Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/B-dop0tdwoLDadd3AN7S4AoW8sM.roa
File: B-dop0tdwoLDadd3AN7S4AoW8sM.roa (raw, json)
Hash identifier: M6ovrz2biTvdE35SHM63nsWNT2s6/1UewdMeqXO7OWw=
Subject key identifier: 07:E7:68:A7:4B:5D:C2:82:C3:69:D7:77:00:DE:D2:E0:0A:16:F2:C3
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 01856CCADA7AC529A035C61D36211ADD0AB3
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/B-dop0tdwoLDadd3AN7S4AoW8sM.roa
Signing time: Sun 01 Jan 2023 10:05:11 +0000
ROA not before: Sun 01 Jan 2023 10:05:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16376
IP address blocks: 185.68.0.0/22 maxlen: 24
185.122.216.0/22 maxlen: 24
185.71.24.0/22 maxlen: 24
37.35.88.0/21 maxlen: 24
94.199.184.0/21 maxlen: 24
2a0a:fd80::/29 maxlen: 36
2a03:25e0::/32 maxlen: 40
2a01:b280::/29 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:da:7a:c5:29:a0:35:c6:1d:36:21:1a:dd:0a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 1 10:05:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07e768a74b5dc282c369d77700ded2e00a16f2c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bb:51:95:35:d4:c0:d1:f2:22:91:48:6a:20:
a8:0c:41:df:e1:3b:c8:8a:cc:bf:62:88:01:72:80:
a1:a0:d3:14:d7:03:7f:8c:37:c6:bf:08:db:db:6f:
6d:91:63:96:77:71:40:d6:06:17:97:b3:9b:d3:5d:
df:fe:d8:38:cc:c3:88:43:e2:93:7e:22:3b:81:f7:
90:f6:3b:99:45:0b:c2:08:92:12:f3:42:fe:96:4a:
39:21:05:16:d4:af:4f:16:dd:a8:1c:ad:f0:8b:69:
98:8b:d8:02:99:41:97:e7:89:46:a8:49:89:a9:71:
95:ed:b8:aa:2d:9a:c9:72:80:65:37:ed:df:90:40:
c0:dc:4e:47:c1:68:cb:c1:0c:71:66:1f:69:2e:97:
5a:0a:aa:ca:4e:94:03:84:5e:8c:0b:98:8c:08:24:
9c:fa:db:51:10:14:97:a8:7e:b8:65:15:ab:ab:e5:
65:2f:92:5f:39:94:47:b3:5b:a3:96:f9:aa:73:43:
98:8f:eb:9f:55:60:f1:1d:7e:3c:6a:53:af:e8:d4:
f4:e7:7b:11:2c:59:df:5a:88:e8:c5:9e:03:10:1f:
f2:1e:40:bd:af:18:d2:f4:71:78:fb:07:aa:53:fc:
62:51:9a:a6:db:1b:54:f3:38:34:57:ca:f8:07:4e:
be:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E7:68:A7:4B:5D:C2:82:C3:69:D7:77:00:DE:D2:E0:0A:16:F2:C3
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/B-dop0tdwoLDadd3AN7S4AoW8sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.88.0/21
94.199.184.0/21
185.68.0.0/22
185.71.24.0/22
185.122.216.0/22
IPv6:
2a01:b280::/29
2a03:25e0::/32
2a0a:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
0d:89:bc:d0:b5:90:a0:2e:85:c4:76:aa:be:f0:77:f5:15:74:
02:ff:34:d7:ad:dc:3c:9a:0d:2d:a1:dc:79:99:45:4a:e8:37:
cd:85:94:29:39:24:26:6b:c6:38:5d:7e:11:ca:da:65:92:78:
12:25:80:d6:f3:5c:40:65:6f:18:61:c4:e8:35:39:a1:10:d8:
84:80:88:a8:56:5f:14:bd:89:1d:06:f4:68:6f:db:c4:ad:71:
34:f5:a8:c0:cb:68:fd:a2:4d:6a:a8:a4:24:ac:77:fb:20:99:
73:27:b5:57:9d:42:27:1b:f0:28:9d:d3:ea:e2:f5:36:57:b9:
85:63:68:20:8f:7f:f9:63:33:e7:05:5e:a8:6b:f1:62:ce:46:
9a:15:31:c7:85:30:0d:57:0a:dc:8b:0f:67:f6:d4:6e:2f:91:
8e:43:4b:0a:52:54:56:4a:c6:80:57:f7:ba:85:17:ec:37:75:
d7:17:14:fb:88:16:06:66:d1:53:42:4a:9f:a5:3f:38:50:8b:
36:eb:58:0a:e8:92:53:82:07:d0:7b:f2:3b:95:b6:73:d1:d5:
94:ad:f9:fc:69:01:31:d9:a8:4f:ae:5d:77:a0:c1:d8:2f:1f:
40:fa:47:18:23:93:07:d3:5e:1f:51:ea:87:a8:23:1b:86:51:
a6:49:84:d9
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVsytp6xSmgNcYdNiEa3QqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NGQ2MWNkMTdlZDkyZTU0YmIzMzk3ZjFlNWE2YjM5MDRh
YzZmMDUwHhcNMjMwMTAxMTAwNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2U3NjhhNzRiNWRjMjgyYzM2OWQ3NzcwMGRlZDJlMDBhMTZmMmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLtRlTXUwNHyIpFIaiCoDEHf4TvI
isy/YogBcoChoNMU1wN/jDfGvwjb229tkWOWd3FA1gYXl7Ob013f/tg4zMOIQ+KT
fiI7gfeQ9juZRQvCCJIS80L+lko5IQUW1K9PFt2oHK3wi2mYi9gCmUGX54lGqEmJ
qXGV7biqLZrJcoBlN+3fkEDA3E5HwWjLwQxxZh9pLpdaCqrKTpQDhF6MC5iMCCSc
+ttREBSXqH64ZRWrq+VlL5JfOZRHs1ujlvmqc0OYj+ufVWDxHX48alOv6NT053sR
LFnfWojoxZ4DEB/yHkC9rxjS9HF4+weqU/xiUZqm2xtU8zg0V8r4B06+6QIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFAfnaKdLXcKCw2nXdwDe0uAKFvLDMB8GA1UdIwQY
MBaAFMhNYc0X7ZLlS7M5fx5aazkErG8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGIt
YzI1Nzc5MmRhZGM0LzEvQi1kb3AwdGR3b0xEYWRkM0FON1M0QW9XOHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGItYzI1Nzc5MmRhZGM0
LzEveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQDJSNYAwQD
Xse4AwQCuUQAAwQCuUcYAwQCuXrYMBsEAgACMBUDBQMqAbKAAwUAKgMl4AMFAyoK
/YAwDQYJKoZIhvcNAQELBQADggEBAA2JvNC1kKAuhcR2qr7wd/UVdAL/NNet3Dya
DS2h3HmZRUroN82FlCk5JCZrxjhdfhHK2mWSeBIlgNbzXEBlbxhhxOg1OaEQ2ISA
iKhWXxS9iR0G9Ghv28StcTT1qMDLaP2iTWqopCSsd/sgmXMntVedQicb8Cid0+ri
9TZXuYVjaCCPf/ljM+cFXqhr8WLORpoVMceFMA1XCtyLD2f21G4vkY5DSwpSVFZK
xoBX97qFF+w3ddcXFPuIFgZm0VNCSp+lPzhQizbrWAroklOCB9B78juVtnPR1ZSt
+fxpATHZqE+uXXegwdgvH0D6RxgjkwfTXh9R6oeoIxuGUaZJhNk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:17 2024 by rpki-client on console-fra.rpki-client.org