Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/OZ1yECMajkC7ZahNG2HdiYaMgCo.roa
File: OZ1yECMajkC7ZahNG2HdiYaMgCo.roa (raw, json)
Hash identifier: cUxui9+bCUgEFuirmeGf90oG3Xt8gEHDJuf8xjHoq48=
Subject key identifier: 39:9D:72:10:23:1A:8E:40:BB:65:A8:4D:1B:61:DD:89:86:8C:80:2A
Certificate issuer: /CN=36c7b44e7c5f29b9dea402ac805160b298cf0da6
Certificate serial: 01856D0AD792D0AD9EBBABDD8964778E69A4
Authority key identifier: 36:C7:B4:4E:7C:5F:29:B9:DE:A4:02:AC:80:51:60:B2:98:CF:0D:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nse0TnxfKbnepAKsgFFgspjPDaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/OZ1yECMajkC7ZahNG2HdiYaMgCo.roa
Signing time: Sun 01 Jan 2023 11:15:05 +0000
ROA not before: Sun 01 Jan 2023 11:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200941
IP address blocks: 185.90.172.0/24 maxlen: 24
185.90.173.0/24 maxlen: 24
185.90.175.0/24 maxlen: 24
185.90.174.0/24 maxlen: 24
2a05:e181::/32 maxlen: 32
2a05:e187::/32 maxlen: 32
2a05:e180::/32 maxlen: 32
2a05:e186::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d7:92:d0:ad:9e:bb:ab:dd:89:64:77:8e:69:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c7b44e7c5f29b9dea402ac805160b298cf0da6
Validity
Not Before: Jan 1 11:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=399d7210231a8e40bb65a84d1b61dd89868c802a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ac:1d:12:a0:61:a2:0c:37:df:9f:8a:74:a8:
a2:6a:9e:ba:50:ef:d5:8f:ae:26:25:3d:17:19:98:
d6:42:55:07:7a:11:15:bc:ca:fb:a3:a4:e3:cf:e9:
8e:82:cc:6a:c3:e8:97:39:d5:71:77:3e:d8:01:37:
31:0c:88:91:ed:37:b4:7c:a6:1d:f2:99:88:fd:e3:
92:cf:e6:7b:27:e5:a6:f7:9a:9b:85:23:ca:ee:5a:
94:cc:70:d4:1f:1b:ab:33:0c:95:30:cd:8e:59:07:
5e:ee:67:03:fe:35:30:25:61:fc:d3:43:8a:b2:14:
e0:02:15:2d:ed:6a:cc:87:66:8f:09:c1:0e:58:48:
1a:47:25:76:93:2d:95:fe:aa:8d:b8:3c:73:e5:d2:
ec:bc:68:60:03:22:d8:2b:51:c3:63:c7:26:d6:02:
38:c3:51:f6:3d:0e:8d:4f:7c:9a:b9:49:3e:c7:0d:
60:75:32:57:c5:a2:70:3e:07:02:0c:47:da:46:cc:
e0:8a:7e:a8:82:8c:32:5e:15:96:94:f5:87:c2:ab:
3e:d5:ee:5e:0a:c1:18:a6:be:54:eb:ee:1b:56:30:
8b:14:49:55:25:fa:8c:bf:9e:83:d7:61:d4:e2:7c:
f4:80:1f:66:ab:90:3a:86:52:6e:c9:e8:57:86:e8:
03:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9D:72:10:23:1A:8E:40:BB:65:A8:4D:1B:61:DD:89:86:8C:80:2A
X509v3 Authority Key Identifier:
keyid:36:C7:B4:4E:7C:5F:29:B9:DE:A4:02:AC:80:51:60:B2:98:CF:0D:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nse0TnxfKbnepAKsgFFgspjPDaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/OZ1yECMajkC7ZahNG2HdiYaMgCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/Nse0TnxfKbnepAKsgFFgspjPDaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.172.0/22
IPv6:
2a05:e180::/31
2a05:e186::/31
Signature Algorithm: sha256WithRSAEncryption
8b:4b:db:b5:09:88:ae:65:e7:7a:11:5f:05:5c:cc:aa:34:7e:
e7:90:75:43:cc:8a:2f:ba:20:7e:87:1a:da:20:c9:56:5d:80:
ba:2c:59:62:e2:af:15:8d:03:e1:6c:ff:27:48:51:2a:2b:ea:
bc:37:b3:33:bc:0c:6f:70:fe:30:1a:ff:b9:54:00:39:75:b0:
b7:68:49:6d:de:2d:7b:89:e6:a6:d9:59:dc:ca:68:0d:93:52:
23:58:2c:17:da:5b:d0:c3:50:bf:c2:4c:35:50:9e:c9:fc:23:
85:04:65:07:37:bc:55:b6:7b:f4:62:c0:62:a0:a5:1b:77:4d:
a6:d4:81:27:04:d0:44:57:e0:70:22:55:b4:b5:de:69:f8:94:
c6:7b:6d:ff:be:33:0e:95:6b:a6:04:d9:1f:9d:14:9c:6c:23:
19:64:c0:6c:30:07:7a:fa:65:79:d2:3c:26:04:64:1c:c9:bc:
a4:f3:7b:af:32:01:b8:9d:38:c6:96:12:19:c7:f5:8d:25:65:
a1:10:23:a8:2b:d2:a2:61:45:e7:d6:94:41:2c:43:89:80:8b:
8e:ca:58:57:3b:d9:ab:05:98:c9:4e:55:32:9f:fc:72:40:ce:
5e:35:04:c9:44:13:cf:91:d9:c9:0b:5f:1b:cb:6f:57:96:b1:
ed:bc:f2:10
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVtCteS0K2eu6vdiWR3jmmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzdiNDRlN2M1ZjI5YjlkZWE0MDJhYzgwNTE2MGIyOThj
ZjBkYTYwHhcNMjMwMTAxMTExNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTlkNzIxMDIzMWE4ZTQwYmI2NWE4NGQxYjYxZGQ4OTg2OGM4MDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqwdEqBhogw335+KdKiiap66UO/V
j64mJT0XGZjWQlUHehEVvMr7o6Tjz+mOgsxqw+iXOdVxdz7YATcxDIiR7Te0fKYd
8pmI/eOSz+Z7J+Wm95qbhSPK7lqUzHDUHxurMwyVMM2OWQde7mcD/jUwJWH800OK
shTgAhUt7WrMh2aPCcEOWEgaRyV2ky2V/qqNuDxz5dLsvGhgAyLYK1HDY8cm1gI4
w1H2PQ6NT3yauUk+xw1gdTJXxaJwPgcCDEfaRszgin6ogowyXhWWlPWHwqs+1e5e
CsEYpr5U6+4bVjCLFElVJfqMv56D12HU4nz0gB9mq5A6hlJuyehXhugDwQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDmdchAjGo5Au2WoTRth3YmGjIAqMB8GA1UdIwQY
MBaAFDbHtE58Xym53qQCrIBRYLKYzw2mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNlMFRueGZLYm5lcEFLc2dGRmdzcGpQRGFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84ZjcxMzgtNDZkOS00OThiLWFmNmQt
NmQ2NTgyYjJiNWI2LzEvT1oxeUVDTWFqa0M3WmFoTkcySGRpWWFNZ0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84ZjcxMzgtNDZkOS00OThiLWFmNmQtNmQ2NTgyYjJiNWI2
LzEvTnNlMFRueGZLYm5lcEFLc2dGRmdzcGpQRGFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCuVqsMBQE
AgACMA4DBQEqBeGAAwUBKgXhhjANBgkqhkiG9w0BAQsFAAOCAQEAi0vbtQmIrmXn
ehFfBVzMqjR+55B1Q8yKL7ogfoca2iDJVl2AuixZYuKvFY0D4Wz/J0hRKivqvDez
M7wMb3D+MBr/uVQAOXWwt2hJbd4te4nmptlZ3MpoDZNSI1gsF9pb0MNQv8JMNVCe
yfwjhQRlBze8VbZ79GLAYqClG3dNptSBJwTQRFfgcCJVtLXeafiUxntt/74zDpVr
pgTZH50UnGwjGWTAbDAHevpledI8JgRkHMm8pPN7rzIBuJ04xpYSGcf1jSVloRAj
qCvSomFF59aUQSxDiYCLjspYVzvZqwWYyU5VMp/8ckDOXjUEyUQTz5HZyQtfG8tv
V5ax7bzyEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:51 2024 by rpki-client on console-ams.rpki-client.org