Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/82y6Cbu7RDnScvWh0GoBcN7m7IQ.roa
File: 82y6Cbu7RDnScvWh0GoBcN7m7IQ.roa (raw, json)
Hash identifier: XJwJK7XYs6J+TasH8ePQY+OjKJj9TwAvRGR2GZrS13Y=
Subject key identifier: F3:6C:BA:09:BB:BB:44:39:D2:72:F5:A1:D0:6A:01:70:DE:E6:EC:84
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018CC2DAEF2BB068AA14C01B2F6FF53DB6C5
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/82y6Cbu7RDnScvWh0GoBcN7m7IQ.roa
Signing time: Mon 01 Jan 2024 02:29:37 +0000
ROA not before: Mon 01 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47692
IP address blocks: 185.211.60.0/22 maxlen: 24
185.51.8.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 12:25:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ef:2b:b0:68:aa:14:c0:1b:2f:6f:f5:3d:b6:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 1 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f36cba09bbbb4439d272f5a1d06a0170dee6ec84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1a:82:6b:01:1c:3c:d9:2d:62:7c:92:0e:ea:
a0:1c:59:ec:5c:ea:30:c8:3d:c8:75:c9:ff:c4:88:
2f:e0:13:a2:1d:58:c3:e5:70:42:b9:39:c2:9d:2d:
6e:4f:f9:ce:19:20:5e:cc:c8:b5:e8:48:b3:da:38:
98:b0:df:19:4f:99:a4:9c:69:08:6d:df:80:a0:45:
7e:24:57:dc:26:ac:17:1f:8d:b3:80:38:7e:15:03:
36:d8:4b:6b:80:4b:03:79:ac:10:75:28:e0:51:2a:
de:cf:26:c5:4a:92:45:c2:82:06:90:6a:e7:77:95:
e8:fe:c1:ce:f3:be:64:b9:4e:da:f2:be:62:cc:5a:
ad:3a:6a:f6:cb:8c:ad:1f:50:35:19:76:8f:1f:9f:
b6:68:60:c4:55:fa:30:35:75:fd:c0:39:35:29:a8:
67:dc:53:fa:86:8f:7f:4f:5b:71:0f:72:60:e3:49:
17:d6:0a:44:31:55:68:b3:37:28:c0:24:6a:48:4c:
fe:f1:38:a2:48:37:f1:58:8b:fc:e4:4f:6d:bf:bd:
16:51:32:7a:d5:d7:c9:f9:f0:cb:36:21:4f:07:df:
8f:38:3a:7e:f6:66:8e:13:05:35:5a:f5:29:09:0a:
51:e0:be:73:ab:76:e2:f2:b6:e5:32:7e:df:74:80:
20:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:6C:BA:09:BB:BB:44:39:D2:72:F5:A1:D0:6A:01:70:DE:E6:EC:84
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/82y6Cbu7RDnScvWh0GoBcN7m7IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.8.0/22
185.211.60.0/22
Signature Algorithm: sha256WithRSAEncryption
84:a1:9c:f2:03:3a:fe:b7:a4:d5:61:da:b4:13:f3:4e:5a:44:
04:11:83:fe:28:26:9e:2a:df:73:07:41:67:6b:35:76:cb:a0:
7d:b1:a0:59:26:97:a6:a2:f5:ad:33:df:18:3b:cd:45:80:9f:
64:f9:65:ad:47:d4:a7:7b:72:8d:4f:03:ed:fb:2e:c9:50:f3:
74:50:5d:cc:02:69:45:e3:05:3d:03:b3:94:0a:a7:88:77:44:
a3:5f:7f:f3:eb:5c:7c:85:bc:57:77:d3:01:43:4f:85:3e:83:
ce:f8:57:59:f4:7a:4d:13:d0:bc:74:5f:2e:65:ff:2c:93:5d:
5e:d0:4f:ef:5b:30:f2:b7:87:d0:f3:46:27:fd:48:fe:7f:f6:
af:c4:1e:89:74:de:a8:2a:97:eb:bb:1d:f4:db:58:cc:73:3d:
55:f0:a1:17:aa:7a:f7:be:a1:89:ef:7d:40:87:8d:7e:30:2a:
67:e8:a2:a4:53:f5:ab:99:1b:3f:7f:5c:82:b8:7e:f2:70:29:
95:7a:6e:ce:5f:51:38:3a:2b:12:4a:e6:16:64:f7:59:9e:5e:
7a:39:b2:f1:b7:c6:35:62:f9:cd:bc:26:11:18:35:ab:0e:65:
7b:37:cf:3c:f4:ac:52:ab:3d:bc:89:ec:82:5c:2e:34:ad:3b:
60:55:d3:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2u8rsGiqFMAbL2/1PbbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjQwMTAxMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzZjYmEwOWJiYmI0NDM5ZDI3MmY1YTFkMDZhMDE3MGRlZTZlYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxqCawEcPNktYnySDuqgHFnsXOow
yD3Idcn/xIgv4BOiHVjD5XBCuTnCnS1uT/nOGSBezMi16Eiz2jiYsN8ZT5mknGkI
bd+AoEV+JFfcJqwXH42zgDh+FQM22EtrgEsDeawQdSjgUSrezybFSpJFwoIGkGrn
d5Xo/sHO875kuU7a8r5izFqtOmr2y4ytH1A1GXaPH5+2aGDEVfowNXX9wDk1Kahn
3FP6ho9/T1txD3Jg40kX1gpEMVVoszcowCRqSEz+8TiiSDfxWIv85E9tv70WUTJ6
1dfJ+fDLNiFPB9+PODp+9maOEwU1WvUpCQpR4L5zq3bi8rblMn7fdIAg7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPNsugm7u0Q50nL1odBqAXDe5uyEMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvODJ5NkNidTdSRG5TY3ZXaDBHb0JjTjdtN0lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuTMIAwQC
udM8MA0GCSqGSIb3DQEBCwUAA4IBAQCEoZzyAzr+t6TVYdq0E/NOWkQEEYP+KCae
Kt9zB0FnazV2y6B9saBZJpemovWtM98YO81FgJ9k+WWtR9Sne3KNTwPt+y7JUPN0
UF3MAmlF4wU9A7OUCqeId0SjX3/z61x8hbxXd9MBQ0+FPoPO+FdZ9HpNE9C8dF8u
Zf8sk11e0E/vWzDyt4fQ80Yn/Uj+f/avxB6JdN6oKpfrux3021jMcz1V8KEXqnr3
vqGJ731Ah41+MCpn6KKkU/WrmRs/f1yCuH7ycCmVem7OX1E4OisSSuYWZPdZnl56
ObLxt8Y1YvnNvCYRGDWrDmV7N8889KxSqz28ieyCXC40rTtgVdM9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org