Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/9rHkugOleMRS4cbbVo2YQMMODtQ.roa
File: 9rHkugOleMRS4cbbVo2YQMMODtQ.roa (raw, json)
Hash identifier: UvdBffBOn7Gv3kGFsyxOeJ3CNrGAOhEtu50xKyjVp78=
Subject key identifier: F6:B1:E4:BA:03:A5:78:C4:52:E1:C6:DB:56:8D:98:40:C3:0E:0E:D4
Certificate issuer: /CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Certificate serial: 0185720C7B51EA8F14BB05ADA55B94BDB5C0
Authority key identifier: 4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/9rHkugOleMRS4cbbVo2YQMMODtQ.roa
Signing time: Mon 02 Jan 2023 10:34:58 +0000
ROA not before: Mon 02 Jan 2023 10:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36131
IP address blocks: 185.22.40.0/24 maxlen: 24
185.22.41.0/24 maxlen: 24
185.22.42.0/24 maxlen: 24
185.22.43.0/24 maxlen: 24
5.150.158.0/24 maxlen: 24
5.150.159.0/24 maxlen: 24
5.150.156.0/24 maxlen: 24
5.150.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:7b:51:ea:8f:14:bb:05:ad:a5:5b:94:bd:b5:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Validity
Not Before: Jan 2 10:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6b1e4ba03a578c452e1c6db568d9840c30e0ed4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:49:69:80:28:36:5c:50:8d:51:18:a6:7c:07:
cd:49:ed:4a:ad:10:51:91:f0:08:32:4c:40:76:61:
67:79:eb:e5:67:90:a2:a7:27:f0:b4:0c:54:6c:46:
56:48:1e:88:fe:8c:be:29:1a:2e:58:47:f6:e9:67:
17:83:0c:7c:35:37:fc:66:08:92:02:be:b3:6f:33:
7b:64:7a:01:27:9f:cd:65:7d:cf:6a:d9:1c:e3:16:
a5:4e:bb:79:a9:ae:88:a2:1a:cd:71:0e:7e:68:fc:
5a:48:59:54:cb:6b:b8:c3:d8:f1:3b:17:52:93:c9:
de:8a:43:ce:4a:42:4d:02:e5:91:fa:1a:ad:40:43:
3e:b4:e6:b5:81:96:f5:7e:11:3d:c8:3d:46:4a:c4:
08:95:d3:16:31:62:6e:f6:8b:50:8b:44:ac:44:57:
da:71:8d:f9:6a:39:76:b1:c7:1a:01:65:70:b3:b4:
fe:70:e9:b8:54:12:7f:dc:f7:a3:2b:cd:81:0f:0f:
5f:9a:58:f5:0a:f9:c9:34:d1:95:4c:1f:66:d7:9f:
96:d4:27:d4:18:94:f7:b4:5f:5d:32:99:3f:9b:e6:
ba:2a:8d:40:92:95:bf:d4:7a:c3:23:22:c7:b0:75:
06:bb:02:ac:41:66:a9:b0:b1:97:46:02:29:8a:a4:
6f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B1:E4:BA:03:A5:78:C4:52:E1:C6:DB:56:8D:98:40:C3:0E:0E:D4
X509v3 Authority Key Identifier:
keyid:4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/9rHkugOleMRS4cbbVo2YQMMODtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/T7K7e61Q8ZIYEKAo547dZfgfan0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.156.0/22
185.22.40.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:43:ad:71:5b:f9:49:b2:68:b9:12:3b:be:48:54:d3:1d:6a:
4e:0f:05:4d:56:a6:ce:71:97:39:38:20:c5:f9:ca:7f:c0:02:
1c:08:90:9b:56:16:fc:46:10:05:72:6c:f4:50:05:c4:f1:c7:
81:20:b1:ce:fb:87:9f:47:fc:cd:26:1c:61:0b:d1:93:92:33:
66:c0:05:25:b0:f0:f9:da:a7:a4:db:a3:1d:5a:ef:b0:99:6b:
49:e1:9c:b1:89:e7:71:01:7c:63:49:c6:a8:08:2c:30:85:9c:
ec:f3:14:a8:85:ca:32:f6:76:94:e5:4a:45:4f:36:b0:36:c1:
44:03:22:c8:c1:04:b7:55:a0:7c:33:0c:58:6d:a9:22:e5:c4:
ae:45:d7:e0:1d:e0:64:7e:b7:77:d8:88:a5:b5:fd:6d:3f:b4:
33:cb:c7:1c:f0:75:ad:4e:a4:75:6c:73:c2:59:1d:1c:0f:2d:
5c:4e:3b:7b:27:72:95:3f:f0:66:1c:ea:5a:20:66:91:c6:ed:
24:82:ea:c6:32:75:5d:ad:1b:ad:7f:53:28:f5:96:30:50:cc:
16:91:5e:19:fa:52:48:ef:d8:5f:21:74:09:25:24:69:80:6a:
26:ee:3e:a5:81:79:ae:c0:f1:56:15:58:68:de:b8:09:93:db:
fa:c5:54:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyDHtR6o8UuwWtpVuUvbXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYjJiYjdiYWQ1MGYxOTIxODEwYTAyOGU3OGVkZDY1Zjgx
ZjZhN2QwHhcNMjMwMTAyMTAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmIxZTRiYTAzYTU3OGM0NTJlMWM2ZGI1NjhkOTg0MGMzMGUwZWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UlpgCg2XFCNURimfAfNSe1KrRBR
kfAIMkxAdmFneevlZ5CipyfwtAxUbEZWSB6I/oy+KRouWEf26WcXgwx8NTf8ZgiS
Ar6zbzN7ZHoBJ5/NZX3Patkc4xalTrt5qa6IohrNcQ5+aPxaSFlUy2u4w9jxOxdS
k8neikPOSkJNAuWR+hqtQEM+tOa1gZb1fhE9yD1GSsQIldMWMWJu9otQi0SsRFfa
cY35ajl2sccaAWVws7T+cOm4VBJ/3PejK82BDw9fmlj1CvnJNNGVTB9m15+W1CfU
GJT3tF9dMpk/m+a6Ko1AkpW/1HrDIyLHsHUGuwKsQWapsLGXRgIpiqRv6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPax5LoDpXjEUuHG21aNmEDDDg7UMB8GA1UdIwQY
MBaAFE+yu3utUPGSGBCgKOeO3WX4H2p9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDdLN2U2MVE4WklZRUtBbzU0N2RaZmdmYW4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9mZGEzODItNDI1Ny00MWMzLThlYzYt
MjdmYmM5OWVhM2M2LzEvOXJIa3VnT2xlTVJTNGNiYlZvMllRTU1PRHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9mZGEzODItNDI1Ny00MWMzLThlYzYtMjdmYmM5OWVhM2M2
LzEvVDdLN2U2MVE4WklZRUtBbzU0N2RaZmdmYW4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBZacAwQC
uRYoMA0GCSqGSIb3DQEBCwUAA4IBAQAMQ61xW/lJsmi5Eju+SFTTHWpODwVNVqbO
cZc5OCDF+cp/wAIcCJCbVhb8RhAFcmz0UAXE8ceBILHO+4efR/zNJhxhC9GTkjNm
wAUlsPD52qek26MdWu+wmWtJ4ZyxiedxAXxjScaoCCwwhZzs8xSohcoy9naU5UpF
TzawNsFEAyLIwQS3VaB8MwxYbaki5cSuRdfgHeBkfrd32Iiltf1tP7Qzy8cc8HWt
TqR1bHPCWR0cDy1cTjt7J3KVP/BmHOpaIGaRxu0kgurGMnVdrRutf1Mo9ZYwUMwW
kV4Z+lJI79hfIXQJJSRpgGom7j6lgXmuwPFWFVho3rgJk9v6xVTx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:31 2024 by rpki-client on console-ams.rpki-client.org