Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/46c38b-4324-44aa-9bb5-386910dcb903/1/rUC0RpmZ42-TRv3qeOzaNtls4CY.roa
File: rUC0RpmZ42-TRv3qeOzaNtls4CY.roa (raw, json)
Hash identifier: 4t5Ga8RP90wgT0uhTF2FtIXVbutLhQ0ZqRqystD+Hkk=
Subject key identifier: AD:40:B4:46:99:99:E3:6F:93:46:FD:EA:78:EC:DA:36:D9:6C:E0:26
Certificate issuer: /CN=37e0cb58ae23d473ae13a7341b7a73bdd1028a0d
Certificate serial: 018571FA022C43436154A911D677F070E899
Authority key identifier: 37:E0:CB:58:AE:23:D4:73:AE:13:A7:34:1B:7A:73:BD:D1:02:8A:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-DLWK4j1HOuE6c0G3pzvdECig0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/46c38b-4324-44aa-9bb5-386910dcb903/1/rUC0RpmZ42-TRv3qeOzaNtls4CY.roa
Signing time: Mon 02 Jan 2023 10:14:48 +0000
ROA not before: Mon 02 Jan 2023 10:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206876
IP address blocks: 185.173.136.0/24 maxlen: 24
185.173.137.0/24 maxlen: 24
185.173.138.0/24 maxlen: 24
185.173.139.0/24 maxlen: 24
2a0b:5500::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:02:2c:43:43:61:54:a9:11:d6:77:f0:70:e8:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37e0cb58ae23d473ae13a7341b7a73bdd1028a0d
Validity
Not Before: Jan 2 10:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad40b4469999e36f9346fdea78ecda36d96ce026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:94:67:27:e9:0a:6f:35:8c:db:74:d6:50:d7:
95:71:28:96:c9:5c:69:ac:cf:fb:c8:b2:ef:9e:2f:
61:e5:7e:9f:33:a8:df:c6:91:83:75:3f:8a:94:0f:
56:45:8d:d9:05:9f:f1:c0:f3:11:11:d0:fd:4f:af:
e1:aa:dd:8c:49:78:8e:35:20:5a:5f:fd:42:23:fe:
de:60:43:e3:bc:83:5b:87:c1:03:3d:52:8e:41:88:
b9:8d:89:c1:5a:42:ab:50:2c:ac:15:65:67:0c:2a:
67:37:ca:96:40:71:1e:37:53:45:65:ca:42:49:6b:
e7:31:ad:68:b0:3f:56:c5:7b:34:1b:e0:fc:cb:54:
0c:06:de:b9:41:5b:4f:cf:1d:24:8e:d9:cd:be:ff:
39:82:91:79:f9:58:2d:50:87:98:64:35:40:c9:03:
e2:78:57:36:f6:92:a9:ec:ca:ec:f3:34:99:5d:b4:
8c:62:fe:44:9a:6e:14:ce:02:13:0c:a8:f3:a0:98:
a2:2a:65:20:e5:f6:6a:4b:e0:9c:bb:99:70:7b:9d:
af:71:40:6a:cc:89:18:59:e6:7b:b2:d7:a5:ee:8b:
ba:8e:ae:d5:e4:0d:82:3f:e5:42:53:28:07:4e:4c:
66:89:be:fd:f6:87:0f:81:7e:02:e7:fb:9d:a9:7b:
f3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:40:B4:46:99:99:E3:6F:93:46:FD:EA:78:EC:DA:36:D9:6C:E0:26
X509v3 Authority Key Identifier:
keyid:37:E0:CB:58:AE:23:D4:73:AE:13:A7:34:1B:7A:73:BD:D1:02:8A:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-DLWK4j1HOuE6c0G3pzvdECig0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/46c38b-4324-44aa-9bb5-386910dcb903/1/rUC0RpmZ42-TRv3qeOzaNtls4CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/46c38b-4324-44aa-9bb5-386910dcb903/1/N-DLWK4j1HOuE6c0G3pzvdECig0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.136.0/22
IPv6:
2a0b:5500::/29
Signature Algorithm: sha256WithRSAEncryption
54:72:67:b4:c3:36:aa:5a:43:46:89:e4:71:89:e7:45:23:79:
ec:d5:74:c7:96:76:7b:ce:04:34:8e:89:c4:a6:0e:ce:d4:68:
bd:e3:c2:69:ee:f9:d9:2d:92:fe:43:91:3c:89:a9:f9:0f:35:
98:0a:54:3a:9b:e3:75:26:8f:ec:02:a7:2b:33:15:ee:c7:18:
45:5c:e4:26:cf:5d:93:db:c3:97:0b:ea:d5:14:f2:b5:71:b9:
80:3c:9e:17:42:ba:2d:dc:43:52:38:cb:fb:09:ca:2c:24:7a:
05:21:00:db:a1:47:7d:9a:4e:9d:11:36:44:cf:8b:ac:f1:75:
21:a4:af:a3:27:c6:c6:b9:8b:37:48:cd:76:4b:90:9e:74:38:
72:ae:86:b4:59:21:bb:7c:eb:05:4a:22:13:66:a9:ef:9f:df:
9b:8e:a7:9a:12:0f:91:e3:6d:68:d7:f9:95:cd:5c:0a:e1:49:
72:68:b4:7b:c0:ed:0e:21:1d:11:58:c2:2f:db:f9:62:9d:dd:
59:31:dc:f5:a1:c0:53:61:68:2a:e6:e3:4c:1c:5e:bb:88:ee:
ff:a9:40:ea:46:31:ce:32:dd:7a:c6:d0:a7:58:c4:b1:2e:76:
6f:bd:4c:ba:7b:e4:0d:7a:5d:6f:c9:1b:cc:b4:55:ee:63:aa:
4c:7b:e6:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx+gIsQ0NhVKkR1nfwcOiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZTBjYjU4YWUyM2Q0NzNhZTEzYTczNDFiN2E3M2JkZDEw
MjhhMGQwHhcNMjMwMTAyMTAxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDQwYjQ0Njk5OTllMzZmOTM0NmZkZWE3OGVjZGEzNmQ5NmNlMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppRnJ+kKbzWM23TWUNeVcSiWyVxp
rM/7yLLvni9h5X6fM6jfxpGDdT+KlA9WRY3ZBZ/xwPMREdD9T6/hqt2MSXiONSBa
X/1CI/7eYEPjvINbh8EDPVKOQYi5jYnBWkKrUCysFWVnDCpnN8qWQHEeN1NFZcpC
SWvnMa1osD9WxXs0G+D8y1QMBt65QVtPzx0kjtnNvv85gpF5+VgtUIeYZDVAyQPi
eFc29pKp7Mrs8zSZXbSMYv5Emm4UzgITDKjzoJiiKmUg5fZqS+Ccu5lwe52vcUBq
zIkYWeZ7stel7ou6jq7V5A2CP+VCUygHTkxmib799ocPgX4C5/udqXvzRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK1AtEaZmeNvk0b96njs2jbZbOAmMB8GA1UdIwQY
MBaAFDfgy1iuI9RzrhOnNBt6c73RAooNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi1ETFdLNGoxSE91RTZjMEczcHp2ZEVDaWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi80NmMzOGItNDMyNC00NGFhLTliYjUt
Mzg2OTEwZGNiOTAzLzEvclVDMFJwbVo0Mi1UUnYzcWVPemFOdGxzNENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi80NmMzOGItNDMyNC00NGFhLTliYjUtMzg2OTEwZGNiOTAz
LzEvTi1ETFdLNGoxSE91RTZjMEczcHp2ZEVDaWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua2IMA0E
AgACMAcDBQMqC1UAMA0GCSqGSIb3DQEBCwUAA4IBAQBUcme0wzaqWkNGieRxiedF
I3ns1XTHlnZ7zgQ0jonEpg7O1Gi948Jp7vnZLZL+Q5E8ian5DzWYClQ6m+N1Jo/s
AqcrMxXuxxhFXOQmz12T28OXC+rVFPK1cbmAPJ4XQrot3ENSOMv7CcosJHoFIQDb
oUd9mk6dETZEz4us8XUhpK+jJ8bGuYs3SM12S5CedDhyroa0WSG7fOsFSiITZqnv
n9+bjqeaEg+R421o1/mVzVwK4UlyaLR7wO0OIR0RWMIv2/lind1ZMdz1ocBTYWgq
5uNMHF67iO7/qUDqRjHOMt16xtCnWMSxLnZvvUy6e+QNel1vyRvMtFXuY6pMe+bR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:50 2024 by rpki-client on console-fra.rpki-client.org