Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/LF6eMTyDAVs1ZeksHL7ucmS2x78.roa
File: LF6eMTyDAVs1ZeksHL7ucmS2x78.roa (raw, json)
Hash identifier: 0PWDkf66PS+uhLGpkIBzTQPat9Jalg1oj+F89PJHvzU=
Subject key identifier: 2C:5E:9E:31:3C:83:01:5B:35:65:E9:2C:1C:BE:EE:72:64:B6:C7:BF
Certificate issuer: /CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b
Certificate serial: 01856F5DD1C92656D9529781CF2CCA3D0D8F
Authority key identifier: 11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/LF6eMTyDAVs1ZeksHL7ucmS2x78.roa
Signing time: Sun 01 Jan 2023 22:04:57 +0000
ROA not before: Sun 01 Jan 2023 22:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202391
IP address blocks: 185.255.208.0/24 maxlen: 24
185.255.208.0/22 maxlen: 22
185.255.211.0/24 maxlen: 24
185.255.210.0/24 maxlen: 24
185.255.209.0/24 maxlen: 24
185.227.64.0/22 maxlen: 22
2a0a:4b80::/30 maxlen: 30
2a0a:4b84::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:d1:c9:26:56:d9:52:97:81:cf:2c:ca:3d:0d:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b
Validity
Not Before: Jan 1 22:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c5e9e313c83015b3565e92c1cbeee7264b6c7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:05:5a:e8:e6:c2:1b:a3:b3:f5:1b:c5:9c:db:
df:5e:e1:00:21:44:d1:83:35:0c:b2:73:31:9f:f8:
1d:bd:7d:3c:b6:51:3e:f1:ce:5e:5c:c2:5d:ae:25:
5b:5e:46:1a:22:0f:07:6b:7a:c6:71:64:08:20:5d:
b8:68:1e:d9:9d:00:96:78:89:6b:c6:f0:db:ab:46:
78:35:cc:38:92:48:0b:15:9f:c0:e6:c0:02:d7:48:
0a:3e:9f:5d:4c:eb:fa:6a:8e:f7:88:61:f0:02:f6:
bb:5c:8e:b6:92:da:27:8a:ae:94:ae:bf:10:84:44:
76:d9:e2:3d:6e:98:04:97:23:cd:cd:6b:31:6e:05:
de:b8:eb:fe:36:57:6f:98:a7:75:e6:d6:00:e2:21:
de:6d:2c:f4:e3:9b:be:e9:37:e3:6a:0e:99:29:bd:
a1:d7:37:05:64:f6:34:54:e8:8f:19:f9:83:90:9d:
90:e1:47:de:30:80:94:57:8f:e2:15:4e:08:74:45:
41:bb:9b:5b:d8:a8:76:17:3f:f5:d3:fb:32:70:a5:
54:c4:ba:c9:6c:94:88:8b:16:99:f3:fd:82:89:26:
4d:b0:a9:3d:36:01:49:ae:41:16:99:69:b4:74:52:
f5:58:14:00:2a:87:16:ce:e6:35:c3:18:85:bb:bd:
ab:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5E:9E:31:3C:83:01:5B:35:65:E9:2C:1C:BE:EE:72:64:B6:C7:BF
X509v3 Authority Key Identifier:
keyid:11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/LF6eMTyDAVs1ZeksHL7ucmS2x78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.64.0/22
185.255.208.0/22
IPv6:
2a0a:4b80::/29
Signature Algorithm: sha256WithRSAEncryption
53:0d:c4:8b:b0:34:ab:74:5e:6f:3f:85:15:13:02:1e:a3:ec:
98:d2:aa:86:88:28:72:1d:94:04:1d:b1:93:7c:7d:ca:b3:36:
d9:b7:a3:a3:82:7b:a0:5d:16:f8:c3:16:a6:fe:19:b2:7e:4c:
4c:51:b0:22:d5:6e:4f:31:7d:af:06:4b:5d:52:4b:2c:c5:f9:
61:dc:d9:50:58:fa:af:8a:3c:d6:05:31:4d:a5:a9:8e:8b:6b:
37:db:f0:f9:c7:91:12:85:a2:a3:ce:3b:01:2b:0c:37:ef:2b:
c2:83:68:e5:69:e3:22:c8:f4:0f:a4:6f:dc:db:92:b8:58:b6:
f6:8f:86:7d:cd:9b:86:29:8e:01:24:6f:a0:52:87:5e:98:5d:
79:72:b7:6e:cf:09:3e:cd:c7:36:6b:b4:f3:ed:93:cc:3d:7f:
6b:75:a9:ca:bc:5f:90:30:f5:5a:c3:54:78:51:da:bf:85:2d:
42:59:77:bd:6f:6e:c1:6a:61:9c:73:1a:ee:a3:a5:a6:4c:44:
7d:b4:e8:9a:94:83:ef:03:44:19:38:b7:79:23:14:be:6e:cc:
bf:09:4b:7f:6d:da:3a:c5:28:0b:35:14:ff:fe:74:8a:8f:ba:
c0:a9:aa:e4:ef:c5:af:22:56:87:00:86:36:35:cb:3d:c5:0d:
24:ed:d6:b1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvXdHJJlbZUpeBzyzKPQ2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYmM0MGJjYWI1ZTkwNTNhYjZkYjdkMTllMmEzOGRmMWI2
ZjlhNGIwHhcNMjMwMTAxMjIwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzVlOWUzMTNjODMwMTViMzU2NWU5MmMxY2JlZWU3MjY0YjZjN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwVa6ObCG6Oz9RvFnNvfXuEAIUTR
gzUMsnMxn/gdvX08tlE+8c5eXMJdriVbXkYaIg8Ha3rGcWQIIF24aB7ZnQCWeIlr
xvDbq0Z4Ncw4kkgLFZ/A5sAC10gKPp9dTOv6ao73iGHwAva7XI62ktoniq6Urr8Q
hER22eI9bpgElyPNzWsxbgXeuOv+NldvmKd15tYA4iHebSz045u+6Tfjag6ZKb2h
1zcFZPY0VOiPGfmDkJ2Q4UfeMICUV4/iFU4IdEVBu5tb2Kh2Fz/10/sycKVUxLrJ
bJSIixaZ8/2CiSZNsKk9NgFJrkEWmWm0dFL1WBQAKocWzuY1wxiFu72rXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCxenjE8gwFbNWXpLBy+7nJktse/MB8GA1UdIwQY
MBaAFBG8QLyrXpBTq2230Z4qON8bb5pLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJ4QXZLdGVrRk9yYmJmUm5pbzQzeHR2bWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kYWZmYjYtOGJkZi00MTFkLWI2YzQt
YWU0Zjg0ZTE2Y2ExLzEvTEY2ZU1UeURBVnMxWmVrc0hMN3VjbVMyeDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kYWZmYjYtOGJkZi00MTFkLWI2YzQtYWU0Zjg0ZTE2Y2Ex
LzEvRWJ4QXZLdGVrRk9yYmJmUm5pbzQzeHR2bWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCueNAAwQC
uf/QMA0EAgACMAcDBQMqCkuAMA0GCSqGSIb3DQEBCwUAA4IBAQBTDcSLsDSrdF5v
P4UVEwIeo+yY0qqGiChyHZQEHbGTfH3KszbZt6OjgnugXRb4wxam/hmyfkxMUbAi
1W5PMX2vBktdUkssxflh3NlQWPqvijzWBTFNpamOi2s32/D5x5EShaKjzjsBKww3
7yvCg2jlaeMiyPQPpG/c25K4WLb2j4Z9zZuGKY4BJG+gUodemF15crduzwk+zcc2
a7Tz7ZPMPX9rdanKvF+QMPVaw1R4Udq/hS1CWXe9b27BamGccxruo6WmTER9tOia
lIPvA0QZOLd5IxS+bsy/CUt/bdo6xSgLNRT//nSKj7rAqark78WvIlaHAIY2Ncs9
xQ0k7dax
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:47 2024 by rpki-client on console-ams.rpki-client.org