Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/kUAnlY7U4JHhGGnaoOHuJ6v81W4.roa
File: kUAnlY7U4JHhGGnaoOHuJ6v81W4.roa (raw, json)
Hash identifier: utjZ6u3RBpAwe1i8pNl7c6W2CcKkK7Y7/n3EmFkc95s=
Subject key identifier: 91:40:27:95:8E:D4:E0:91:E1:18:69:DA:A0:E1:EE:27:AB:FC:D5:6E
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 018BB8E1A38F601F7DF4F3E08BE131BEAB8D
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/kUAnlY7U4JHhGGnaoOHuJ6v81W4.roa
Signing time: Fri 10 Nov 2023 10:57:57 +0000
ROA not before: Fri 10 Nov 2023 10:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201642
IP address blocks: 185.249.100.0/23 maxlen: 23
185.249.100.0/24 maxlen: 24
185.249.100.0/22 maxlen: 22
185.249.101.0/24 maxlen: 24
185.249.102.0/23 maxlen: 23
2a14:3200::/32 maxlen: 32
2a14:3200:2a14::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 11 Nov 2023 11:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:e1:a3:8f:60:1f:7d:f4:f3:e0:8b:e1:31:be:ab:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Nov 10 10:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=914027958ed4e091e11869daa0e1ee27abfcd56e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:af:43:06:2a:58:48:f0:76:6a:9e:04:1d:42:
fb:a3:e5:dc:41:ed:49:9b:24:6f:9a:c0:5a:c4:76:
dc:c8:3d:47:7f:f8:4a:74:8f:84:3f:06:fb:ba:ce:
2e:63:42:19:af:d1:83:86:0c:61:e0:dc:d8:fc:68:
34:10:99:86:03:a2:77:fe:c1:31:30:2c:5b:7e:70:
a7:59:fe:10:7e:66:65:d0:ca:50:49:93:2b:e8:a0:
a7:3f:0d:1e:20:56:1f:4c:73:2b:46:93:4c:f5:07:
ff:87:52:27:46:99:3e:0c:ad:43:db:b0:55:d8:bc:
c0:e4:67:0c:25:56:d5:d8:8e:c1:5d:ce:40:90:b6:
ed:33:be:ca:cf:6f:38:72:e6:99:3f:13:ae:e7:d6:
8b:81:01:7f:ba:2a:fc:29:67:70:69:e8:ed:ac:08:
7e:d7:9d:fd:38:2b:e9:b0:3a:73:94:93:f6:1e:de:
8d:0f:5b:05:86:32:f0:c9:52:dd:fa:a6:36:dc:63:
b1:db:89:4f:8d:52:9b:70:82:06:a0:db:ac:f3:69:
e9:32:d4:03:72:bb:fb:77:ea:c1:86:98:48:b4:71:
d7:be:9b:a4:2d:99:2d:25:2f:8c:bf:0a:08:15:14:
1a:5d:48:c8:ad:d4:87:7b:8b:88:77:22:5c:db:4a:
20:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:40:27:95:8E:D4:E0:91:E1:18:69:DA:A0:E1:EE:27:AB:FC:D5:6E
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/kUAnlY7U4JHhGGnaoOHuJ6v81W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.100.0/22
IPv6:
2a14:3200::/32
Signature Algorithm: sha256WithRSAEncryption
cf:d7:79:d5:38:50:7a:33:44:36:f5:d6:a5:eb:3a:5c:f9:6f:
af:ed:a7:9b:41:0b:9d:fa:96:ae:87:00:31:66:ff:97:a4:bd:
95:86:f3:43:ea:cf:fc:d6:61:f4:68:fc:4d:07:1c:73:2a:12:
c7:b0:99:17:00:e8:0a:25:dc:94:1b:e9:e2:bd:40:e9:b8:92:
62:12:f3:0b:03:d9:de:56:8a:67:44:bd:1d:57:d5:91:9a:61:
43:27:00:e0:6b:e8:cb:e3:e8:23:60:bd:7c:ed:89:13:64:ca:
56:d8:a6:f9:34:53:76:07:5a:76:c1:6d:c5:db:74:65:11:d3:
28:cb:77:36:d6:8a:b3:d2:5c:ed:d4:ac:b2:b5:b3:bb:a0:60:
0b:03:48:f1:1d:3f:bc:94:70:b7:aa:e8:ce:0e:18:dc:4e:6d:
56:44:8c:a7:b4:f2:3b:65:7f:72:9e:ba:82:78:8c:94:62:9b:
04:ab:08:27:b3:c4:28:bb:1f:21:93:a8:51:05:2a:61:a6:ee:
7c:9e:5d:a5:3c:62:aa:89:24:ba:ee:8f:ef:ab:70:0b:ca:48:
a2:93:0c:2b:54:dc:45:95:03:ef:1a:04:5b:2e:54:5a:a8:90:
aa:16:24:07:3c:5a:a0:4e:bd:13:1a:f5:42:98:e8:c0:72:a7:
66:f1:f3:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYu44aOPYB999PPgi+ExvquNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjMxMTEwMTA1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTQwMjc5NThlZDRlMDkxZTExODY5ZGFhMGUxZWUyN2FiZmNkNTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhK9DBipYSPB2ap4EHUL7o+XcQe1J
myRvmsBaxHbcyD1Hf/hKdI+EPwb7us4uY0IZr9GDhgxh4NzY/Gg0EJmGA6J3/sEx
MCxbfnCnWf4QfmZl0MpQSZMr6KCnPw0eIFYfTHMrRpNM9Qf/h1InRpk+DK1D27BV
2LzA5GcMJVbV2I7BXc5AkLbtM77Kz284cuaZPxOu59aLgQF/uir8KWdwaejtrAh+
1539OCvpsDpzlJP2Ht6ND1sFhjLwyVLd+qY23GOx24lPjVKbcIIGoNus82npMtQD
crv7d+rBhphItHHXvpukLZktJS+MvwoIFRQaXUjIrdSHe4uIdyJc20ogswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJFAJ5WO1OCR4Rhp2qDh7ier/NVuMB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEva1VBbmxZN1U0SkhoR0duYW9PSHVKNnY4MVc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuflkMA0E
AgACMAcDBQAqFDIAMA0GCSqGSIb3DQEBCwUAA4IBAQDP13nVOFB6M0Q29dal6zpc
+W+v7aebQQud+pauhwAxZv+XpL2VhvND6s/81mH0aPxNBxxzKhLHsJkXAOgKJdyU
G+nivUDpuJJiEvMLA9neVopnRL0dV9WRmmFDJwDga+jL4+gjYL187YkTZMpW2Kb5
NFN2B1p2wW3F23RlEdMoy3c21oqz0lzt1KyytbO7oGALA0jxHT+8lHC3qujODhjc
Tm1WRIyntPI7ZX9ynrqCeIyUYpsEqwgns8Qoux8hk6hRBSphpu58nl2lPGKqiSS6
7o/vq3ALykiikwwrVNxFlQPvGgRbLlRaqJCqFiQHPFqgTr0TGvVCmOjAcqdm8fM9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:03 2024 by rpki-client on console-ams.rpki-client.org