Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/baef57-c484-4523-b14e-88ebbf99780b/1/Jf9gQvp6I-OPoLrNG2OtPQVNR-w.roa
File: Jf9gQvp6I-OPoLrNG2OtPQVNR-w.roa (raw, json)
Hash identifier: 8jVVhh6eDjREWIg62VkmAnFmLB5xFvCz4fd4DrDrekU=
Subject key identifier: 25:FF:60:42:FA:7A:23:E3:8F:A0:BA:CD:1B:63:AD:3D:05:4D:47:EC
Certificate issuer: /CN=0e91de17437a0025fd1ede10f710f17a3080b3ab
Certificate serial: 018C165CFB64416EF6BB5D061C943A50AD76
Authority key identifier: 0E:91:DE:17:43:7A:00:25:FD:1E:DE:10:F7:10:F1:7A:30:80:B3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DpHeF0N6ACX9Ht4Q9xDxejCAs6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/baef57-c484-4523-b14e-88ebbf99780b/1/Jf9gQvp6I-OPoLrNG2OtPQVNR-w.roa
Signing time: Tue 28 Nov 2023 14:37:21 +0000
ROA not before: Tue 28 Nov 2023 14:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205763
IP address blocks: 185.207.124.0/24 maxlen: 24
185.207.127.0/24 maxlen: 24
185.207.126.0/24 maxlen: 24
2a0b:2340::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:5c:fb:64:41:6e:f6:bb:5d:06:1c:94:3a:50:ad:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e91de17437a0025fd1ede10f710f17a3080b3ab
Validity
Not Before: Nov 28 14:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25ff6042fa7a23e38fa0bacd1b63ad3d054d47ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:71:e0:68:c1:e3:34:f9:c7:a4:40:2d:c4:11:
af:13:3d:53:64:de:7b:3d:e3:de:84:bd:42:2d:20:
c5:74:59:7e:5d:8d:ff:1f:4b:e3:e7:c5:36:43:82:
a2:7e:33:b0:70:2c:58:85:53:a9:2c:a1:58:5c:0f:
d6:15:33:89:11:cb:27:fb:84:7a:7c:e2:7e:02:5e:
2f:f3:87:6b:98:dd:41:33:d3:1f:79:dc:52:c0:67:
84:8a:0c:c0:b5:86:08:ce:e5:8e:fa:10:12:a8:0a:
29:79:da:87:b9:4a:3a:76:bc:ff:c8:13:2e:66:b2:
9c:03:c4:2d:e8:36:6d:e7:d5:b3:18:c6:2b:d6:35:
55:cc:68:c1:c7:0c:1d:53:5b:23:40:fc:39:93:3e:
d6:7d:db:2d:be:51:83:c9:4a:b9:dc:d2:02:c1:74:
4b:c5:44:f1:90:3f:50:75:e1:b5:46:39:e9:0c:dd:
d4:aa:46:a5:d5:d1:b4:ba:8d:f1:23:6a:67:36:16:
bb:64:18:0a:8f:53:8f:f7:32:f6:5b:bd:08:6c:d3:
66:3e:41:06:7b:f0:6a:77:b7:b2:42:b8:a6:e1:6f:
d2:b5:46:f5:4d:d1:73:77:e5:fc:27:81:15:1b:c4:
ab:04:9d:8c:2f:5e:66:35:79:e2:db:4f:5b:d6:30:
8e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:FF:60:42:FA:7A:23:E3:8F:A0:BA:CD:1B:63:AD:3D:05:4D:47:EC
X509v3 Authority Key Identifier:
keyid:0E:91:DE:17:43:7A:00:25:FD:1E:DE:10:F7:10:F1:7A:30:80:B3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DpHeF0N6ACX9Ht4Q9xDxejCAs6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/baef57-c484-4523-b14e-88ebbf99780b/1/Jf9gQvp6I-OPoLrNG2OtPQVNR-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/baef57-c484-4523-b14e-88ebbf99780b/1/DpHeF0N6ACX9Ht4Q9xDxejCAs6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.124.0/24
185.207.126.0/23
IPv6:
2a0b:2340::/29
Signature Algorithm: sha256WithRSAEncryption
93:ae:1b:f2:52:79:ad:a5:43:1e:1f:f1:77:49:fa:46:e3:a4:
4b:a4:2b:d2:f8:fa:c9:2c:ce:48:fa:47:3b:78:19:92:0d:c7:
50:78:53:10:48:2e:65:8d:92:0d:b0:6c:cb:18:ec:a0:52:44:
bd:d5:66:51:9a:41:8c:b5:4c:1b:98:dc:21:08:f3:b5:a1:04:
1a:d8:5e:df:d3:ca:47:ff:6b:28:83:0c:c1:02:e2:28:a9:0b:
28:ec:6e:f9:a3:e8:fd:8c:8c:3e:5c:f5:96:e6:90:f4:7f:d1:
87:c6:4a:81:4a:81:d2:92:0d:e8:83:d6:67:ed:ee:53:4e:8a:
79:00:15:9e:5e:e4:23:c8:89:3e:f2:fa:85:f4:8c:98:47:49:
2f:45:5c:7c:e6:ee:22:3a:de:2d:e6:97:98:64:58:2a:f4:d1:
3b:42:51:44:40:5c:00:95:ab:31:a6:6f:cf:dc:cd:e0:31:58:
d8:67:e1:d9:60:f3:ff:28:c1:21:be:1c:92:ea:a5:23:2f:09:
2e:20:f0:d4:9e:77:ed:0b:c9:ee:3b:c9:c0:e1:73:29:be:eb:
e6:52:93:b4:16:a3:36:8f:aa:de:44:d7:4f:a4:d7:0c:d2:30:
5b:d9:df:42:a6:d0:5f:08:ef:b5:c4:86:cc:90:05:ad:21:ad:
d5:a9:0b:d8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYwWXPtkQW72u10GHJQ6UK12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlOTFkZTE3NDM3YTAwMjVmZDFlZGUxMGY3MTBmMTdhMzA4
MGIzYWIwHhcNMjMxMTI4MTQzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWZmNjA0MmZhN2EyM2UzOGZhMGJhY2QxYjYzYWQzZDA1NGQ0N2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3HgaMHjNPnHpEAtxBGvEz1TZN57
PePehL1CLSDFdFl+XY3/H0vj58U2Q4KifjOwcCxYhVOpLKFYXA/WFTOJEcsn+4R6
fOJ+Al4v84drmN1BM9MfedxSwGeEigzAtYYIzuWO+hASqAopedqHuUo6drz/yBMu
ZrKcA8Qt6DZt59WzGMYr1jVVzGjBxwwdU1sjQPw5kz7WfdstvlGDyUq53NICwXRL
xUTxkD9QdeG1RjnpDN3Uqkal1dG0uo3xI2pnNha7ZBgKj1OP9zL2W70IbNNmPkEG
e/Bqd7eyQrim4W/StUb1TdFzd+X8J4EVG8SrBJ2ML15mNXni209b1jCOdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCX/YEL6eiPjj6C6zRtjrT0FTUfsMB8GA1UdIwQY
MBaAFA6R3hdDegAl/R7eEPcQ8XowgLOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHBIZUYwTjZBQ1g5SHQ0UTl4RHhlakNBczZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9iYWVmNTctYzQ4NC00NTIzLWIxNGUt
ODhlYmJmOTk3ODBiLzEvSmY5Z1F2cDZJLU9Qb0xyTkcyT3RQUVZOUi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9iYWVmNTctYzQ4NC00NTIzLWIxNGUtODhlYmJmOTk3ODBi
LzEvRHBIZUYwTjZBQ1g5SHQ0UTl4RHhlakNBczZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuc98AwQB
uc9+MA0EAgACMAcDBQMqCyNAMA0GCSqGSIb3DQEBCwUAA4IBAQCTrhvyUnmtpUMe
H/F3SfpG46RLpCvS+PrJLM5I+kc7eBmSDcdQeFMQSC5ljZINsGzLGOygUkS91WZR
mkGMtUwbmNwhCPO1oQQa2F7f08pH/2sogwzBAuIoqQso7G75o+j9jIw+XPWW5pD0
f9GHxkqBSoHSkg3og9Zn7e5TTop5ABWeXuQjyIk+8vqF9IyYR0kvRVx85u4iOt4t
5peYZFgq9NE7QlFEQFwAlasxpm/P3M3gMVjYZ+HZYPP/KMEhvhyS6qUjLwkuIPDU
nnftC8nuO8nA4XMpvuvmUpO0FqM2j6reRNdPpNcM0jBb2d9CptBfCO+1xIbMkAWt
Ia3VqQvY
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:45 2024 by rpki-client on console-fra.rpki-client.org