Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/irhbdY6oNJVkuEQf9xQJ1oR5xU0.roa
File: irhbdY6oNJVkuEQf9xQJ1oR5xU0.roa (raw, json)
Hash identifier: 5Qor7I4E37Qs/cy4kZS54cQuf4M4pgBqh7XrzEW8rL4=
Subject key identifier: 8A:B8:5B:75:8E:A8:34:95:64:B8:44:1F:F7:14:09:D6:84:79:C5:4D
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 018EEBC7878279ABDC161E43DD2C56D3B850
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/irhbdY6oNJVkuEQf9xQJ1oR5xU0.roa
Signing time: Wed 17 Apr 2024 11:18:25 +0000
ROA not before: Wed 17 Apr 2024 11:18:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201178
IP address blocks: 185.81.236.0/22 maxlen: 24
185.81.236.0/24 maxlen: 24
185.81.237.0/24 maxlen: 24
185.81.238.0/24 maxlen: 24
185.81.239.0/24 maxlen: 24
185.153.248.0/22 maxlen: 24
185.155.148.0/22 maxlen: 24
185.155.151.0/24 maxlen: 24
2a05:8a00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jun 2024 13:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:c7:87:82:79:ab:dc:16:1e:43:dd:2c:56:d3:b8:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Apr 17 11:18:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ab85b758ea8349564b8441ff71409d68479c54d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e1:81:d8:f7:96:b5:35:b7:76:71:05:29:55:
bb:37:c5:55:85:07:48:b9:9d:e6:cb:fc:c0:0c:c7:
bf:60:9f:b8:b8:96:0b:45:6e:75:48:b6:bd:e3:de:
e7:d0:e8:38:2b:b4:6b:42:a4:1c:de:cb:49:8b:73:
b6:1c:e0:69:f3:65:d8:fc:78:41:8d:c5:f7:b5:84:
79:e2:94:c4:02:e9:1a:55:a2:0f:1d:cc:86:f9:d4:
63:5a:46:5b:a6:00:87:d0:6a:b8:69:7c:ab:4c:47:
0e:cf:60:2b:1a:d1:b1:20:64:20:07:92:ea:7b:17:
c4:bd:d2:d6:b9:dc:e9:cd:cc:e4:27:c1:fa:a5:45:
3a:10:21:18:ae:fe:20:23:a5:61:aa:f4:78:77:37:
8d:f3:38:99:63:f6:a1:5a:2e:c4:3a:e2:90:01:72:
bf:69:83:75:64:32:56:c8:a9:a0:1d:db:6d:d6:7a:
72:fc:d3:3c:fd:35:2a:44:53:fb:cf:8c:d4:8e:ee:
d3:ba:6b:0c:b5:07:f7:e2:56:8a:f7:16:c0:42:51:
1a:ab:90:28:0f:e7:f0:76:2f:db:cd:8a:12:fb:4c:
88:dd:48:a2:f9:35:fa:4d:c8:e5:e2:a9:65:a0:a5:
96:40:1e:57:f8:39:62:93:9e:1d:6d:e3:1a:3d:a9:
62:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B8:5B:75:8E:A8:34:95:64:B8:44:1F:F7:14:09:D6:84:79:C5:4D
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/irhbdY6oNJVkuEQf9xQJ1oR5xU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.236.0/22
185.153.248.0/22
185.155.148.0/22
IPv6:
2a05:8a00::/29
Signature Algorithm: sha256WithRSAEncryption
7f:5e:aa:b9:e8:f4:c3:0d:f2:18:72:85:1f:ec:08:ee:64:00:
71:1c:e0:ed:b3:f6:a1:2f:36:ce:73:b2:92:f3:31:97:47:f8:
77:e3:a6:38:f9:81:2d:b1:05:66:e0:f6:64:01:8e:60:84:e2:
27:d9:3d:88:b5:12:28:98:2b:17:5d:f6:91:29:33:9a:42:0d:
f6:01:e6:b9:ce:5c:01:6c:51:77:68:c2:6f:a0:43:95:b2:1c:
8f:9a:6b:f0:eb:90:73:97:8f:5f:81:9d:12:b2:ee:e0:2e:7b:
7e:bd:b0:a6:53:19:65:c5:80:b3:ec:10:c5:69:ac:ef:97:85:
66:3a:93:b6:86:c5:e5:f2:f5:f6:da:ae:75:39:d6:b4:22:c4:
25:21:4a:73:c2:8e:fa:40:36:5f:4b:6d:00:06:d5:ca:b9:04:
bd:90:57:5b:1c:cc:8a:88:c7:fd:6b:e5:5d:ab:83:68:db:1f:
23:2a:e7:f8:92:db:05:a5:de:35:71:9e:8d:96:e6:27:26:f9:
42:79:bb:e5:47:65:2e:12:fb:c0:05:90:78:9d:7e:66:9e:4a:
23:9f:78:a7:2b:c1:04:dc:da:c0:dc:0c:f3:19:e4:0b:e5:8c:
fb:73:46:96:90:90:44:eb:d8:df:33:f0:82:04:a6:d5:a6:ac:
a1:94:3b:59
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY7rx4eCeavcFh5D3SxW07hQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjQwNDE3MTExODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWI4NWI3NThlYTgzNDk1NjRiODQ0MWZmNzE0MDlkNjg0NzljNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+GB2PeWtTW3dnEFKVW7N8VVhQdI
uZ3my/zADMe/YJ+4uJYLRW51SLa9497n0Og4K7RrQqQc3stJi3O2HOBp82XY/HhB
jcX3tYR54pTEAukaVaIPHcyG+dRjWkZbpgCH0Gq4aXyrTEcOz2ArGtGxIGQgB5Lq
exfEvdLWudzpzczkJ8H6pUU6ECEYrv4gI6VhqvR4dzeN8ziZY/ahWi7EOuKQAXK/
aYN1ZDJWyKmgHdtt1npy/NM8/TUqRFP7z4zUju7TumsMtQf34laK9xbAQlEaq5Ao
D+fwdi/bzYoS+0yI3Uii+TX6Tcjl4qlloKWWQB5X+Dlik54dbeMaPalihQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIq4W3WOqDSVZLhEH/cUCdaEecVNMB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEvaXJoYmRZNm9OSlZrdUVRZjl4UUoxb1I1eFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVHsAwQC
uZn4AwQCuZuUMA0EAgACMAcDBQMqBYoAMA0GCSqGSIb3DQEBCwUAA4IBAQB/Xqq5
6PTDDfIYcoUf7AjuZABxHODts/ahLzbOc7KS8zGXR/h346Y4+YEtsQVm4PZkAY5g
hOIn2T2ItRIomCsXXfaRKTOaQg32Aea5zlwBbFF3aMJvoEOVshyPmmvw65Bzl49f
gZ0Ssu7gLnt+vbCmUxllxYCz7BDFaazvl4VmOpO2hsXl8vX22q51Oda0IsQlIUpz
wo76QDZfS20ABtXKuQS9kFdbHMyKiMf9a+Vdq4No2x8jKuf4ktsFpd41cZ6NluYn
JvlCebvlR2UuEvvABZB4nX5mnkojn3inK8EE3NrA3AzzGeQL5Yz7c0aWkJBE69jf
M/CCBKbVpqyhlDtZ
-----END CERTIFICATE-----
Generated at Mon Jun 24 15:20:47 2024 by rpki-client on console-fra.rpki-client.org