Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/8d3419-78e0-4176-8213-f17f0056108c/1/1-7SF4Fb6X4oxpk5eSW58ospskEI.roa
File: 1-7SF4Fb6X4oxpk5eSW58ospskEI.roa (raw, json)
Hash identifier: 9XFWSyPUPawDSQ+3Wo2mzKcLJZTO7PnRBw1/qiK7TjQ=
Subject key identifier: FB:B4:85:E0:56:FA:5F:8A:31:A6:4E:5E:49:6E:7C:A2:CA:6C:90:42
Certificate issuer: /CN=8e7003c7c677cc3bd68603176992a3ebd02f46cb
Certificate serial: 018753CF0B05329DCA22BE924A57257BBCBD
Authority key identifier: 8E:70:03:C7:C6:77:CC:3B:D6:86:03:17:69:92:A3:EB:D0:2F:46:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnADx8Z3zDvWhgMXaZKj69AvRss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/8d3419-78e0-4176-8213-f17f0056108c/1/1-7SF4Fb6X4oxpk5eSW58ospskEI.roa
Signing time: Wed 05 Apr 2023 23:44:50 +0000
ROA not before: Wed 05 Apr 2023 23:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200612
IP address blocks: 185.100.209.0/24 maxlen: 24
185.100.210.0/24 maxlen: 24
185.100.211.0/24 maxlen: 24
185.100.208.0/24 maxlen: 24
185.100.208.0/22 maxlen: 22
2a07:4340::/29 maxlen: 29
2a07:4343::/32 maxlen: 32
2a07:4347::/32 maxlen: 32
2a07:4340::/32 maxlen: 32
2a07:4346::/32 maxlen: 32
2a07:4341::/32 maxlen: 32
2a07:4344::/32 maxlen: 32
2a07:4345::/32 maxlen: 32
2a07:4342::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:53:cf:0b:05:32:9d:ca:22:be:92:4a:57:25:7b:bc:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e7003c7c677cc3bd68603176992a3ebd02f46cb
Validity
Not Before: Apr 5 23:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbb485e056fa5f8a31a64e5e496e7ca2ca6c9042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d8:df:01:26:89:c6:9f:ae:50:92:0c:22:46:
29:15:b5:38:22:aa:f2:4a:2b:5d:65:6c:69:58:d2:
05:d2:d8:12:f8:23:1b:47:19:64:9c:b1:bf:28:d6:
00:f4:27:58:cd:70:3a:8b:7f:65:6b:10:11:e9:02:
94:c1:f6:5b:c1:03:95:1f:21:de:15:aa:bd:7e:6d:
29:36:cc:83:6d:22:0a:be:0f:d2:c4:19:62:59:e0:
85:69:c4:ee:5e:1e:31:1b:e1:a0:75:05:67:fe:d6:
fb:10:d7:e9:00:a6:e9:77:f6:db:2f:06:c8:9f:19:
6d:a8:a4:df:e7:44:38:32:15:41:28:1c:95:e5:ad:
0a:a8:5a:46:9e:81:e4:1a:64:9f:d0:7f:2d:8c:d1:
d1:a9:7f:8d:97:b6:b7:fe:d9:15:32:a1:1b:7c:19:
5e:43:88:bf:6d:c8:69:d7:91:7b:e9:86:15:56:a7:
f1:28:31:d9:9c:ca:51:1e:1f:eb:5b:93:df:df:6c:
1b:fb:04:b6:4f:14:cd:69:bb:71:c6:5d:23:52:d8:
96:79:6d:3d:84:5a:0d:6f:32:52:9a:53:9e:ff:0d:
2f:b6:ee:31:31:df:d4:2e:7b:63:11:e1:9a:0a:d3:
35:27:ed:49:06:9b:8b:ff:9d:25:05:23:6f:4b:64:
c5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B4:85:E0:56:FA:5F:8A:31:A6:4E:5E:49:6E:7C:A2:CA:6C:90:42
X509v3 Authority Key Identifier:
keyid:8E:70:03:C7:C6:77:CC:3B:D6:86:03:17:69:92:A3:EB:D0:2F:46:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnADx8Z3zDvWhgMXaZKj69AvRss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/8d3419-78e0-4176-8213-f17f0056108c/1/1-7SF4Fb6X4oxpk5eSW58ospskEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/8d3419-78e0-4176-8213-f17f0056108c/1/jnADx8Z3zDvWhgMXaZKj69AvRss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.208.0/22
IPv6:
2a07:4340::/29
Signature Algorithm: sha256WithRSAEncryption
4a:7d:3e:9a:b3:25:d3:11:ca:b3:c3:bb:e6:5c:3c:bd:f6:7d:
8a:d6:8f:49:ea:b7:f8:5d:8f:ac:46:cb:2d:86:c4:c4:35:76:
db:eb:37:33:07:90:e4:35:33:70:16:ff:86:34:b2:76:b0:2b:
6d:a0:27:ce:9d:f7:dc:c1:e5:c2:96:6f:bf:e9:5d:d6:e6:6a:
94:70:81:49:f4:36:d3:d3:f9:92:eb:c3:8d:2a:0d:2a:5e:6e:
f6:ba:90:7d:0a:99:63:1a:83:bc:5f:a2:ba:3c:4d:f4:87:cb:
8a:6b:1a:be:97:e5:a5:9c:46:98:b2:62:2a:aa:49:58:06:87:
93:4a:a3:65:c3:c0:de:4a:22:c4:0a:dc:9f:c5:ac:d8:e6:9a:
27:a1:fd:f1:ce:f6:f9:7b:e7:9d:8d:ef:18:d0:5f:53:ae:83:
49:b5:83:39:c9:26:44:e3:89:54:9c:8b:bf:d6:c2:9c:80:30:
13:1a:7f:e6:57:2f:c2:a9:5b:b8:63:f4:aa:70:35:b7:26:80:
63:99:5d:0c:e5:59:17:e4:ab:ec:35:29:10:39:d7:06:f9:a0:
d1:37:d9:06:b3:86:11:18:8a:0b:25:f5:41:79:15:e9:2e:6e:
e7:72:cb:15:54:51:22:b3:2c:f0:94:39:a3:0a:f7:c2:85:81:
9d:fe:13:93
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYdTzwsFMp3KIr6SSlcle7y9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzAwM2M3YzY3N2NjM2JkNjg2MDMxNzY5OTJhM2ViZDAy
ZjQ2Y2IwHhcNMjMwNDA1MjM0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmI0ODVlMDU2ZmE1ZjhhMzFhNjRlNWU0OTZlN2NhMmNhNmM5MDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNjfASaJxp+uUJIMIkYpFbU4Iqry
SitdZWxpWNIF0tgS+CMbRxlknLG/KNYA9CdYzXA6i39laxAR6QKUwfZbwQOVHyHe
Faq9fm0pNsyDbSIKvg/SxBliWeCFacTuXh4xG+GgdQVn/tb7ENfpAKbpd/bbLwbI
nxltqKTf50Q4MhVBKByV5a0KqFpGnoHkGmSf0H8tjNHRqX+Nl7a3/tkVMqEbfBle
Q4i/bchp15F76YYVVqfxKDHZnMpRHh/rW5Pf32wb+wS2TxTNabtxxl0jUtiWeW09
hFoNbzJSmlOe/w0vtu4xMd/ULntjEeGaCtM1J+1JBpuL/50lBSNvS2TF8QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPu0heBW+l+KMaZOXklufKLKbJBCMB8GA1UdIwQY
MBaAFI5wA8fGd8w71oYDF2mSo+vQL0bLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5BRHg4WjN6RHZXaGdNWGFaS2o2OUF2UnNzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi84ZDM0MTktNzhlMC00MTc2LTgyMTMt
ZjE3ZjAwNTYxMDhjLzEvMS03U0Y0RmI2WDRveHBrNWVTVzU4b3Nwc2tFSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDIvOGQzNDE5LTc4ZTAtNDE3Ni04MjEzLWYxN2YwMDU2MTA4
Yy8xL2puQUR4OFozekR2V2hnTVhhWktqNjlBdlJzcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlk0DAN
BAIAAjAHAwUDKgdDQDANBgkqhkiG9w0BAQsFAAOCAQEASn0+mrMl0xHKs8O75lw8
vfZ9itaPSeq3+F2PrEbLLYbExDV22+s3MweQ5DUzcBb/hjSydrArbaAnzp333MHl
wpZvv+ld1uZqlHCBSfQ209P5kuvDjSoNKl5u9rqQfQqZYxqDvF+iujxN9IfLimsa
vpflpZxGmLJiKqpJWAaHk0qjZcPA3koixArcn8Ws2OaaJ6H98c72+XvnnY3vGNBf
U66DSbWDOckmROOJVJyLv9bCnIAwExp/5lcvwqlbuGP0qnA1tyaAY5ldDOVZF+Sr
7DUpEDnXBvmg0TfZBrOGERiKCyX1QXkV6S5u53LLFVRRIrMs8JQ5owr3woWBnf4T
kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:45 2024 by rpki-client on console-fra.rpki-client.org