Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/aknFfCS5b3hFmebbsnHiioz64LI.roa
File: aknFfCS5b3hFmebbsnHiioz64LI.roa (raw, json)
Hash identifier: SPrKVPWU66mx9KcHamnA6bwQphQlOSC0ZphYQM8Sf4w=
Subject key identifier: 6A:49:C5:7C:24:B9:6F:78:45:99:E6:DB:B2:71:E2:8A:8C:FA:E0:B2
Certificate issuer: /CN=ebc8c4a066e2c150313ee1c087471f3c8b0de054
Certificate serial: 01856BB7D77C1A807E4D228B7A3DAAA57F47
Authority key identifier: EB:C8:C4:A0:66:E2:C1:50:31:3E:E1:C0:87:47:1F:3C:8B:0D:E0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/68jEoGbiwVAxPuHAh0cfPIsN4FQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/aknFfCS5b3hFmebbsnHiioz64LI.roa
Signing time: Sun 01 Jan 2023 05:04:48 +0000
ROA not before: Sun 01 Jan 2023 05:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42828
IP address blocks: 185.84.106.0/24 maxlen: 24
185.84.107.0/24 maxlen: 24
185.84.105.0/24 maxlen: 24
185.84.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b7:d7:7c:1a:80:7e:4d:22:8b:7a:3d:aa:a5:7f:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebc8c4a066e2c150313ee1c087471f3c8b0de054
Validity
Not Before: Jan 1 05:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a49c57c24b96f784599e6dbb271e28a8cfae0b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:55:7b:a1:69:3c:4d:27:56:af:ab:54:05:4e:
d0:91:58:07:c9:93:e9:9e:48:a4:dc:4f:76:df:46:
46:4f:1c:d7:32:cc:7b:5d:77:b8:a8:f8:35:67:b7:
d5:e1:d8:66:d9:86:f2:e1:66:bc:dd:be:84:c3:ff:
93:88:e1:67:67:84:3d:a4:45:6d:4e:72:ce:ef:dc:
53:df:d1:fc:b7:20:fe:ec:9e:f5:d5:e8:c5:5d:57:
72:32:90:3b:54:97:5d:50:e3:60:a5:47:5e:24:42:
27:00:54:cc:12:a0:61:12:ae:20:d4:2f:39:86:65:
90:65:eb:d8:9c:a9:c3:00:f9:49:2c:3e:81:bd:d1:
5c:09:43:ba:fc:4d:b7:33:a9:3b:93:ee:22:65:7a:
86:2a:f4:e2:0f:04:96:ab:1d:e6:1e:17:fa:c0:d6:
7e:c9:fa:1e:5e:3c:15:a4:f7:58:81:fa:62:eb:31:
0f:6c:1c:42:08:d7:d3:c7:1c:4b:af:f6:e1:54:fd:
11:3d:35:d4:5e:6c:5f:0d:79:1d:90:79:33:12:6c:
37:ff:6c:01:b9:cf:48:65:55:e7:61:4d:52:75:d7:
a1:b0:b3:61:d1:88:67:26:4e:77:db:26:38:4c:cf:
76:fb:7f:75:72:60:62:6f:85:e1:ca:c1:07:50:28:
eb:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:49:C5:7C:24:B9:6F:78:45:99:E6:DB:B2:71:E2:8A:8C:FA:E0:B2
X509v3 Authority Key Identifier:
keyid:EB:C8:C4:A0:66:E2:C1:50:31:3E:E1:C0:87:47:1F:3C:8B:0D:E0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/68jEoGbiwVAxPuHAh0cfPIsN4FQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/aknFfCS5b3hFmebbsnHiioz64LI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8e44e3-1b54-479e-a54c-47ead5372bfb/1/68jEoGbiwVAxPuHAh0cfPIsN4FQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.104.0/22
Signature Algorithm: sha256WithRSAEncryption
34:3d:d8:05:7c:d9:52:15:22:ac:8d:22:b7:d7:bf:96:b1:7d:
af:6c:0a:64:e4:c4:5b:47:7b:11:9a:77:f9:70:d1:ec:a3:11:
33:a1:d8:b2:77:b7:93:8a:24:e7:87:4f:fe:4e:13:42:f2:39:
c0:0b:7f:af:17:d3:01:bd:c7:99:1a:46:ae:8b:d3:9e:54:d8:
d2:ad:0b:a3:6e:2b:eb:07:75:24:7c:c5:33:cf:a1:6f:6a:41:
5f:cc:46:99:2f:bc:f5:6f:19:3d:fe:51:ae:1a:12:13:94:b5:
72:81:07:51:2e:ef:37:ab:e3:4e:5e:db:3e:bf:b6:1a:03:52:
58:e6:55:9c:70:56:4c:26:bb:a0:8d:21:b8:b4:e3:9a:df:11:
7e:1e:7e:a8:31:79:41:8e:2e:e9:eb:44:45:64:9d:99:63:3d:
33:bb:72:bc:e2:9f:ff:ba:bf:d1:d7:e7:86:73:12:66:93:d5:
de:6f:6b:f9:80:b8:ca:41:3d:70:2b:2c:da:50:5d:97:f8:69:
d3:6b:f4:ad:c7:0a:5c:c2:e9:c3:2b:ec:67:6f:e2:eb:99:4d:
34:57:3d:1a:41:eb:ff:9a:2b:73:b1:8e:85:2a:ee:fd:01:7b:
5d:4a:d5:7e:b0:db:20:39:d6:fd:9c:b9:92:f6:77:af:75:71:
5a:89:80:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrt9d8GoB+TSKLej2qpX9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYzhjNGEwNjZlMmMxNTAzMTNlZTFjMDg3NDcxZjNjOGIw
ZGUwNTQwHhcNMjMwMTAxMDUwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTQ5YzU3YzI0Yjk2Zjc4NDU5OWU2ZGJiMjcxZTI4YThjZmFlMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFV7oWk8TSdWr6tUBU7QkVgHyZPp
nkik3E9230ZGTxzXMsx7XXe4qPg1Z7fV4dhm2Yby4Wa83b6Ew/+TiOFnZ4Q9pEVt
TnLO79xT39H8tyD+7J711ejFXVdyMpA7VJddUONgpUdeJEInAFTMEqBhEq4g1C85
hmWQZevYnKnDAPlJLD6BvdFcCUO6/E23M6k7k+4iZXqGKvTiDwSWqx3mHhf6wNZ+
yfoeXjwVpPdYgfpi6zEPbBxCCNfTxxxLr/bhVP0RPTXUXmxfDXkdkHkzEmw3/2wB
uc9IZVXnYU1SddehsLNh0YhnJk532yY4TM92+391cmBib4XhysEHUCjrUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpJxXwkuW94RZnm27Jx4oqM+uCyMB8GA1UdIwQY
MBaAFOvIxKBm4sFQMT7hwIdHHzyLDeBUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjhqRW9HYml3VkF4UHVIQWgwY2ZQSXNONEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84ZTQ0ZTMtMWI1NC00NzllLWE1NGMt
NDdlYWQ1MzcyYmZiLzEvYWtuRmZDUzViM2hGbWViYnNuSGlpb3o2NExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84ZTQ0ZTMtMWI1NC00NzllLWE1NGMtNDdlYWQ1MzcyYmZi
LzEvNjhqRW9HYml3VkF4UHVIQWgwY2ZQSXNONEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVRoMA0G
CSqGSIb3DQEBCwUAA4IBAQA0PdgFfNlSFSKsjSK317+WsX2vbApk5MRbR3sRmnf5
cNHsoxEzodiyd7eTiiTnh0/+ThNC8jnAC3+vF9MBvceZGkaui9OeVNjSrQujbivr
B3UkfMUzz6FvakFfzEaZL7z1bxk9/lGuGhITlLVygQdRLu83q+NOXts+v7YaA1JY
5lWccFZMJrugjSG4tOOa3xF+Hn6oMXlBji7p60RFZJ2ZYz0zu3K84p//ur/R1+eG
cxJmk9Xeb2v5gLjKQT1wKyzaUF2X+GnTa/StxwpcwunDK+xnb+LrmU00Vz0aQev/
mitzsY6FKu79AXtdStV+sNsgOdb9nLmS9nevdXFaiYAY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:50 2024 by rpki-client on console-ams.rpki-client.org