Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/2b70f0-4da3-4b45-a95d-48a20e6e5d8b/1/SEFkB0H9QM7ZLryCVcZlfyCZX_8.roa
File: SEFkB0H9QM7ZLryCVcZlfyCZX_8.roa (raw, json)
Hash identifier: QP5bhv3gZm8PuXVwQHm1cgOG5TdebndQTn4msUxRqPE=
Subject key identifier: 48:41:64:07:41:FD:40:CE:D9:2E:BC:82:55:C6:65:7F:20:99:5F:FF
Certificate issuer: /CN=a1646d3f90758d8a3743f155f62bffff1bb6366a
Certificate serial: 018572CCBD3B804F03A0864E4A919E6CAB27
Authority key identifier: A1:64:6D:3F:90:75:8D:8A:37:43:F1:55:F6:2B:FF:FF:1B:B6:36:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWRtP5B1jYo3Q_FV9iv__xu2Nmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/2b70f0-4da3-4b45-a95d-48a20e6e5d8b/1/SEFkB0H9QM7ZLryCVcZlfyCZX_8.roa
Signing time: Mon 02 Jan 2023 14:04:58 +0000
ROA not before: Mon 02 Jan 2023 14:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62250
IP address blocks: 185.209.188.0/22 maxlen: 22
185.209.189.0/24 maxlen: 24
185.209.190.0/24 maxlen: 24
185.209.191.0/24 maxlen: 24
185.209.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:bd:3b:80:4f:03:a0:86:4e:4a:91:9e:6c:ab:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1646d3f90758d8a3743f155f62bffff1bb6366a
Validity
Not Before: Jan 2 14:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4841640741fd40ced92ebc8255c6657f20995fff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:45:23:27:3e:c3:07:27:0a:ea:4e:be:bf:00:
15:fe:c5:bb:4e:d5:25:bb:3c:e5:d6:f7:1d:3a:e7:
e9:4c:74:11:09:23:fb:fd:b9:a6:9c:4e:6b:4e:d1:
39:0a:02:e3:0e:c3:c6:6a:bc:8a:25:6f:98:6a:39:
6d:2a:59:71:d2:47:ca:ed:e7:0d:83:e2:99:b4:4d:
e0:17:d9:e3:c4:2b:c2:4a:f0:54:c5:fa:48:96:e2:
b2:bf:28:60:aa:c5:85:a0:3b:57:6a:9d:ef:86:86:
37:d5:1f:86:73:c0:35:a4:51:a5:98:ed:4f:46:e9:
b1:eb:b8:31:3b:95:c1:80:1d:2e:df:e8:19:cd:1a:
ff:da:11:60:ff:f4:f8:bc:89:bb:2e:5d:ec:f3:74:
34:2c:a4:39:29:c4:85:e3:ab:c9:bf:20:7d:be:bb:
fc:bd:49:e0:e9:a7:a0:64:62:c3:41:1d:ce:2a:95:
32:72:bf:4b:23:4f:ad:d8:3e:2e:23:c9:b7:da:66:
f3:15:3e:5f:8d:43:8a:77:cd:db:98:e2:26:68:27:
ae:d9:5d:08:2b:22:43:64:93:77:33:9b:20:85:6a:
3f:10:4f:59:a7:f2:e8:ed:ef:25:d8:7e:b1:0f:8f:
2a:c6:ed:30:dd:b0:5d:1b:7b:eb:59:87:20:64:4a:
8e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:41:64:07:41:FD:40:CE:D9:2E:BC:82:55:C6:65:7F:20:99:5F:FF
X509v3 Authority Key Identifier:
keyid:A1:64:6D:3F:90:75:8D:8A:37:43:F1:55:F6:2B:FF:FF:1B:B6:36:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWRtP5B1jYo3Q_FV9iv__xu2Nmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/2b70f0-4da3-4b45-a95d-48a20e6e5d8b/1/SEFkB0H9QM7ZLryCVcZlfyCZX_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/2b70f0-4da3-4b45-a95d-48a20e6e5d8b/1/oWRtP5B1jYo3Q_FV9iv__xu2Nmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.188.0/22
Signature Algorithm: sha256WithRSAEncryption
00:10:ad:56:70:6b:8e:1e:5e:c8:8a:d8:0a:ed:1c:b8:0d:12:
7a:c2:d6:1e:60:a0:45:5b:16:86:9b:e1:cd:4d:18:97:ff:c1:
46:67:8e:16:65:a6:5a:91:ee:17:40:09:bf:da:ff:e9:6b:2d:
77:df:65:40:17:e1:7d:f5:85:a6:68:e3:47:29:ea:2d:c8:02:
33:99:bb:14:19:f8:aa:bb:dd:6d:a6:fa:07:d7:81:65:91:00:
df:e2:0b:74:d2:74:ae:fa:11:49:97:85:f6:00:7b:46:91:05:
84:df:30:51:73:bd:70:78:b2:0a:67:a3:c5:a4:63:e3:79:d8:
91:97:1f:cf:e3:6c:c4:25:d4:79:84:4f:ab:b1:13:53:32:da:
3e:36:d2:f0:45:2d:53:f5:fb:8e:1a:45:ea:72:47:96:ab:6f:
76:26:76:f0:d9:96:84:97:4f:0d:45:cc:b0:74:30:4a:e8:f8:
83:ab:61:31:a3:60:5b:50:8a:11:5d:fc:d5:7d:51:68:9a:3d:
b1:d2:92:25:35:48:e4:7a:58:a3:7b:d7:97:2a:0b:e0:b3:f4:
33:00:96:f1:60:b4:fd:f7:98:69:2a:30:bf:d5:b9:6d:db:c4:
94:c8:b4:9c:ca:a7:ed:c3:0b:26:cc:3f:10:16:ea:14:50:3d:
c3:50:45:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzL07gE8DoIZOSpGebKsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjQ2ZDNmOTA3NThkOGEzNzQzZjE1NWY2MmJmZmZmMWJi
NjM2NmEwHhcNMjMwMTAyMTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODQxNjQwNzQxZmQ0MGNlZDkyZWJjODI1NWM2NjU3ZjIwOTk1ZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkUjJz7DBycK6k6+vwAV/sW7TtUl
uzzl1vcdOufpTHQRCSP7/bmmnE5rTtE5CgLjDsPGaryKJW+YajltKllx0kfK7ecN
g+KZtE3gF9njxCvCSvBUxfpIluKyvyhgqsWFoDtXap3vhoY31R+Gc8A1pFGlmO1P
Rumx67gxO5XBgB0u3+gZzRr/2hFg//T4vIm7Ll3s83Q0LKQ5KcSF46vJvyB9vrv8
vUng6aegZGLDQR3OKpUycr9LI0+t2D4uI8m32mbzFT5fjUOKd83bmOImaCeu2V0I
KyJDZJN3M5sghWo/EE9Zp/Lo7e8l2H6xD48qxu0w3bBdG3vrWYcgZEqOFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhBZAdB/UDO2S68glXGZX8gmV//MB8GA1UdIwQY
MBaAFKFkbT+QdY2KN0PxVfYr//8btjZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dSdFA1QjFqWW8zUV9GVjlpdl9feHUyTm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yYjcwZjAtNGRhMy00YjQ1LWE5NWQt
NDhhMjBlNmU1ZDhiLzEvU0VGa0IwSDlRTTdaTHJ5Q1ZjWmxmeUNaWF84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yYjcwZjAtNGRhMy00YjQ1LWE5NWQtNDhhMjBlNmU1ZDhi
LzEvb1dSdFA1QjFqWW8zUV9GVjlpdl9feHUyTm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudG8MA0G
CSqGSIb3DQEBCwUAA4IBAQAAEK1WcGuOHl7IitgK7Ry4DRJ6wtYeYKBFWxaGm+HN
TRiX/8FGZ44WZaZake4XQAm/2v/pay1332VAF+F99YWmaONHKeotyAIzmbsUGfiq
u91tpvoH14FlkQDf4gt00nSu+hFJl4X2AHtGkQWE3zBRc71weLIKZ6PFpGPjediR
lx/P42zEJdR5hE+rsRNTMto+NtLwRS1T9fuOGkXqckeWq292Jnbw2ZaEl08NRcyw
dDBK6PiDq2Exo2BbUIoRXfzVfVFomj2x0pIlNUjkelije9eXKgvgs/QzAJbxYLT9
95hpKjC/1blt28SUyLScyqftwwsmzD8QFuoUUD3DUEVB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:15 2024 by rpki-client on console-fra.rpki-client.org