Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/AhDqPpiuZo_sB7-CESHbQ0zXYIQ.roa
File: AhDqPpiuZo_sB7-CESHbQ0zXYIQ.roa (raw, json)
Hash identifier: JMJ8mXrdqcbpaNIDb6bmbKn+l+Sa5pK7psW0ivgEtgA=
Subject key identifier: 02:10:EA:3E:98:AE:66:8F:EC:07:BF:82:11:21:DB:43:4C:D7:60:84
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC42564CB2AC307E8CB47C0F052D52E3E
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/AhDqPpiuZo_sB7-CESHbQ0zXYIQ.roa
Signing time: Mon 01 Jan 2024 08:30:34 +0000
ROA not before: Mon 01 Jan 2024 08:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200080
IP address blocks: 185.186.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 15:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:64:cb:2a:c3:07:e8:cb:47:c0:f0:52:d5:2e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0210ea3e98ae668fec07bf821121db434cd76084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:70:c7:2e:f7:9a:9c:ed:2b:e1:f5:8e:64:2f:
73:36:6d:54:6e:0d:de:26:d6:1b:3c:12:0c:b8:07:
30:38:bf:4c:3f:e8:03:8f:01:1d:8a:7e:b7:f0:e0:
2b:c5:09:c0:3e:9f:23:85:d3:6c:de:bc:bb:f9:d8:
4b:6b:6c:6d:e0:58:7a:d6:df:a6:89:40:b5:b9:8d:
48:43:db:12:b8:32:4e:27:b9:0a:58:19:cf:a5:47:
41:95:9f:f0:84:50:0b:c3:ff:6d:76:98:f0:41:1e:
43:5e:89:ca:19:39:99:16:f7:30:c0:b8:dd:08:d3:
d5:19:1f:6b:21:e1:e9:62:fd:66:33:cc:b9:f8:6a:
ec:71:94:36:84:87:25:b9:76:99:02:05:16:ec:75:
a5:4f:4f:b6:13:c6:3f:6e:e6:88:2e:6d:86:da:19:
aa:41:49:ae:50:81:85:e0:29:93:8f:05:5b:1e:36:
51:7d:a6:36:fb:db:ff:1c:cd:02:f4:7b:1a:ee:bc:
04:1e:8c:2a:73:e3:70:df:a4:c6:b4:00:e3:22:89:
d8:67:d3:e8:a9:ad:81:dd:66:48:5f:c7:c5:1e:54:
e8:00:2e:c2:64:81:b2:cd:64:51:32:6a:64:c2:1e:
e6:e1:b2:17:0a:da:7d:a2:70:16:6f:41:03:a2:80:
6d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:10:EA:3E:98:AE:66:8F:EC:07:BF:82:11:21:DB:43:4C:D7:60:84
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/AhDqPpiuZo_sB7-CESHbQ0zXYIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.67.0/24
Signature Algorithm: sha256WithRSAEncryption
66:0c:d2:7d:c2:1d:60:e1:63:ba:2a:09:45:41:65:2b:38:fd:
f2:f3:b8:b5:1d:9c:33:ba:19:06:e7:50:55:7a:c5:f7:17:b6:
30:11:7a:e2:7f:ef:7e:f3:db:85:1a:67:00:b4:b2:c8:a2:f8:
81:b7:57:59:22:ee:8d:88:be:08:a5:a5:93:ae:30:aa:bf:a5:
ca:d9:ca:49:30:33:1c:ea:b3:c6:68:9f:b6:e6:a7:63:f3:e9:
93:9a:00:5a:85:ab:f6:f2:f3:a2:24:04:ff:b0:e6:91:52:0e:
2a:62:29:e9:cd:a4:17:b2:56:a2:39:b8:e3:56:13:be:ed:74:
8f:88:58:8a:4d:3a:a9:b4:15:17:81:ef:77:92:3b:ab:fe:06:
f6:2f:61:a1:69:b8:52:9e:b0:d5:1e:6c:d0:65:c3:4f:7e:0c:
fc:87:b5:73:fc:7b:08:6d:8a:7c:a3:12:b5:a5:cf:b8:77:4b:
8c:70:aa:c9:4d:62:f5:d2:61:ba:60:ef:d8:4d:fe:fe:d1:c6:
a1:61:1e:f8:71:d2:e1:99:22:63:f4:f8:49:89:fa:5c:55:bf:
c9:80:7a:fb:b4:28:ac:5b:8b:5f:db:10:d0:b2:ce:d3:96:95:
50:25:a6:bd:44:0f:b8:bd:fc:ba:88:2e:85:08:2a:a0:3e:8c:
dd:a7:81:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJWTLKsMH6MtHwPBS1S4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjEwZWEzZTk4YWU2NjhmZWMwN2JmODIxMTIxZGI0MzRjZDc2MDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnDHLveanO0r4fWOZC9zNm1Ubg3e
JtYbPBIMuAcwOL9MP+gDjwEdin638OArxQnAPp8jhdNs3ry7+dhLa2xt4Fh61t+m
iUC1uY1IQ9sSuDJOJ7kKWBnPpUdBlZ/whFALw/9tdpjwQR5DXonKGTmZFvcwwLjd
CNPVGR9rIeHpYv1mM8y5+GrscZQ2hIcluXaZAgUW7HWlT0+2E8Y/buaILm2G2hmq
QUmuUIGF4CmTjwVbHjZRfaY2+9v/HM0C9Hsa7rwEHowqc+Nw36TGtADjIonYZ9Po
qa2B3WZIX8fFHlToAC7CZIGyzWRRMmpkwh7m4bIXCtp9onAWb0EDooBtmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAIQ6j6YrmaP7Ae/ghEh20NM12CEMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvQWhEcVBwaXVab19zQjctQ0VTSGJRMHpYWUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubpDMA0G
CSqGSIb3DQEBCwUAA4IBAQBmDNJ9wh1g4WO6KglFQWUrOP3y87i1HZwzuhkG51BV
esX3F7YwEXrif+9+89uFGmcAtLLIoviBt1dZIu6NiL4IpaWTrjCqv6XK2cpJMDMc
6rPGaJ+25qdj8+mTmgBahav28vOiJAT/sOaRUg4qYinpzaQXslaiObjjVhO+7XSP
iFiKTTqptBUXge93kjur/gb2L2GhabhSnrDVHmzQZcNPfgz8h7Vz/HsIbYp8oxK1
pc+4d0uMcKrJTWL10mG6YO/YTf7+0cahYR74cdLhmSJj9PhJifpcVb/JgHr7tCis
W4tf2xDQss7TlpVQJaa9RA+4vfy6iC6FCCqgPozdp4FD
-----END CERTIFICATE-----
Generated at Thu Jan 25 20:48:58 2024 by rpki-client on console-fra.rpki-client.org