Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mK1rcQltNqtjJoxUEOonIwlVyiU.roa
File: mK1rcQltNqtjJoxUEOonIwlVyiU.roa (raw, json)
Hash identifier: toiO/O6F7W29BWYPoycC0O3WAJ3WW3RKmL7uEq23Th4=
Subject key identifier: 98:AD:6B:71:09:6D:36:AB:63:26:8C:54:10:EA:27:23:09:55:CA:25
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0192FBFFD9D5472D967BF78B69906ABDE7EA
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mK1rcQltNqtjJoxUEOonIwlVyiU.roa
Signing time: Tue 05 Nov 2024 11:05:01 +0000
ROA not before: Tue 05 Nov 2024 11:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 185.194.177.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.58.146.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Nov 2024 14:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fb:ff:d9:d5:47:2d:96:7b:f7:8b:69:90:6a:bd:e7:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 5 11:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98ad6b71096d36ab63268c5410ea27230955ca25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:76:03:b1:b4:d8:fe:8d:79:27:33:41:80:ca:
e4:e9:b0:55:86:5e:13:7b:e1:67:10:10:ef:95:01:
dd:25:41:3c:28:d2:4d:52:35:0c:8b:9f:39:41:9b:
78:88:27:3e:ac:94:50:a2:e3:c3:93:ba:ac:fe:89:
7b:35:19:9e:36:fb:b4:dc:6c:d4:7f:cc:12:34:5d:
9d:6e:77:05:9c:bc:e1:8e:4a:c0:23:8a:1a:54:f4:
e2:9d:9e:77:93:2d:92:4c:cc:10:59:e7:6f:cd:64:
f5:3a:35:54:a2:49:1f:25:54:6e:d9:eb:3c:6f:79:
fc:c2:ab:6e:ed:b1:02:20:b3:d6:17:d8:4b:05:3e:
7b:4a:b1:b2:b6:65:a2:3b:68:d0:12:26:99:d8:44:
2b:c4:ca:aa:f3:65:a5:d5:d8:be:ba:b7:80:f5:12:
b6:85:03:d8:26:ff:a3:9a:8e:0c:a1:f8:df:9f:c6:
19:e2:22:53:22:1a:72:31:3e:59:84:5a:6a:ec:dc:
1d:13:9c:48:bd:a2:b5:a2:87:d3:4a:7e:12:b8:35:
78:97:d1:cc:b7:bd:a1:bf:76:c9:8a:2d:bf:e2:a3:
48:70:13:eb:5e:88:59:11:56:2d:68:f5:cb:5e:4b:
44:5c:08:1d:8d:3c:ad:d2:2b:cc:51:00:16:28:1a:
d5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AD:6B:71:09:6D:36:AB:63:26:8C:54:10:EA:27:23:09:55:CA:25
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mK1rcQltNqtjJoxUEOonIwlVyiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.177.0/24
185.209.38.0/24
185.209.73.0/24
185.210.235.0/24
185.218.20.0/24
185.222.29.0/24
185.246.112.0/24
193.58.146.0/24
194.76.172.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:5e:49:b6:6b:cf:83:5a:34:eb:20:f2:2c:9b:85:91:f2:77:
36:67:47:ea:af:fa:18:6c:21:95:32:d2:b1:f1:64:b0:d5:56:
3e:bf:27:62:3e:c6:1a:82:ff:df:94:f7:27:8b:65:41:0d:a0:
01:1a:cd:6c:e7:2b:73:fc:c7:42:4c:32:ad:55:f3:b3:bd:fe:
32:bf:c3:7f:c3:08:91:6b:61:1f:9c:24:7b:5b:8c:9b:d5:9d:
ee:ce:ac:f2:55:43:a1:27:14:e5:8d:d4:d2:44:fa:f5:05:29:
22:d0:c9:b7:48:b6:cc:a2:c7:82:9a:10:3e:48:c8:32:5c:d7:
30:2d:f1:05:0d:5b:20:d0:96:9e:e6:0e:c6:56:44:f4:0e:c7:
2d:79:3c:c8:e5:98:f0:a7:6d:26:27:84:f1:c9:23:1a:b7:90:
a7:7a:4f:d5:68:47:c8:c5:1e:e6:50:ca:49:58:cc:03:fb:a5:
16:85:8c:0d:bb:0f:df:44:55:22:8f:e4:51:a0:be:be:02:2c:
47:37:cb:81:ec:20:a9:f4:d1:4f:8c:0d:54:3e:c4:dc:6a:5b:
78:f4:dd:e3:36:c7:36:3b:3e:40:ab:b6:21:31:43:26:b2:0b:
b4:12:7c:92:11:1d:72:90:37:8d:4d:5f:c6:bb:c7:49:18:56:
42:4a:ac:af
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZL7/9nVRy2We/eLaZBqvefqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMTA1MTEwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFkNmI3MTA5NmQzNmFiNjMyNjhjNTQxMGVhMjcyMzA5NTVjYTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3YDsbTY/o15JzNBgMrk6bBVhl4T
e+FnEBDvlQHdJUE8KNJNUjUMi585QZt4iCc+rJRQouPDk7qs/ol7NRmeNvu03GzU
f8wSNF2dbncFnLzhjkrAI4oaVPTinZ53ky2STMwQWedvzWT1OjVUokkfJVRu2es8
b3n8wqtu7bECILPWF9hLBT57SrGytmWiO2jQEiaZ2EQrxMqq82Wl1di+ureA9RK2
hQPYJv+jmo4Mofjfn8YZ4iJTIhpyMT5ZhFpq7NwdE5xIvaK1oofTSn4SuDV4l9HM
t72hv3bJii2/4qNIcBPrXohZEVYtaPXLXktEXAgdjTyt0ivMUQAWKBrVcQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJita3EJbTarYyaMVBDqJyMJVcolMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbUsxcmNRbHROcXRqSm94VUVPb25Jd2xWeWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAucKxAwQA
udEmAwQAudFJAwQAudLrAwQAudoUAwQAud4dAwQAufZwAwQAwTqSAwQAwkysMA0G
CSqGSIb3DQEBCwUAA4IBAQAtXkm2a8+DWjTrIPIsm4WR8nc2Z0fqr/oYbCGVMtKx
8WSw1VY+vydiPsYagv/flPcni2VBDaABGs1s5ytz/MdCTDKtVfOzvf4yv8N/wwiR
a2EfnCR7W4yb1Z3uzqzyVUOhJxTljdTSRPr1BSki0Mm3SLbMoseCmhA+SMgyXNcw
LfEFDVsg0Jae5g7GVkT0DscteTzI5Zjwp20mJ4TxySMat5Cnek/VaEfIxR7mUMpJ
WMwD+6UWhYwNuw/fRFUij+RRoL6+AixHN8uB7CCp9NFPjA1UPsTcalt49N3jNsc2
Oz5Aq7YhMUMmsgu0EnySER1ykDeNTV/Gu8dJGFZCSqyv
Generated at Sun Nov 24 16:12:11 2024 by rpki-client on console-fra.rpki-client.org