Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/7IMWUDFk3Z1SOHFXgYt2mG2-eIo.roa
File: 7IMWUDFk3Z1SOHFXgYt2mG2-eIo.roa (raw, json)
Hash identifier: 4vsV/QddTGYTOaTTlT9ZSFCwHuQhCHzXLy9Hq22uTzA=
Subject key identifier: EC:83:16:50:31:64:DD:9D:52:38:71:57:81:8B:76:98:6D:BE:78:8A
Certificate issuer: /CN=af935603e52e831537716d458b360192f99a3689
Certificate serial: 01880A04887F8274B953096A9882403B6B74
Authority key identifier: AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/7IMWUDFk3Z1SOHFXgYt2mG2-eIo.roa
Signing time: Thu 11 May 2023 08:54:09 +0000
ROA not before: Thu 11 May 2023 08:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.49.132.0/23 maxlen: 23
185.49.132.0/22 maxlen: 22
185.49.134.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:04:88:7f:82:74:b9:53:09:6a:98:82:40:3b:6b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af935603e52e831537716d458b360192f99a3689
Validity
Not Before: May 11 08:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec8316503164dd9d52387157818b76986dbe788a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:49:74:6b:17:d6:cf:48:86:b9:ba:98:26:79:
d3:c5:af:20:ea:0c:d2:e6:41:90:44:a5:e4:5d:69:
99:a0:33:7a:a6:72:be:41:dd:e3:e1:25:ba:72:25:
80:b8:90:e0:8f:be:f0:75:65:f4:80:02:d3:51:80:
31:51:51:a8:58:ef:c8:bc:c7:a9:2f:99:ba:9c:9f:
0d:51:ec:66:56:e6:c4:9f:0a:cf:3d:38:dc:37:3a:
2e:7f:6c:d9:b5:e7:b6:88:0c:b1:17:cc:d5:4f:1a:
7e:c6:ac:c6:d4:27:64:5a:82:b8:85:0d:d5:6a:e4:
e5:5e:78:df:94:9b:fe:79:09:66:7e:4f:2d:05:8c:
0e:f2:2d:05:35:d0:24:cd:fe:6f:2d:91:4f:a9:9a:
6b:77:66:fc:17:97:68:52:c9:c1:f9:73:7b:f3:f9:
6c:89:38:49:b3:54:ec:b8:45:f1:94:9e:8e:e2:c3:
f6:0b:b7:cf:ea:49:31:0e:d4:bf:af:07:39:d9:73:
6f:fa:e9:bb:cb:73:63:1c:39:d2:76:5b:3e:24:da:
6e:7c:b4:e7:1b:12:0e:17:58:0d:68:98:38:a3:f1:
7e:c6:bc:0d:f1:54:6f:1e:40:cb:c0:84:20:90:da:
49:7e:b8:64:e7:de:55:42:1a:ed:3a:8b:08:d1:98:
3c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:83:16:50:31:64:DD:9D:52:38:71:57:81:8B:76:98:6D:BE:78:8A
X509v3 Authority Key Identifier:
keyid:AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/7IMWUDFk3Z1SOHFXgYt2mG2-eIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/r5NWA-UugxU3cW1FizYBkvmaNok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.132.0/22
Signature Algorithm: sha256WithRSAEncryption
23:c4:3e:19:ed:e1:98:86:e0:d7:6b:3c:f0:cf:d1:30:3c:67:
e4:b0:cc:f3:20:5c:26:d8:35:77:ce:59:d0:af:a7:ce:30:9f:
3b:16:17:5f:1f:a6:06:80:bb:96:26:2f:e7:57:64:da:85:af:
8f:c7:56:8a:12:6f:f9:06:67:7e:5f:c1:5e:95:93:05:2f:a3:
5c:fa:44:0d:80:6a:5b:84:23:cf:63:a5:a1:f1:74:4a:09:3a:
8d:7a:ee:70:74:dd:24:a9:4a:71:f0:b9:9f:8c:96:10:f0:ed:
2b:d4:20:63:46:a5:0c:af:bb:ed:56:06:eb:fd:d5:c2:c0:dd:
64:fc:ae:00:7e:b2:e2:9a:28:a1:ee:94:6d:99:ec:92:ea:71:
5d:58:e0:9f:8a:a8:63:16:ab:dc:8d:a0:88:2c:6f:e0:94:23:
aa:0a:34:33:a9:54:fe:2d:13:25:95:4a:9b:40:07:08:1d:14:
aa:aa:ce:3c:f5:b9:fb:82:3e:b2:fe:a2:96:fe:99:88:dc:ec:
07:76:7a:20:bd:be:81:9c:b7:93:8c:15:54:90:d8:ea:7a:4b:
60:97:c1:8a:6a:32:27:25:ee:ea:8e:46:97:29:bf:94:eb:00:
f6:fc:d1:b4:9e:98:cf:b8:09:e2:b5:92:4a:f1:19:dc:ba:fc:
76:02:a7:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgKBIh/gnS5UwlqmIJAO2t0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM1NjAzZTUyZTgzMTUzNzcxNmQ0NThiMzYwMTkyZjk5
YTM2ODkwHhcNMjMwNTExMDg1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzgzMTY1MDMxNjRkZDlkNTIzODcxNTc4MThiNzY5ODZkYmU3ODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEl0axfWz0iGubqYJnnTxa8g6gzS
5kGQRKXkXWmZoDN6pnK+Qd3j4SW6ciWAuJDgj77wdWX0gALTUYAxUVGoWO/IvMep
L5m6nJ8NUexmVubEnwrPPTjcNzouf2zZtee2iAyxF8zVTxp+xqzG1CdkWoK4hQ3V
auTlXnjflJv+eQlmfk8tBYwO8i0FNdAkzf5vLZFPqZprd2b8F5doUsnB+XN78/ls
iThJs1TsuEXxlJ6O4sP2C7fP6kkxDtS/rwc52XNv+um7y3NjHDnSdls+JNpufLTn
GxIOF1gNaJg4o/F+xrwN8VRvHkDLwIQgkNpJfrhk595VQhrtOosI0Zg8YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOyDFlAxZN2dUjhxV4GLdphtvniKMB8GA1UdIwQY
MBaAFK+TVgPlLoMVN3FtRYs2AZL5mjaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYt
MGEwZDA1ZWQwYzZiLzEvN0lNV1VERmszWjFTT0hGWGdZdDJtRzItZUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYtMGEwZDA1ZWQwYzZi
LzEvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTGEMA0G
CSqGSIb3DQEBCwUAA4IBAQAjxD4Z7eGYhuDXazzwz9EwPGfksMzzIFwm2DV3zlnQ
r6fOMJ87FhdfH6YGgLuWJi/nV2Taha+Px1aKEm/5Bmd+X8FelZMFL6Nc+kQNgGpb
hCPPY6Wh8XRKCTqNeu5wdN0kqUpx8LmfjJYQ8O0r1CBjRqUMr7vtVgbr/dXCwN1k
/K4AfrLimiih7pRtmeyS6nFdWOCfiqhjFqvcjaCILG/glCOqCjQzqVT+LRMllUqb
QAcIHRSqqs489bn7gj6y/qKW/pmI3OwHdnogvb6BnLeTjBVUkNjqektgl8GKajIn
Je7qjkaXKb+U6wD2/NG0npjPuAnitZJK8Rncuvx2Aqey
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:43 2024 by rpki-client on console-fra.rpki-client.org