Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/01aH_6zoJz3VMeFgmbxl8ZQORqM.roa
File: 01aH_6zoJz3VMeFgmbxl8ZQORqM.roa (raw, json)
Hash identifier: y6NEtnNgRbB0u1DPlko9DEjSEjk7pByUutEt/8TQwlI=
Subject key identifier: D3:56:87:FF:AC:E8:27:3D:D5:31:E1:60:99:BC:65:F1:94:0E:46:A3
Certificate issuer: /CN=306d618355bd8937f75bb4650bb5c1af70f9a12e
Certificate serial: 018C4596097D7A1CE2CDCB9A490A9369F986
Authority key identifier: 30:6D:61:83:55:BD:89:37:F7:5B:B4:65:0B:B5:C1:AF:70:F9:A1:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MG1hg1W9iTf3W7RlC7XBr3D5oS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/01aH_6zoJz3VMeFgmbxl8ZQORqM.roa
Signing time: Thu 07 Dec 2023 18:41:49 +0000
ROA not before: Thu 07 Dec 2023 18:41:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58128
IP address blocks: 185.155.205.0/24 maxlen: 24
185.155.204.0/24 maxlen: 24
185.155.206.0/24 maxlen: 24
185.186.182.0/24 maxlen: 24
185.186.181.0/24 maxlen: 24
185.186.180.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:45:96:09:7d:7a:1c:e2:cd:cb:9a:49:0a:93:69:f9:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306d618355bd8937f75bb4650bb5c1af70f9a12e
Validity
Not Before: Dec 7 18:41:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d35687fface8273dd531e16099bc65f1940e46a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cb:d0:7d:ef:73:78:7e:89:ed:a0:59:69:63:
49:7b:49:25:ed:31:64:ef:86:41:78:a3:ee:cb:89:
99:69:1f:79:a9:ba:ca:4c:34:09:ce:4e:b5:a9:fc:
cf:f3:cf:c1:d8:b6:c8:68:d9:36:85:0e:53:d3:d2:
46:85:d2:9c:ef:2a:71:5c:9b:37:c0:12:d2:ab:5e:
e9:60:30:80:8e:1e:04:df:94:49:09:84:4d:9f:2b:
c6:9b:ae:ab:dd:23:99:0a:f6:2e:e2:5f:ef:5a:6f:
ef:7b:6f:c8:8a:9b:d3:29:89:2d:b7:05:2f:30:88:
b1:49:4d:d8:c0:8c:bd:93:0c:b5:f2:79:94:60:b9:
bf:15:e2:da:d1:35:d3:a0:a0:26:bc:13:c8:f2:2c:
b6:81:41:bb:2e:6d:95:0f:54:c2:62:da:26:e8:d9:
0b:14:41:20:d3:31:12:32:73:6d:d5:43:ee:7e:bc:
d7:2a:74:44:01:86:c7:af:9f:18:1d:e7:5a:79:2f:
fc:b4:36:d8:6e:02:51:29:d3:40:6a:57:8a:c8:9a:
d8:b2:df:32:86:4e:8c:74:45:bf:c1:93:2c:a5:f9:
da:a5:78:17:f3:29:0a:fa:fb:97:9b:bf:9e:53:8a:
75:c3:7e:2e:76:86:00:8b:f0:ae:c3:88:50:cd:8a:
e8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:56:87:FF:AC:E8:27:3D:D5:31:E1:60:99:BC:65:F1:94:0E:46:A3
X509v3 Authority Key Identifier:
keyid:30:6D:61:83:55:BD:89:37:F7:5B:B4:65:0B:B5:C1:AF:70:F9:A1:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MG1hg1W9iTf3W7RlC7XBr3D5oS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/01aH_6zoJz3VMeFgmbxl8ZQORqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/MG1hg1W9iTf3W7RlC7XBr3D5oS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.204.0-185.155.206.255
185.186.180.0-185.186.182.255
Signature Algorithm: sha256WithRSAEncryption
ba:64:86:b9:76:e6:a5:0e:4c:ba:65:cd:98:63:8e:a4:1f:db:
d2:8e:cb:a1:b9:d3:51:08:8d:bd:c9:57:5c:b0:6e:22:6f:a5:
fe:ed:c0:4b:26:f6:19:fd:4e:a6:a0:e8:f7:d7:f8:5f:0b:da:
2c:25:87:5a:30:81:24:41:ad:da:ab:16:bb:fe:ac:c0:11:73:
31:d0:30:54:0f:f9:63:72:f2:17:4c:c3:fd:41:a2:b5:fd:7d:
7d:54:f9:69:27:14:13:ae:e4:6d:27:84:f5:25:c7:67:a5:e8:
a5:29:0a:f2:9b:2f:d2:a0:8f:92:ef:85:72:42:51:45:f8:f4:
e2:08:5f:9e:e9:6e:e7:3a:09:0e:50:45:73:a6:96:55:12:b3:
bb:21:8b:da:56:c1:91:6e:a8:72:b7:bd:64:5c:c8:7a:11:28:
c5:fb:3e:58:af:ce:53:bd:22:d8:c7:90:0a:20:49:81:7f:dc:
26:03:d8:5c:46:dd:23:03:20:70:33:ac:8f:9d:3c:dc:1f:c3:
d3:a1:ba:6e:c2:cf:ef:ea:3b:db:5f:66:f6:de:59:80:6e:5c:
84:b2:fa:4b:29:d3:17:c5:ac:af:7b:c9:bb:7c:34:47:03:4f:
a9:44:6b:41:b3:1e:b7:d7:97:ff:9c:17:ea:03:c7:42:f1:01:
6d:0d:db:ba
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYxFlgl9ehzizcuaSQqTafmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNmQ2MTgzNTViZDg5MzdmNzViYjQ2NTBiYjVjMWFmNzBm
OWExMmUwHhcNMjMxMjA3MTg0MTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzU2ODdmZmFjZTgyNzNkZDUzMWUxNjA5OWJjNjVmMTk0MGU0NmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMvQfe9zeH6J7aBZaWNJe0kl7TFk
74ZBeKPuy4mZaR95qbrKTDQJzk61qfzP88/B2LbIaNk2hQ5T09JGhdKc7ypxXJs3
wBLSq17pYDCAjh4E35RJCYRNnyvGm66r3SOZCvYu4l/vWm/ve2/IipvTKYkttwUv
MIixSU3YwIy9kwy18nmUYLm/FeLa0TXToKAmvBPI8iy2gUG7Lm2VD1TCYtom6NkL
FEEg0zESMnNt1UPufrzXKnREAYbHr58YHedaeS/8tDbYbgJRKdNAaleKyJrYst8y
hk6MdEW/wZMspfnapXgX8ykK+vuXm7+eU4p1w34udoYAi/Cuw4hQzYroJwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNNWh/+s6Cc91THhYJm8ZfGUDkajMB8GA1UdIwQY
MBaAFDBtYYNVvYk391u0ZQu1wa9w+aEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUcxaGcxVzlpVGYzVzdSbEM3WEJyM0Q1b1M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8zY2RlOWItMzcwNS00ZGMzLThkN2Ut
NTE2ZmZkODczNzZjLzEvMDFhSF82em9KejNWTWVGZ21ieGw4WlFPUnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8zY2RlOWItMzcwNS00ZGMzLThkN2UtNTE2ZmZkODczNzZj
LzEvTUcxaGcxVzlpVGYzVzdSbEM3WEJyM0Q1b1M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAK5m8wD
BAC5m84wDAMEArm6tAMEALm6tjANBgkqhkiG9w0BAQsFAAOCAQEAumSGuXbmpQ5M
umXNmGOOpB/b0o7LobnTUQiNvclXXLBuIm+l/u3ASyb2Gf1OpqDo99f4XwvaLCWH
WjCBJEGt2qsWu/6swBFzMdAwVA/5Y3LyF0zD/UGitf19fVT5aScUE67kbSeE9SXH
Z6XopSkK8psv0qCPku+FckJRRfj04ghfnulu5zoJDlBFc6aWVRKzuyGL2lbBkW6o
cre9ZFzIehEoxfs+WK/OU70i2MeQCiBJgX/cJgPYXEbdIwMgcDOsj5083B/D06G6
bsLP7+o7219m9t5ZgG5chLL6SynTF8Wsr3vJu3w0RwNPqURrQbMet9eX/5wX6gPH
QvEBbQ3bug==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:12 2024 by rpki-client on console-fra.rpki-client.org