Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/vSFtCaKNHASkaqMgIXG_GhDTbqc.roa
File: vSFtCaKNHASkaqMgIXG_GhDTbqc.roa (raw, json)
Hash identifier: 1i2sEoZZt69KL3+0QbYGRN0M4eq2JuoptGgiVypUHNg=
Subject key identifier: BD:21:6D:09:A2:8D:1C:04:A4:6A:A3:20:21:71:BF:1A:10:D3:6E:A7
Certificate issuer: /CN=f8ad543624f8d3281ec970458ee752f10a424529
Certificate serial: 018CC795315EED5EAA9CEDB67C9A5A1F23A1
Authority key identifier: F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/vSFtCaKNHASkaqMgIXG_GhDTbqc.roa
Signing time: Tue 02 Jan 2024 00:31:32 +0000
ROA not before: Tue 02 Jan 2024 00:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198668
IP address blocks: 185.243.172.0/22 maxlen: 22
176.119.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Apr 2024 08:04:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:31:5e:ed:5e:aa:9c:ed:b6:7c:9a:5a:1f:23:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8ad543624f8d3281ec970458ee752f10a424529
Validity
Not Before: Jan 2 00:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd216d09a28d1c04a46aa3202171bf1a10d36ea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8f:4b:d4:3c:a7:96:56:5e:c7:cd:31:de:05:
64:7c:e2:62:04:26:2d:fe:ca:e5:9d:9e:94:dd:d4:
7c:79:13:59:d6:2b:ae:d7:74:c4:f4:c3:eb:df:fc:
a1:cd:d3:3c:53:47:e2:f0:82:58:0a:8e:4f:80:c5:
c2:38:ea:64:16:ce:28:6a:16:2c:8c:28:9b:ca:40:
b3:87:96:ce:4b:75:36:df:22:c1:d6:44:a7:7b:0b:
36:46:49:e9:8f:01:90:67:aa:8f:4d:29:7a:3e:1f:
85:e1:5c:92:71:55:47:0e:9e:5c:af:26:39:4e:37:
fb:19:4d:d8:e8:71:19:45:b6:f3:5a:1d:c4:14:73:
e3:17:2e:48:99:26:5b:7b:a5:77:8c:42:c1:36:68:
98:08:c6:f4:62:df:42:99:c1:83:49:9f:36:db:44:
9b:6a:a2:51:b6:8f:26:36:65:4a:86:67:6e:fd:63:
85:1c:08:ea:60:f4:f1:6b:93:33:88:22:cf:c1:b5:
4a:c7:ef:8d:bf:41:a4:65:cf:f6:a2:65:e9:de:c7:
9a:49:a5:6d:1d:69:17:e8:d2:2c:3c:ed:91:40:16:
10:11:60:f6:a6:09:ee:d7:22:23:dd:86:72:70:18:
09:14:e4:d4:a4:8c:b9:d5:31:27:bb:3e:62:95:4d:
ca:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:21:6D:09:A2:8D:1C:04:A4:6A:A3:20:21:71:BF:1A:10:D3:6E:A7
X509v3 Authority Key Identifier:
keyid:F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/vSFtCaKNHASkaqMgIXG_GhDTbqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.192.0/24
185.243.172.0/22
Signature Algorithm: sha256WithRSAEncryption
78:ef:79:22:f3:2d:dd:73:3d:3e:14:c6:9d:3c:e3:93:98:7d:
1e:bf:d4:f3:57:43:d2:e7:eb:15:c8:4c:ca:98:e4:76:4a:d9:
44:a7:14:de:1b:32:a2:91:ae:13:f0:52:ee:71:a6:44:81:47:
b4:2c:a5:ab:55:60:e4:fc:da:81:fe:4e:08:84:95:b2:2a:12:
4b:69:e9:75:da:ea:c3:e3:5a:24:e6:5d:cb:8b:84:5f:95:c9:
ee:53:08:4c:db:c2:f2:ff:a6:cf:72:68:53:08:1a:9f:8d:59:
2e:b2:e2:5b:e9:64:df:02:fc:f9:73:37:92:09:a2:c1:95:06:
74:91:ba:3d:6d:ea:58:d6:b2:2a:cd:80:ff:1b:5d:fc:03:0e:
45:4c:6e:42:f3:58:75:06:4c:1b:9f:7d:1d:62:7a:d7:50:80:
97:68:c4:50:5f:49:c5:1b:ca:a7:c1:3d:9b:73:67:2b:d3:ac:
96:36:26:e8:6d:10:21:ca:d2:87:97:0c:8d:ea:64:09:cb:31:
bc:01:fa:ec:ec:95:17:77:04:99:b3:f8:f2:e6:26:a4:5d:ad:
45:49:2d:0c:ba:52:10:43:c5:25:dc:81:49:07:39:b8:ad:8f:
ed:d8:f7:d3:54:f9:22:98:67:e2:35:d3:d6:a2:26:cd:44:bd:
ea:39:5d:76
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHlTFe7V6qnO22fJpaHyOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YWQ1NDM2MjRmOGQzMjgxZWM5NzA0NThlZTc1MmYxMGE0
MjQ1MjkwHhcNMjQwMTAyMDAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDIxNmQwOWEyOGQxYzA0YTQ2YWEzMjAyMTcxYmYxYTEwZDM2ZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI9L1DynllZex80x3gVkfOJiBCYt
/srlnZ6U3dR8eRNZ1iuu13TE9MPr3/yhzdM8U0fi8IJYCo5PgMXCOOpkFs4oahYs
jCibykCzh5bOS3U23yLB1kSnews2RknpjwGQZ6qPTSl6Ph+F4VyScVVHDp5cryY5
Tjf7GU3Y6HEZRbbzWh3EFHPjFy5ImSZbe6V3jELBNmiYCMb0Yt9CmcGDSZ8220Sb
aqJRto8mNmVKhmdu/WOFHAjqYPTxa5MziCLPwbVKx++Nv0GkZc/2omXp3seaSaVt
HWkX6NIsPO2RQBYQEWD2pgnu1yIj3YZycBgJFOTUpIy51TEnuz5ilU3KLwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFL0hbQmijRwEpGqjICFxvxoQ026nMB8GA1UdIwQY
MBaAFPitVDYk+NMoHslwRY7nUvEKQkUpMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LMVVOaVQ0MHlnZXlYQkZqdWRTOFFwQ1JTay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5
LThhMTFiNDcxOWQ4Mi8xL3ZTRnRDYUtOSEFTa2FxTWdJWEdfR2hEVGJxYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5LThhMTFiNDcxOWQ4
Mi8xLzEtSzFVTmlUNDB5Z2V5WEJGanVkUzhRcENSU2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACwd8AD
BAK586wwDQYJKoZIhvcNAQELBQADggEBAHjveSLzLd1zPT4Uxp0845OYfR6/1PNX
Q9Ln6xXITMqY5HZK2USnFN4bMqKRrhPwUu5xpkSBR7QspatVYOT82oH+TgiElbIq
Ektp6XXa6sPjWiTmXcuLhF+Vye5TCEzbwvL/ps9yaFMIGp+NWS6y4lvpZN8C/Plz
N5IJosGVBnSRuj1t6ljWsirNgP8bXfwDDkVMbkLzWHUGTBuffR1ietdQgJdoxFBf
ScUbyqfBPZtzZyvTrJY2JuhtECHK0oeXDI3qZAnLMbwB+uzslRd3BJmz+PLmJqRd
rUVJLQy6UhBDxSXcgUkHObitj+3Y99NU+SKYZ+I109aiJs1Eveo5XXY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:06 2024 by rpki-client on console-fra.rpki-client.org