Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iQpVeVgziNEFUGK6gWEPqhW87jI.roa
File: iQpVeVgziNEFUGK6gWEPqhW87jI.roa (raw, json)
Hash identifier: rH7YhqIVpUTlox5MKw8hauE1Vr8YeAWUWomhQGuZRG8=
Subject key identifier: 89:0A:55:79:58:33:88:D1:05:50:62:BA:81:61:0F:AA:15:BC:EE:32
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC802761B9407F50D773FE3F2C290CAE6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iQpVeVgziNEFUGK6gWEPqhW87jI.roa
Signing time: Tue 02 Jan 2024 02:30:53 +0000
ROA not before: Tue 02 Jan 2024 02:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 185.210.232.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 10:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:76:1b:94:07:f5:0d:77:3f:e3:f2:c2:90:ca:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=890a5579583388d1055062ba81610faa15bcee32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e7:c2:a9:3f:ab:1f:e6:75:35:3d:01:be:8f:
d0:a3:b5:d4:8f:13:01:6f:cb:c6:8c:27:38:3d:ce:
e0:8e:29:5e:83:3d:67:52:17:33:e3:9f:d9:76:a7:
8d:3a:ae:ff:53:0c:45:fa:6d:ef:ee:ee:5a:41:b6:
78:ee:a2:74:b6:a1:09:96:d7:bf:92:d6:2e:42:f1:
22:8b:6c:00:3e:fe:20:4e:d7:76:e4:9a:de:a8:0f:
b5:aa:3c:41:aa:69:e9:71:5b:eb:f4:64:46:97:3a:
bc:75:e6:d9:e5:91:eb:95:5d:fe:54:40:86:10:9e:
55:88:64:f8:79:fa:34:9f:04:7e:ae:f2:83:e0:38:
02:90:47:05:df:f7:10:38:89:64:b1:80:b4:df:58:
e3:da:9a:cc:52:11:5e:2a:29:eb:a7:92:86:c8:9e:
45:a9:13:33:6a:a6:ee:61:c6:8a:ff:ce:15:7b:18:
4d:b5:8b:89:95:19:32:b0:5e:42:8d:76:39:0c:2e:
e3:0f:9b:77:e1:2d:f6:74:48:ef:0c:91:1d:ee:13:
55:81:cd:b9:f8:48:e4:81:03:98:b3:3b:09:61:9f:
5b:2f:73:50:21:8c:39:01:54:10:bc:45:d4:5f:c3:
ac:e7:dd:79:76:83:0f:16:62:20:f4:61:84:be:8e:
cd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0A:55:79:58:33:88:D1:05:50:62:BA:81:61:0F:AA:15:BC:EE:32
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iQpVeVgziNEFUGK6gWEPqhW87jI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.210.232.0/24
185.214.102.0/24
185.223.80.0/24
185.225.0.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
67:43:a1:89:53:e9:bb:93:2c:3e:5e:97:17:7a:86:8c:54:b8:
79:b7:7f:af:27:d6:82:8f:1b:3e:e9:2d:51:4e:c7:58:3e:f4:
24:aa:b8:1a:73:29:ab:fc:72:9a:29:f0:35:a8:bc:a7:26:11:
18:02:1b:68:73:35:96:0a:70:be:6b:c3:d7:1e:70:66:8c:ad:
76:25:08:53:6e:7a:56:fd:f8:7f:59:d5:f3:3f:53:f5:57:2d:
b2:81:3b:94:cd:40:80:98:34:3d:2a:bb:47:a5:67:30:31:47:
45:df:85:0b:b4:5e:8c:6e:f8:48:6b:b1:b7:9b:a5:e9:39:31:
fa:c5:0c:3f:e5:6a:bd:a8:f8:ca:aa:c5:e7:c9:50:e8:af:d8:
5a:b2:a9:0f:9a:5a:33:76:2d:49:58:3b:98:42:1c:2e:b8:26:
8c:7e:05:6b:43:e3:b2:73:37:ca:04:eb:7a:7a:c5:7f:25:b9:
b4:24:ad:2d:5c:d1:34:14:4e:5d:57:b5:a1:c6:a6:5e:4a:eb:
e5:e0:0b:35:5a:09:74:f3:62:07:58:18:e3:2e:a4:de:3b:3a:
63:da:b1:b2:84:e8:75:b7:ab:ad:b6:8d:15:88:a0:ec:2e:05:
cb:51:4c:73:92:1a:07:12:d2:76:0c:8b:f7:02:ea:57:24:89:
35:43:46:5d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzIAnYblAf1DXc/4/LCkMrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBhNTU3OTU4MzM4OGQxMDU1MDYyYmE4MTYxMGZhYTE1YmNlZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOfCqT+rH+Z1NT0Bvo/Qo7XUjxMB
b8vGjCc4Pc7gjilegz1nUhcz45/ZdqeNOq7/UwxF+m3v7u5aQbZ47qJ0tqEJlte/
ktYuQvEii2wAPv4gTtd25JreqA+1qjxBqmnpcVvr9GRGlzq8debZ5ZHrlV3+VECG
EJ5ViGT4efo0nwR+rvKD4DgCkEcF3/cQOIlksYC031jj2prMUhFeKinrp5KGyJ5F
qRMzaqbuYcaK/84VexhNtYuJlRkysF5CjXY5DC7jD5t34S32dEjvDJEd7hNVgc25
+EjkgQOYszsJYZ9bL3NQIYw5AVQQvEXUX8Os5915doMPFmIg9GGEvo7NTQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIkKVXlYM4jRBVBiuoFhD6oVvO4yMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaVFwVmVWZ3ppTkVGVUdLNmdXRVBxaFc4N2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAsH34AwQA
udLoAwQAudZmAwQAud9QAwQAueEAAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQBn
Q6GJU+m7kyw+XpcXeoaMVLh5t3+vJ9aCjxs+6S1RTsdYPvQkqrgacymr/HKaKfA1
qLynJhEYAhtoczWWCnC+a8PXHnBmjK12JQhTbnpW/fh/WdXzP1P1Vy2ygTuUzUCA
mDQ9KrtHpWcwMUdF34ULtF6MbvhIa7G3m6XpOTH6xQw/5Wq9qPjKqsXnyVDor9ha
sqkPmlozdi1JWDuYQhwuuCaMfgVrQ+OyczfKBOt6esV/Jbm0JK0tXNE0FE5dV7Wh
xqZeSuvl4As1Wgl082IHWBjjLqTeOzpj2rGyhOh1t6utto0ViKDsLgXLUUxzkhoH
EtJ2DIv3AupXJIk1Q0Zd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org