Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/rhFOa-rj297x4EoY2J8keQgkywc.roa
File: rhFOa-rj297x4EoY2J8keQgkywc.roa (raw, json)
Hash identifier: NPreavW3L94macd/zM+r2599rliZ9eoUxHz0OoywOrw=
Subject key identifier: AE:11:4E:6B:EA:E3:DB:DE:F1:E0:4A:18:D8:9F:24:79:08:24:CB:07
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018C6CE6D3D3B61257A70E7E769CF90D2777
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/rhFOa-rj297x4EoY2J8keQgkywc.roa
Signing time: Fri 15 Dec 2023 09:55:16 +0000
ROA not before: Fri 15 Dec 2023 09:55:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216271
IP address blocks: 185.201.136.0/22 maxlen: 22
2a12:ec0::/29 maxlen: 29
2a12:28c0::/29 maxlen: 29
2a0f:e000::/29 maxlen: 29
2a13:ba00::/29 maxlen: 29
2a12:1900::/29 maxlen: 29
2a12:6b80::/29 maxlen: 29
2a13:dac0::/29 maxlen: 29
2a0e:7780::/29 maxlen: 29
2a11:f140::/29 maxlen: 29
2a0a:e2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 29 Dec 2023 18:06:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6c:e6:d3:d3:b6:12:57:a7:0e:7e:76:9c:f9:0d:27:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Dec 15 09:55:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae114e6beae3dbdef1e04a18d89f24790824cb07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:94:7d:ef:ef:32:04:d1:f1:51:07:8e:07:67:
37:a0:f5:91:3e:1f:41:05:48:50:0e:c6:29:6a:68:
c1:3e:45:4c:5b:3c:7d:71:66:dd:db:a9:32:77:a3:
14:b6:47:a1:94:43:47:27:6b:6c:d3:f8:e4:a5:08:
66:6f:97:72:fe:eb:9b:d0:37:20:61:6e:ce:71:0c:
5a:40:95:95:87:e6:ee:03:3c:56:fb:5a:d9:63:8a:
42:75:45:5c:b9:e7:bd:a2:94:6a:4a:fb:3b:a0:99:
19:07:63:0b:46:67:22:b4:01:20:98:95:12:8b:f6:
70:02:65:64:71:94:fe:f0:86:5d:fe:13:80:a4:2f:
d2:e8:21:6f:d7:98:52:82:d3:ea:a1:9d:df:b5:94:
eb:cd:4d:cc:b0:bc:ae:a4:13:57:55:fd:32:ef:3d:
9f:c7:8e:01:ce:b1:80:be:76:18:51:b3:a1:e0:df:
cc:54:c0:7a:1f:97:6f:9e:0f:85:5c:54:49:f8:72:
36:12:28:9e:4e:82:11:9a:dd:7d:cd:18:71:58:de:
2a:87:fe:94:4a:cb:e3:4e:ed:48:f2:4b:d2:00:21:
7f:0d:b3:22:8e:11:4d:68:98:5e:78:b7:35:93:9b:
d8:5a:67:0b:a4:ff:6c:05:6f:6a:e3:3f:cf:c6:b3:
9c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:11:4E:6B:EA:E3:DB:DE:F1:E0:4A:18:D8:9F:24:79:08:24:CB:07
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/rhFOa-rj297x4EoY2J8keQgkywc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.136.0/22
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:e000::/29
2a11:f140::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
2a12:6b80::/29
2a13:ba00::/29
2a13:dac0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:bb:6d:cf:f7:65:b3:81:51:a0:85:0a:35:80:f8:ab:7d:c2:
ac:aa:38:a7:8b:7d:46:fb:1e:ef:c7:7f:cc:0d:03:bc:06:38:
7f:40:bd:2b:b7:23:94:aa:4f:fb:c7:3a:c8:25:ba:d4:a8:f5:
3c:1a:21:c9:05:92:f4:65:c4:42:33:55:d6:66:85:65:35:a6:
96:5e:d7:cc:c0:ec:34:90:b2:c2:d4:31:2a:fe:bc:6e:99:92:
b8:11:61:31:a7:2a:9d:d0:15:aa:89:07:1c:4a:9b:a2:22:fe:
06:9c:01:34:8a:64:a4:54:f6:32:a1:67:c5:37:5b:22:28:e5:
68:9a:d7:9e:84:ba:4d:f6:b6:ae:3a:6b:6b:a1:04:4b:d3:4e:
87:ea:62:46:bd:48:f7:15:c9:bb:b5:d5:87:71:42:c6:c6:35:
48:b7:41:24:f3:b5:dd:81:35:a9:53:8b:f6:bc:e4:30:6b:9b:
24:cb:6b:3c:54:a3:21:1a:89:f7:7b:f8:ff:15:81:2b:66:a0:
6b:01:61:65:43:be:55:1a:d9:ba:da:27:85:1c:62:4d:9a:25:
79:69:8a:eb:bc:9e:7d:04:0c:f1:c4:1e:51:40:4d:fd:2d:92:
bf:54:f1:fd:03:03:71:a8:f8:16:9d:d5:d8:a0:99:b6:a6:17:
ac:a6:04:47
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYxs5tPTthJXpw5+dpz5DSd3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjMxMjE1MDk1NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTExNGU2YmVhZTNkYmRlZjFlMDRhMThkODlmMjQ3OTA4MjRjYjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJR97+8yBNHxUQeOB2c3oPWRPh9B
BUhQDsYpamjBPkVMWzx9cWbd26kyd6MUtkehlENHJ2ts0/jkpQhmb5dy/uub0Dcg
YW7OcQxaQJWVh+buAzxW+1rZY4pCdUVcuee9opRqSvs7oJkZB2MLRmcitAEgmJUS
i/ZwAmVkcZT+8IZd/hOApC/S6CFv15hSgtPqoZ3ftZTrzU3MsLyupBNXVf0y7z2f
x44BzrGAvnYYUbOh4N/MVMB6H5dvng+FXFRJ+HI2EiieToIRmt19zRhxWN4qh/6U
SsvjTu1I8kvSACF/DbMijhFNaJheeLc1k5vYWmcLpP9sBW9q4z/PxrOcxQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFK4RTmvq49ve8eBKGNifJHkIJMsHMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvcmhGT2EtcmoyOTd4NEVvWTJKOGtlUWdreXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDAMBAIAATAGAwQCucmIMEwE
AgACMEYDBQMqCuLAAwUDKg53gAMFAyoP4AADBQMqEfFAAwUDKhIOwAMFAyoSGQAD
BQMqEijAAwUDKhJrgAMFAyoTugADBQMqE9rAMA0GCSqGSIb3DQEBCwUAA4IBAQBs
u23P92WzgVGghQo1gPirfcKsqjini31G+x7vx3/MDQO8Bjh/QL0rtyOUqk/7xzrI
JbrUqPU8GiHJBZL0ZcRCM1XWZoVlNaaWXtfMwOw0kLLC1DEq/rxumZK4EWExpyqd
0BWqiQccSpuiIv4GnAE0imSkVPYyoWfFN1siKOVomteehLpN9rauOmtroQRL006H
6mJGvUj3Fcm7tdWHcULGxjVIt0Ek87XdgTWpU4v2vOQwa5sky2s8VKMhGon3e/j/
FYErZqBrAWFlQ75VGtm62ieFHGJNmiV5aYrrvJ59BAzxxB5RQE39LZK/VPH9AwNx
qPgWndXYoJm2phespgRH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:03 2024 by rpki-client on console-ams.rpki-client.org