Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0c9ddc-3191-44b3-88ba-82f7b99c5467/1/iQMmRtW-86svIqTpcmSzbOTMGa0.roa
File: iQMmRtW-86svIqTpcmSzbOTMGa0.roa (raw, json)
Hash identifier: xunJm26cOjF92+iusI4IX7MFyi2yy+OrFusvjUvgUMo=
Subject key identifier: 89:03:26:46:D5:BE:F3:AB:2F:22:A4:E9:72:64:B3:6C:E4:CC:19:AD
Certificate issuer: /CN=d234798e0712f155292d3211f7c447223ccd49ac
Certificate serial: 018CC26D59859A5175FCAF107CB6DD2B20EA
Authority key identifier: D2:34:79:8E:07:12:F1:55:29:2D:32:11:F7:C4:47:22:3C:CD:49:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jR5jgcS8VUpLTIR98RHIjzNSaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0c9ddc-3191-44b3-88ba-82f7b99c5467/1/iQMmRtW-86svIqTpcmSzbOTMGa0.roa
Signing time: Mon 01 Jan 2024 00:29:55 +0000
ROA not before: Mon 01 Jan 2024 00:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206430
IP address blocks: 185.186.190.0/24 maxlen: 24
185.186.189.0/24 maxlen: 24
185.186.191.0/24 maxlen: 24
185.186.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:59:85:9a:51:75:fc:af:10:7c:b6:dd:2b:20:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d234798e0712f155292d3211f7c447223ccd49ac
Validity
Not Before: Jan 1 00:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89032646d5bef3ab2f22a4e97264b36ce4cc19ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:70:c7:c8:57:4c:0e:e3:d3:ea:7b:3c:b3:f6:
94:fc:46:34:a8:5a:ec:35:b4:68:13:92:52:7c:7a:
07:68:80:3b:30:34:ea:96:bb:1a:2f:bd:a9:c8:26:
ec:44:85:90:af:48:06:ff:4f:a7:9e:de:12:b2:6f:
d4:89:1f:c8:48:6a:20:2a:42:f6:a2:5c:18:7c:da:
6a:ef:88:d4:f5:73:4b:e9:7f:e6:f3:d7:ba:39:db:
6f:cd:ea:90:e8:59:21:37:b0:91:42:00:d1:15:ea:
53:3f:82:69:ca:20:40:06:2e:fa:62:36:ef:8a:67:
d8:c7:0a:d5:80:17:e7:a0:c3:44:e6:20:35:52:be:
9e:9b:f1:10:e4:f6:16:4f:d8:46:3a:92:9b:70:45:
90:51:45:31:da:55:2e:ee:31:9d:a6:98:66:81:f3:
9c:ef:68:9b:49:21:69:85:a9:1f:90:7c:b3:22:f5:
3c:a0:47:18:df:8f:12:a7:cc:ad:2b:74:dd:6d:20:
e8:4f:cf:f1:c5:f8:4d:20:e5:41:b9:a5:62:10:07:
53:22:4b:f3:c9:18:30:b0:77:17:46:3e:ed:b6:21:
ad:de:2a:d7:da:02:e1:2b:18:db:96:82:64:31:61:
34:07:e1:d4:12:0f:83:70:9f:30:18:97:11:c9:50:
01:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:03:26:46:D5:BE:F3:AB:2F:22:A4:E9:72:64:B3:6C:E4:CC:19:AD
X509v3 Authority Key Identifier:
keyid:D2:34:79:8E:07:12:F1:55:29:2D:32:11:F7:C4:47:22:3C:CD:49:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jR5jgcS8VUpLTIR98RHIjzNSaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0c9ddc-3191-44b3-88ba-82f7b99c5467/1/iQMmRtW-86svIqTpcmSzbOTMGa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0c9ddc-3191-44b3-88ba-82f7b99c5467/1/0jR5jgcS8VUpLTIR98RHIjzNSaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.188.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:76:fb:bf:2c:f1:61:6a:df:c1:e9:72:d9:3f:d1:e9:42:3e:
0a:a0:f1:fb:f8:48:8b:ec:4b:21:d0:09:ba:f4:d2:69:3b:03:
be:20:86:2f:53:aa:35:49:67:eb:0e:d7:e8:82:10:84:94:c5:
64:45:93:bc:91:de:dd:d7:9e:19:b5:c9:89:f0:ca:ef:59:e2:
22:de:71:ad:08:33:a5:11:5b:8a:61:49:a6:08:7d:cd:25:f7:
fd:06:c1:b0:24:40:7b:68:c4:93:44:3e:76:72:87:a3:2f:82:
f5:fc:bd:67:0b:47:ae:e8:3c:de:e1:25:d2:a0:24:43:57:78:
fd:d5:72:5e:44:0f:29:ef:77:fe:85:07:53:6a:91:aa:e4:81:
c0:81:68:78:4e:a2:3f:49:fb:58:e5:dd:1b:5d:ec:a0:90:7c:
8f:60:e2:08:94:49:7b:78:d7:87:bd:e0:d5:5f:1c:05:9d:da:
cd:36:c7:f7:0a:45:26:b1:98:05:b3:cd:59:92:06:02:ef:2f:
04:3d:1b:6c:25:26:29:5f:4e:74:44:e9:b3:fd:a9:4e:ef:34:
eb:ba:84:bd:9f:e6:88:c6:bf:a2:62:20:a8:03:9b:44:cd:fc:
75:c6:6d:5a:0b:de:d4:59:28:8f:38:62:7c:ea:55:0e:54:d6:
0a:54:7f:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVmFmlF1/K8QfLbdKyDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzQ3OThlMDcxMmYxNTUyOTJkMzIxMWY3YzQ0NzIyM2Nj
ZDQ5YWMwHhcNMjQwMTAxMDAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTAzMjY0NmQ1YmVmM2FiMmYyMmE0ZTk3MjY0YjM2Y2U0Y2MxOWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknDHyFdMDuPT6ns8s/aU/EY0qFrs
NbRoE5JSfHoHaIA7MDTqlrsaL72pyCbsRIWQr0gG/0+nnt4Ssm/UiR/ISGogKkL2
olwYfNpq74jU9XNL6X/m89e6OdtvzeqQ6FkhN7CRQgDRFepTP4JpyiBABi76Yjbv
imfYxwrVgBfnoMNE5iA1Ur6em/EQ5PYWT9hGOpKbcEWQUUUx2lUu7jGdpphmgfOc
72ibSSFphakfkHyzIvU8oEcY348Sp8ytK3TdbSDoT8/xxfhNIOVBuaViEAdTIkvz
yRgwsHcXRj7ttiGt3irX2gLhKxjbloJkMWE0B+HUEg+DcJ8wGJcRyVAB6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkDJkbVvvOrLyKk6XJks2zkzBmtMB8GA1UdIwQY
MBaAFNI0eY4HEvFVKS0yEffERyI8zUmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpSNWpnY1M4VlVwTFRJUjk4UkhJanpOU2F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wYzlkZGMtMzE5MS00NGIzLTg4YmEt
ODJmN2I5OWM1NDY3LzEvaVFNbVJ0Vy04NnN2SXFUcGNtU3piT1RNR2EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wYzlkZGMtMzE5MS00NGIzLTg4YmEtODJmN2I5OWM1NDY3
LzEvMGpSNWpnY1M4VlVwTFRJUjk4UkhJanpOU2F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubq8MA0G
CSqGSIb3DQEBCwUAA4IBAQCudvu/LPFhat/B6XLZP9HpQj4KoPH7+EiL7Esh0Am6
9NJpOwO+IIYvU6o1SWfrDtfoghCElMVkRZO8kd7d154ZtcmJ8MrvWeIi3nGtCDOl
EVuKYUmmCH3NJff9BsGwJEB7aMSTRD52coejL4L1/L1nC0eu6Dze4SXSoCRDV3j9
1XJeRA8p73f+hQdTapGq5IHAgWh4TqI/SftY5d0bXeygkHyPYOIIlEl7eNeHveDV
XxwFndrNNsf3CkUmsZgFs81ZkgYC7y8EPRtsJSYpX050ROmz/alO7zTruoS9n+aI
xr+iYiCoA5tEzfx1xm1aC97UWSiPOGJ86lUOVNYKVH9M
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:30 2025 by rpki-client