:f3:65:e8:ac:02:49:6b:d4:fb:67:14:
07:3c:f1:48:1e:7d:55:42:b2:c9:fc:32:9e:cd:8f:
48:f2:d6:7f:9c:58:07:d5:97:8f:14:73:55:3b:8e:
8d:a6:ad:ea:be:75:b1:9b:97:15:af:c6:13:51:fd:
94:bf:2a:85:dc:d6:89:65:07:1f:be:50:01:63:06:
0b:0c:0e:58:a8:c3:22:a3:a6:4a:0a:d2:fa:17:9e:
1d:64:e6:1b:3f:69:c1:bd:f3:c0:18:fa:d7:8e:a7:
61:02:20:08:ab:df:ef:df:e9:b0:45:13:60:ed:5e:
8b:eb:be:4e:b9:c7:62:c0:bd:81:69:02:42:60:7e:
f8:dc:34:04:a5:d4:d3:82:be:48:6f:b4:ba:49:6f:
e9:e7:d1:d6:91:4b:75:bc:d8:13:46:04:57:74:59:
19:2d:bc:52:99:ab:ce:1e:c8:1d:71:a2:65:8f:04:
a5:bb:1e:48:a5:e9:1e:95:18:b1:49:8b:08:c0:68:
b9:4e:1b:e8:ca:d1:ff:cd:69:83:d0:3a:71:06:35:
99:e2:f8:6a:bd:41:f0:a4:cf:29:60:73:f3:13:0f:
d0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D5:EC:DF:37:7B:89:C6:FF:AE:2D:03:0A:C3:E9:6F:EB:AD:FE:E7
X509v3 Authority Key Identifier:
keyid:9E:B3:14:3A:2E:73:F2:09:E6:9D:97:C4:B8:F7:8C:DA:5F:43:70:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrMUOi5z8gnmnZfEuPeM2l9DcAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9faf24-05e1-4db9-9aaf-501618411c76/1/1-9Xs3zd7icb_ri0DCsPpb-ut_uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9faf24-05e1-4db9-9aaf-501618411c76/1/nrMUOi5z8gnmnZfEuPeM2l9DcAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.20.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:e9:a2:5f:43:fa:ec:19:0c:90:4c:51:29:3e:e1:7c:2c:97:
a1:2d:d2:b4:d9:18:bc:fa:e0:b1:41:a4:15:7c:ad:43:8b:4a:
29:13:43:b9:50:18:a0:40:f5:83:56:ff:73:eb:64:d4:1b:03:
ea:3b:2a:fe:49:39:7d:a3:2e:c4:42:9d:42:8b:7c:55:e2:0f:
4e:ea:84:a6:75:15:73:17:b9:cf:9a:55:48:10:c7:ab:dd:90:
a1:2f:50:61:8e:bd:90:e0:1c:a9:00:7b:70:39:7e:9a:dc:0c:
87:32:ab:f0:28:44:ea:25:5c:84:79:e6:22:40:a0:70:94:ba:
ac:28:ce:b6:9d:28:2a:88:14:8b:fd:79:2c:62:ea:52:d9:91:
81:2c:27:1d:cf:30:d3:cb:15:18:1e:6c:ef:85:a6:1f:de:77:
09:ca:b8:57:bf:ab:6b:e9:d2:b1:fc:0a:df:53:5e:85:b2:6c:
d1:1c:e5:f1:4c:7b:3b:ec:5d:49:50:d1:c6:5f:f1:4f:b8:5f:
69:34:4a:44:fd:0b:de:41:3d:b4:a4:ec:f8:92:58:d4:36:ca:
6d:fe:99:24:3d:3d:af:29:bb:e4:13:a6:1c:01:b8:e6:04:42:
12:25:1c:06:5f:5e:b5:18:fc:89:db:b1:4a:61:9c:fa:38:bf:
00:ab:9c:5c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYwb2HwsWcG7NXt7n0S4UmnuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjMxNDNhMmU3M2YyMDllNjlkOTdjNGI4Zjc4Y2RhNWY0
MzcwMDUwHhcNMjMxMTI5MTYxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmQ1ZWNkZjM3N2I4OWM2ZmZhZTJkMDMwYWMzZTk2ZmViYWRmZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4blvsc2EwsS5ni357BoGG/8HKhh
njuwnokhlvYiLmnd82XorAJJa9T7ZxQHPPFIHn1VQrLJ/DKezY9I8tZ/nFgH1ZeP
FHNVO46Npq3qvnWxm5cVr8YTUf2UvyqF3NaJZQcfvlABYwYLDA5YqMMio6ZKCtL6
F54dZOYbP2nBvfPAGPrXjqdhAiAIq9/v3+mwRRNg7V6L675OucdiwL2BaQJCYH74
3DQEpdTTgr5Ib7S6SW/p59HWkUt1vNgTRgRXdFkZLbxSmavOHsgdcaJljwSlux5I
pekelRixSYsIwGi5ThvoytH/zWmD0DpxBjWZ4vhqvUHwpM8pYHPzEw/QAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPvV7N83e4nG/64tAwrD6W/rrf7nMB8GA1UdIwQY
MBaAFJ6zFDouc/IJ5p2XxLj3jNpfQ3AFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJNVU9pNXo4Z25tblpmRXVQZU0ybDlEY0FVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZmFmMjQtMDVlMS00ZGI5LTlhYWYt
NTAxNjE4NDExYzc2LzEvMS05WHMzemQ3aWNiX3JpMERDc1BwYi11dF91Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWIvOWZhZjI0LTA1ZTEtNGRiOS05YWFmLTUwMTYxODQxMWM3
Ni8xL25yTVVPaTV6OGdubW5aZkV1UGVNMmw5RGNBVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnlFDAN
BgkqhkiG9w0BAQsFAAOCAQEAuumiX0P67BkMkExRKT7hfCyXoS3StNkYvPrgsUGk
FXytQ4tKKRNDuVAYoED1g1b/c+tk1BsD6jsq/kk5faMuxEKdQot8VeIPTuqEpnUV
cxe5z5pVSBDHq92QoS9QYY69kOAcqQB7cDl+mtwMhzKr8ChE6iVchHnmIkCgcJS6
rCjOtp0oKogUi/15LGLqUtmRgSwnHc8w08sVGB5s74WmH953Ccq4V7+ra+nSsfwK
31NehbJs0Rzl8Ux7O+xdSVDRxl/xT7hfaTRKRP0L3kE9tKTs+JJY1DbKbf6ZJD09
rym75BOmHAG45gRCEiUcBl9etRj8iduxSmGc+ji/AKucXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:21 2024 by rpki-client on console-fra.rpki-client.org