Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/1-J1Z8ElCWdHkXWleKF8djLbdYy0.roa
File: 1-J1Z8ElCWdHkXWleKF8djLbdYy0.roa (raw, json)
Hash identifier: cQK9eApuX9wV1ep6buQdJTA/fJCzGqom8Qqp8lFtLmc=
Subject key identifier: F8:9D:59:F0:49:42:59:D1:E4:5D:69:5E:28:5F:1D:8C:B6:DD:63:2D
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 018CC7933C8EE44DB50277A4CC6ABD78332F
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/1-J1Z8ElCWdHkXWleKF8djLbdYy0.roa
Signing time: Tue 02 Jan 2024 00:29:24 +0000
ROA not before: Tue 02 Jan 2024 00:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43160
IP address blocks: 185.232.172.0/22 maxlen: 22
185.143.0.0/22 maxlen: 22
185.174.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Apr 2024 17:20:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:3c:8e:e4:4d:b5:02:77:a4:cc:6a:bd:78:33:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 2 00:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f89d59f0494259d1e45d695e285f1d8cb6dd632d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b2:85:78:ce:89:a9:e7:f1:ca:d9:63:67:1c:
83:66:15:17:4d:fd:07:35:56:e5:01:52:9c:8a:56:
dd:b3:c1:ae:52:01:03:46:31:29:39:d3:29:16:9d:
1c:01:b4:4d:65:8b:70:45:0b:b9:0a:1d:8d:76:14:
1b:5b:28:d5:67:ae:13:2a:7f:e9:ca:cd:22:12:75:
ca:49:52:69:73:1f:30:9f:c8:ed:3d:5b:26:38:22:
de:6d:2e:06:41:f2:6d:40:c3:b8:c0:32:07:d1:92:
db:da:73:85:61:96:33:c1:0b:8a:f5:e9:c7:b0:f1:
d1:82:68:9f:aa:0f:6f:08:59:cb:7f:1e:e0:24:67:
86:30:86:f2:e9:bd:57:34:87:20:7a:25:97:f3:76:
bc:86:c9:42:24:e7:43:e7:e5:7c:79:82:da:89:33:
31:9a:a5:d2:b6:3c:1e:56:8f:e8:66:ab:14:83:53:
eb:a4:17:2e:c2:ed:ab:76:f6:1a:60:63:12:12:aa:
89:04:2b:24:dc:5a:92:86:dd:c4:5b:a5:eb:9e:db:
4f:0e:b2:5c:1d:55:96:e1:73:3e:35:90:87:09:fe:
0f:45:a7:ff:22:6c:05:b6:cd:b4:82:06:5e:81:05:
c1:85:ba:8d:0c:94:f4:b8:cf:4c:89:14:49:9d:5f:
6f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:9D:59:F0:49:42:59:D1:E4:5D:69:5E:28:5F:1D:8C:B6:DD:63:2D
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/1-J1Z8ElCWdHkXWleKF8djLbdYy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.0.0/22
185.174.212.0/24
185.232.172.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:b7:59:0f:da:e2:8b:75:36:d0:ce:45:0f:4b:d5:f5:e7:c2:
32:bd:41:7a:b0:34:f0:e5:95:d3:0c:2c:41:1b:8d:c3:2f:3e:
a3:53:4e:7a:fb:75:07:d0:e7:d4:43:a9:68:07:14:5e:45:7b:
1c:11:d1:8f:67:63:c3:cc:50:52:0c:78:24:80:b5:d7:69:b4:
cc:79:9a:cc:0f:f8:a6:7f:d1:f7:de:c7:6a:dc:cb:30:b5:73:
4f:5b:8e:0d:35:30:33:af:d1:d3:1f:d9:4e:4f:4b:7c:6e:54:
bd:20:4e:b2:bc:9e:20:05:a7:e3:1f:b7:ac:38:12:f8:67:50:
29:d7:ac:e1:38:b1:75:35:9b:0f:fb:48:b6:23:88:c0:3b:67:
65:4a:9b:29:85:91:f2:c3:76:1f:7d:c3:4b:60:6a:03:8f:89:
53:59:9d:64:ab:49:fa:b1:24:da:cd:04:09:f4:8c:9f:47:b5:
45:c5:98:2d:4a:49:de:43:cd:32:e4:eb:a3:73:65:5b:5b:39:
a4:c3:48:af:8b:92:9f:ad:33:1f:c5:19:cf:3a:d3:56:2f:63:
18:8c:ec:29:c6:d7:c7:a6:53:60:b0:26:71:10:81:8a:57:72:
13:90:9d:93:90:2b:31:cc:0c:72:c0:52:cb:26:4d:47:4b:5a:
f6:78:2f:1c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzHkzyO5E21AnekzGq9eDMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjQwMTAyMDAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODlkNTlmMDQ5NDI1OWQxZTQ1ZDY5NWUyODVmMWQ4Y2I2ZGQ2MzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7KFeM6JqefxytljZxyDZhUXTf0H
NVblAVKcilbds8GuUgEDRjEpOdMpFp0cAbRNZYtwRQu5Ch2NdhQbWyjVZ64TKn/p
ys0iEnXKSVJpcx8wn8jtPVsmOCLebS4GQfJtQMO4wDIH0ZLb2nOFYZYzwQuK9enH
sPHRgmifqg9vCFnLfx7gJGeGMIby6b1XNIcgeiWX83a8hslCJOdD5+V8eYLaiTMx
mqXStjweVo/oZqsUg1PrpBcuwu2rdvYaYGMSEqqJBCsk3FqSht3EW6XrnttPDrJc
HVWW4XM+NZCHCf4PRaf/ImwFts20ggZegQXBhbqNDJT0uM9MiRRJnV9vsQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPidWfBJQlnR5F1pXihfHYy23WMtMB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvMS1KMVo4RWxDV2RIa1hXbGVLRjhkakxiZFl5MC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDUvODZlMzJiLWYwNjctNDUwZi1iNjdjLTNhYTE1MGE5MmFi
Ny8xL3JuTnNyOTIyNjdqWHgybEQ5S0p4NERoUkNxay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArmPAAME
ALmu1AMEArnorDANBgkqhkiG9w0BAQsFAAOCAQEAv7dZD9rii3U20M5FD0vV9efC
Mr1BerA08OWV0wwsQRuNwy8+o1NOevt1B9Dn1EOpaAcUXkV7HBHRj2djw8xQUgx4
JIC112m0zHmazA/4pn/R997HatzLMLVzT1uODTUwM6/R0x/ZTk9LfG5UvSBOsrye
IAWn4x+3rDgS+GdQKdes4TixdTWbD/tItiOIwDtnZUqbKYWR8sN2H33DS2BqA4+J
U1mdZKtJ+rEk2s0ECfSMn0e1RcWYLUpJ3kPNMuTro3NlW1s5pMNIr4uSn60zH8UZ
zzrTVi9jGIzsKcbXx6ZTYLAmcRCBildyE5Cdk5ArMcwMcsBSyyZNR0ta9ngvHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:27 2024 by rpki-client on console-fra.rpki-client.org