Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/ffdb69-680a-465c-a489-66c1442480de/1/CrgDxUcE6tBP_iQCFGh6r80nScA.roa
File: CrgDxUcE6tBP_iQCFGh6r80nScA.roa (raw, json)
Hash identifier: 3zOJ0PGA71bbOH5Yvn1lzRrCNDGuzkzp9Z3aDM/cbu4=
Subject key identifier: 0A:B8:03:C5:47:04:EA:D0:4F:FE:24:02:14:68:7A:AF:CD:27:49:C0
Certificate issuer: /CN=9e3e00c6d2b2f98d51482e943b9793d43bf3bc86
Certificate serial: 0185704BE2C93FD942435741C1E6C030560A
Authority key identifier: 9E:3E:00:C6:D2:B2:F9:8D:51:48:2E:94:3B:97:93:D4:3B:F3:BC:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nj4AxtKy-Y1RSC6UO5eT1DvzvIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/ffdb69-680a-465c-a489-66c1442480de/1/CrgDxUcE6tBP_iQCFGh6r80nScA.roa
Signing time: Mon 02 Jan 2023 02:24:59 +0000
ROA not before: Mon 02 Jan 2023 02:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205348
IP address blocks: 185.220.124.0/24 maxlen: 24
185.220.125.0/24 maxlen: 24
185.220.126.0/24 maxlen: 24
185.220.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:e2:c9:3f:d9:42:43:57:41:c1:e6:c0:30:56:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e3e00c6d2b2f98d51482e943b9793d43bf3bc86
Validity
Not Before: Jan 2 02:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ab803c54704ead04ffe240214687aafcd2749c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:94:4b:01:bb:bb:6d:30:75:0b:83:b3:fc:e2:
53:49:46:77:6d:09:89:5c:67:8e:17:2f:e6:71:5e:
01:84:0b:62:2c:ac:a3:c9:36:20:3c:0e:ca:b3:9b:
e9:ec:17:20:e5:cd:7b:53:5a:0a:70:0a:47:37:b8:
4b:22:74:1e:8e:33:ae:91:af:f9:9e:8b:e9:38:8f:
18:67:c7:af:d9:8c:88:dd:3d:09:c3:c9:83:0a:76:
42:08:79:4a:5d:1c:da:c4:44:f0:c0:6f:7d:88:1a:
fc:da:86:ee:5a:ad:23:5c:74:f1:e3:4b:24:e2:6c:
35:23:b2:59:35:ef:4e:7f:15:27:e7:21:56:24:3b:
37:dd:5a:23:a5:7f:fc:00:51:9b:01:64:1b:07:d6:
ff:3f:c3:fb:99:71:7b:fb:df:08:4d:96:89:68:30:
3a:d4:73:b0:a9:d1:1d:51:97:a5:6e:83:d3:27:1f:
ee:34:fe:c9:6b:a7:a0:20:37:cf:c7:13:54:e5:d9:
11:52:13:ce:1d:4b:a6:a0:1e:ac:8b:d0:df:39:a4:
61:a4:6e:0f:6c:4c:b0:ee:60:9f:13:03:12:a1:93:
ce:da:34:20:c9:61:11:37:4b:30:ec:36:02:a9:bd:
1a:b3:f5:f9:9a:77:f3:29:b3:ae:35:24:4d:e2:94:
94:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B8:03:C5:47:04:EA:D0:4F:FE:24:02:14:68:7A:AF:CD:27:49:C0
X509v3 Authority Key Identifier:
keyid:9E:3E:00:C6:D2:B2:F9:8D:51:48:2E:94:3B:97:93:D4:3B:F3:BC:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nj4AxtKy-Y1RSC6UO5eT1DvzvIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ffdb69-680a-465c-a489-66c1442480de/1/CrgDxUcE6tBP_iQCFGh6r80nScA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ffdb69-680a-465c-a489-66c1442480de/1/nj4AxtKy-Y1RSC6UO5eT1DvzvIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.124.0/22
Signature Algorithm: sha256WithRSAEncryption
17:9e:08:f5:b8:dc:71:b1:97:46:39:c1:ab:b6:6f:00:90:0d:
df:d0:b1:79:f5:3b:ed:fc:6f:22:83:06:ea:05:f1:90:22:b3:
e1:f1:8b:b6:90:4f:8c:08:b2:3f:7e:11:f3:7a:e9:8a:d1:40:
e0:68:2b:cc:c9:0a:92:9a:b7:f9:15:e3:f0:62:3c:be:62:22:
ba:5c:9c:cf:dd:a3:27:92:e2:e0:1a:e0:d2:0a:71:0e:b1:ab:
37:72:c1:1a:12:01:f3:6d:80:1e:3d:af:66:7d:72:8c:77:18:
5d:fb:ba:1b:8e:3a:70:03:f5:f1:5d:eb:17:91:1a:fc:32:01:
1a:3d:4d:8e:75:e3:d5:87:9c:d6:97:34:32:d8:81:54:f6:3e:
c6:e3:12:d4:99:78:4b:4b:a1:16:da:da:92:75:4b:1f:4c:ca:
17:12:43:61:4a:e9:8a:7e:69:5d:54:91:10:49:1c:3f:0d:52:
e0:4d:bc:d2:5c:0e:d9:a4:a6:40:2d:e6:16:49:1d:25:19:6c:
0b:b4:2b:e7:d8:fd:21:10:bd:7b:cc:6e:96:67:45:87:59:05:
47:b0:d2:2d:3e:30:95:e3:cb:d5:e2:71:62:68:7e:c2:eb:d9:
07:e4:51:8c:0b:b2:31:e1:41:df:71:61:ed:fa:fd:01:53:89:
42:c3:73:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS+LJP9lCQ1dBwebAMFYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllM2UwMGM2ZDJiMmY5OGQ1MTQ4MmU5NDNiOTc5M2Q0M2Jm
M2JjODYwHhcNMjMwMTAyMDIyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWI4MDNjNTQ3MDRlYWQwNGZmZTI0MDIxNDY4N2FhZmNkMjc0OWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopRLAbu7bTB1C4Oz/OJTSUZ3bQmJ
XGeOFy/mcV4BhAtiLKyjyTYgPA7Ks5vp7Bcg5c17U1oKcApHN7hLInQejjOuka/5
novpOI8YZ8ev2YyI3T0Jw8mDCnZCCHlKXRzaxETwwG99iBr82obuWq0jXHTx40sk
4mw1I7JZNe9OfxUn5yFWJDs33VojpX/8AFGbAWQbB9b/P8P7mXF7+98ITZaJaDA6
1HOwqdEdUZelboPTJx/uNP7Ja6egIDfPxxNU5dkRUhPOHUumoB6si9DfOaRhpG4P
bEyw7mCfEwMSoZPO2jQgyWERN0sw7DYCqb0as/X5mnfzKbOuNSRN4pSUhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAq4A8VHBOrQT/4kAhRoeq/NJ0nAMB8GA1UdIwQY
MBaAFJ4+AMbSsvmNUUgulDuXk9Q787yGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmo0QXh0S3ktWTFSU0M2VU81ZVQxRHZ6dklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9mZmRiNjktNjgwYS00NjVjLWE0ODkt
NjZjMTQ0MjQ4MGRlLzEvQ3JnRHhVY0U2dEJQX2lRQ0ZHaDZyODBuU2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9mZmRiNjktNjgwYS00NjVjLWE0ODktNjZjMTQ0MjQ4MGRl
LzEvbmo0QXh0S3ktWTFSU0M2VU81ZVQxRHZ6dklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudx8MA0G
CSqGSIb3DQEBCwUAA4IBAQAXngj1uNxxsZdGOcGrtm8AkA3f0LF59Tvt/G8igwbq
BfGQIrPh8Yu2kE+MCLI/fhHzeumK0UDgaCvMyQqSmrf5FePwYjy+YiK6XJzP3aMn
kuLgGuDSCnEOsas3csEaEgHzbYAePa9mfXKMdxhd+7objjpwA/XxXesXkRr8MgEa
PU2OdePVh5zWlzQy2IFU9j7G4xLUmXhLS6EW2tqSdUsfTMoXEkNhSumKfmldVJEQ
SRw/DVLgTbzSXA7ZpKZALeYWSR0lGWwLtCvn2P0hEL17zG6WZ0WHWQVHsNItPjCV
48vV4nFiaH7C69kH5FGMC7Ix4UHfcWHt+v0BU4lCw3PT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:43 2024 by rpki-client on console-ams.rpki-client.org