Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/n_IV7ntYUt2Gv0Uir-Mx5u9_d2M.roa
File: n_IV7ntYUt2Gv0Uir-Mx5u9_d2M.roa (raw, json)
Hash identifier: 25vaTdkMXBsy3nHlYI1bztpIOLsQ4OgX5+y6aL+gr0A=
Subject key identifier: 9F:F2:15:EE:7B:58:52:DD:86:BF:45:22:AF:E3:31:E6:EF:7F:77:63
Certificate issuer: /CN=10721ead6a4575643cb703062c0968755e8281eb
Certificate serial: 01856D819733FEE6FB37AFAADABBA046FA60
Authority key identifier: 10:72:1E:AD:6A:45:75:64:3C:B7:03:06:2C:09:68:75:5E:82:81:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHIerWpFdWQ8twMGLAlodV6Cges.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/n_IV7ntYUt2Gv0Uir-Mx5u9_d2M.roa
Signing time: Sun 01 Jan 2023 13:24:47 +0000
ROA not before: Sun 01 Jan 2023 13:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207020
IP address blocks: 185.203.138.0/23 maxlen: 23
185.203.136.0/23 maxlen: 23
2a0a:e740::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:97:33:fe:e6:fb:37:af:aa:da:bb:a0:46:fa:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10721ead6a4575643cb703062c0968755e8281eb
Validity
Not Before: Jan 1 13:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ff215ee7b5852dd86bf4522afe331e6ef7f7763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:eb:4f:f5:4f:c4:dc:07:ab:81:17:30:ca:21:
7a:46:72:78:18:c9:14:aa:c8:9a:81:b9:c7:a4:05:
2d:05:14:1f:ca:dd:66:6a:3e:1c:d8:79:bf:69:d4:
25:6c:0c:6c:38:40:9b:05:85:31:e4:3a:c6:2b:16:
b2:00:53:93:1e:6e:9c:67:aa:f7:05:b1:bb:bd:21:
69:28:ce:90:7d:54:9b:36:64:42:86:8d:5f:e0:49:
3d:68:f5:42:dc:eb:70:ac:f7:c7:0b:1b:72:6a:2a:
1c:5c:17:1b:75:e3:41:4d:f2:e0:7b:fc:98:c9:27:
88:77:6d:49:3c:e6:c9:99:d6:6e:64:4d:69:5a:95:
4a:be:ad:c5:30:e1:36:78:af:22:e3:da:bb:bc:bd:
f9:c3:26:90:71:32:61:76:01:eb:86:0c:ae:a9:30:
b3:e5:ef:a6:05:5c:6d:8f:41:36:0f:e0:52:7f:22:
5c:9d:21:50:81:ce:90:26:26:56:df:09:d5:18:dc:
ff:17:50:b5:13:57:b2:1e:d9:33:02:8b:7c:a1:14:
5a:8e:a0:d1:54:93:b4:c3:f6:09:b2:04:90:ce:4d:
c1:be:2c:20:53:44:e6:c0:93:cf:2f:7f:13:41:0c:
fb:77:2f:ff:2f:19:1b:86:f3:5b:ea:a7:02:ce:0f:
8e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F2:15:EE:7B:58:52:DD:86:BF:45:22:AF:E3:31:E6:EF:7F:77:63
X509v3 Authority Key Identifier:
keyid:10:72:1E:AD:6A:45:75:64:3C:B7:03:06:2C:09:68:75:5E:82:81:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHIerWpFdWQ8twMGLAlodV6Cges.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/n_IV7ntYUt2Gv0Uir-Mx5u9_d2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/EHIerWpFdWQ8twMGLAlodV6Cges.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.136.0/22
IPv6:
2a0a:e740::/29
Signature Algorithm: sha256WithRSAEncryption
65:25:2a:9d:b6:1b:e6:f5:45:ec:c0:78:be:39:e6:3d:1c:52:
b8:b4:d0:32:82:08:af:a8:d3:28:aa:46:e5:2e:80:fc:50:90:
30:5c:74:25:1f:1c:f8:51:4c:00:a1:ae:78:07:4d:ec:6f:9a:
74:de:ad:3b:be:74:fb:41:55:a5:a6:bd:fd:f0:fa:1b:98:5b:
d5:63:f3:85:da:38:aa:96:92:64:b5:af:57:db:19:e0:5f:ef:
fc:7f:8d:da:a4:be:16:30:a7:39:12:93:fb:be:d8:a1:55:17:
93:0b:10:15:b1:c9:89:b7:87:92:26:20:d6:0b:9b:ba:b6:db:
2c:ee:25:87:25:74:7a:31:00:53:74:e9:5a:70:8f:f4:e5:cd:
5e:3a:01:b2:79:01:69:48:6b:89:65:e8:5d:ff:be:2e:f4:ac:
76:3d:77:a1:87:89:e6:fd:59:47:7a:c7:64:b8:0f:72:36:71:
78:b3:16:3d:d8:3c:20:e1:f1:d3:3e:d2:24:4f:34:0d:2e:68:
f2:b6:ea:49:ef:c4:1a:5f:62:ee:9d:e7:34:ca:35:53:34:66:
e1:cc:b4:80:57:a6:f9:da:46:6c:88:9d:50:e1:10:9b:e9:8a:
3c:a1:a7:12:54:2a:2b:c3:35:70:e5:7b:e4:a4:a2:bc:81:23:
cc:e0:95:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtgZcz/ub7N6+q2rugRvpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzIxZWFkNmE0NTc1NjQzY2I3MDMwNjJjMDk2ODc1NWU4
MjgxZWIwHhcNMjMwMTAxMTMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmYyMTVlZTdiNTg1MmRkODZiZjQ1MjJhZmUzMzFlNmVmN2Y3NzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+tP9U/E3AergRcwyiF6RnJ4GMkU
qsiagbnHpAUtBRQfyt1maj4c2Hm/adQlbAxsOECbBYUx5DrGKxayAFOTHm6cZ6r3
BbG7vSFpKM6QfVSbNmRCho1f4Ek9aPVC3OtwrPfHCxtyaiocXBcbdeNBTfLge/yY
ySeId21JPObJmdZuZE1pWpVKvq3FMOE2eK8i49q7vL35wyaQcTJhdgHrhgyuqTCz
5e+mBVxtj0E2D+BSfyJcnSFQgc6QJiZW3wnVGNz/F1C1E1eyHtkzAot8oRRajqDR
VJO0w/YJsgSQzk3BviwgU0TmwJPPL38TQQz7dy//LxkbhvNb6qcCzg+O3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ/yFe57WFLdhr9FIq/jMebvf3djMB8GA1UdIwQY
MBaAFBByHq1qRXVkPLcDBiwJaHVegoHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhJZXJXcEZkV1E4dHdNR0xBbG9kVjZDZ2VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9jYTkzNWItMjQ4NC00MDIwLWI4MTQt
M2Q0YWU4MGZjNDVkLzEvbl9JVjdudFlVdDJHdjBVaXItTXg1dTlfZDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9jYTkzNWItMjQ4NC00MDIwLWI4MTQtM2Q0YWU4MGZjNDVk
LzEvRUhJZXJXcEZkV1E4dHdNR0xBbG9kVjZDZ2VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucuIMA0E
AgACMAcDBQMqCudAMA0GCSqGSIb3DQEBCwUAA4IBAQBlJSqdthvm9UXswHi+OeY9
HFK4tNAyggivqNMoqkblLoD8UJAwXHQlHxz4UUwAoa54B03sb5p03q07vnT7QVWl
pr398PobmFvVY/OF2jiqlpJkta9X2xngX+/8f43apL4WMKc5EpP7vtihVReTCxAV
scmJt4eSJiDWC5u6ttss7iWHJXR6MQBTdOlacI/05c1eOgGyeQFpSGuJZehd/74u
9Kx2PXehh4nm/VlHesdkuA9yNnF4sxY92Dwg4fHTPtIkTzQNLmjytupJ78QaX2Lu
nec0yjVTNGbhzLSAV6b52kZsiJ1Q4RCb6Yo8oacSVCorwzVw5XvkpKK8gSPM4JX/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:59 2024 by rpki-client on console-ams.rpki-client.org