Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/d3c8f7-ff8d-42b8-a762-45377418fbb2/1/aM7_iyt7jSX2iQyXp8WQFn6ori8.roa
File: aM7_iyt7jSX2iQyXp8WQFn6ori8.roa (raw, json)
Hash identifier: ROkSl+7xdTz6Tu8JRzF3afw2fx6aQa/n/qDSQSc0i5g=
Subject key identifier: 68:CE:FF:8B:2B:7B:8D:25:F6:89:0C:97:A7:C5:90:16:7E:A8:AE:2F
Certificate issuer: /CN=5c32a925c55f1d4e6e40c10f4e8e019b483c1d50
Certificate serial: 01856D8AF0D0C5114F3C58EFD9594A882421
Authority key identifier: 5C:32:A9:25:C5:5F:1D:4E:6E:40:C1:0F:4E:8E:01:9B:48:3C:1D:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XDKpJcVfHU5uQMEPTo4Bm0g8HVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/d3c8f7-ff8d-42b8-a762-45377418fbb2/1/aM7_iyt7jSX2iQyXp8WQFn6ori8.roa
Signing time: Sun 01 Jan 2023 13:35:00 +0000
ROA not before: Sun 01 Jan 2023 13:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48611
IP address blocks: 185.250.184.0/24 maxlen: 24
185.250.185.0/24 maxlen: 24
2a0c:1144::/30 maxlen: 30
2a0c:1140::/29 maxlen: 29
2a0c:1140::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:f0:d0:c5:11:4f:3c:58:ef:d9:59:4a:88:24:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c32a925c55f1d4e6e40c10f4e8e019b483c1d50
Validity
Not Before: Jan 1 13:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68ceff8b2b7b8d25f6890c97a7c590167ea8ae2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6b:9e:c0:4c:93:f7:ee:22:96:69:4a:3d:66:
aa:b1:6a:09:61:ac:6d:d6:10:78:fa:2a:87:55:4f:
0c:f1:d8:b7:f7:a3:96:58:df:58:15:44:cc:26:9c:
d3:79:fb:d6:53:8f:1c:5b:29:76:64:df:02:88:b0:
86:2f:24:f7:2a:5a:45:64:95:39:5e:71:d7:26:e2:
a6:ba:07:26:ce:c4:89:5b:6b:bf:40:fb:55:7d:87:
16:c9:51:f9:ab:0f:8e:c5:d3:e6:96:c7:38:19:7b:
1f:d4:25:d5:e3:40:15:3c:7d:95:7e:5e:8a:ad:89:
f5:96:f1:d1:38:5f:47:bf:f9:b2:4f:89:d1:b2:40:
54:d2:60:8b:c6:7d:61:d2:57:2a:c4:a3:63:af:8e:
d4:fb:1c:86:7f:c6:92:dd:a8:5a:e9:1b:14:94:c7:
24:42:01:f8:6e:5f:6c:2d:78:c0:be:c8:f9:01:c4:
db:d2:b6:c3:e8:95:c6:7e:97:bf:cb:e9:0c:56:d4:
78:2c:e7:72:08:4e:5a:3d:e2:52:39:f8:12:d3:21:
1e:e3:f4:b4:cb:a2:0c:bd:0e:fc:2a:7d:dc:b0:8b:
d9:d9:13:22:d9:1d:eb:44:9b:14:d7:f9:e1:2c:39:
28:15:88:38:e3:8d:f1:64:d6:25:9c:37:f6:0f:ff:
5d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:CE:FF:8B:2B:7B:8D:25:F6:89:0C:97:A7:C5:90:16:7E:A8:AE:2F
X509v3 Authority Key Identifier:
keyid:5C:32:A9:25:C5:5F:1D:4E:6E:40:C1:0F:4E:8E:01:9B:48:3C:1D:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDKpJcVfHU5uQMEPTo4Bm0g8HVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/d3c8f7-ff8d-42b8-a762-45377418fbb2/1/aM7_iyt7jSX2iQyXp8WQFn6ori8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/d3c8f7-ff8d-42b8-a762-45377418fbb2/1/XDKpJcVfHU5uQMEPTo4Bm0g8HVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.184.0/23
IPv6:
2a0c:1140::/29
Signature Algorithm: sha256WithRSAEncryption
08:54:9a:af:ef:d6:1b:52:38:fc:ff:2c:80:0c:13:be:41:82:
be:ae:cc:e9:b2:57:b7:c7:c7:ba:e8:7d:b0:b1:1f:50:31:30:
e2:48:96:7c:6a:83:63:5c:3a:b5:9a:3f:46:04:90:95:3c:d7:
79:0a:42:c1:b1:b5:b2:b6:e9:e1:65:00:e0:9f:c1:ce:e1:fe:
87:34:f2:60:f2:06:3f:75:f7:6b:a7:c9:d0:45:ae:41:1f:2e:
55:22:93:e1:a7:29:70:2e:fe:3d:57:90:e5:53:c8:44:20:b7:
51:ee:4d:29:72:b9:c5:f5:43:cf:1c:ad:8d:eb:70:9b:2c:83:
5d:9d:c2:45:a3:dc:49:5a:88:3f:5d:37:f1:62:97:b7:81:8f:
ea:94:9b:6f:c8:fe:fd:1c:d9:13:75:fc:10:83:68:9d:7c:1d:
76:77:ef:6e:fb:ab:10:21:cc:a7:e2:24:d4:54:e4:92:45:94:
1b:07:a6:0c:2c:0a:d8:5f:3c:60:9b:8c:a7:f7:f5:05:b5:1f:
05:77:79:83:75:56:d7:f4:24:a4:49:82:9c:80:16:44:40:db:
62:bd:7c:b8:a4:7b:5d:52:ef:25:26:52:03:5b:b5:a8:3b:93:
22:d8:ae:a3:fe:61:cd:64:93:08:ea:c7:fb:e9:00:27:72:d6:
24:c2:39:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtivDQxRFPPFjv2VlKiCQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzJhOTI1YzU1ZjFkNGU2ZTQwYzEwZjRlOGUwMTliNDgz
YzFkNTAwHhcNMjMwMTAxMTMzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGNlZmY4YjJiN2I4ZDI1ZjY4OTBjOTdhN2M1OTAxNjdlYThhZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2uewEyT9+4ilmlKPWaqsWoJYaxt
1hB4+iqHVU8M8di396OWWN9YFUTMJpzTefvWU48cWyl2ZN8CiLCGLyT3KlpFZJU5
XnHXJuKmugcmzsSJW2u/QPtVfYcWyVH5qw+OxdPmlsc4GXsf1CXV40AVPH2Vfl6K
rYn1lvHROF9Hv/myT4nRskBU0mCLxn1h0lcqxKNjr47U+xyGf8aS3aha6RsUlMck
QgH4bl9sLXjAvsj5AcTb0rbD6JXGfpe/y+kMVtR4LOdyCE5aPeJSOfgS0yEe4/S0
y6IMvQ78Kn3csIvZ2RMi2R3rRJsU1/nhLDkoFYg4443xZNYlnDf2D/9dhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGjO/4sre40l9okMl6fFkBZ+qK4vMB8GA1UdIwQY
MBaAFFwyqSXFXx1ObkDBD06OAZtIPB1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERLcEpjVmZIVTV1UU1FUFRvNEJtMGc4SFZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kM2M4ZjctZmY4ZC00MmI4LWE3NjIt
NDUzNzc0MThmYmIyLzEvYU03X2l5dDdqU1gyaVF5WHA4V1FGbjZvcmk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kM2M4ZjctZmY4ZC00MmI4LWE3NjItNDUzNzc0MThmYmIy
LzEvWERLcEpjVmZIVTV1UU1FUFRvNEJtMGc4SFZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBufq4MA0E
AgACMAcDBQMqDBFAMA0GCSqGSIb3DQEBCwUAA4IBAQAIVJqv79YbUjj8/yyADBO+
QYK+rszpsle3x8e66H2wsR9QMTDiSJZ8aoNjXDq1mj9GBJCVPNd5CkLBsbWytunh
ZQDgn8HO4f6HNPJg8gY/dfdrp8nQRa5BHy5VIpPhpylwLv49V5DlU8hEILdR7k0p
crnF9UPPHK2N63CbLINdncJFo9xJWog/XTfxYpe3gY/qlJtvyP79HNkTdfwQg2id
fB12d+9u+6sQIcyn4iTUVOSSRZQbB6YMLArYXzxgm4yn9/UFtR8Fd3mDdVbX9CSk
SYKcgBZEQNtivXy4pHtdUu8lJlIDW7WoO5Mi2K6j/mHNZJMI6sf76QAnctYkwjkE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org