Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/x-0-Et_9yP1XEUSWo6R43OG0Mck.roa
File: x-0-Et_9yP1XEUSWo6R43OG0Mck.roa (raw, json)
Hash identifier: e8illLQ3A8EOJWIGx10iIGgKIxT8OwvRyMVPM+050+Y=
Subject key identifier: C7:ED:3E:12:DF:FD:C8:FD:57:11:44:96:A3:A4:78:DC:E1:B4:31:C9
Certificate issuer: /CN=e49dbf3c44468e52411d4861856bf0bdc79063e4
Certificate serial: 018573439D9E25FF85E8CAF1655B4878D3B0
Authority key identifier: E4:9D:BF:3C:44:46:8E:52:41:1D:48:61:85:6B:F0:BD:C7:90:63:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5J2_PERGjlJBHUhhhWvwvceQY-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/x-0-Et_9yP1XEUSWo6R43OG0Mck.roa
Signing time: Mon 02 Jan 2023 16:14:49 +0000
ROA not before: Mon 02 Jan 2023 16:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56975
IP address blocks: 185.108.220.0/24 maxlen: 24
185.108.223.0/24 maxlen: 24
185.108.222.0/24 maxlen: 24
2a00:e000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:9d:9e:25:ff:85:e8:ca:f1:65:5b:48:78:d3:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e49dbf3c44468e52411d4861856bf0bdc79063e4
Validity
Not Before: Jan 2 16:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7ed3e12dffdc8fd57114496a3a478dce1b431c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:56:cb:d1:cf:39:5d:c8:39:27:c2:33:fd:16:
e4:60:78:35:38:1b:09:18:ad:bc:f9:b5:d4:e8:37:
83:b9:f1:b8:30:96:b2:48:0c:4d:71:42:bc:22:42:
1a:81:e4:a0:20:d4:e5:1e:38:b5:0e:8e:fd:9c:93:
91:87:f2:8a:7c:08:0f:13:ca:18:cb:d2:5c:70:8e:
75:0e:a7:41:42:c9:29:93:53:e3:f6:ae:d0:f5:10:
1b:60:d4:c3:b1:2c:18:f4:10:db:2e:1e:86:59:9f:
ca:a9:64:d7:c0:81:20:60:bb:23:8f:a0:38:77:22:
c2:2b:14:d5:22:99:4c:0a:07:e3:23:e1:1f:4b:3e:
75:4f:86:b7:86:1e:e7:b4:62:ce:11:4c:fd:8f:f1:
81:49:11:81:0b:c2:9a:c4:be:78:28:b0:60:53:6d:
a2:78:1e:b1:5b:0d:a5:59:e5:dc:dc:58:cc:c7:8f:
a7:60:74:0d:8f:20:f1:33:47:ed:ce:48:b0:90:28:
b7:c7:11:61:5f:07:fd:72:9c:78:af:b4:59:f3:0b:
50:d5:d7:11:3e:dd:a6:0f:d9:98:04:df:6b:55:26:
30:69:89:7b:3c:27:e0:6a:2b:33:54:4a:55:27:aa:
9f:94:ad:d5:f5:16:ba:c4:55:d4:78:2a:05:ec:2c:
2f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:ED:3E:12:DF:FD:C8:FD:57:11:44:96:A3:A4:78:DC:E1:B4:31:C9
X509v3 Authority Key Identifier:
keyid:E4:9D:BF:3C:44:46:8E:52:41:1D:48:61:85:6B:F0:BD:C7:90:63:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5J2_PERGjlJBHUhhhWvwvceQY-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/x-0-Et_9yP1XEUSWo6R43OG0Mck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/5J2_PERGjlJBHUhhhWvwvceQY-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.220.0/24
185.108.222.0/23
IPv6:
2a00:e000::/48
Signature Algorithm: sha256WithRSAEncryption
7f:dc:7d:fe:67:69:ff:cc:67:d9:29:2a:91:e9:36:b6:d4:ec:
ec:e7:af:e8:d8:f6:7b:b6:7f:3e:6e:ac:0c:df:dc:5d:24:a7:
9a:26:69:86:6c:48:75:f8:2e:65:2a:b9:41:6b:e5:c8:c1:0f:
91:33:13:f3:76:86:48:c0:04:49:73:d5:c3:13:2a:9d:11:0d:
df:b8:98:9a:20:8b:bd:e9:59:2e:09:c2:e0:b7:6d:5c:2d:ce:
0f:8a:bc:aa:78:c1:16:e4:98:75:a7:e9:36:79:f2:a0:35:9f:
e5:06:6d:ce:53:64:fc:c8:ec:c1:04:2c:b1:e2:59:ef:d9:bb:
00:55:27:69:ad:f7:7c:21:7b:3a:e5:ed:a6:95:b4:40:40:d5:
d3:29:91:54:30:93:cf:b5:96:90:b9:25:95:e1:9f:02:72:1a:
b5:49:a5:aa:9f:6c:4f:9a:fd:06:a4:78:97:4b:19:1f:33:8e:
2d:2e:18:5f:d5:fb:6b:33:b5:d8:90:96:50:2d:51:fd:fc:59:
64:48:14:70:5e:63:3e:64:d9:54:61:32:1f:22:f9:d5:c2:e2:
b2:89:ca:de:14:27:a2:ed:82:b6:bd:2e:dd:62:63:9c:15:54:
5c:6d:14:6f:8c:8e:a3:08:70:fc:28:fb:75:da:af:44:2a:d9:
db:4c:6d:79
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVzQ52eJf+F6MrxZVtIeNOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0OWRiZjNjNDQ0NjhlNTI0MTFkNDg2MTg1NmJmMGJkYzc5
MDYzZTQwHhcNMjMwMTAyMTYxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2VkM2UxMmRmZmRjOGZkNTcxMTQ0OTZhM2E0NzhkY2UxYjQzMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllbL0c85Xcg5J8Iz/RbkYHg1OBsJ
GK28+bXU6DeDufG4MJaySAxNcUK8IkIageSgINTlHji1Do79nJORh/KKfAgPE8oY
y9JccI51DqdBQskpk1Pj9q7Q9RAbYNTDsSwY9BDbLh6GWZ/KqWTXwIEgYLsjj6A4
dyLCKxTVIplMCgfjI+EfSz51T4a3hh7ntGLOEUz9j/GBSRGBC8KaxL54KLBgU22i
eB6xWw2lWeXc3FjMx4+nYHQNjyDxM0ftzkiwkCi3xxFhXwf9cpx4r7RZ8wtQ1dcR
Pt2mD9mYBN9rVSYwaYl7PCfgaiszVEpVJ6qflK3V9Ra6xFXUeCoF7Cwv3QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMftPhLf/cj9VxFElqOkeNzhtDHJMB8GA1UdIwQY
MBaAFOSdvzxERo5SQR1IYYVr8L3HkGPkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUoyX1BFUkdqbEpCSFVoaGhXdnd2Y2VRWS1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82ZTQ1N2UtMzY2ZC00NDBiLWFmMmMt
NWNhZGJkY2YyMjE1LzEveC0wLUV0Xzl5UDFYRVVTV282UjQzT0cwTWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82ZTQ1N2UtMzY2ZC00NDBiLWFmMmMtNWNhZGJkY2YyMjE1
LzEvNUoyX1BFUkdqbEpCSFVoaGhXdnd2Y2VRWS1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuWzcAwQB
uWzeMA8EAgACMAkDBwAqAOAAAAAwDQYJKoZIhvcNAQELBQADggEBAH/cff5naf/M
Z9kpKpHpNrbU7Oznr+jY9nu2fz5urAzf3F0kp5omaYZsSHX4LmUquUFr5cjBD5Ez
E/N2hkjABElz1cMTKp0RDd+4mJogi73pWS4JwuC3bVwtzg+KvKp4wRbkmHWn6TZ5
8qA1n+UGbc5TZPzI7MEELLHiWe/ZuwBVJ2mt93whezrl7aaVtEBA1dMpkVQwk8+1
lpC5JZXhnwJyGrVJpaqfbE+a/QakeJdLGR8zji0uGF/V+2sztdiQllAtUf38WWRI
FHBeYz5k2VRhMh8i+dXC4rKJyt4UJ6Ltgra9Lt1iY5wVVFxtFG+MjqMIcPwo+3Xa
r0Qq2dtMbXk=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:41 2024 by rpki-client on console-ams.rpki-client.org