Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/_XckK8sEFBaBJCt_fE1uH7jTrB4.roa
File: _XckK8sEFBaBJCt_fE1uH7jTrB4.roa (raw, json)
Hash identifier: 4GegV1C51V5sP4nnDeUumM+dPJjLDRthGDLPpKP/zKI=
Subject key identifier: FD:77:24:2B:CB:04:14:16:81:24:2B:7F:7C:4D:6E:1F:B8:D3:AC:1E
Certificate issuer: /CN=3a34889251e7cb133e906c70891ba1a0495ed860
Certificate serial: 018571A7ADABD873785AA6EB44118A5F6A4B
Authority key identifier: 3A:34:88:92:51:E7:CB:13:3E:90:6C:70:89:1B:A1:A0:49:5E:D8:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/_XckK8sEFBaBJCt_fE1uH7jTrB4.roa
Signing time: Mon 02 Jan 2023 08:44:52 +0000
ROA not before: Mon 02 Jan 2023 08:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 185.240.78.0/24 maxlen: 24
185.240.77.0/24 maxlen: 24
185.240.76.0/24 maxlen: 24
185.185.209.0/24 maxlen: 24
185.185.211.0/24 maxlen: 24
185.185.210.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:ad:ab:d8:73:78:5a:a6:eb:44:11:8a:5f:6a:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a34889251e7cb133e906c70891ba1a0495ed860
Validity
Not Before: Jan 2 08:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd77242bcb04141681242b7f7c4d6e1fb8d3ac1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d9:9e:28:db:31:12:93:fe:fd:95:7d:26:23:
72:3f:20:cb:98:f3:fd:97:9d:fb:c5:a5:c5:33:59:
3c:f9:d6:00:8e:08:af:c9:03:a4:ae:79:4e:1c:40:
c3:62:b6:28:28:e2:5a:6b:d6:75:21:25:e2:65:4e:
ad:2e:eb:96:05:62:0a:a4:cc:1f:7c:d2:f9:97:c5:
b3:22:36:7a:34:fe:4f:b2:4b:9f:2a:d4:ca:ce:ed:
80:77:73:5f:47:64:71:f3:27:e5:a0:91:08:4c:8e:
b8:14:04:cd:a3:a9:68:f2:98:ae:77:51:29:70:70:
b1:9d:42:dc:28:bc:1b:7a:35:4c:2e:80:17:28:63:
f8:1c:c3:2a:63:98:f2:93:fe:ac:4b:53:3c:da:57:
61:d2:df:8c:ad:f4:56:26:3e:0a:c8:41:3e:54:7b:
18:c9:07:f7:f6:34:43:e6:23:63:80:e6:1a:74:b9:
5f:04:c0:89:e5:92:62:0e:ca:ef:12:4b:c3:b7:3d:
81:b5:c7:9d:b1:2c:07:72:9d:dc:d4:f1:fe:4b:21:
2b:51:b8:60:11:43:3d:83:41:47:6c:6a:16:d2:5c:
4a:d4:33:77:a1:14:16:08:6e:49:77:ca:9d:6f:82:
ce:99:7e:8d:e2:7f:4f:03:7c:b8:e0:a1:69:27:d9:
a2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:77:24:2B:CB:04:14:16:81:24:2B:7F:7C:4D:6E:1F:B8:D3:AC:1E
X509v3 Authority Key Identifier:
keyid:3A:34:88:92:51:E7:CB:13:3E:90:6C:70:89:1B:A1:A0:49:5E:D8:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/_XckK8sEFBaBJCt_fE1uH7jTrB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.209.0-185.185.211.255
185.240.76.0-185.240.78.255
Signature Algorithm: sha256WithRSAEncryption
86:9f:6b:42:1f:2a:f9:fd:7b:ec:1b:b6:7a:bb:0b:89:cf:30:
05:60:50:6a:e1:a4:c0:ae:49:2a:03:ee:ff:17:16:10:8a:be:
11:ef:36:e7:59:fd:3a:84:f2:e3:52:b8:b2:f9:5a:45:c1:a4:
32:3a:91:80:68:b0:ae:1b:1e:9a:df:57:cf:0e:b2:cf:ea:af:
f7:a4:b1:ea:12:19:69:c5:e6:35:72:f6:3e:97:9b:84:0c:3f:
27:33:cd:c9:35:cf:43:da:0c:1e:a8:9c:ab:c7:cb:b8:3a:72:
c1:8d:ab:56:3a:f2:94:94:fb:e1:15:93:a7:a5:8c:04:01:ad:
e0:ad:77:c5:55:3b:e9:89:21:0d:59:46:6e:ed:2c:d1:d0:ac:
7d:5c:f9:67:08:c7:67:03:04:a4:3e:a7:b3:8d:34:e8:c0:ce:
d0:21:d2:b4:fb:87:23:39:14:e2:65:ff:23:5e:ba:5e:a7:b2:
a4:0f:cb:ff:fd:7c:6d:72:ff:5b:51:73:86:d7:c3:8c:7c:0d:
e7:3d:a2:bf:33:4e:9c:88:e0:2b:ef:61:59:56:fb:70:b5:8a:
d7:7c:86:5f:3a:59:64:8b:d6:6c:60:66:66:18:7b:d1:40:40:
a7:df:2d:00:aa:a2:84:91:40:ef:0a:18:dc:08:1c:48:d5:67:
2f:d3:f8:c7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVxp62r2HN4WqbrRBGKX2pLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMzQ4ODkyNTFlN2NiMTMzZTkwNmM3MDg5MWJhMWEwNDk1
ZWQ4NjAwHhcNMjMwMTAyMDg0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDc3MjQyYmNiMDQxNDE2ODEyNDJiN2Y3YzRkNmUxZmI4ZDNhYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NmeKNsxEpP+/ZV9JiNyPyDLmPP9
l537xaXFM1k8+dYAjgivyQOkrnlOHEDDYrYoKOJaa9Z1ISXiZU6tLuuWBWIKpMwf
fNL5l8WzIjZ6NP5PskufKtTKzu2Ad3NfR2Rx8yfloJEITI64FATNo6lo8piud1Ep
cHCxnULcKLwbejVMLoAXKGP4HMMqY5jyk/6sS1M82ldh0t+MrfRWJj4KyEE+VHsY
yQf39jRD5iNjgOYadLlfBMCJ5ZJiDsrvEkvDtz2BtcedsSwHcp3c1PH+SyErUbhg
EUM9g0FHbGoW0lxK1DN3oRQWCG5Jd8qdb4LOmX6N4n9PA3y44KFpJ9mi2QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP13JCvLBBQWgSQrf3xNbh+406weMB8GA1UdIwQY
MBaAFDo0iJJR58sTPpBscIkboaBJXthgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2pTSWtsSG55eE0ta0d4d2lSdWhvRWxlMkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85MTE4MmEtZjM0Yi00YTE1LWIzNjMt
ODRmOWVkODdhYzMxLzEvX1hja0s4c0VGQmFCSkN0X2ZFMXVIN2pUckI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85MTE4MmEtZjM0Yi00YTE1LWIzNjMtODRmOWVkODdhYzMx
LzEvT2pTSWtsSG55eE0ta0d4d2lSdWhvRWxlMkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAC5udED
BAK5udAwDAMEArnwTAMEALnwTjANBgkqhkiG9w0BAQsFAAOCAQEAhp9rQh8q+f17
7Bu2ersLic8wBWBQauGkwK5JKgPu/xcWEIq+Ee8251n9OoTy41K4svlaRcGkMjqR
gGiwrhsemt9Xzw6yz+qv96Sx6hIZacXmNXL2PpebhAw/JzPNyTXPQ9oMHqicq8fL
uDpywY2rVjrylJT74RWTp6WMBAGt4K13xVU76YkhDVlGbu0s0dCsfVz5ZwjHZwME
pD6ns4006MDO0CHStPuHIzkU4mX/I166XqeypA/L//18bXL/W1FzhtfDjHwN5z2i
vzNOnIjgK+9hWVb7cLWK13yGXzpZZIvWbGBmZhh70UBAp98tAKqihJFA7woY3Agc
SNVnL9P4xw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:13 2023 by rpki-client on console-ams.rpki-client.org