Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/9eSAGKRSA36HwaNGMrGTHMg9Zq8.roa
File: 9eSAGKRSA36HwaNGMrGTHMg9Zq8.roa (raw, json)
Hash identifier: BKbsSVXbDcUVALHeh82hRhZCMOgDohsIhKWEhfACCeM=
Subject key identifier: F5:E4:80:18:A4:52:03:7E:87:C1:A3:46:32:B1:93:1C:C8:3D:66:AF
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 018570C2D91346840134FD808A4064E0BF59
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/9eSAGKRSA36HwaNGMrGTHMg9Zq8.roa
Signing time: Mon 02 Jan 2023 04:34:55 +0000
ROA not before: Mon 02 Jan 2023 04:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49157
IP address blocks: 185.131.176.0/24 maxlen: 24
185.131.178.0/24 maxlen: 24
185.131.177.0/24 maxlen: 24
185.131.179.0/24 maxlen: 24
83.136.237.0/24 maxlen: 24
185.151.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:d9:13:46:84:01:34:fd:80:8a:40:64:e0:bf:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 2 04:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5e48018a452037e87c1a34632b1931cc83d66af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0e:a4:87:86:2c:9d:c2:b4:92:20:f7:fc:ec:
bb:f3:71:7f:53:14:d8:6f:45:0b:8c:4c:7f:7f:da:
1b:49:44:76:96:aa:61:32:50:c6:29:d6:23:bc:62:
f2:ac:50:cd:27:7c:36:70:a3:3b:89:e3:53:8b:bf:
cc:d2:29:d0:6f:68:61:0d:20:33:8d:21:e0:fc:a8:
d0:78:bf:31:91:fa:ae:b7:81:04:41:2a:4e:1c:7a:
8a:d6:f9:54:a9:10:84:9e:de:51:41:d2:72:e0:9d:
d2:c4:c4:55:ac:7d:ab:b8:70:b4:de:a8:ab:0c:a3:
fa:77:23:b2:43:f9:73:85:e6:b7:a4:cc:be:a6:56:
bc:e9:e6:19:c3:d4:b1:5d:56:45:85:0d:0e:5a:79:
cd:ad:a7:27:37:6b:b7:a3:3e:c0:2e:d8:82:66:54:
aa:6a:85:5d:60:a7:e1:a9:94:3e:6e:38:b4:c1:f9:
cb:43:55:ec:5a:1d:75:c2:ed:f4:b9:fa:8d:d5:f0:
60:8f:39:2c:51:6d:3c:4b:1a:f6:25:b3:5a:45:05:
22:31:89:68:6f:74:d5:d6:9d:6e:37:f2:8b:e9:70:
1f:a8:e9:5c:35:7e:81:cf:d9:cc:00:62:64:d3:f6:
cf:f0:d9:0f:99:b9:03:c8:6c:68:95:90:c2:8c:74:
02:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:E4:80:18:A4:52:03:7E:87:C1:A3:46:32:B1:93:1C:C8:3D:66:AF
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/9eSAGKRSA36HwaNGMrGTHMg9Zq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.237.0/24
185.131.176.0/22
185.151.199.0/24
Signature Algorithm: sha256WithRSAEncryption
11:f4:34:c6:f2:bc:c3:ce:7c:d9:08:28:36:d4:09:8e:e1:1f:
e3:9a:ab:3a:8c:c7:c1:8a:fc:e4:f1:d1:f8:70:bd:ca:72:5a:
3a:02:0f:52:27:bc:ae:2b:a0:31:08:b3:53:eb:03:b8:3b:53:
b3:8b:98:82:d4:38:d1:c9:3c:60:ec:a2:b7:e1:d2:ba:e6:fd:
38:9e:6e:38:d8:20:e8:a9:98:34:69:06:23:59:df:1a:a7:d7:
8f:81:84:37:53:af:8a:f9:3b:b3:0b:5a:93:12:5c:34:d7:06:
c1:0e:c8:4c:de:d9:e1:ef:1b:31:fd:de:a0:64:a5:65:e4:f7:
d2:94:54:9b:fd:1e:7f:fb:6a:88:94:3a:8f:bc:65:b8:d4:6e:
b2:bf:07:fe:4d:71:ba:21:32:0a:3f:bb:97:d6:f0:7c:7f:4d:
db:df:4e:ee:6d:f7:54:11:38:48:1c:b2:6c:44:00:1d:25:78:
f2:22:b9:62:fb:c1:23:0e:c0:8b:66:37:80:fa:89:2b:e3:70:
21:d1:09:01:dc:2b:07:0d:4f:da:1d:39:1a:0d:21:7f:41:2c:
cc:c3:99:b4:64:8b:80:13:1f:af:f9:3b:58:d5:c1:1e:1f:cd:
c1:52:68:f2:5c:56:70:66:28:59:a1:c3:d6:c2:2f:0b:20:a4:
c1:20:c0:96
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwwtkTRoQBNP2AikBk4L9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjMwMTAyMDQzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWU0ODAxOGE0NTIwMzdlODdjMWEzNDYzMmIxOTMxY2M4M2Q2NmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg6kh4YsncK0kiD3/Oy783F/UxTY
b0ULjEx/f9obSUR2lqphMlDGKdYjvGLyrFDNJ3w2cKM7ieNTi7/M0inQb2hhDSAz
jSHg/KjQeL8xkfqut4EEQSpOHHqK1vlUqRCEnt5RQdJy4J3SxMRVrH2ruHC03qir
DKP6dyOyQ/lzhea3pMy+pla86eYZw9SxXVZFhQ0OWnnNracnN2u3oz7ALtiCZlSq
aoVdYKfhqZQ+bji0wfnLQ1XsWh11wu30ufqN1fBgjzksUW08Sxr2JbNaRQUiMYlo
b3TV1p1uN/KL6XAfqOlcNX6Bz9nMAGJk0/bP8NkPmbkDyGxolZDCjHQCGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPXkgBikUgN+h8GjRjKxkxzIPWavMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvOWVTQUdLUlNBMzZId2FOR01yR1RITWc5WnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU4jtAwQC
uYOwAwQAuZfHMA0GCSqGSIb3DQEBCwUAA4IBAQAR9DTG8rzDznzZCCg21AmO4R/j
mqs6jMfBivzk8dH4cL3Kclo6Ag9SJ7yuK6AxCLNT6wO4O1Ozi5iC1DjRyTxg7KK3
4dK65v04nm442CDoqZg0aQYjWd8ap9ePgYQ3U6+K+TuzC1qTElw01wbBDshM3tnh
7xsx/d6gZKVl5PfSlFSb/R5/+2qIlDqPvGW41G6yvwf+TXG6ITIKP7uX1vB8f03b
307ubfdUEThIHLJsRAAdJXjyIrli+8EjDsCLZjeA+okr43Ah0QkB3CsHDU/aHTka
DSF/QSzMw5m0ZIuAEx+v+TtY1cEeH83BUmjyXFZwZihZocPWwi8LIKTBIMCW
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:19 2024 by rpki-client on console-ams.rpki-client.org