Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/bcX4jYGZIdLIbz8CUwPU1egP_hU.roa
File: bcX4jYGZIdLIbz8CUwPU1egP_hU.roa (raw, json)
Hash identifier: I2Sb55MIw9wDh7T1tsTfOcwrTDzj0D8Z/fyp91kzbTk=
Subject key identifier: 6D:C5:F8:8D:81:99:21:D2:C8:6F:3F:02:53:03:D4:D5:E8:0F:FE:15
Certificate issuer: /CN=2b237c5affe93543ae2fe6e1ffed182396eb9bb3
Certificate serial: 018CC80181500573D7CBC7A314556B4CA40D
Authority key identifier: 2B:23:7C:5A:FF:E9:35:43:AE:2F:E6:E1:FF:ED:18:23:96:EB:9B:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/bcX4jYGZIdLIbz8CUwPU1egP_hU.roa
Signing time: Tue 02 Jan 2024 02:29:50 +0000
ROA not before: Tue 02 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200425
IP address blocks: 185.107.196.0/24 maxlen: 24
185.107.196.0/23 maxlen: 23
2a06:45c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Jun 2024 12:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:81:50:05:73:d7:cb:c7:a3:14:55:6b:4c:a4:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b237c5affe93543ae2fe6e1ffed182396eb9bb3
Validity
Not Before: Jan 2 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dc5f88d819921d2c86f3f025303d4d5e80ffe15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:26:9d:de:93:53:99:99:04:00:53:ed:21:33:
76:02:03:c7:c8:ed:a8:0b:e5:68:02:ea:aa:d5:e3:
b5:1e:18:af:af:1f:7f:ea:a6:24:53:79:bd:6d:57:
97:78:e5:3e:43:53:90:6b:35:f7:4f:43:c6:fc:4d:
ae:9a:62:a9:c6:33:34:33:d8:a1:e6:e3:ea:94:67:
3a:13:de:9d:c8:10:f4:d9:36:28:dc:39:18:bf:90:
06:77:e1:41:96:e1:15:db:be:aa:d8:cc:5b:e8:b3:
7f:e3:a8:2a:ef:bb:cb:eb:88:3b:e3:7c:e2:c7:91:
2c:8f:c3:9f:bb:d8:5b:28:3c:09:b5:07:42:05:29:
e3:fa:5e:c6:96:f4:9b:65:38:a4:27:c9:35:37:4f:
ad:0d:57:59:29:cb:dc:dd:4e:b5:4c:f7:09:37:83:
d1:7a:c6:29:4f:cd:c5:59:63:22:69:91:bb:ec:19:
8a:27:e5:eb:b4:56:d2:85:5a:17:7f:8c:59:db:b9:
96:27:32:a1:87:d5:df:37:9c:e4:27:f2:83:b5:95:
b2:23:5f:f6:82:42:f2:71:ea:63:e9:5a:c0:aa:84:
e6:64:31:59:a7:9b:2d:d2:76:62:d2:56:1b:e3:73:
09:f4:90:e4:38:43:6d:d8:b5:65:73:0d:16:d1:df:
6c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C5:F8:8D:81:99:21:D2:C8:6F:3F:02:53:03:D4:D5:E8:0F:FE:15
X509v3 Authority Key Identifier:
keyid:2B:23:7C:5A:FF:E9:35:43:AE:2F:E6:E1:FF:ED:18:23:96:EB:9B:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/bcX4jYGZIdLIbz8CUwPU1egP_hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/KyN8Wv_pNUOuL-bh_-0YI5brm7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.196.0/23
IPv6:
2a06:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
81:ce:5a:48:7d:4e:10:f5:e6:33:8f:31:64:49:c8:f8:28:fb:
9a:04:95:70:a7:40:97:5a:c0:6d:d6:4f:6b:7b:fb:c6:25:36:
d2:46:a9:e2:b6:0b:6c:28:07:8b:b8:9d:d0:c4:c1:2e:06:ff:
a4:58:9c:84:2d:2f:81:7e:b4:d6:54:96:1f:63:c0:91:88:9c:
e6:57:f3:35:94:dd:fa:b3:cd:3b:3f:eb:ae:b8:eb:ed:bc:5a:
db:28:78:49:d2:dd:50:cd:6b:50:41:03:19:2e:87:73:2f:b3:
38:a2:4e:c2:3d:65:82:b2:7e:8a:c3:cd:1c:55:3f:e3:78:4f:
e9:6c:08:21:50:46:4a:3b:6d:38:38:a0:72:0c:32:f6:64:b4:
dd:48:e0:cf:82:c9:50:b7:ef:9c:62:56:bf:7c:eb:89:40:a7:
4e:fb:b1:2a:b4:26:f2:53:6b:ac:0c:1e:cc:9e:1e:a3:b0:9f:
b1:93:b1:cb:82:ac:ef:7a:a4:22:33:b0:ed:16:6a:df:b2:c0:
32:27:3c:ee:b4:a8:2f:aa:6a:20:47:06:26:25:b1:24:1c:5c:
a6:0c:a0:00:1c:96:ef:80:6e:7e:24:fe:e2:92:11:df:93:96:
66:3a:e1:a7:4a:71:f6:69:db:d4:0d:c0:7a:e4:61:38:13:bf:
1c:cc:0e:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAYFQBXPXy8ejFFVrTKQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjM3YzVhZmZlOTM1NDNhZTJmZTZlMWZmZWQxODIzOTZl
YjliYjMwHhcNMjQwMTAyMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGM1Zjg4ZDgxOTkyMWQyYzg2ZjNmMDI1MzAzZDRkNWU4MGZmZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyad3pNTmZkEAFPtITN2AgPHyO2o
C+VoAuqq1eO1Hhivrx9/6qYkU3m9bVeXeOU+Q1OQazX3T0PG/E2ummKpxjM0M9ih
5uPqlGc6E96dyBD02TYo3DkYv5AGd+FBluEV276q2Mxb6LN/46gq77vL64g743zi
x5Esj8Ofu9hbKDwJtQdCBSnj+l7GlvSbZTikJ8k1N0+tDVdZKcvc3U61TPcJN4PR
esYpT83FWWMiaZG77BmKJ+XrtFbShVoXf4xZ27mWJzKhh9XfN5zkJ/KDtZWyI1/2
gkLycepj6VrAqoTmZDFZp5st0nZi0lYb43MJ9JDkOENt2LVlcw0W0d9slwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG3F+I2BmSHSyG8/AlMD1NXoD/4VMB8GA1UdIwQY
MBaAFCsjfFr/6TVDri/m4f/tGCOW65uzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lOOFd2X3BOVU91TC1iaF8tMFlJNWJybTdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi82NGEwNTMtMjZmZi00OGE2LWFlZGEt
MTQ3MDJhNGQyNjYwLzEvYmNYNGpZR1pJZExJYno4Q1V3UFUxZWdQX2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi82NGEwNTMtMjZmZi00OGE2LWFlZGEtMTQ3MDJhNGQyNjYw
LzEvS3lOOFd2X3BOVU91TC1iaF8tMFlJNWJybTdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuWvEMA0E
AgACMAcDBQAqBkXAMA0GCSqGSIb3DQEBCwUAA4IBAQCBzlpIfU4Q9eYzjzFkScj4
KPuaBJVwp0CXWsBt1k9re/vGJTbSRqnitgtsKAeLuJ3QxMEuBv+kWJyELS+BfrTW
VJYfY8CRiJzmV/M1lN36s807P+uuuOvtvFrbKHhJ0t1QzWtQQQMZLodzL7M4ok7C
PWWCsn6Kw80cVT/jeE/pbAghUEZKO204OKByDDL2ZLTdSODPgslQt++cYla/fOuJ
QKdO+7EqtCbyU2usDB7Mnh6jsJ+xk7HLgqzveqQiM7DtFmrfssAyJzzutKgvqmog
RwYmJbEkHFymDKAAHJbvgG5+JP7ikhHfk5ZmOuGnSnH2advUDcB65GE4E78czA7U
-----END CERTIFICATE-----
Generated at Mon Jun 10 16:21:30 2024 by rpki-client on console-fra.rpki-client.org