Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/9QMaG6-qM803Bo4T5s4Y1gZQmQs.roa
File: 9QMaG6-qM803Bo4T5s4Y1gZQmQs.roa (raw, json)
Hash identifier: E/pnyxqMEo3L6mrhaVWKfuMemo7RZpIIbRVEhDgDAA4=
Subject key identifier: F5:03:1A:1B:AF:AA:33:CD:37:06:8E:13:E6:CE:18:D6:06:50:99:0B
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 0186A8C35B55C8CCFB22DC5CFF751F9E5A6A
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/9QMaG6-qM803Bo4T5s4Y1gZQmQs.roa
Signing time: Fri 03 Mar 2023 18:37:00 +0000
ROA not before: Fri 03 Mar 2023 18:37:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 185.192.213.0/24 maxlen: 24
185.192.212.0/24 maxlen: 24
185.192.212.0/22 maxlen: 24
185.192.215.0/24 maxlen: 24
185.192.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 22:16:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a8:c3:5b:55:c8:cc:fb:22:dc:5c:ff:75:1f:9e:5a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Mar 3 18:37:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5031a1bafaa33cd37068e13e6ce18d60650990b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:85:86:b9:f3:23:bf:fe:eb:d0:54:f3:64:97:
62:6c:a5:d8:96:1b:72:82:e9:ce:36:91:e1:c3:c2:
8e:20:80:96:c6:de:f6:7b:f9:40:41:9b:cf:a9:45:
0a:0e:4b:8f:cb:3b:46:02:9c:4e:2b:11:e5:02:52:
68:55:e6:be:42:03:42:54:a0:d9:4a:27:2a:9f:3b:
72:46:8e:97:bd:f6:90:b8:d1:31:74:1b:20:15:17:
86:2a:7d:e4:1b:be:ba:ce:36:74:a3:af:78:eb:dc:
d4:70:94:8c:15:a4:04:bb:74:6b:3c:52:8d:c3:61:
a8:97:44:b6:c0:b2:93:16:c3:a9:8e:55:45:7b:8b:
b6:5b:fc:00:47:dc:6d:d1:e6:16:8e:3c:6c:d1:76:
f2:8f:ae:66:ac:db:30:81:c2:76:6a:1d:c2:a6:33:
61:66:87:3e:9e:1c:7e:a4:69:d8:1b:1f:94:20:e7:
54:b8:e3:9b:ed:4b:dd:c8:b2:e8:9d:2f:a4:f1:f7:
70:6b:37:8f:e5:dc:5d:81:f2:32:16:b6:40:65:5b:
2d:ea:ce:b5:da:3b:33:60:79:73:40:49:fa:c9:f2:
29:d7:c4:cc:4a:8a:99:ba:77:09:e1:1f:50:bd:cc:
29:bd:22:d2:39:0b:7c:0b:cc:3e:ed:50:30:66:4f:
48:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:03:1A:1B:AF:AA:33:CD:37:06:8E:13:E6:CE:18:D6:06:50:99:0B
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/9QMaG6-qM803Bo4T5s4Y1gZQmQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.212.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:22:02:26:8b:ee:a6:90:1b:08:4f:f8:76:35:b5:7b:7f:83:
ee:7a:11:d0:9f:54:c1:49:6b:4a:14:19:48:7e:f3:e5:bb:54:
07:ef:8c:a3:51:2b:5f:b7:db:e1:e1:62:8c:96:8f:d5:41:58:
59:38:6a:ab:75:af:a8:47:e2:29:39:f7:82:db:80:6b:6b:91:
1c:86:53:fc:4b:b7:a4:d5:6d:0c:a8:b1:82:a9:a8:08:07:5b:
93:d5:7d:b3:af:ee:cc:71:a9:fe:a7:fc:ef:3a:f8:59:05:07:
cd:82:c4:10:45:88:89:c6:49:19:50:26:38:2c:99:b8:ee:c4:
55:7f:ac:d5:68:c5:40:bd:d1:6a:70:03:73:28:46:51:8e:a0:
96:a2:58:d5:06:d2:71:af:c5:45:fb:ab:d6:5a:70:04:4d:63:
78:b6:ff:64:71:ba:8a:09:62:33:04:cf:24:da:99:f5:96:15:
18:35:b1:51:69:d1:61:39:d3:5a:98:ef:79:b6:75:e4:da:18:
a6:37:9a:af:18:7f:f2:62:de:5b:6a:d4:0f:3a:c4:b2:d4:c7:
07:4d:00:57:67:ce:43:d8:56:2a:d9:ab:97:5b:9f:f2:b5:ce:
bd:ee:95:64:60:e0:29:94:59:e3:be:9a:48:81:0d:ee:20:4a:
b1:8a:92:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaow1tVyMz7Itxc/3UfnlpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjMwMzAzMTgzNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTAzMWExYmFmYWEzM2NkMzcwNjhlMTNlNmNlMThkNjA2NTA5OTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYWGufMjv/7r0FTzZJdibKXYlhty
gunONpHhw8KOIICWxt72e/lAQZvPqUUKDkuPyztGApxOKxHlAlJoVea+QgNCVKDZ
SicqnztyRo6XvfaQuNExdBsgFReGKn3kG766zjZ0o69469zUcJSMFaQEu3RrPFKN
w2Gol0S2wLKTFsOpjlVFe4u2W/wAR9xt0eYWjjxs0Xbyj65mrNswgcJ2ah3CpjNh
Zoc+nhx+pGnYGx+UIOdUuOOb7UvdyLLonS+k8fdwazeP5dxdgfIyFrZAZVst6s61
2jszYHlzQEn6yfIp18TMSoqZuncJ4R9QvcwpvSLSOQt8C8w+7VAwZk9IswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPUDGhuvqjPNNwaOE+bOGNYGUJkLMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvOVFNYUc2LXFNODAzQm80VDVzNFkxZ1pRbVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucDUMA0G
CSqGSIb3DQEBCwUAA4IBAQBNIgImi+6mkBsIT/h2NbV7f4PuehHQn1TBSWtKFBlI
fvPlu1QH74yjUStft9vh4WKMlo/VQVhZOGqrda+oR+IpOfeC24Bra5EchlP8S7ek
1W0MqLGCqagIB1uT1X2zr+7Mcan+p/zvOvhZBQfNgsQQRYiJxkkZUCY4LJm47sRV
f6zVaMVAvdFqcANzKEZRjqCWoljVBtJxr8VF+6vWWnAETWN4tv9kcbqKCWIzBM8k
2pn1lhUYNbFRadFhOdNamO95tnXk2himN5qvGH/yYt5batQPOsSy1McHTQBXZ85D
2FYq2auXW5/ytc697pVkYOAplFnjvppIgQ3uIEqxipLV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:09 2024 by rpki-client on console-ams.rpki-client.org