Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/16FqfrTrB-wInV6mO0fSde0u2Zg.roa
File: 16FqfrTrB-wInV6mO0fSde0u2Zg.roa (raw, json)
Hash identifier: 2VY1CBMtZTiJs8uWCb4A62a8z3ENW4VsM2nwSLA3pac=
Subject key identifier: D7:A1:6A:7E:B4:EB:07:EC:08:9D:5E:A6:3B:47:D2:75:ED:2E:D9:98
Certificate issuer: /CN=788f5b210f3c3eb42065960e85d061e9d9d63ab8
Certificate serial: 01857139CD75928679EBB93150F36D83DF08
Authority key identifier: 78:8F:5B:21:0F:3C:3E:B4:20:65:96:0E:85:D0:61:E9:D9:D6:3A:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eI9bIQ88PrQgZZYOhdBh6dnWOrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/16FqfrTrB-wInV6mO0fSde0u2Zg.roa
Signing time: Mon 02 Jan 2023 06:44:51 +0000
ROA not before: Mon 02 Jan 2023 06:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197709
IP address blocks: 185.238.60.0/24 maxlen: 24
192.162.144.0/22 maxlen: 22
193.227.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Oct 2023 11:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:cd:75:92:86:79:eb:b9:31:50:f3:6d:83:df:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=788f5b210f3c3eb42065960e85d061e9d9d63ab8
Validity
Not Before: Jan 2 06:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7a16a7eb4eb07ec089d5ea63b47d275ed2ed998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0a:d5:94:7e:8a:35:e9:ed:11:34:44:0a:c5:
57:55:fb:93:05:8c:0d:91:e3:93:43:75:ef:c3:6f:
99:a4:b7:a9:be:39:b0:60:73:b9:7a:ac:04:13:a4:
98:49:b7:3e:ed:f9:4e:89:6c:5a:af:02:12:1c:2e:
d8:cc:a7:1a:44:38:54:eb:a8:f0:23:a0:0a:f6:31:
3a:6a:fe:95:79:4e:a6:68:ff:6d:bc:dd:0b:07:9b:
2f:37:b5:9d:dd:30:f2:76:da:e2:9c:5e:35:95:31:
77:22:26:05:71:03:90:5a:53:d2:64:a0:43:b4:86:
9f:dd:6b:82:06:e8:96:20:81:bf:7d:4e:0d:ce:d5:
31:44:8d:24:bf:99:ac:9f:47:f8:7d:39:7a:a8:59:
3f:1d:b6:9b:ad:70:0b:49:a7:5e:50:64:5e:c3:41:
c4:a1:02:e6:2e:ec:57:68:2d:32:e4:c2:d2:62:27:
fa:60:cf:e3:3f:44:f7:2f:d1:b3:54:5b:a1:79:96:
b9:a0:7a:56:54:fa:84:80:c2:b6:c3:e6:3e:1c:f6:
54:94:6c:6e:9e:7d:98:38:f4:19:71:66:c1:02:7d:
59:32:f9:34:7c:66:64:09:48:8b:8f:2a:88:03:9a:
b0:87:e9:c5:e9:82:66:26:ad:5c:6d:b3:2c:dc:ad:
19:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A1:6A:7E:B4:EB:07:EC:08:9D:5E:A6:3B:47:D2:75:ED:2E:D9:98
X509v3 Authority Key Identifier:
keyid:78:8F:5B:21:0F:3C:3E:B4:20:65:96:0E:85:D0:61:E9:D9:D6:3A:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eI9bIQ88PrQgZZYOhdBh6dnWOrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/16FqfrTrB-wInV6mO0fSde0u2Zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/eI9bIQ88PrQgZZYOhdBh6dnWOrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.60.0/24
192.162.144.0/22
193.227.112.0/24
Signature Algorithm: sha256WithRSAEncryption
76:69:0f:88:f3:c0:20:b7:f8:b8:57:cd:30:3c:ac:79:9b:31:
47:11:cf:c4:fa:9c:61:8d:d4:00:84:db:28:04:8f:08:ab:ae:
1b:48:75:e2:d1:1f:36:b2:53:11:44:da:21:29:31:5d:ba:0e:
51:0e:cc:43:2c:c7:96:9a:b9:1a:b1:be:a4:ed:ff:42:72:c7:
9f:44:70:fb:c9:ef:ce:1e:d5:a8:ea:f5:ed:e6:ba:f2:b7:55:
b8:cb:a3:18:a3:b3:d8:47:fa:b3:6a:bd:4e:dc:8a:09:b8:5c:
c1:e3:35:12:d0:4c:13:b7:84:71:5f:a6:13:08:c1:d5:bf:e3:
e2:60:88:46:06:bb:5d:ca:9e:bf:7f:2b:7c:9a:58:2e:44:bc:
dd:3e:fa:7b:f1:16:31:a8:74:f6:8a:92:b5:fd:7e:d1:9b:3f:
92:d4:b7:d4:fe:c3:da:f4:f7:7d:57:7a:c9:98:ec:4e:f6:72:
d3:4d:01:8c:d3:5c:7a:29:8a:63:db:65:c2:92:35:54:da:d3:
63:9e:78:0f:b3:bd:66:46:ba:f5:b8:68:d6:68:6b:5f:c1:c3:
65:12:2d:87:32:2b:93:10:6d:cc:e3:ae:c6:48:38:e5:46:bf:
7f:5a:cc:a8:a2:2b:af:23:74:2d:df:b1:01:cf:4d:f5:0a:f5:
6a:57:45:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxOc11koZ567kxUPNtg98IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4OGY1YjIxMGYzYzNlYjQyMDY1OTYwZTg1ZDA2MWU5ZDlk
NjNhYjgwHhcNMjMwMTAyMDY0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ExNmE3ZWI0ZWIwN2VjMDg5ZDVlYTYzYjQ3ZDI3NWVkMmVkOTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogrVlH6KNentETRECsVXVfuTBYwN
keOTQ3Xvw2+ZpLepvjmwYHO5eqwEE6SYSbc+7flOiWxarwISHC7YzKcaRDhU66jw
I6AK9jE6av6VeU6maP9tvN0LB5svN7Wd3TDydtrinF41lTF3IiYFcQOQWlPSZKBD
tIaf3WuCBuiWIIG/fU4NztUxRI0kv5msn0f4fTl6qFk/HbabrXALSadeUGRew0HE
oQLmLuxXaC0y5MLSYif6YM/jP0T3L9GzVFuheZa5oHpWVPqEgMK2w+Y+HPZUlGxu
nn2YOPQZcWbBAn1ZMvk0fGZkCUiLjyqIA5qwh+nF6YJmJq1cbbMs3K0ZKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNehan606wfsCJ1epjtH0nXtLtmYMB8GA1UdIwQY
MBaAFHiPWyEPPD60IGWWDoXQYenZ1jq4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUk5YklRODhQclFnWlpZT2hkQmg2ZG5XT3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lMTAwYjUtNmYwYS00ZmU5LWJlZmIt
YzRhY2I4OTY5YzQ5LzEvMTZGcWZyVHJCLXdJblY2bU8wZlNkZTB1MlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lMTAwYjUtNmYwYS00ZmU5LWJlZmItYzRhY2I4OTY5YzQ5
LzEvZUk5YklRODhQclFnWlpZT2hkQmg2ZG5XT3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAue48AwQC
wKKQAwQAweNwMA0GCSqGSIb3DQEBCwUAA4IBAQB2aQ+I88Agt/i4V80wPKx5mzFH
Ec/E+pxhjdQAhNsoBI8Iq64bSHXi0R82slMRRNohKTFdug5RDsxDLMeWmrkasb6k
7f9CcsefRHD7ye/OHtWo6vXt5rryt1W4y6MYo7PYR/qzar1O3IoJuFzB4zUS0EwT
t4RxX6YTCMHVv+PiYIhGBrtdyp6/fyt8mlguRLzdPvp78RYxqHT2ipK1/X7Rmz+S
1LfU/sPa9Pd9V3rJmOxO9nLTTQGM01x6KYpj22XCkjVU2tNjnngPs71mRrr1uGjW
aGtfwcNlEi2HMiuTEG3M467GSDjlRr9/WsyooiuvI3Qt37EBz031CvVqV0Vz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:44 2024 by rpki-client on console-fra.rpki-client.org