Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/gVaKPdb0iab5AFEXgIdMjJmi1fc.roa
File: gVaKPdb0iab5AFEXgIdMjJmi1fc.roa (raw, json)
Hash identifier: +Gl+9WF/x7tce+hM+67S0LqZe8Q4wRmd9cVT5LzVm94=
Subject key identifier: 81:56:8A:3D:D6:F4:89:A6:F9:00:51:17:80:87:4C:8C:99:A2:D5:F7
Certificate issuer: /CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Certificate serial: 018E09CA101ADAF2CEC595550AD302743BC1
Authority key identifier: 34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/gVaKPdb0iab5AFEXgIdMjJmi1fc.roa
Signing time: Mon 04 Mar 2024 14:07:01 +0000
ROA not before: Mon 04 Mar 2024 14:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204877
IP address blocks: 185.141.120.0/22 maxlen: 32
2a0d:ff00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 17 Oct 2024 14:08:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:09:ca:10:1a:da:f2:ce:c5:95:55:0a:d3:02:74:3b:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Validity
Not Before: Mar 4 14:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81568a3dd6f489a6f900511780874c8c99a2d5f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cf:a5:11:67:85:b1:55:2b:38:29:78:eb:5d:
2d:fd:e1:5e:c4:a1:08:f9:37:7f:8c:bf:14:62:63:
4f:e4:2e:f3:61:65:5d:46:62:9c:09:49:b3:5b:e2:
83:84:98:c5:4d:e6:37:7b:e8:37:ae:d0:cb:cf:25:
39:ed:20:87:a0:0b:f3:85:02:09:ec:b8:ba:18:d0:
f2:06:a3:77:92:a3:28:e6:ac:da:ea:47:7e:35:e2:
ce:31:dc:d5:41:c1:94:5b:a3:d9:a5:8a:84:27:8b:
84:ee:3f:5a:6a:43:68:4e:7d:4f:ac:58:d7:be:8b:
74:86:e7:81:b9:28:04:af:b2:b7:2c:21:80:9c:c9:
d9:7c:51:70:d5:32:73:d8:69:de:28:bb:94:63:4e:
09:4f:e3:01:d6:18:3e:fb:27:13:8d:69:16:cc:60:
cc:95:84:39:04:2c:c0:1f:27:c8:3d:82:a4:b7:2d:
c4:12:b9:95:6f:34:aa:a0:01:ad:64:83:9c:cc:61:
4a:27:c6:a4:c2:ba:80:70:ad:9f:ae:4e:5f:af:4a:
3a:15:f9:3d:92:01:80:bf:0f:4b:a0:62:d1:8c:d8:
eb:f9:ba:e0:1a:6f:85:c4:00:97:39:57:38:a7:d7:
88:b8:75:9f:de:84:72:29:3b:51:bc:da:3c:fc:c6:
13:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:56:8A:3D:D6:F4:89:A6:F9:00:51:17:80:87:4C:8C:99:A2:D5:F7
X509v3 Authority Key Identifier:
keyid:34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/gVaKPdb0iab5AFEXgIdMjJmi1fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/NLqcIjJB64DivHGFO7fS5YKGvdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.120.0/22
IPv6:
2a0d:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
1e:b4:08:8c:98:50:9b:6e:4a:ae:e4:ae:d6:a7:c9:b2:10:fa:
69:c6:55:d4:09:32:12:b1:f3:e4:4c:27:ee:5c:20:2b:9d:f4:
c5:db:ee:8f:be:1e:ff:84:3e:eb:05:c4:68:00:82:f6:3e:b5:
7a:4a:77:33:05:04:0b:9e:98:8a:25:f1:0b:e7:dd:34:ad:da:
80:90:ed:dc:14:bf:04:ac:f3:3c:77:8d:78:70:a8:b6:d2:95:
ee:a7:de:c6:fe:a8:f3:e2:e4:25:3a:38:15:19:85:d1:40:e7:
e0:44:b7:17:e1:6b:56:1c:51:a8:4c:6b:b9:de:47:7e:b3:87:
66:80:60:21:97:b3:c0:71:33:39:12:8b:50:47:19:2d:4e:e0:
83:05:b3:1f:1b:c7:d5:4d:85:41:a4:31:4c:7e:1c:39:74:ba:
c1:d7:91:b7:9f:f7:44:6e:c2:6f:0f:24:f5:f4:8f:28:24:01:
6b:19:d3:98:cc:b6:2d:b2:51:c7:14:81:83:8c:16:73:cb:88:
b7:33:3a:99:c9:8a:da:c6:93:61:04:ba:ca:f0:07:fa:bf:42:
0f:c1:c3:52:85:83:8b:40:e9:9a:19:40:de:f5:6b:9a:fb:44:
ff:11:7c:c8:85:33:fe:b5:e0:54:3a:20:99:b5:23:74:0d:f8:
d1:3d:9a:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY4JyhAa2vLOxZVVCtMCdDvBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmE5YzIyMzI0MWViODBlMmJjNzE4NTNiYjdkMmU1ODI4
NmJkZDMwHhcNMjQwMzA0MTQwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTU2OGEzZGQ2ZjQ4OWE2ZjkwMDUxMTc4MDg3NGM4Yzk5YTJkNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8+lEWeFsVUrOCl4610t/eFexKEI
+Td/jL8UYmNP5C7zYWVdRmKcCUmzW+KDhJjFTeY3e+g3rtDLzyU57SCHoAvzhQIJ
7Li6GNDyBqN3kqMo5qza6kd+NeLOMdzVQcGUW6PZpYqEJ4uE7j9aakNoTn1PrFjX
vot0hueBuSgEr7K3LCGAnMnZfFFw1TJz2GneKLuUY04JT+MB1hg++ycTjWkWzGDM
lYQ5BCzAHyfIPYKkty3EErmVbzSqoAGtZIOczGFKJ8akwrqAcK2frk5fr0o6Ffk9
kgGAvw9LoGLRjNjr+brgGm+FxACXOVc4p9eIuHWf3oRyKTtRvNo8/MYTnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIFWij3W9Imm+QBRF4CHTIyZotX3MB8GA1UdIwQY
MBaAFDS6nCIyQeuA4rxxhTu30uWChr3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzIt
MTNlZTRjOGQzMDgyLzEvZ1ZhS1BkYjBpYWI1QUZFWGdJZE1qSm1pMWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzItMTNlZTRjOGQzMDgy
LzEvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY14MA0E
AgACMAcDBQMqDf8AMA0GCSqGSIb3DQEBCwUAA4IBAQAetAiMmFCbbkqu5K7Wp8my
EPppxlXUCTISsfPkTCfuXCArnfTF2+6Pvh7/hD7rBcRoAIL2PrV6SnczBQQLnpiK
JfEL5900rdqAkO3cFL8ErPM8d414cKi20pXup97G/qjz4uQlOjgVGYXRQOfgRLcX
4WtWHFGoTGu53kd+s4dmgGAhl7PAcTM5EotQRxktTuCDBbMfG8fVTYVBpDFMfhw5
dLrB15G3n/dEbsJvDyT19I8oJAFrGdOYzLYtslHHFIGDjBZzy4i3MzqZyYraxpNh
BLrK8Af6v0IPwcNShYOLQOmaGUDe9Wua+0T/EXzIhTP+teBUOiCZtSN0DfjRPZrx
-----END CERTIFICATE-----
Generated at Thu Oct 17 16:48:33 2024 by rpki-client on console-ams.rpki-client.org