Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/UR24v5CQXDJ8aZKxpfaL3k-aMOo.roa
File: UR24v5CQXDJ8aZKxpfaL3k-aMOo.roa (raw, json)
Hash identifier: zLYMI/r1B/ZlCX9kpCbBkLX+ZpalvcQVDsPGyS6P1co=
Subject key identifier: 51:1D:B8:BF:90:90:5C:32:7C:69:92:B1:A5:F6:8B:DE:4F:9A:30:EA
Certificate issuer: /CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Certificate serial: 01929BF5991F1714A5A7DD6D9D0F5CA0C6D0
Authority key identifier: 34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/UR24v5CQXDJ8aZKxpfaL3k-aMOo.roa
Signing time: Thu 17 Oct 2024 19:30:16 +0000
ROA not before: Thu 17 Oct 2024 19:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204877
IP address blocks: 185.141.120.0/22 maxlen: 32
185.141.120.0/23 maxlen: 23
185.141.120.0/24 maxlen: 32
185.141.121.0/24 maxlen: 32
185.141.122.0/23 maxlen: 23
185.141.122.0/24 maxlen: 32
185.141.123.0/24 maxlen: 32
2a0d:ff00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 21 Oct 2024 10:24:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9b:f5:99:1f:17:14:a5:a7:dd:6d:9d:0f:5c:a0:c6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Validity
Not Before: Oct 17 19:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=511db8bf90905c327c6992b1a5f68bde4f9a30ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:37:e0:18:7b:6c:52:41:84:03:5f:f5:ef:8e:
be:30:44:cb:d4:ef:ea:a4:e5:1f:15:28:70:24:19:
e6:53:d5:0e:05:a8:3e:9e:2a:0b:29:d8:bb:34:a3:
bb:04:ac:b5:4a:04:f3:86:0f:66:29:82:f2:56:92:
e4:f2:18:89:b6:99:dc:67:f6:af:bc:0c:a6:43:64:
08:5b:b6:83:7f:9a:3e:40:88:1a:5a:d0:55:71:2d:
b5:e1:34:d8:37:c6:91:35:ff:b0:44:d7:ad:ac:61:
3e:06:55:6d:d8:69:b1:6a:0c:c0:a8:fe:99:0c:25:
e8:92:23:7d:cc:5c:18:bb:c9:1d:ce:8c:ac:f5:07:
ac:1d:9d:aa:db:f8:27:b8:3f:0e:14:3b:18:c8:1b:
71:74:e3:1d:00:c0:ce:e9:bc:e5:6b:98:a5:47:49:
2b:af:7e:26:b3:e9:a1:53:d8:d8:69:69:85:fa:86:
87:2d:49:6f:19:8c:c6:43:72:ef:d9:4c:5d:06:e1:
0e:cd:33:3d:6f:b9:b8:84:05:9f:e4:4d:94:2f:53:
03:6d:b0:d1:fc:e1:ee:27:ec:e5:65:e7:5b:18:78:
e8:81:36:38:b9:41:81:b7:b3:16:aa:d4:85:3d:0a:
e4:0f:f9:2a:3f:e7:61:a1:ba:e3:5a:20:e5:c6:11:
6d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1D:B8:BF:90:90:5C:32:7C:69:92:B1:A5:F6:8B:DE:4F:9A:30:EA
X509v3 Authority Key Identifier:
keyid:34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/UR24v5CQXDJ8aZKxpfaL3k-aMOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/NLqcIjJB64DivHGFO7fS5YKGvdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.120.0/22
IPv6:
2a0d:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
4b:6b:47:ae:88:42:53:ec:e5:15:ef:f3:9e:7a:10:61:72:d7:
f8:a1:81:b8:9c:30:05:5a:7f:84:0d:92:4d:0a:91:88:da:53:
58:2b:cc:30:81:e8:5b:48:0d:43:ba:16:22:97:14:54:84:16:
52:00:f1:a3:75:f5:79:53:cf:d5:64:5d:f7:2e:ed:a6:84:a6:
94:7a:27:71:97:2e:f0:33:82:d1:a4:3a:db:00:d6:75:d6:86:
63:0e:07:8e:c6:e2:c2:80:70:32:8e:4b:10:f3:24:f6:4f:bf:
d1:c9:0f:97:c8:29:db:17:3f:17:ee:7d:80:e8:8b:1c:07:d6:
6a:df:70:e7:32:82:1b:72:b8:df:30:8b:7b:90:f6:93:45:0b:
ce:64:0e:f1:9f:17:75:13:c0:76:36:b1:12:78:bb:0f:00:97:
2f:cc:95:f1:2d:98:3d:c8:f7:9d:37:22:53:39:36:bd:36:ab:
c1:db:96:7b:3f:be:4f:6a:bb:00:4d:9d:62:c7:1d:e8:59:4c:
ee:7b:b6:5e:48:ff:81:c3:a4:aa:80:4a:ce:6e:fe:a4:8a:12:
cd:3c:39:b5:7b:08:87:c9:97:ae:53:56:64:43:ef:41:1f:d7:
13:ab:fd:a8:31:8b:7f:7e:1f:a0:b4:9a:99:68:9d:90:ae:d5:
69:92:66:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKb9ZkfFxSlp91tnQ9coMbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmE5YzIyMzI0MWViODBlMmJjNzE4NTNiYjdkMmU1ODI4
NmJkZDMwHhcNMjQxMDE3MTkzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFkYjhiZjkwOTA1YzMyN2M2OTkyYjFhNWY2OGJkZTRmOWEzMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTfgGHtsUkGEA1/1746+METL1O/q
pOUfFShwJBnmU9UOBag+nioLKdi7NKO7BKy1SgTzhg9mKYLyVpLk8hiJtpncZ/av
vAymQ2QIW7aDf5o+QIgaWtBVcS214TTYN8aRNf+wRNetrGE+BlVt2GmxagzAqP6Z
DCXokiN9zFwYu8kdzoys9QesHZ2q2/gnuD8OFDsYyBtxdOMdAMDO6bzla5ilR0kr
r34ms+mhU9jYaWmF+oaHLUlvGYzGQ3Lv2UxdBuEOzTM9b7m4hAWf5E2UL1MDbbDR
/OHuJ+zlZedbGHjogTY4uUGBt7MWqtSFPQrkD/kqP+dhobrjWiDlxhFtNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFEduL+QkFwyfGmSsaX2i95PmjDqMB8GA1UdIwQY
MBaAFDS6nCIyQeuA4rxxhTu30uWChr3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzIt
MTNlZTRjOGQzMDgyLzEvVVIyNHY1Q1FYREo4YVpLeHBmYUwzay1hTU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzItMTNlZTRjOGQzMDgy
LzEvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY14MA0E
AgACMAcDBQMqDf8AMA0GCSqGSIb3DQEBCwUAA4IBAQBLa0euiEJT7OUV7/OeehBh
ctf4oYG4nDAFWn+EDZJNCpGI2lNYK8wwgehbSA1DuhYilxRUhBZSAPGjdfV5U8/V
ZF33Lu2mhKaUeidxly7wM4LRpDrbANZ11oZjDgeOxuLCgHAyjksQ8yT2T7/RyQ+X
yCnbFz8X7n2A6IscB9Zq33DnMoIbcrjfMIt7kPaTRQvOZA7xnxd1E8B2NrESeLsP
AJcvzJXxLZg9yPedNyJTOTa9NqvB25Z7P75ParsATZ1ixx3oWUzue7ZeSP+Bw6Sq
gErObv6kihLNPDm1ewiHyZeuU1ZkQ+9BH9cTq/2oMYt/fh+gtJqZaJ2QrtVpkmZs
-----END CERTIFICATE-----
Generated at Mon Oct 21 13:23:57 2024 by rpki-client on console-ams.rpki-client.org