Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/CbJMitJmFDP7jTKI22d2vH2Ejy8.roa
File: CbJMitJmFDP7jTKI22d2vH2Ejy8.roa (raw, json)
Hash identifier: yQs81GLKPznGzfUy7C4fHjhDHAsBFxQ/NGA/GhQ7VXY=
Subject key identifier: 09:B2:4C:8A:D2:66:14:33:FB:8D:32:88:DB:67:76:BC:7D:84:8F:2F
Certificate issuer: /CN=ac9092bbc2cacae247774f62b0fdbdc44a974cf2
Certificate serial: 018CC94D544DBCBBEA342700423B0A1A4E93
Authority key identifier: AC:90:92:BB:C2:CA:CA:E2:47:77:4F:62:B0:FD:BD:C4:4A:97:4C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/CbJMitJmFDP7jTKI22d2vH2Ejy8.roa
Signing time: Tue 02 Jan 2024 08:32:17 +0000
ROA not before: Tue 02 Jan 2024 08:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204798
IP address blocks: 185.206.124.0/24 maxlen: 24
185.206.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 19:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:54:4d:bc:bb:ea:34:27:00:42:3b:0a:1a:4e:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9092bbc2cacae247774f62b0fdbdc44a974cf2
Validity
Not Before: Jan 2 08:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09b24c8ad2661433fb8d3288db6776bc7d848f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:81:b0:ba:d5:42:0c:5a:88:6e:46:cc:ff:fb:
f1:a3:77:7b:a1:4e:9f:6e:0c:f1:9d:2f:1b:d2:5b:
1b:e9:f4:2c:4c:00:89:07:31:5b:dc:d9:f3:f8:ad:
0d:f4:a4:10:bf:37:2b:7b:18:d6:bb:bc:b4:d6:e0:
06:8e:b3:6e:9c:48:cd:ca:6d:be:3e:24:3c:eb:1c:
b3:7d:ad:3c:41:3a:f1:af:be:48:e0:17:f1:bc:ce:
32:63:b9:6f:c3:ec:4a:3a:dd:92:a8:b8:ad:6a:99:
b9:13:e1:bc:ea:b0:8a:21:cb:fc:90:b8:f3:a8:6b:
e6:9b:8c:4f:d8:c8:48:88:68:33:a0:17:d5:9e:c2:
4a:b2:cc:95:e6:c3:f6:b0:16:df:8a:43:f9:8f:96:
60:e2:e9:01:88:51:27:d2:64:99:5a:b6:0d:cb:49:
08:cc:09:b5:bb:64:9c:84:ee:0d:1d:fa:d3:e2:3e:
04:df:55:46:c2:25:ed:c8:72:07:70:4f:fc:21:4a:
74:5c:00:ca:39:a9:3e:8a:26:63:c3:d8:45:49:c2:
2a:3e:e5:ad:d8:f4:08:dd:34:82:73:80:0f:a4:2d:
3e:30:ce:f2:29:60:58:fd:29:7c:93:18:ae:f2:91:
10:cc:31:0b:e7:bb:68:72:77:4f:1e:56:2d:f0:89:
4a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B2:4C:8A:D2:66:14:33:FB:8D:32:88:DB:67:76:BC:7D:84:8F:2F
X509v3 Authority Key Identifier:
keyid:AC:90:92:BB:C2:CA:CA:E2:47:77:4F:62:B0:FD:BD:C4:4A:97:4C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/CbJMitJmFDP7jTKI22d2vH2Ejy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/rJCSu8LKyuJHd09isP29xEqXTPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.124.0/24
185.206.126.0/24
Signature Algorithm: sha256WithRSAEncryption
28:18:5e:9a:1e:bf:19:c1:08:5c:9d:4b:11:a8:e3:5a:83:41:
22:86:d6:88:cc:3a:88:dd:40:3b:85:8a:43:b0:2a:39:9d:1d:
1b:9a:9b:dd:c2:8a:32:06:25:63:c4:f4:42:27:0e:ca:ad:a5:
74:a6:0d:ca:7b:d7:41:bb:09:84:63:a9:ed:81:fd:e6:6a:18:
42:f1:e4:5a:b6:61:93:b5:6b:b2:5b:54:b8:75:d5:67:4f:ce:
7c:bb:16:4e:70:3d:b0:b5:0f:39:59:7e:35:b0:e8:40:b5:75:
42:6d:af:2c:16:c0:28:b7:25:28:d7:71:c1:08:3e:f0:66:c3:
3e:1c:a5:fc:9e:44:67:7c:c1:94:6d:20:13:84:71:fd:cd:1e:
6b:e6:3a:0f:70:67:78:b0:c3:4c:c4:03:08:4d:cf:81:ec:33:
88:64:0a:9e:d1:8f:17:55:88:6f:bc:6b:ce:ac:39:61:ff:69:
42:de:c7:f8:a9:33:27:f7:91:62:00:b9:73:17:63:17:28:8c:
cd:fa:2e:88:39:b3:f1:34:aa:e1:f1:22:47:33:f7:2d:f5:d3:
b2:14:73:63:b1:55:04:13:9d:f2:ec:30:d3:17:23:af:09:d0:
d8:9b:a7:8f:07:d0:6a:31:e1:9f:55:3a:cf:ce:17:46:14:30:
24:d5:b9:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTVRNvLvqNCcAQjsKGk6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOTA5MmJiYzJjYWNhZTI0Nzc3NGY2MmIwZmRiZGM0NGE5
NzRjZjIwHhcNMjQwMTAyMDgzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWIyNGM4YWQyNjYxNDMzZmI4ZDMyODhkYjY3NzZiYzdkODQ4ZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oGwutVCDFqIbkbM//vxo3d7oU6f
bgzxnS8b0lsb6fQsTACJBzFb3Nnz+K0N9KQQvzcrexjWu7y01uAGjrNunEjNym2+
PiQ86xyzfa08QTrxr75I4BfxvM4yY7lvw+xKOt2SqLitapm5E+G86rCKIcv8kLjz
qGvmm4xP2MhIiGgzoBfVnsJKssyV5sP2sBbfikP5j5Zg4ukBiFEn0mSZWrYNy0kI
zAm1u2SchO4NHfrT4j4E31VGwiXtyHIHcE/8IUp0XADKOak+iiZjw9hFScIqPuWt
2PQI3TSCc4APpC0+MM7yKWBY/Sl8kxiu8pEQzDEL57tocndPHlYt8IlKhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAmyTIrSZhQz+40yiNtndrx9hI8vMB8GA1UdIwQY
MBaAFKyQkrvCysriR3dPYrD9vcRKl0zyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpDU3U4TEt5dUpIZDA5aXNQMjl4RXFYVFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9jOTYzNDktMGEyMi00MjQ3LTk5NDMt
YTNmYzE5NmFhYmIzLzEvQ2JKTWl0Sm1GRFA3alRLSTIyZDJ2SDJFank4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9jOTYzNDktMGEyMi00MjQ3LTk5NDMtYTNmYzE5NmFhYmIz
LzEvckpDU3U4TEt5dUpIZDA5aXNQMjl4RXFYVFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuc58AwQA
uc5+MA0GCSqGSIb3DQEBCwUAA4IBAQAoGF6aHr8ZwQhcnUsRqONag0EihtaIzDqI
3UA7hYpDsCo5nR0bmpvdwooyBiVjxPRCJw7KraV0pg3Ke9dBuwmEY6ntgf3mahhC
8eRatmGTtWuyW1S4ddVnT858uxZOcD2wtQ85WX41sOhAtXVCba8sFsAotyUo13HB
CD7wZsM+HKX8nkRnfMGUbSAThHH9zR5r5joPcGd4sMNMxAMITc+B7DOIZAqe0Y8X
VYhvvGvOrDlh/2lC3sf4qTMn95FiALlzF2MXKIzN+i6IObPxNKrh8SJHM/ct9dOy
FHNjsVUEE53y7DDTFyOvCdDYm6ePB9BqMeGfVTrPzhdGFDAk1bm8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:56 2024 by rpki-client on console-ams.rpki-client.org