Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/nI6LMwMwfKnEK888T2nl49NeoSk.roa
File: nI6LMwMwfKnEK888T2nl49NeoSk.roa (raw, json)
Hash identifier: L9pmay+eDE2X6WUKJMdKGXCNkyjty/ddTlYljkAmOsk=
Subject key identifier: 9C:8E:8B:33:03:30:7C:A9:C4:2B:CF:3C:4F:69:E5:E3:D3:5E:A1:29
Certificate issuer: /CN=e5a83b40b3f4d7d31fb3368dafaca1199a449892
Certificate serial: 018CC94BDD33707A3E1B7A13BF994035DBA1
Authority key identifier: E5:A8:3B:40:B3:F4:D7:D3:1F:B3:36:8D:AF:AC:A1:19:9A:44:98:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5ag7QLP019MfszaNr6yhGZpEmJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/nI6LMwMwfKnEK888T2nl49NeoSk.roa
Signing time: Tue 02 Jan 2024 08:30:41 +0000
ROA not before: Tue 02 Jan 2024 08:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199624
IP address blocks: 185.166.243.0/24 maxlen: 32
91.208.171.0/24 maxlen: 32
185.8.4.0/22 maxlen: 32
185.166.240.0/22 maxlen: 32
2a0a:2100::/29 maxlen: 29
2a03:13c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 13 Aug 2024 07:59:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:dd:33:70:7a:3e:1b:7a:13:bf:99:40:35:db:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a83b40b3f4d7d31fb3368dafaca1199a449892
Validity
Not Before: Jan 2 08:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c8e8b3303307ca9c42bcf3c4f69e5e3d35ea129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5c:30:cb:0f:92:34:6a:46:6e:db:25:ef:da:
ac:49:f6:ab:48:f1:3a:f1:5b:a3:4a:23:62:af:e1:
75:84:ec:ea:68:b5:e3:2b:02:51:40:a4:d9:ee:e2:
67:3b:16:d2:3a:e5:2f:e7:28:fd:d2:63:4b:7d:1c:
58:09:cc:9a:b6:a0:2d:99:68:d8:04:c9:c8:39:c1:
02:3c:1a:05:31:97:63:98:db:7c:8c:65:5f:42:a9:
12:66:c4:e2:a0:30:50:3d:c4:8f:32:24:5f:96:96:
be:a9:7f:f6:27:b8:b3:4f:c0:db:43:f7:9f:83:03:
c3:a4:a8:4c:8f:30:39:2c:29:22:3b:dd:bd:99:1b:
77:95:b6:b4:2f:0b:40:05:26:b6:7e:ee:68:ff:68:
45:15:f7:0f:82:e6:71:9f:64:e4:cf:db:53:03:62:
b0:e8:ed:85:a2:61:f3:fe:e5:9d:75:f1:44:ca:89:
94:0e:50:e2:33:6a:4b:85:99:cb:5b:26:9f:0c:84:
fe:90:92:19:c9:52:c8:f1:fc:e7:c1:9a:95:04:e5:
8f:a9:90:91:e0:10:8c:c1:53:c4:0c:c1:49:ff:47:
1b:d1:cc:9d:54:45:f0:82:44:34:45:2d:92:14:1b:
52:05:9f:4d:b0:c8:aa:23:7f:c1:79:0e:ee:1f:05:
71:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8E:8B:33:03:30:7C:A9:C4:2B:CF:3C:4F:69:E5:E3:D3:5E:A1:29
X509v3 Authority Key Identifier:
keyid:E5:A8:3B:40:B3:F4:D7:D3:1F:B3:36:8D:AF:AC:A1:19:9A:44:98:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5ag7QLP019MfszaNr6yhGZpEmJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/nI6LMwMwfKnEK888T2nl49NeoSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/5ag7QLP019MfszaNr6yhGZpEmJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.171.0/24
185.8.4.0/22
185.166.240.0/22
IPv6:
2a03:13c0::/32
2a0a:2100::/29
Signature Algorithm: sha256WithRSAEncryption
92:97:af:12:f1:05:cf:93:35:be:84:73:12:54:47:8c:94:aa:
5e:e9:75:14:11:72:b8:fb:ae:b5:70:11:29:a3:f4:fe:da:c4:
f7:2a:d5:d4:be:0c:bb:aa:7a:d5:df:6a:e6:47:89:0c:ce:ba:
7d:e8:3d:b7:12:e9:83:1c:07:bd:58:60:83:40:4c:ac:8f:dd:
c8:db:db:1d:a4:c5:65:ac:9d:51:c2:23:2b:2c:e0:b8:d4:28:
64:5a:0a:7b:ec:de:af:42:73:08:c0:23:9b:2d:4d:34:79:67:
67:61:5e:c3:5d:c2:b9:06:e0:c7:4b:8b:81:86:d3:b5:fa:01:
1d:1e:f7:63:5a:39:e8:e1:59:c9:fd:81:67:12:07:2b:4e:f6:
9c:6d:df:a0:fa:07:17:88:3e:02:11:72:3b:23:3d:6b:0c:63:
d7:a7:59:f4:b2:2b:d2:ca:bf:44:17:0a:71:fb:a1:8f:28:96:
e1:74:7b:e5:eb:9d:14:b2:af:5e:6e:38:31:d2:b9:50:1d:15:
6e:a6:db:c9:c3:c1:9c:4f:29:d1:c1:c0:8c:a2:e7:0b:48:d5:
0c:3a:06:6b:60:7b:65:f5:19:ff:c2:87:a6:eb:f4:81:d9:09:
e4:71:cd:21:ae:e9:90:60:99:07:8a:be:65:c8:0d:7d:12:43:
c6:96:b8:a0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzJS90zcHo+G3oTv5lANduhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTgzYjQwYjNmNGQ3ZDMxZmIzMzY4ZGFmYWNhMTE5OWE0
NDk4OTIwHhcNMjQwMTAyMDgzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzhlOGIzMzAzMzA3Y2E5YzQyYmNmM2M0ZjY5ZTVlM2QzNWVhMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFwwyw+SNGpGbtsl79qsSfarSPE6
8VujSiNir+F1hOzqaLXjKwJRQKTZ7uJnOxbSOuUv5yj90mNLfRxYCcyatqAtmWjY
BMnIOcECPBoFMZdjmNt8jGVfQqkSZsTioDBQPcSPMiRflpa+qX/2J7izT8DbQ/ef
gwPDpKhMjzA5LCkiO929mRt3lba0LwtABSa2fu5o/2hFFfcPguZxn2Tkz9tTA2Kw
6O2FomHz/uWddfFEyomUDlDiM2pLhZnLWyafDIT+kJIZyVLI8fznwZqVBOWPqZCR
4BCMwVPEDMFJ/0cb0cydVEXwgkQ0RS2SFBtSBZ9NsMiqI3/BeQ7uHwVxbQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJyOizMDMHypxCvPPE9p5ePTXqEpMB8GA1UdIwQY
MBaAFOWoO0Cz9NfTH7M2ja+soRmaRJiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFnN1FMUDAxOU1mc3phTnI2eWhHWnBFbUpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yNGNhYjQtMDEyNS00MzgzLTg1ZmEt
M2QzODg2MDZkYTEyLzEvbkk2TE13TXdmS25FSzg4OFQybmw0OU5lb1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yNGNhYjQtMDEyNS00MzgzLTg1ZmEtM2QzODg2MDZkYTEy
LzEvNWFnN1FMUDAxOU1mc3phTnI2eWhHWnBFbUpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAW9CrAwQC
uQgEAwQCuabwMBQEAgACMA4DBQAqAxPAAwUDKgohADANBgkqhkiG9w0BAQsFAAOC
AQEAkpevEvEFz5M1voRzElRHjJSqXul1FBFyuPuutXARKaP0/trE9yrV1L4Mu6p6
1d9q5keJDM66feg9txLpgxwHvVhgg0BMrI/dyNvbHaTFZaydUcIjKyzguNQoZFoK
e+zer0JzCMAjmy1NNHlnZ2Few13CuQbgx0uLgYbTtfoBHR73Y1o56OFZyf2BZxIH
K072nG3foPoHF4g+AhFyOyM9awxj16dZ9LIr0sq/RBcKcfuhjyiW4XR75eudFLKv
Xm44MdK5UB0VbqbbycPBnE8p0cHAjKLnC0jVDDoGa2B7ZfUZ/8KHpuv0gdkJ5HHN
Ia7pkGCZB4q+ZcgNfRJDxpa4oA==
-----END CERTIFICATE-----
Generated at Tue Aug 13 11:36:48 2024 by rpki-client on console-ams.rpki-client.org