Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/aG4MNwB0N8Mx9tp0nSyrZ2bjtJw.roa
File: aG4MNwB0N8Mx9tp0nSyrZ2bjtJw.roa (raw, json)
Hash identifier: F9Y6Ml8dAno/4MXV6tH93M4ngX7qMRmz25Yl+62gz5w=
Subject key identifier: 68:6E:0C:37:00:74:37:C3:31:F6:DA:74:9D:2C:AB:67:66:E3:B4:9C
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 01856C9CECA5FA46B1858A85998617BFB619
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/aG4MNwB0N8Mx9tp0nSyrZ2bjtJw.roa
Signing time: Sun 01 Jan 2023 09:15:01 +0000
ROA not before: Sun 01 Jan 2023 09:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204303
IP address blocks: 185.137.71.0/24 maxlen: 24
185.137.70.0/24 maxlen: 24
185.137.68.0/24 maxlen: 24
185.137.68.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:ec:a5:fa:46:b1:85:8a:85:99:86:17:bf:b6:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 1 09:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=686e0c37007437c331f6da749d2cab6766e3b49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:54:1b:02:9e:c0:fc:16:72:9a:e0:1f:be:a6:
34:66:f3:07:9a:fa:c5:27:d5:e4:73:bb:64:c0:f6:
cf:1e:cc:36:01:25:64:a6:40:f4:00:0a:a0:a8:68:
92:01:5e:08:24:60:8d:78:1b:62:81:cf:f7:2d:6e:
85:04:b9:4f:8e:d6:ee:bf:3f:cc:f3:57:89:92:95:
0b:ef:43:55:a8:e8:fe:fd:5c:5d:55:30:98:f0:dd:
5f:e9:eb:2d:f0:ac:af:2a:29:a0:8f:f2:94:50:f8:
97:15:c9:9b:67:19:7b:c2:85:8c:51:8a:4a:04:2b:
73:17:22:10:5c:e0:bf:e0:1e:1f:50:3a:1d:76:f6:
6a:aa:96:e1:5e:2a:f9:f9:9a:00:25:a1:09:47:b1:
a1:78:65:ea:37:07:a5:cd:bd:e2:9a:12:c7:d6:a7:
14:97:d2:4b:03:e7:47:a6:21:35:35:13:33:37:9f:
f9:c0:9e:5d:9e:b2:b1:01:a4:67:ef:f0:d8:f9:8c:
bb:ad:f0:f6:51:04:a3:00:e6:9c:d0:19:95:6e:5f:
a1:5f:ef:c1:91:ef:a9:be:4f:fd:b3:07:ed:af:d5:
f8:45:d7:c1:4a:c5:84:ac:85:ff:26:5e:19:40:ca:
1f:52:9b:85:06:37:f1:76:13:45:fc:88:59:de:4e:
25:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6E:0C:37:00:74:37:C3:31:F6:DA:74:9D:2C:AB:67:66:E3:B4:9C
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/aG4MNwB0N8Mx9tp0nSyrZ2bjtJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.68.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:3a:85:af:40:df:b2:cd:86:e7:fe:b0:55:51:f3:70:50:56:
d9:1a:1e:c7:e1:14:91:68:59:97:9a:9f:f8:9c:c1:1c:51:0b:
75:cd:01:75:22:23:ef:4e:1c:1f:23:4a:9e:35:c6:82:2b:29:
35:86:e3:ad:94:f2:d5:6b:b2:80:8d:4a:8b:79:47:da:20:bf:
52:e9:99:c7:30:61:f9:df:e6:7a:60:e7:f6:76:eb:a2:4f:12:
f9:8f:5c:57:5b:c2:48:58:53:26:6f:0c:ef:53:fa:dd:c8:95:
ec:dd:f0:9b:5a:a3:84:03:38:b2:4b:d6:dd:a8:df:16:6c:04:
ee:55:8a:2d:cd:25:3e:28:cf:bd:7d:69:c7:34:a2:57:a8:b8:
7e:44:63:bf:2e:ef:2a:c0:a5:ac:1b:26:42:26:37:59:4c:a4:
e8:78:f9:0e:60:61:98:24:8c:5f:bc:76:aa:51:e1:d1:e9:7f:
1e:2f:f2:82:0f:78:69:43:f2:a5:ea:0d:b6:6c:c3:58:61:d4:
df:b4:39:01:62:5b:e8:ab:ed:36:8c:93:6d:86:7a:d1:0d:a6:
e9:86:31:a7:9c:50:32:b5:10:91:ad:32:e2:9d:86:9e:f7:96:
41:0a:b8:27:80:d0:df:76:e0:bb:3e:40:81:44:22:a0:c4:e7:
ad:82:a3:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnOyl+kaxhYqFmYYXv7YZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjMwMTAxMDkxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODZlMGMzNzAwNzQzN2MzMzFmNmRhNzQ5ZDJjYWI2NzY2ZTNiNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlQbAp7A/BZymuAfvqY0ZvMHmvrF
J9Xkc7tkwPbPHsw2ASVkpkD0AAqgqGiSAV4IJGCNeBtigc/3LW6FBLlPjtbuvz/M
81eJkpUL70NVqOj+/VxdVTCY8N1f6est8KyvKimgj/KUUPiXFcmbZxl7woWMUYpK
BCtzFyIQXOC/4B4fUDoddvZqqpbhXir5+ZoAJaEJR7GheGXqNwelzb3imhLH1qcU
l9JLA+dHpiE1NRMzN5/5wJ5dnrKxAaRn7/DY+Yy7rfD2UQSjAOac0BmVbl+hX+/B
ke+pvk/9swftr9X4RdfBSsWErIX/Jl4ZQMofUpuFBjfxdhNF/IhZ3k4lEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhuDDcAdDfDMfbadJ0sq2dm47ScMB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvYUc0TU53QjBOOE14OXRwMG5TeXJaMmJqdEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYlEMA0G
CSqGSIb3DQEBCwUAA4IBAQA9OoWvQN+yzYbn/rBVUfNwUFbZGh7H4RSRaFmXmp/4
nMEcUQt1zQF1IiPvThwfI0qeNcaCKyk1huOtlPLVa7KAjUqLeUfaIL9S6ZnHMGH5
3+Z6YOf2duuiTxL5j1xXW8JIWFMmbwzvU/rdyJXs3fCbWqOEAziyS9bdqN8WbATu
VYotzSU+KM+9fWnHNKJXqLh+RGO/Lu8qwKWsGyZCJjdZTKToePkOYGGYJIxfvHaq
UeHR6X8eL/KCD3hpQ/Kl6g22bMNYYdTftDkBYlvoq+02jJNthnrRDabphjGnnFAy
tRCRrTLinYae95ZBCrgngNDfduC7PkCBRCKgxOetgqOk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:27 2024 by rpki-client on console-fra.rpki-client.org