Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/_x6HN0cnOhmnYlmsL17mYdzhRzI.roa
File: _x6HN0cnOhmnYlmsL17mYdzhRzI.roa (raw, json)
Hash identifier: rDzE65T9MQGJlbvP9v9fl+EXDZ9Vv0NTWZaHJQ6nwaI=
Subject key identifier: FF:1E:87:37:47:27:3A:19:A7:62:59:AC:2F:5E:E6:61:DC:E1:47:32
Certificate issuer: /CN=f1da67135b737ca9d2dfd7b97fe5978b8f300d6b
Certificate serial: 018570673BEBAE6DDBDEAB56E48A20A25D18
Authority key identifier: F1:DA:67:13:5B:73:7C:A9:D2:DF:D7:B9:7F:E5:97:8B:8F:30:0D:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dpnE1tzfKnS39e5f-WXi48wDWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/_x6HN0cnOhmnYlmsL17mYdzhRzI.roa
Signing time: Mon 02 Jan 2023 02:54:51 +0000
ROA not before: Mon 02 Jan 2023 02:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60486
IP address blocks: 185.29.152.0/22 maxlen: 22
185.29.152.0/23 maxlen: 23
185.29.154.0/24 maxlen: 24
85.184.244.0/24 maxlen: 24
85.184.246.0/24 maxlen: 24
85.184.245.0/24 maxlen: 24
85.184.247.0/24 maxlen: 24
83.143.72.0/24 maxlen: 24
2a00:a920:700::/40 maxlen: 40
2a00:a920:900::/40 maxlen: 40
2a00:a920:800::/40 maxlen: 40
2a00:a920:400::/40 maxlen: 40
2a00:a920:300::/40 maxlen: 40
2a00:a920:200::/40 maxlen: 40
2a00:a920:100::/40 maxlen: 40
2a00:a920::/40 maxlen: 40
2a00:a920:c00::/40 maxlen: 40
2a00:a920::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:3b:eb:ae:6d:db:de:ab:56:e4:8a:20:a2:5d:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1da67135b737ca9d2dfd7b97fe5978b8f300d6b
Validity
Not Before: Jan 2 02:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff1e873747273a19a76259ac2f5ee661dce14732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:de:ca:61:1e:a5:fc:9a:65:d5:f3:06:2c:8a:
cf:49:21:c6:0e:7c:5b:1d:5a:63:44:d4:12:8c:f7:
1b:48:9c:c2:7a:b5:81:01:7b:32:98:cb:fa:1e:e5:
ab:78:68:82:67:c3:aa:aa:39:3f:a2:02:66:85:66:
c6:a0:3c:ab:f0:72:8c:0e:e7:df:d0:a9:ee:7b:06:
52:86:d0:3b:85:d7:d6:45:fd:b0:04:90:02:2c:b7:
d5:66:7f:3f:48:bd:a8:7e:12:15:2d:de:75:9c:25:
a4:85:61:28:d5:0c:b5:27:ab:0a:99:0d:c6:cc:b2:
98:78:9e:ba:2d:8d:e2:71:cc:ef:16:10:e4:06:32:
89:fc:47:1e:aa:fa:b4:73:24:a1:48:4c:b5:51:c4:
e7:87:57:3f:97:9a:29:02:f7:cb:df:a7:9c:d6:55:
7f:13:4f:75:57:fe:37:58:2c:52:fe:2a:d4:4c:d0:
d2:cc:cb:cf:a2:ae:db:81:7a:62:c5:5e:90:1e:ec:
bd:08:2e:d3:37:6f:e2:f4:95:bf:18:40:26:44:db:
72:ed:62:04:e2:d2:11:02:a3:0d:98:c2:51:5f:5e:
03:77:6a:b7:7b:ba:d8:b0:61:c8:64:dc:17:50:6d:
2b:81:3e:e4:c0:21:7a:b0:21:25:0f:df:68:fd:ae:
38:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:1E:87:37:47:27:3A:19:A7:62:59:AC:2F:5E:E6:61:DC:E1:47:32
X509v3 Authority Key Identifier:
keyid:F1:DA:67:13:5B:73:7C:A9:D2:DF:D7:B9:7F:E5:97:8B:8F:30:0D:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dpnE1tzfKnS39e5f-WXi48wDWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/_x6HN0cnOhmnYlmsL17mYdzhRzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a2ccb1-a728-4f04-9641-fc112ae63ea4/1/8dpnE1tzfKnS39e5f-WXi48wDWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.72.0/24
85.184.244.0/22
185.29.152.0/22
IPv6:
2a00:a920::/32
Signature Algorithm: sha256WithRSAEncryption
8d:36:94:32:39:26:ec:04:f2:80:64:7e:ff:82:bb:02:ac:d1:
54:55:96:10:ff:9a:fc:35:2c:ae:32:37:20:30:a8:ea:12:4c:
85:f5:70:c0:c1:f0:f3:d1:fd:eb:04:6b:0c:a9:34:32:ae:e7:
e2:ca:7a:a9:c4:9d:fc:37:7a:d9:24:aa:b3:bc:28:00:6f:70:
b2:48:a2:ea:92:5d:df:26:51:ac:f7:ca:18:c5:52:93:f5:83:
e6:19:a6:5e:5b:e0:5e:4d:fb:a0:6a:89:ac:5a:8b:05:c7:18:
38:a2:f7:01:6d:f5:7c:2a:7d:48:4b:5d:2d:b2:51:25:85:ec:
79:56:42:5f:3c:5a:3a:da:05:34:ab:b6:79:79:c3:8c:77:bb:
8f:5a:ce:17:af:ea:33:27:a8:75:1d:c8:b6:05:e9:b1:22:fe:
f6:1a:89:40:7c:22:4c:71:2f:92:70:bd:19:7e:29:1b:81:8b:
8a:08:56:8d:1d:9a:a8:e6:ec:25:f7:ff:26:c2:90:3e:96:a3:
ad:93:79:bb:2f:fb:5c:61:da:bc:fe:da:50:ad:f2:bd:dd:4a:
34:0d:e1:2b:f4:0e:63:cf:e7:86:62:c4:cf:69:88:8b:95:7f:
b8:73:9a:15:e8:f8:80:6f:55:15:8f:da:54:cf:b6:fc:f3:49:
e2:0e:a8:c9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwZzvrrm3b3qtW5Iogol0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZGE2NzEzNWI3MzdjYTlkMmRmZDdiOTdmZTU5NzhiOGYz
MDBkNmIwHhcNMjMwMTAyMDI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjFlODczNzQ3MjczYTE5YTc2MjU5YWMyZjVlZTY2MWRjZTE0NzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi97KYR6l/Jpl1fMGLIrPSSHGDnxb
HVpjRNQSjPcbSJzCerWBAXsymMv6HuWreGiCZ8Oqqjk/ogJmhWbGoDyr8HKMDuff
0KnuewZShtA7hdfWRf2wBJACLLfVZn8/SL2ofhIVLd51nCWkhWEo1Qy1J6sKmQ3G
zLKYeJ66LY3icczvFhDkBjKJ/Eceqvq0cyShSEy1UcTnh1c/l5opAvfL36ec1lV/
E091V/43WCxS/irUTNDSzMvPoq7bgXpixV6QHuy9CC7TN2/i9JW/GEAmRNty7WIE
4tIRAqMNmMJRX14Dd2q3e7rYsGHIZNwXUG0rgT7kwCF6sCElD99o/a44KwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP8ehzdHJzoZp2JZrC9e5mHc4UcyMB8GA1UdIwQY
MBaAFPHaZxNbc3yp0t/XuX/ll4uPMA1rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRwbkUxdHpmS25TMzllNWYtV1hpNDh3RFdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hMmNjYjEtYTcyOC00ZjA0LTk2NDEt
ZmMxMTJhZTYzZWE0LzEvX3g2SE4wY25PaG1uWWxtc0wxN21ZZHpoUnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hMmNjYjEtYTcyOC00ZjA0LTk2NDEtZmMxMTJhZTYzZWE0
LzEvOGRwbkUxdHpmS25TMzllNWYtV1hpNDh3RFdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAU49IAwQC
Vbj0AwQCuR2YMA0EAgACMAcDBQAqAKkgMA0GCSqGSIb3DQEBCwUAA4IBAQCNNpQy
OSbsBPKAZH7/grsCrNFUVZYQ/5r8NSyuMjcgMKjqEkyF9XDAwfDz0f3rBGsMqTQy
rufiynqpxJ38N3rZJKqzvCgAb3CySKLqkl3fJlGs98oYxVKT9YPmGaZeW+BeTfug
aomsWosFxxg4ovcBbfV8Kn1IS10tslElhex5VkJfPFo62gU0q7Z5ecOMd7uPWs4X
r+ozJ6h1Hci2BemxIv72GolAfCJMcS+ScL0ZfikbgYuKCFaNHZqo5uwl9/8mwpA+
lqOtk3m7L/tcYdq8/tpQrfK93Uo0DeEr9A5jz+eGYsTPaYiLlX+4c5oV6PiAb1UV
j9pUz7b880niDqjJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:39 2024 by rpki-client on console-ams.rpki-client.org