Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/rHgV8iOcUCHTKjZxD5NDayzaq70.roa
File: rHgV8iOcUCHTKjZxD5NDayzaq70.roa (raw, json)
Hash identifier: QSR54SXjs/vdHg56OdoHHkyy5cGyG+trNweN53cAj/g=
Subject key identifier: AC:78:15:F2:23:9C:50:21:D3:2A:36:71:0F:93:43:6B:2C:DA:AB:BD
Certificate issuer: /CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Certificate serial: 0190FD6CCE728F8F1DE458E26E79FC4781EE
Authority key identifier: 87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/rHgV8iOcUCHTKjZxD5NDayzaq70.roa
Signing time: Mon 29 Jul 2024 07:38:04 +0000
ROA not before: Mon 29 Jul 2024 07:38:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205925
IP address blocks: 185.197.212.0/22 maxlen: 22
185.197.213.0/24 maxlen: 24
2a0a:7c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 12 Dec 2024 08:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fd:6c:ce:72:8f:8f:1d:e4:58:e2:6e:79:fc:47:81:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Validity
Not Before: Jul 29 07:38:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac7815f2239c5021d32a36710f93436b2cdaabbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a7:a3:10:38:c3:21:e0:02:59:81:0e:da:2d:
5e:6e:90:97:c8:7f:a7:57:19:7a:3e:da:45:a3:22:
cc:0d:ff:48:d1:0c:7d:a1:ce:da:d1:9b:ca:7d:9c:
e3:03:a5:96:cc:54:19:3a:70:49:ac:2f:c2:ee:c4:
9b:51:e9:e6:b0:ac:6d:ad:49:f7:82:8c:22:c8:00:
1d:39:ac:c0:45:61:00:3c:67:73:30:a1:f3:4f:6f:
0e:af:3e:29:cc:2c:b0:8f:a1:82:e0:21:b7:a6:51:
0a:ea:56:b8:a0:2a:33:19:71:02:00:2c:8d:b0:06:
41:d2:cb:e7:e2:18:f2:a1:ec:13:5d:08:44:f4:96:
b6:0f:f0:c4:de:0e:d3:07:f9:a4:fd:50:4c:63:1e:
db:c4:b1:c2:db:ab:78:e1:f5:68:ac:54:69:0d:d2:
34:bf:88:3a:e3:9b:d9:58:0e:13:99:a5:91:55:55:
3b:21:43:d4:ad:a9:8f:93:40:cf:2e:80:69:7f:0b:
4a:1e:0e:3b:05:31:5d:74:ed:17:57:39:06:c0:91:
1f:ce:7c:94:a3:4e:76:32:04:ea:d5:b0:2c:25:7c:
e8:66:cf:0a:db:2c:bb:3a:b4:ad:b0:2c:61:7f:01:
66:46:d3:5f:c3:00:40:72:35:de:59:1f:c0:81:44:
31:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:78:15:F2:23:9C:50:21:D3:2A:36:71:0F:93:43:6B:2C:DA:AB:BD
X509v3 Authority Key Identifier:
keyid:87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/rHgV8iOcUCHTKjZxD5NDayzaq70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.212.0/22
IPv6:
2a0a:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
2f:7c:f5:84:c1:5d:d9:14:f6:07:1a:75:85:5a:c5:dc:c2:76:
c9:88:c5:59:f6:f8:d9:9d:b2:47:40:fe:c3:cf:55:e2:d1:59:
0f:3d:98:6d:f0:58:a4:d7:93:9f:ba:c2:b7:38:47:da:f5:5c:
8f:52:84:ef:68:c9:a5:a4:b3:38:ce:ba:c4:96:fa:3e:70:91:
f1:0c:71:fc:62:4d:37:c7:11:0f:b0:88:d9:2f:f5:39:eb:b6:
8a:66:4a:ab:2e:02:66:65:ae:f3:a3:ac:2c:7a:e9:f4:d9:0e:
cf:85:7a:3a:44:59:97:32:72:ee:83:1e:04:4d:5f:52:26:d0:
c7:0b:d6:3c:32:e7:6e:10:c6:c7:a4:24:15:0b:ba:42:4e:34:
7d:7b:6c:2f:6b:9d:c4:97:8b:41:e7:5a:90:30:f1:1f:aa:68:
8e:ec:46:fe:ba:0b:d2:73:3f:92:5c:fe:71:c0:d2:38:6c:2e:
e1:a7:86:8f:4f:d7:8b:c4:6e:ef:34:c4:4e:3c:19:bc:cd:3a:
df:24:f7:30:f4:7e:41:a1:10:ee:10:83:42:41:53:1a:9b:9f:
b3:17:94:85:b6:55:a1:16:d3:3b:67:f0:13:a5:7f:ef:ad:45:
7b:b0:38:58:1a:1d:ee:ee:a2:f3:5c:60:7a:e8:bc:04:2a:f2:
06:9d:0b:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZD9bM5yj48d5Fjibnn8R4HuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZWQ5Y2I4MzQwYWMyMDk1YTRjYjA1MjhlNWVhMmY3Mzhj
ZWE2NzIwHhcNMjQwNzI5MDczODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzc4MTVmMjIzOWM1MDIxZDMyYTM2NzEwZjkzNDM2YjJjZGFhYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKejEDjDIeACWYEO2i1ebpCXyH+n
Vxl6PtpFoyLMDf9I0Qx9oc7a0ZvKfZzjA6WWzFQZOnBJrC/C7sSbUenmsKxtrUn3
gowiyAAdOazARWEAPGdzMKHzT28Orz4pzCywj6GC4CG3plEK6la4oCozGXECACyN
sAZB0svn4hjyoewTXQhE9Ja2D/DE3g7TB/mk/VBMYx7bxLHC26t44fVorFRpDdI0
v4g645vZWA4TmaWRVVU7IUPUramPk0DPLoBpfwtKHg47BTFddO0XVzkGwJEfznyU
o052MgTq1bAsJXzoZs8K2yy7OrStsCxhfwFmRtNfwwBAcjXeWR/AgUQxJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKx4FfIjnFAh0yo2cQ+TQ2ss2qu9MB8GA1UdIwQY
MBaAFIftnLg0CsIJWkywUo5eovc4zqZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDct
N2IyMWJmMzAzY2NjLzEvckhnVjhpT2NVQ0hUS2paeEQ1TkRheXphcTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDctN2IyMWJmMzAzY2Nj
LzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucXUMA0E
AgACMAcDBQAqCnxAMA0GCSqGSIb3DQEBCwUAA4IBAQAvfPWEwV3ZFPYHGnWFWsXc
wnbJiMVZ9vjZnbJHQP7Dz1Xi0VkPPZht8Fik15OfusK3OEfa9VyPUoTvaMmlpLM4
zrrElvo+cJHxDHH8Yk03xxEPsIjZL/U567aKZkqrLgJmZa7zo6wseun02Q7PhXo6
RFmXMnLugx4ETV9SJtDHC9Y8MuduEMbHpCQVC7pCTjR9e2wva53El4tB51qQMPEf
qmiO7Eb+ugvScz+SXP5xwNI4bC7hp4aPT9eLxG7vNMROPBm8zTrfJPcw9H5BoRDu
EINCQVMam5+zF5SFtlWhFtM7Z/ATpX/vrUV7sDhYGh3u7qLzXGB66LwEKvIGnQuu
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:27 2025 by rpki-client