Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/_bKMoqIBODEbSMCyfWVwEkpQzIY.roa
File: _bKMoqIBODEbSMCyfWVwEkpQzIY.roa (raw, json)
Hash identifier: ehkUYm07ZbTo4eSi/OIz9R6QA0fWtQxuG1R3WjN7QnM=
Subject key identifier: FD:B2:8C:A2:A2:01:38:31:1B:48:C0:B2:7D:65:70:12:4A:50:CC:86
Certificate issuer: /CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Certificate serial: 01856B8A2E3C0F3ED9F494E9E0B60591F8E9
Authority key identifier: D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/_bKMoqIBODEbSMCyfWVwEkpQzIY.roa
Signing time: Sun 01 Jan 2023 04:14:55 +0000
ROA not before: Sun 01 Jan 2023 04:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205694
IP address blocks: 185.208.186.0/24 maxlen: 24
185.208.186.0/23 maxlen: 23
185.208.184.0/22 maxlen: 22
185.208.185.0/24 maxlen: 24
185.208.184.0/23 maxlen: 23
185.208.184.0/24 maxlen: 24
185.208.187.0/24 maxlen: 24
185.160.152.0/24 maxlen: 24
185.160.152.0/23 maxlen: 23
185.160.155.0/24 maxlen: 24
185.160.154.0/23 maxlen: 23
185.160.154.0/24 maxlen: 24
185.160.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Feb 2023 12:22:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:2e:3c:0f:3e:d9:f4:94:e9:e0:b6:05:91:f8:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Validity
Not Before: Jan 1 04:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdb28ca2a20138311b48c0b27d6570124a50cc86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:99:83:93:03:8b:62:da:77:d9:50:48:19:f6:
d9:45:67:d5:ef:45:17:02:64:48:8a:70:70:36:50:
ca:c8:a0:46:cd:16:3a:02:68:88:af:1c:27:3c:39:
40:e9:c6:8a:d6:99:fc:70:a9:5a:d9:2b:a9:d7:d8:
d0:6d:a0:8c:aa:8e:df:32:dc:e3:8f:e3:90:96:4b:
2c:18:8e:1f:93:43:f9:63:c4:c1:1f:6a:a9:ca:0a:
8f:9d:88:bb:b4:bc:2b:e7:fa:8a:49:a1:30:ba:a2:
05:d0:f5:fe:1f:34:49:d3:26:a4:a8:a0:df:b2:80:
10:d2:48:74:cd:19:0c:86:e7:b3:7f:b2:8a:6d:b7:
a5:61:fd:c1:de:27:e7:fc:ec:16:29:bf:f6:d3:79:
b6:fe:11:dd:01:0f:56:25:0a:82:90:54:d8:a8:e8:
d1:8d:f6:37:ef:a7:6f:62:39:20:41:97:96:58:90:
19:33:fa:c4:17:11:62:29:3c:70:48:42:03:03:a8:
5a:8b:ad:c0:75:9d:3f:91:fd:af:a8:31:1c:bc:5a:
75:78:b2:3f:57:a3:5e:d6:c6:2c:1b:65:cb:62:5b:
38:30:34:78:c6:97:32:f4:fd:10:a4:5d:7c:91:ba:
65:aa:df:61:a7:3d:81:79:9a:52:fc:ac:1c:19:fa:
4c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B2:8C:A2:A2:01:38:31:1B:48:C0:B2:7D:65:70:12:4A:50:CC:86
X509v3 Authority Key Identifier:
keyid:D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/_bKMoqIBODEbSMCyfWVwEkpQzIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/0YHQxAlRpPkA5NndnCDkhWNQkg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.152.0/22
185.208.184.0/22
Signature Algorithm: sha256WithRSAEncryption
d2:db:ef:89:07:f5:7b:41:d3:86:ca:c4:a9:fa:41:54:73:8b:
66:c0:b5:ca:17:78:5f:5c:02:89:c8:8e:e7:a1:63:c3:ed:d0:
dc:d0:b8:74:2f:80:44:e4:81:ee:34:dd:e5:4a:f5:9c:0b:ab:
64:d5:2d:04:a3:ef:68:ae:7e:59:63:c8:2c:2a:de:cc:81:1c:
e3:7e:6b:0b:39:8f:c0:cd:23:88:e1:0a:d9:f0:8e:69:8b:ff:
78:23:46:94:2a:cb:fb:46:c3:3a:c3:42:08:50:b7:63:50:1c:
da:cf:53:4a:a5:d4:30:0f:4d:1e:ba:44:a5:3c:3a:f0:29:d1:
0e:5d:ab:03:cd:8f:b7:1a:83:1d:89:62:9c:0c:a9:0e:4e:bf:
e7:23:ec:47:03:f4:c5:60:47:10:c2:3e:70:67:82:f9:bc:7a:
bf:16:d9:05:97:a3:70:72:23:92:a3:ec:e8:d0:c7:44:e6:28:
34:40:34:69:88:8b:35:66:80:cd:aa:b0:db:d1:62:3d:94:19:
22:a6:c6:f0:43:5f:a7:d8:0b:d9:94:ff:92:f6:fc:8e:25:a8:
d3:d6:3a:23:04:46:8a:30:45:92:64:10:2c:76:e2:f5:89:21:
53:d8:64:6b:ae:29:6d:96:f4:fb:64:25:b3:aa:23:37:08:79:
68:e8:7d:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrii48Dz7Z9JTp4LYFkfjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxODFkMGM0MDk1MWE0ZjkwMGU0ZDlkZDljMjBlNDg1NjM1
MDkyMGUwHhcNMjMwMTAxMDQxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIyOGNhMmEyMDEzODMxMWI0OGMwYjI3ZDY1NzAxMjRhNTBjYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JmDkwOLYtp32VBIGfbZRWfV70UX
AmRIinBwNlDKyKBGzRY6AmiIrxwnPDlA6caK1pn8cKla2Sup19jQbaCMqo7fMtzj
j+OQlkssGI4fk0P5Y8TBH2qpygqPnYi7tLwr5/qKSaEwuqIF0PX+HzRJ0yakqKDf
soAQ0kh0zRkMhuezf7KKbbelYf3B3ifn/OwWKb/203m2/hHdAQ9WJQqCkFTYqOjR
jfY376dvYjkgQZeWWJAZM/rEFxFiKTxwSEIDA6hai63AdZ0/kf2vqDEcvFp1eLI/
V6Ne1sYsG2XLYls4MDR4xpcy9P0QpF18kbplqt9hpz2BeZpS/KwcGfpMVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP2yjKKiATgxG0jAsn1lcBJKUMyGMB8GA1UdIwQY
MBaAFNGB0MQJUaT5AOTZ3Zwg5IVjUJIOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFlIUXhBbFJwUGtBNU5uZG5DRGtoV05Ra2c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hOWQ3OWUtYjI4Mi00M2MxLThiOGEt
Mzg4YjgxYzBjOTBjLzEvX2JLTW9xSUJPREViU01DeWZXVndFa3BReklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hOWQ3OWUtYjI4Mi00M2MxLThiOGEtMzg4YjgxYzBjOTBj
LzEvMFlIUXhBbFJwUGtBNU5uZG5DRGtoV05Ra2c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaCYAwQC
udC4MA0GCSqGSIb3DQEBCwUAA4IBAQDS2++JB/V7QdOGysSp+kFUc4tmwLXKF3hf
XAKJyI7noWPD7dDc0Lh0L4BE5IHuNN3lSvWcC6tk1S0Eo+9orn5ZY8gsKt7MgRzj
fmsLOY/AzSOI4QrZ8I5pi/94I0aUKsv7RsM6w0IIULdjUBzaz1NKpdQwD00eukSl
PDrwKdEOXasDzY+3GoMdiWKcDKkOTr/nI+xHA/TFYEcQwj5wZ4L5vHq/FtkFl6Nw
ciOSo+zo0MdE5ig0QDRpiIs1ZoDNqrDb0WI9lBkipsbwQ1+n2AvZlP+S9vyOJajT
1jojBEaKMEWSZBAsduL1iSFT2GRrriltlvT7ZCWzqiM3CHlo6H1J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:21 2024 by rpki-client on console-fra.rpki-client.org