Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/953550-0266-4f2e-8dc3-7f4bd9b54e62/1/uNJM7FP754uleQ4SagikgFc8PWM.roa
File: uNJM7FP754uleQ4SagikgFc8PWM.roa (raw, json)
Hash identifier: Q6JcQHKK2n7AjRbo/YhSrwIqcHXUk1njP5/cZsAfa1c=
Subject key identifier: B8:D2:4C:EC:53:FB:E7:8B:A5:79:0E:12:6A:08:A4:80:57:3C:3D:63
Certificate issuer: /CN=724518a57069cafd83e21b5c60fb262d8edf342b
Certificate serial: 018AB28F8C724C255E4691B7B13548F88594
Authority key identifier: 72:45:18:A5:70:69:CA:FD:83:E2:1B:5C:60:FB:26:2D:8E:DF:34:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckUYpXBpyv2D4htcYPsmLY7fNCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/953550-0266-4f2e-8dc3-7f4bd9b54e62/1/uNJM7FP754uleQ4SagikgFc8PWM.roa
Signing time: Wed 20 Sep 2023 12:27:46 +0000
ROA not before: Wed 20 Sep 2023 12:27:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203185
IP address blocks: 185.118.231.0/24 maxlen: 24
185.118.228.0/24 maxlen: 24
185.118.229.0/24 maxlen: 24
185.118.230.0/24 maxlen: 24
2a06:9600:faff::/48 maxlen: 48
2a06:9600:2::/48 maxlen: 48
2a06:9600:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:8f:8c:72:4c:25:5e:46:91:b7:b1:35:48:f8:85:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=724518a57069cafd83e21b5c60fb262d8edf342b
Validity
Not Before: Sep 20 12:27:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8d24cec53fbe78ba5790e126a08a480573c3d63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6e:f5:a1:06:7a:12:dc:e4:42:83:ab:80:2d:
da:26:0a:14:61:2e:80:bd:6d:76:ff:77:64:74:5e:
62:f9:54:dd:5b:73:07:8d:4c:11:bd:f4:d1:1c:4d:
07:1b:7c:af:6a:74:0f:c9:10:8a:14:d1:87:56:92:
14:44:15:f4:37:bb:13:32:d3:a0:a7:7b:b1:9a:e1:
b1:9f:a3:41:3f:a3:17:8e:9f:1a:d3:18:64:ff:e1:
14:cb:13:99:9a:1d:49:f2:87:9f:5f:ff:91:27:51:
bf:21:0e:29:a4:fb:26:89:c0:6f:b0:11:c5:a5:67:
d4:b5:be:e9:b1:70:f5:a6:d7:0e:8d:a5:94:a7:c6:
bc:1a:9b:dd:02:e9:6d:ac:c3:8d:4f:10:13:a5:50:
74:cd:c6:ab:e9:9a:6d:bd:1d:f7:46:11:11:eb:6e:
1e:a7:82:49:08:1c:23:88:86:fc:7b:93:83:e9:1b:
c0:4e:6b:f3:16:8a:fc:29:5b:0d:25:b8:d1:48:9d:
6f:9f:42:0f:5e:d4:e8:92:e8:6f:a7:69:dd:39:0f:
73:4e:d7:e2:46:3d:3e:29:d8:3c:fa:d0:2b:ef:36:
a0:01:5d:41:09:36:5c:f8:c0:3e:a3:38:79:70:6e:
f8:2d:80:b8:77:2f:09:78:a3:9b:0b:ce:5f:7a:16:
c3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D2:4C:EC:53:FB:E7:8B:A5:79:0E:12:6A:08:A4:80:57:3C:3D:63
X509v3 Authority Key Identifier:
keyid:72:45:18:A5:70:69:CA:FD:83:E2:1B:5C:60:FB:26:2D:8E:DF:34:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckUYpXBpyv2D4htcYPsmLY7fNCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/953550-0266-4f2e-8dc3-7f4bd9b54e62/1/uNJM7FP754uleQ4SagikgFc8PWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/953550-0266-4f2e-8dc3-7f4bd9b54e62/1/ckUYpXBpyv2D4htcYPsmLY7fNCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.228.0/22
IPv6:
2a06:9600:1::-2a06:9600:2:ffff:ffff:ffff:ffff:ffff
2a06:9600:faff::/48
Signature Algorithm: sha256WithRSAEncryption
2c:a1:b3:05:e5:45:1b:73:c8:c3:d5:a8:34:c8:fa:f9:a6:2c:
f1:66:e0:e8:a8:79:9d:f9:63:bc:2a:90:c5:d5:88:e5:04:7a:
3e:72:ac:2c:c6:8a:bf:77:7d:4a:18:ad:e0:f0:76:39:db:64:
31:dd:a3:20:79:f2:d8:cf:e9:75:88:7c:70:19:4e:50:04:d5:
97:99:3a:8a:ad:b7:82:78:e7:33:e8:c8:54:c8:10:a8:b5:f1:
a0:8e:9e:97:71:0d:c2:62:42:3b:3f:e9:ed:e0:f0:87:fd:59:
95:29:c8:91:b5:73:de:b0:3a:93:69:55:62:ce:fa:9f:ed:5c:
d2:e2:96:23:b3:c2:42:c0:89:a6:bf:00:70:d4:eb:84:c4:66:
68:45:30:b7:46:df:6d:9d:f8:9f:71:a4:d9:99:98:15:d1:4d:
f7:f9:32:2a:a8:4a:3d:e4:41:10:89:1a:d3:0a:73:e3:36:e8:
8a:cc:e5:f5:29:cd:02:22:a5:fd:cd:56:23:b6:e2:f1:cb:da:
0e:26:78:72:5a:8f:80:73:a6:08:36:1d:d7:0a:b4:45:8c:7f:
a0:e0:18:af:cc:32:9f:1d:4f:15:b8:12:2d:32:15:65:7e:df:
b8:58:e7:e8:3c:f3:01:8c:cd:19:d8:18:0f:68:ff:4a:06:55:
4d:bc:50:79
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYqyj4xyTCVeRpG3sTVI+IWUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDUxOGE1NzA2OWNhZmQ4M2UyMWI1YzYwZmIyNjJkOGVk
ZjM0MmIwHhcNMjMwOTIwMTIyNzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQyNGNlYzUzZmJlNzhiYTU3OTBlMTI2YTA4YTQ4MDU3M2MzZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy271oQZ6EtzkQoOrgC3aJgoUYS6A
vW12/3dkdF5i+VTdW3MHjUwRvfTRHE0HG3yvanQPyRCKFNGHVpIURBX0N7sTMtOg
p3uxmuGxn6NBP6MXjp8a0xhk/+EUyxOZmh1J8oefX/+RJ1G/IQ4ppPsmicBvsBHF
pWfUtb7psXD1ptcOjaWUp8a8GpvdAultrMONTxATpVB0zcar6ZptvR33RhER624e
p4JJCBwjiIb8e5OD6RvATmvzFor8KVsNJbjRSJ1vn0IPXtTokuhvp2ndOQ9zTtfi
Rj0+Kdg8+tAr7zagAV1BCTZc+MA+ozh5cG74LYC4dy8JeKObC85fehbDewIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFLjSTOxT++eLpXkOEmoIpIBXPD1jMB8GA1UdIwQY
MBaAFHJFGKVwacr9g+IbXGD7Ji2O3zQrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tVWXBYQnB5djJENGh0Y1lQc21MWTdmTkNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NTM1NTAtMDI2Ni00ZjJlLThkYzMt
N2Y0YmQ5YjU0ZTYyLzEvdU5KTTdGUDc1NHVsZVE0U2FnaWtnRmM4UFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NTM1NTAtMDI2Ni00ZjJlLThkYzMtN2Y0YmQ5YjU0ZTYy
LzEvY2tVWXBYQnB5djJENGh0Y1lQc21MWTdmTkNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQCuXbkMCME
AgACMB0wEgMHACoGlgAAAQMHACoGlgAAAgMHACoGlgD6/zANBgkqhkiG9w0BAQsF
AAOCAQEALKGzBeVFG3PIw9WoNMj6+aYs8Wbg6Kh5nfljvCqQxdWI5QR6PnKsLMaK
v3d9Shit4PB2OdtkMd2jIHny2M/pdYh8cBlOUATVl5k6iq23gnjnM+jIVMgQqLXx
oI6el3ENwmJCOz/p7eDwh/1ZlSnIkbVz3rA6k2lVYs76n+1c0uKWI7PCQsCJpr8A
cNTrhMRmaEUwt0bfbZ34n3Gk2ZmYFdFN9/kyKqhKPeRBEIka0wpz4zboiszl9SnN
AiKl/c1WI7bi8cvaDiZ4clqPgHOmCDYd1wq0RYx/oOAYr8wynx1PFbgSLTIVZX7f
uFjn6DzzAYzNGdgYD2j/SgZVTbxQeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:20 2024 by rpki-client on console-ams.rpki-client.org