Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/6e90d9-8cce-4ff5-abd8-eee6ba1829b4/1/1-mhped7GO4DuR3WO2AT-fxdXmHA.roa
File: 1-mhped7GO4DuR3WO2AT-fxdXmHA.roa (raw, json)
Hash identifier: QZO5TRRysrlwSD+cXahCBD7i7sddHTX45mm4BtLVoio=
Subject key identifier: FA:68:69:79:DE:C6:3B:80:EE:47:75:8E:D8:04:FE:7F:17:57:98:70
Certificate issuer: /CN=7277845995776cf6f2a0837f7ad4c1a91bc97d82
Certificate serial: 01856CA5D4C5C298263395E864F8000570F9
Authority key identifier: 72:77:84:59:95:77:6C:F6:F2:A0:83:7F:7A:D4:C1:A9:1B:C9:7D:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cneEWZV3bPbyoIN_etTBqRvJfYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/6e90d9-8cce-4ff5-abd8-eee6ba1829b4/1/1-mhped7GO4DuR3WO2AT-fxdXmHA.roa
Signing time: Sun 01 Jan 2023 09:24:45 +0000
ROA not before: Sun 01 Jan 2023 09:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202391
IP address blocks: 185.174.134.0/24 maxlen: 24
185.174.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:d4:c5:c2:98:26:33:95:e8:64:f8:00:05:70:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7277845995776cf6f2a0837f7ad4c1a91bc97d82
Validity
Not Before: Jan 1 09:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa686979dec63b80ee47758ed804fe7f17579870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:11:8f:a9:e9:f2:e1:40:ba:52:ec:60:97:2c:
7b:51:ac:82:de:88:bf:39:02:36:a0:79:8a:01:17:
3a:95:dc:90:71:c6:64:1c:37:7c:51:ec:01:eb:ca:
14:c3:b7:03:c3:f1:be:01:f4:d9:4f:14:b7:ef:c4:
79:87:b2:c6:03:8a:fa:93:eb:51:f1:9e:1c:1d:e5:
5f:59:65:85:8a:ef:1d:9a:f9:6b:6e:9a:ce:7c:7e:
fc:bd:6a:fb:91:86:3e:d3:d7:86:bb:09:ad:f4:ac:
35:8e:90:46:ac:8b:ee:b7:ae:0c:94:18:a3:fe:1e:
04:b8:8e:f8:e3:f1:1c:0f:db:25:07:f6:d1:62:8d:
42:51:40:3a:13:c9:88:54:c3:03:88:9a:a8:0a:f7:
11:eb:af:ea:df:ec:04:c1:d5:b7:12:3f:70:23:6d:
a3:e5:60:ae:da:f8:ae:8e:ec:2c:19:a7:72:f7:0a:
7d:55:96:6d:22:b2:58:d6:36:a8:d2:fe:5a:b4:68:
a2:bf:71:a2:b8:7d:e9:fd:2d:71:a6:ba:e9:d8:e9:
cc:14:b9:1b:56:7f:7a:db:1f:a4:6f:2c:87:44:ab:
00:3c:7b:4a:17:c1:7b:2c:81:cc:ba:a3:ae:80:40:
85:75:d8:c8:6a:e4:44:4d:36:6a:3d:fb:20:98:03:
bf:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:68:69:79:DE:C6:3B:80:EE:47:75:8E:D8:04:FE:7F:17:57:98:70
X509v3 Authority Key Identifier:
keyid:72:77:84:59:95:77:6C:F6:F2:A0:83:7F:7A:D4:C1:A9:1B:C9:7D:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cneEWZV3bPbyoIN_etTBqRvJfYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/6e90d9-8cce-4ff5-abd8-eee6ba1829b4/1/1-mhped7GO4DuR3WO2AT-fxdXmHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/6e90d9-8cce-4ff5-abd8-eee6ba1829b4/1/cneEWZV3bPbyoIN_etTBqRvJfYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.132.0/24
185.174.134.0/24
Signature Algorithm: sha256WithRSAEncryption
90:80:0d:e3:76:bf:e0:65:47:06:2e:b7:a0:11:f2:b5:d3:b9:
58:0b:ab:c0:a5:1e:89:b5:00:53:1d:b2:8c:8b:b0:87:71:f5:
50:4d:b4:ee:2c:8e:e5:00:5a:4a:c5:1b:5e:3d:f2:27:a8:64:
cd:13:12:62:fa:d2:cf:bd:59:a6:3a:27:6a:e2:1f:4d:b1:0a:
e3:69:03:97:be:3c:78:56:ef:27:94:08:6d:ef:a4:24:06:f4:
b3:d9:74:30:1e:36:c7:c6:2a:92:e8:9e:89:8c:08:a1:d1:4b:
45:10:8e:e7:65:4f:62:4b:2e:6a:cd:9d:a7:96:22:dd:5a:64:
6a:22:65:fe:fd:19:db:91:47:2b:9c:c6:e5:1f:29:e7:71:41:
23:2d:b5:41:6f:0a:9a:ce:ad:ce:fc:b9:01:8a:20:23:be:f6:
26:f9:f0:03:c4:ba:cb:f7:54:f1:cb:f4:cd:ca:c9:ad:86:4e:
ee:09:85:35:a4:2f:01:8b:fe:9e:5f:2d:71:32:fa:04:3c:a9:
2c:c5:a3:3d:7c:30:96:dd:1e:6e:1b:f2:48:cc:c1:fc:16:b2:
54:ed:84:49:48:59:a8:30:a6:f8:dc:3c:f1:0e:49:af:d4:00:
f5:a4:d3:f3:2c:bf:76:b1:37:52:44:51:72:56:2f:53:f3:ae:
20:d7:c6:7d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVspdTFwpgmM5XoZPgABXD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzc4NDU5OTU3NzZjZjZmMmEwODM3ZjdhZDRjMWE5MWJj
OTdkODIwHhcNMjMwMTAxMDkyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTY4Njk3OWRlYzYzYjgwZWU0Nzc1OGVkODA0ZmU3ZjE3NTc5ODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRGPqeny4UC6Uuxglyx7UayC3oi/
OQI2oHmKARc6ldyQccZkHDd8UewB68oUw7cDw/G+AfTZTxS378R5h7LGA4r6k+tR
8Z4cHeVfWWWFiu8dmvlrbprOfH78vWr7kYY+09eGuwmt9Kw1jpBGrIvut64MlBij
/h4EuI744/EcD9slB/bRYo1CUUA6E8mIVMMDiJqoCvcR66/q3+wEwdW3Ej9wI22j
5WCu2viujuwsGady9wp9VZZtIrJY1jao0v5atGiiv3GiuH3p/S1xprrp2OnMFLkb
Vn962x+kbyyHRKsAPHtKF8F7LIHMuqOugECFddjIauRETTZqPfsgmAO/WQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPpoaXnexjuA7kd1jtgE/n8XV5hwMB8GA1UdIwQY
MBaAFHJ3hFmVd2z28qCDf3rUwakbyX2CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25lRVdaVjNiUGJ5b0lOX2V0VEJxUnZKZllJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82ZTkwZDktOGNjZS00ZmY1LWFiZDgt
ZWVlNmJhMTgyOWI0LzEvMS1taHBlZDdHTzREdVIzV08yQVQtZnhkWG1IQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTEvNmU5MGQ5LThjY2UtNGZmNS1hYmQ4LWVlZTZiYTE4Mjli
NC8xL2NuZUVXWlYzYlBieW9JTl9ldFRCcVJ2SmZZSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALmuhAME
ALmuhjANBgkqhkiG9w0BAQsFAAOCAQEAkIAN43a/4GVHBi63oBHytdO5WAurwKUe
ibUAUx2yjIuwh3H1UE207iyO5QBaSsUbXj3yJ6hkzRMSYvrSz71ZpjonauIfTbEK
42kDl748eFbvJ5QIbe+kJAb0s9l0MB42x8YqkuieiYwIodFLRRCO52VPYksuas2d
p5Yi3VpkaiJl/v0Z25FHK5zG5R8p53FBIy21QW8Kms6tzvy5AYogI772JvnwA8S6
y/dU8cv0zcrJrYZO7gmFNaQvAYv+nl8tcTL6BDypLMWjPXwwlt0ebhvySMzB/Bay
VO2ESUhZqDCm+Nw88Q5Jr9QA9aTT8yy/drE3UkRRclYvU/OuINfGfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:59 2024 by rpki-client on console-fra.rpki-client.org