Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/C0uTzP1YrOysedfW-w0m5UD4SoU.roa
File: C0uTzP1YrOysedfW-w0m5UD4SoU.roa (raw, json)
Hash identifier: ATFw2eKA7uf9X5whPGFLw3dkp5/AgKk4/8+Ky69pyUo=
Subject key identifier: 0B:4B:93:CC:FD:58:AC:EC:AC:79:D7:D6:FB:0D:26:E5:40:F8:4A:85
Certificate issuer: /CN=2b237c5affe93543ae2fe6e1ffed182396eb9bb3
Certificate serial: 01857227E7099500E2FD2C1A520C019EBECB
Authority key identifier: 2B:23:7C:5A:FF:E9:35:43:AE:2F:E6:E1:FF:ED:18:23:96:EB:9B:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/C0uTzP1YrOysedfW-w0m5UD4SoU.roa
Signing time: Mon 02 Jan 2023 11:04:55 +0000
ROA not before: Mon 02 Jan 2023 11:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200425
IP address blocks: 185.107.196.0/24 maxlen: 24
185.107.196.0/23 maxlen: 23
2a06:45c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:e7:09:95:00:e2:fd:2c:1a:52:0c:01:9e:be:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b237c5affe93543ae2fe6e1ffed182396eb9bb3
Validity
Not Before: Jan 2 11:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b4b93ccfd58acecac79d7d6fb0d26e540f84a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f3:f1:bb:87:24:57:42:ae:18:2f:ad:73:9f:
a8:e4:e6:f5:29:e4:fa:bc:3f:88:83:2c:eb:b3:16:
30:5a:cc:e8:81:64:56:89:d0:cb:a7:fc:f1:f5:de:
02:a2:77:5c:ab:06:95:ee:5b:fe:8d:3e:75:0b:4b:
4b:b1:a5:df:91:71:39:a0:08:f7:2d:1b:9c:0a:6d:
6e:35:72:73:c4:6d:c0:6b:d6:b4:6c:a4:93:87:60:
48:16:5d:09:a3:1b:a7:d5:fc:1d:a2:9e:06:ed:fc:
da:67:1b:d8:0f:aa:41:fe:9f:78:7d:4f:fb:51:6b:
e0:f2:96:30:5a:e5:96:1f:18:09:84:98:02:d4:00:
cd:54:d6:68:3c:37:76:89:6e:97:12:2c:4c:34:bb:
c7:c8:f1:e9:dc:71:06:8a:a3:8e:b8:38:c8:91:50:
3d:71:4b:52:d7:e1:15:d2:d9:10:5c:46:d6:f0:a2:
3b:38:9f:59:97:b9:3f:0b:f5:90:17:05:1f:dc:3a:
39:1c:a0:37:e7:f3:3f:6f:9e:a6:86:ea:64:ad:ac:
e1:ec:91:02:1c:f4:73:58:7d:1f:98:54:88:b1:b5:
44:15:5d:8a:b1:39:55:95:57:c8:c0:6d:0a:f7:49:
27:42:21:00:27:5b:22:2e:01:28:89:29:5c:c3:d5:
f5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:4B:93:CC:FD:58:AC:EC:AC:79:D7:D6:FB:0D:26:E5:40:F8:4A:85
X509v3 Authority Key Identifier:
keyid:2B:23:7C:5A:FF:E9:35:43:AE:2F:E6:E1:FF:ED:18:23:96:EB:9B:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/C0uTzP1YrOysedfW-w0m5UD4SoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/KyN8Wv_pNUOuL-bh_-0YI5brm7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.196.0/23
IPv6:
2a06:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
86:b7:04:e0:30:0e:4a:30:76:1e:97:60:08:5f:9e:91:0a:d7:
f5:ef:5d:e6:08:12:88:f7:45:12:9b:65:de:1d:c1:cb:4a:85:
62:ef:07:4a:8b:60:0d:5b:4a:c7:9c:4e:86:6b:d8:6d:03:0b:
4f:71:62:1c:92:bb:1e:a0:dd:d4:b1:49:5f:b4:11:3e:15:7d:
77:50:c5:9e:31:0b:c7:ba:8e:97:91:fe:b7:8c:5c:5c:dc:e2:
63:ce:51:1a:a1:73:9e:5e:57:81:57:13:39:bc:f7:a1:80:af:
4a:55:55:ad:05:8f:d0:c6:98:6c:81:28:ee:1a:b1:80:7e:52:
4f:a8:7f:d9:85:33:b9:2e:b6:fb:a3:70:82:e3:30:43:08:27:
1e:a9:27:1e:21:ae:ec:00:33:b7:4e:1d:3b:79:c6:f8:85:94:
cb:ef:da:bc:b0:fe:3e:e3:4e:20:df:0d:8d:cb:14:36:63:83:
15:5b:c4:25:7c:3d:0c:d9:40:2b:5a:63:a3:74:b8:38:a0:ed:
b9:8e:f5:29:39:ff:08:db:86:58:6a:48:bb:72:db:c2:92:7e:
5e:d4:38:71:59:ea:ea:94:e9:a2:04:6f:9e:bd:d4:c4:9c:96:
2d:52:cc:a2:2c:0f:4b:c0:6c:26:24:66:bb:c7:6d:5e:f4:4f:
61:33:9f:ce
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyJ+cJlQDi/SwaUgwBnr7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjM3YzVhZmZlOTM1NDNhZTJmZTZlMWZmZWQxODIzOTZl
YjliYjMwHhcNMjMwMTAyMTEwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjRiOTNjY2ZkNThhY2VjYWM3OWQ3ZDZmYjBkMjZlNTQwZjg0YTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvPxu4ckV0KuGC+tc5+o5Ob1KeT6
vD+IgyzrsxYwWszogWRWidDLp/zx9d4CondcqwaV7lv+jT51C0tLsaXfkXE5oAj3
LRucCm1uNXJzxG3Aa9a0bKSTh2BIFl0Joxun1fwdop4G7fzaZxvYD6pB/p94fU/7
UWvg8pYwWuWWHxgJhJgC1ADNVNZoPDd2iW6XEixMNLvHyPHp3HEGiqOOuDjIkVA9
cUtS1+EV0tkQXEbW8KI7OJ9Zl7k/C/WQFwUf3Do5HKA35/M/b56mhupkrazh7JEC
HPRzWH0fmFSIsbVEFV2KsTlVlVfIwG0K90knQiEAJ1siLgEoiSlcw9X1ZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAtLk8z9WKzsrHnX1vsNJuVA+EqFMB8GA1UdIwQY
MBaAFCsjfFr/6TVDri/m4f/tGCOW65uzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lOOFd2X3BOVU91TC1iaF8tMFlJNWJybTdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi82NGEwNTMtMjZmZi00OGE2LWFlZGEt
MTQ3MDJhNGQyNjYwLzEvQzB1VHpQMVlyT3lzZWRmVy13MG01VUQ0U29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi82NGEwNTMtMjZmZi00OGE2LWFlZGEtMTQ3MDJhNGQyNjYw
LzEvS3lOOFd2X3BOVU91TC1iaF8tMFlJNWJybTdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuWvEMA0E
AgACMAcDBQAqBkXAMA0GCSqGSIb3DQEBCwUAA4IBAQCGtwTgMA5KMHYel2AIX56R
Ctf1713mCBKI90USm2XeHcHLSoVi7wdKi2ANW0rHnE6Ga9htAwtPcWIckrseoN3U
sUlftBE+FX13UMWeMQvHuo6Xkf63jFxc3OJjzlEaoXOeXleBVxM5vPehgK9KVVWt
BY/QxphsgSjuGrGAflJPqH/ZhTO5Lrb7o3CC4zBDCCceqSceIa7sADO3Th07ecb4
hZTL79q8sP4+404g3w2NyxQ2Y4MVW8QlfD0M2UArWmOjdLg4oO25jvUpOf8I24ZY
aki7ctvCkn5e1DhxWerqlOmiBG+evdTEnJYtUsyiLA9LwGwmJGa7x21e9E9hM5/O
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:19 2024 by rpki-client on console-ams.rpki-client.org