Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/a__m1FCLIOxP5bc_copBZoWwO08.roa
File: a__m1FCLIOxP5bc_copBZoWwO08.roa (raw, json)
Hash identifier: ZGQLDqEy2RNKkd1ci/Qo0jH8lJbGaRn62RTw7iQRnmY=
Subject key identifier: 6B:FF:E6:D4:50:8B:20:EC:4F:E5:B7:3F:72:8A:41:66:85:B0:3B:4F
Certificate issuer: /CN=0cce8832d02949801f1198e9d13bb18ed5832d0c
Certificate serial: 018A50EFC150CE02CE0470ED439C794BA09C
Authority key identifier: 0C:CE:88:32:D0:29:49:80:1F:11:98:E9:D1:3B:B1:8E:D5:83:2D:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DM6IMtApSYAfEZjp0TuxjtWDLQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/a__m1FCLIOxP5bc_copBZoWwO08.roa
Signing time: Fri 01 Sep 2023 13:30:04 +0000
ROA not before: Fri 01 Sep 2023 13:30:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198641
IP address blocks: 185.58.230.0/24 maxlen: 24
185.58.231.0/24 maxlen: 24
185.58.228.0/24 maxlen: 24
185.58.229.0/24 maxlen: 24
37.205.40.0/24 maxlen: 24
37.205.44.0/24 maxlen: 24
37.205.40.0/22 maxlen: 22
37.205.40.0/21 maxlen: 21
37.205.42.0/24 maxlen: 24
37.205.46.0/24 maxlen: 24
37.205.45.0/24 maxlen: 24
2a02:4220::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:ef:c1:50:ce:02:ce:04:70:ed:43:9c:79:4b:a0:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cce8832d02949801f1198e9d13bb18ed5832d0c
Validity
Not Before: Sep 1 13:30:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bffe6d4508b20ec4fe5b73f728a416685b03b4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:00:04:bb:46:67:e9:d9:27:cd:62:81:f5:fe:
84:af:0b:43:fa:15:3a:f1:2d:fd:23:79:f3:40:d0:
27:0f:67:72:ba:88:1c:e5:c6:c1:5e:76:fe:03:1f:
04:a7:72:e7:c9:81:58:69:0f:30:30:78:e0:67:47:
20:fe:8f:17:42:f7:82:5c:19:b5:c7:7d:f1:5a:17:
67:9c:c2:de:a5:7f:0f:f4:40:a2:1c:ff:72:8b:1b:
93:1a:8e:e4:0e:ae:ef:17:ff:6d:e9:65:55:bf:4c:
d5:8b:33:b2:6c:54:fb:2e:1c:94:55:4e:e7:88:f3:
1a:69:fc:64:c2:f8:cf:e5:70:55:49:e0:74:e1:36:
f8:46:46:c1:26:8a:d0:d1:56:11:5f:35:d7:62:b9:
2e:e2:f3:6d:1f:1d:b8:f8:6d:9c:56:c1:57:da:1d:
3f:99:80:82:98:ba:a2:5d:bf:92:48:49:f6:00:87:
96:2a:30:4f:15:49:50:34:06:8f:e5:07:61:5b:8c:
58:52:cc:72:6b:40:56:5f:be:c4:97:e6:24:4c:ca:
89:b3:f7:37:fb:ce:5e:9c:72:cd:94:01:f2:ed:d2:
21:55:c9:90:ed:c0:e7:35:7b:18:1e:f7:3f:ae:86:
7d:be:81:73:40:83:92:6a:eb:e5:98:77:fa:e9:c3:
dc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:FF:E6:D4:50:8B:20:EC:4F:E5:B7:3F:72:8A:41:66:85:B0:3B:4F
X509v3 Authority Key Identifier:
keyid:0C:CE:88:32:D0:29:49:80:1F:11:98:E9:D1:3B:B1:8E:D5:83:2D:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DM6IMtApSYAfEZjp0TuxjtWDLQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/a__m1FCLIOxP5bc_copBZoWwO08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/DM6IMtApSYAfEZjp0TuxjtWDLQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.40.0/21
185.58.228.0/22
IPv6:
2a02:4220::/32
Signature Algorithm: sha256WithRSAEncryption
3c:09:5b:01:4c:86:5d:d2:77:7f:c1:f0:3c:bd:89:a4:9a:70:
59:ea:63:39:8f:fb:cb:9d:40:59:f0:aa:60:51:09:30:9f:6e:
19:67:cb:26:9f:71:a1:19:ab:7b:d9:5f:2b:62:c7:03:9e:97:
8f:ca:68:e5:e6:e0:26:79:7f:1b:dc:8a:f2:b9:79:3a:3e:fb:
bf:72:15:1c:db:2e:9a:74:33:ca:86:ab:11:e8:fc:e3:ba:84:
15:d6:4c:42:fd:9f:73:61:78:53:af:bb:b1:d7:b8:13:ad:fe:
f7:32:a4:5c:15:10:1a:e2:99:e2:a0:d3:5f:0c:e0:a7:11:02:
23:0e:7c:05:60:9a:8b:ab:af:08:b7:19:8b:7e:5a:60:e6:b6:
df:cd:59:de:2d:5a:43:0d:10:0f:17:9a:ef:7a:82:13:8f:c6:
fb:20:83:c9:f0:c1:c4:0b:eb:39:18:e8:6e:f2:10:09:e7:16:
da:e0:1f:8d:15:92:71:27:1e:1f:49:e9:f6:aa:59:89:36:01:
9f:25:99:a0:b8:45:ec:3c:50:20:f8:7b:c7:e2:0d:cd:39:29:
0b:5e:28:e9:86:d2:ed:77:f9:dd:9b:3b:bb:56:15:d9:b4:ff:
56:46:68:38:ae:a1:ee:02:b6:ff:ca:ef:5e:a6:f2:61:f0:a5:
bd:f3:a1:35
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYpQ78FQzgLOBHDtQ5x5S6CcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjY2U4ODMyZDAyOTQ5ODAxZjExOThlOWQxM2JiMThlZDU4
MzJkMGMwHhcNMjMwOTAxMTMzMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmZmZTZkNDUwOGIyMGVjNGZlNWI3M2Y3MjhhNDE2Njg1YjAzYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AAEu0Zn6dknzWKB9f6ErwtD+hU6
8S39I3nzQNAnD2dyuogc5cbBXnb+Ax8Ep3LnyYFYaQ8wMHjgZ0cg/o8XQveCXBm1
x33xWhdnnMLepX8P9ECiHP9yixuTGo7kDq7vF/9t6WVVv0zVizOybFT7LhyUVU7n
iPMaafxkwvjP5XBVSeB04Tb4RkbBJorQ0VYRXzXXYrku4vNtHx24+G2cVsFX2h0/
mYCCmLqiXb+SSEn2AIeWKjBPFUlQNAaP5QdhW4xYUsxya0BWX77El+YkTMqJs/c3
+85enHLNlAHy7dIhVcmQ7cDnNXsYHvc/roZ9voFzQIOSauvlmHf66cPcewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGv/5tRQiyDsT+W3P3KKQWaFsDtPMB8GA1UdIwQY
MBaAFAzOiDLQKUmAHxGY6dE7sY7Vgy0MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE02SU10QXBTWUFmRVpqcDBUdXhqdFdETFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC83NzdjMGEtY2E0NC00M2VjLWFiNzkt
NWUwYWZlYzEzNmIxLzEvYV9fbTFGQ0xJT3hQNWJjX2NvcEJab1d3TzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC83NzdjMGEtY2E0NC00M2VjLWFiNzktNWUwYWZlYzEzNmIx
LzEvRE02SU10QXBTWUFmRVpqcDBUdXhqdFdETFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJc0oAwQC
uTrkMA0EAgACMAcDBQAqAkIgMA0GCSqGSIb3DQEBCwUAA4IBAQA8CVsBTIZd0nd/
wfA8vYmkmnBZ6mM5j/vLnUBZ8KpgUQkwn24ZZ8smn3GhGat72V8rYscDnpePymjl
5uAmeX8b3IryuXk6Pvu/chUc2y6adDPKhqsR6PzjuoQV1kxC/Z9zYXhTr7ux17gT
rf73MqRcFRAa4pnioNNfDOCnEQIjDnwFYJqLq68ItxmLflpg5rbfzVneLVpDDRAP
F5rveoITj8b7IIPJ8MHEC+s5GOhu8hAJ5xba4B+NFZJxJx4fSen2qlmJNgGfJZmg
uEXsPFAg+HvH4g3NOSkLXijphtLtd/ndmzu7VhXZtP9WRmg4rqHuArb/yu9epvJh
8KW986E1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:55 2024 by rpki-client on console-ams.rpki-client.org