Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/kw6AfQiBjMANe1yAVvFora05me8.roa
File: kw6AfQiBjMANe1yAVvFora05me8.roa (raw, json)
Hash identifier: m1H8zVkgc6PQECLPHPyE5AjKYLY1Ni8AWnoLBSZeodU=
Subject key identifier: 93:0E:80:7D:08:81:8C:C0:0D:7B:5C:80:56:F1:68:AD:AD:39:99:EF
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 01904A592510F7A02190BCF5EAFF8C51E2CC
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/kw6AfQiBjMANe1yAVvFora05me8.roa
Signing time: Mon 24 Jun 2024 13:04:34 +0000
ROA not before: Mon 24 Jun 2024 13:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201178
IP address blocks: 185.81.236.0/22 maxlen: 24
185.81.236.0/24 maxlen: 24
185.81.237.0/24 maxlen: 24
185.81.238.0/24 maxlen: 24
185.81.239.0/24 maxlen: 24
185.153.248.0/22 maxlen: 24
185.155.148.0/22 maxlen: 24
185.155.150.0/24 maxlen: 24
185.155.151.0/24 maxlen: 24
2a05:8a00::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Sep 2024 18:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:59:25:10:f7:a0:21:90:bc:f5:ea:ff:8c:51:e2:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Jun 24 13:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=930e807d08818cc00d7b5c8056f168adad3999ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5d:6d:e5:24:36:18:26:17:f0:6c:6b:e2:e6:
3e:16:9f:da:a2:d0:97:83:3c:cf:f6:97:46:48:a0:
23:05:b1:0f:17:9a:39:c7:79:c0:c4:71:99:a9:33:
d6:64:be:d3:b5:8d:18:5b:67:21:ca:31:4e:73:93:
9f:e6:95:8b:b8:49:0f:75:77:50:e7:5c:f9:6c:b5:
1c:a8:27:84:dc:26:1d:06:e4:c7:19:f4:71:15:3c:
65:ca:7c:c9:3d:3f:13:e6:ad:cb:d8:5a:93:42:97:
41:34:07:7c:91:2a:a6:5a:ac:0e:03:4c:da:95:45:
f4:f7:4e:a4:aa:e8:fd:d7:f6:b6:39:3f:6b:81:f0:
0b:da:6e:1f:90:be:a3:21:81:ed:8d:75:77:31:f8:
56:1b:ef:54:44:cf:2b:85:05:f1:7b:e1:b4:47:92:
f2:2d:4c:47:21:e6:9d:90:1a:f2:88:fb:04:4b:17:
03:7b:a9:19:7c:61:62:26:b4:aa:51:02:74:0e:c8:
e0:df:18:18:b0:b7:fe:6a:c8:45:7e:6b:14:68:e4:
bb:42:c1:7a:ca:c6:09:f1:5e:66:66:ff:1c:26:27:
24:fe:e2:40:e5:c8:f5:b0:5d:eb:00:01:55:1f:6d:
5a:d2:0c:0d:56:5c:79:c2:72:2f:f9:2f:b2:63:88:
a6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:0E:80:7D:08:81:8C:C0:0D:7B:5C:80:56:F1:68:AD:AD:39:99:EF
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/kw6AfQiBjMANe1yAVvFora05me8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.236.0/22
185.153.248.0/22
185.155.148.0/22
IPv6:
2a05:8a00::/29
Signature Algorithm: sha256WithRSAEncryption
45:82:52:8c:87:6c:88:2f:8d:d8:41:7c:b9:5d:51:da:57:af:
73:ab:cc:7b:1f:70:2e:dc:e1:8d:1f:27:fd:c5:c8:ea:2a:fe:
7b:06:d9:3b:6c:1d:49:98:db:53:fa:e1:3c:7d:83:b9:58:3b:
db:59:22:39:e8:76:5e:0c:fd:b8:cb:f1:b7:4b:95:18:b6:93:
45:67:7b:f4:d8:1d:73:58:fb:a0:a9:c8:1e:d4:c8:ba:fb:98:
b7:ae:c1:93:cc:81:0d:cc:34:b4:d8:81:6b:aa:8a:c7:8a:7f:
df:8d:1f:5b:35:e2:7f:12:b7:1e:b2:5a:40:67:36:31:b0:c4:
9b:69:7f:f3:59:1d:9a:74:67:3f:c5:f9:58:e4:21:48:33:db:
87:27:72:b9:50:f3:49:5b:08:2b:58:2a:60:a0:1c:79:b7:eb:
73:a4:5d:12:e4:44:18:d6:e0:aa:95:98:52:5a:bb:4d:15:fa:
1d:03:39:1f:69:09:39:14:35:76:a5:23:61:4f:0f:95:0a:54:
0d:fe:f8:6a:80:49:f4:17:94:3e:78:3e:92:bb:2a:a5:8d:0a:
36:41:39:b6:3f:ed:f4:fd:09:f5:a6:bf:cf:78:d2:5f:29:f3:
32:67:46:3f:98:00:8f:11:27:c4:32:06:c8:f5:ac:8d:f1:19:
01:ee:e5:13
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZBKWSUQ96AhkLz16v+MUeLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjQwNjI0MTMwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzBlODA3ZDA4ODE4Y2MwMGQ3YjVjODA1NmYxNjhhZGFkMzk5OWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl1t5SQ2GCYX8Gxr4uY+Fp/aotCX
gzzP9pdGSKAjBbEPF5o5x3nAxHGZqTPWZL7TtY0YW2chyjFOc5Of5pWLuEkPdXdQ
51z5bLUcqCeE3CYdBuTHGfRxFTxlynzJPT8T5q3L2FqTQpdBNAd8kSqmWqwOA0za
lUX0906kquj91/a2OT9rgfAL2m4fkL6jIYHtjXV3MfhWG+9URM8rhQXxe+G0R5Ly
LUxHIeadkBryiPsESxcDe6kZfGFiJrSqUQJ0Dsjg3xgYsLf+ashFfmsUaOS7QsF6
ysYJ8V5mZv8cJick/uJA5cj1sF3rAAFVH21a0gwNVlx5wnIv+S+yY4imLwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJMOgH0IgYzADXtcgFbxaK2tOZnvMB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEva3c2QWZRaUJqTUFOZTF5QVZ2Rm9yYTA1bWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVHsAwQC
uZn4AwQCuZuUMA0EAgACMAcDBQMqBYoAMA0GCSqGSIb3DQEBCwUAA4IBAQBFglKM
h2yIL43YQXy5XVHaV69zq8x7H3Au3OGNHyf9xcjqKv57Btk7bB1JmNtT+uE8fYO5
WDvbWSI56HZeDP24y/G3S5UYtpNFZ3v02B1zWPugqcge1Mi6+5i3rsGTzIENzDS0
2IFrqorHin/fjR9bNeJ/ErceslpAZzYxsMSbaX/zWR2adGc/xflY5CFIM9uHJ3K5
UPNJWwgrWCpgoBx5t+tzpF0S5EQY1uCqlZhSWrtNFfodAzkfaQk5FDV2pSNhTw+V
ClQN/vhqgEn0F5Q+eD6SuyqljQo2QTm2P+30/Qn1pr/PeNJfKfMyZ0Y/mACPESfE
MgbI9ayN8RkB7uUT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:56 2025 by rpki-client