Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/D6PKVYwO1G_tA0mZY_qbb3Cyje0.roa
File: D6PKVYwO1G_tA0mZY_qbb3Cyje0.roa (raw, json)
Hash identifier: pQTkgzkflkmniXO/KhqkTas9tibiJY0JLvSe1UE3tqM=
Subject key identifier: 0F:A3:CA:55:8C:0E:D4:6F:ED:03:49:99:63:FA:9B:6F:70:B2:8D:ED
Certificate issuer: /CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Certificate serial: 01856EA6AB30916CB72A75A3F158D7C78F66
Authority key identifier: D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/D6PKVYwO1G_tA0mZY_qbb3Cyje0.roa
Signing time: Sun 01 Jan 2023 18:44:54 +0000
ROA not before: Sun 01 Jan 2023 18:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207974
IP address blocks: 185.214.168.0/24 maxlen: 24
185.214.168.0/22 maxlen: 22
185.214.170.0/24 maxlen: 24
185.214.169.0/24 maxlen: 24
2a0a:3b40:3000::/36 maxlen: 36
2a0a:3b40:2000::/36 maxlen: 36
2a0a:3b40:1000::/36 maxlen: 36
2a0a:3b40::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:ab:30:91:6c:b7:2a:75:a3:f1:58:d7:c7:8f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Validity
Not Before: Jan 1 18:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fa3ca558c0ed46fed03499963fa9b6f70b28ded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:74:b1:82:cd:6c:a3:4a:21:a9:8c:1e:6f:2a:
3b:74:46:21:a6:0f:24:cb:09:37:3c:da:b6:a3:c1:
ff:33:63:f2:64:ef:be:b8:4f:24:5c:06:83:1e:e0:
36:57:60:04:4a:64:08:09:cd:33:df:9b:4b:8e:1c:
e0:fc:a1:cd:cc:58:c6:d9:15:c5:6f:32:82:d6:92:
c2:29:e9:15:5d:c9:00:ec:9c:91:32:b0:fe:8c:91:
bc:47:0e:4e:10:45:f5:9d:f8:7c:84:87:ff:7d:44:
6f:e0:58:93:a7:c2:de:1f:f7:ea:70:04:02:36:5b:
88:b7:15:6c:ef:d7:c8:88:a4:08:5f:e2:b6:f3:47:
63:72:14:ce:0a:91:38:6f:3a:82:18:0f:20:7a:fe:
2d:5a:40:94:0a:41:09:08:c6:60:3a:63:68:3b:82:
d6:e6:56:a4:99:8b:c0:dd:16:5d:60:1f:1a:db:cd:
64:42:54:f1:b2:8d:18:f1:eb:bd:f4:39:af:6d:32:
6c:da:b0:82:c4:73:7b:e5:fd:46:f0:37:6c:c5:76:
d4:c3:8a:20:35:75:e0:82:c9:6a:55:9a:c3:8a:30:
ee:00:1d:cb:45:57:98:53:8c:0c:81:4f:46:d5:b6:
10:fe:dc:3a:98:25:dd:e2:8a:0a:4a:a1:e7:f4:5b:
da:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A3:CA:55:8C:0E:D4:6F:ED:03:49:99:63:FA:9B:6F:70:B2:8D:ED
X509v3 Authority Key Identifier:
keyid:D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/D6PKVYwO1G_tA0mZY_qbb3Cyje0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.168.0/22
IPv6:
2a0a:3b40::/34
Signature Algorithm: sha256WithRSAEncryption
26:e2:a4:f0:10:51:b5:07:ef:13:78:ed:dd:cd:50:5b:c4:e7:
5c:5d:78:cd:98:15:30:96:38:95:5b:56:7a:2a:91:03:b1:ba:
57:98:01:ee:ab:cf:44:4b:35:ed:de:fb:a7:07:6a:f7:0e:04:
16:63:c4:5d:09:98:0a:ee:6a:2c:36:20:2e:67:6d:b6:47:3b:
c5:74:1f:d2:ae:3b:83:c1:a9:3e:9e:4a:f0:43:cd:55:56:62:
bf:c5:cd:98:0a:dc:37:5b:3b:c0:0b:e2:34:e3:3c:d3:b5:8d:
07:f1:1d:39:bc:51:b1:6a:50:b6:ce:c9:9a:6e:ed:87:5e:7f:
90:82:2a:20:d1:f2:8d:9a:5b:ab:49:0e:aa:4a:9f:fd:9e:b1:
8c:79:43:52:13:5f:4c:8b:75:e4:3d:a1:70:d3:fa:6e:8d:10:
e3:eb:e5:64:6d:97:7a:79:10:81:d2:64:d4:80:5c:1a:6c:d3:
2a:6e:73:d6:f2:63:ab:15:6e:0d:eb:71:04:51:4a:95:d1:aa:
e1:c2:c3:cc:98:df:c1:75:12:cc:df:61:24:8d:16:5c:d2:32:
20:d7:84:e8:61:e0:74:be:f8:f1:5c:dc:40:a5:d4:51:d2:9d:
7e:9d:13:7e:77:b3:c2:4e:8f:f8:b0:57:d0:f3:70:a8:bc:3f:
67:0c:ee:b4
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVupqswkWy3KnWj8VjXx49mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxN2JmNGZiZWE4OTRmNDNlZWIzZGIxYjIxNmU1Nzc2NmUw
MWFiODEwHhcNMjMwMTAxMTg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmEzY2E1NThjMGVkNDZmZWQwMzQ5OTk2M2ZhOWI2ZjcwYjI4ZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3Sxgs1so0ohqYwebyo7dEYhpg8k
ywk3PNq2o8H/M2PyZO++uE8kXAaDHuA2V2AESmQICc0z35tLjhzg/KHNzFjG2RXF
bzKC1pLCKekVXckA7JyRMrD+jJG8Rw5OEEX1nfh8hIf/fURv4FiTp8LeH/fqcAQC
NluItxVs79fIiKQIX+K280djchTOCpE4bzqCGA8gev4tWkCUCkEJCMZgOmNoO4LW
5lakmYvA3RZdYB8a281kQlTxso0Y8eu99DmvbTJs2rCCxHN75f1G8DdsxXbUw4og
NXXggslqVZrDijDuAB3LRVeYU4wMgU9G1bYQ/tw6mCXd4ooKSqHn9Fva5QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFA+jylWMDtRv7QNJmWP6m29wso3tMB8GA1UdIwQY
MBaAFNF79PvqiU9D7rPbGyFuV3ZuAauBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDIt
MmMyMDFkMzBhZTA1LzEvRDZQS1ZZd08xR190QTBtWllfcWJiM0N5amUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDItMmMyMDFkMzBhZTA1
LzEvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCudaoMA4E
AgACMAgDBgYqCjtAADANBgkqhkiG9w0BAQsFAAOCAQEAJuKk8BBRtQfvE3jt3c1Q
W8TnXF14zZgVMJY4lVtWeiqRA7G6V5gB7qvPREs17d77pwdq9w4EFmPEXQmYCu5q
LDYgLmdttkc7xXQf0q47g8GpPp5K8EPNVVZiv8XNmArcN1s7wAviNOM807WNB/Ed
ObxRsWpQts7Jmm7th15/kIIqINHyjZpbq0kOqkqf/Z6xjHlDUhNfTIt15D2hcNP6
bo0Q4+vlZG2XenkQgdJk1IBcGmzTKm5z1vJjqxVuDetxBFFKldGq4cLDzJjfwXUS
zN9hJI0WXNIyINeE6GHgdL748VzcQKXUUdKdfp0Tfnezwk6P+LBX0PNwqLw/Zwzu
tA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:15:58 2024 by rpki-client on console-ams.rpki-client.org