Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/DW9jMg3hyYvF0heEjxWq_O9fhp0.roa
File: DW9jMg3hyYvF0heEjxWq_O9fhp0.roa (raw, json)
Hash identifier: S8/eOCd/444idbxVzkNzN8aPzuIR4b5TrI3cGN/80N8=
Subject key identifier: 0D:6F:63:32:0D:E1:C9:8B:C5:D2:17:84:8F:15:AA:FC:EF:5F:86:9D
Certificate issuer: /CN=77c6fb655461d73fcf21e8612c318706a089a5c2
Certificate serial: 018BECBE12835239BAFCE0D331CA44A00394
Authority key identifier: 77:C6:FB:65:54:61:D7:3F:CF:21:E8:61:2C:31:87:06:A0:89:A5:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8b7ZVRh1z_PIehhLDGHBqCJpcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/DW9jMg3hyYvF0heEjxWq_O9fhp0.roa
Signing time: Mon 20 Nov 2023 12:39:21 +0000
ROA not before: Mon 20 Nov 2023 12:39:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206893
IP address blocks: 185.172.230.0/24 maxlen: 24
185.172.229.0/24 maxlen: 24
185.172.228.0/24 maxlen: 24
2a0b:81c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:be:12:83:52:39:ba:fc:e0:d3:31:ca:44:a0:03:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c6fb655461d73fcf21e8612c318706a089a5c2
Validity
Not Before: Nov 20 12:39:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d6f63320de1c98bc5d217848f15aafcef5f869d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:53:fd:47:ee:64:12:e3:81:88:41:2e:50:f8:
ab:d0:3f:90:dc:d5:b6:79:da:85:90:26:31:0e:29:
29:6b:2b:62:e8:80:03:45:ee:58:67:1c:94:27:ba:
97:c9:e1:0e:89:46:e5:18:ad:0e:3d:8c:35:6a:ea:
03:d7:2b:07:17:3b:1d:5d:c0:26:dc:7f:09:2e:5c:
6f:5d:38:68:29:d8:c5:e9:3a:65:07:5c:56:77:c4:
f1:d2:12:5b:f0:bf:38:df:61:ff:7e:b9:75:4a:81:
2d:75:1c:ed:0a:e6:8f:86:3f:5a:d5:2a:2d:86:4d:
01:29:c8:d5:0c:db:f9:db:a2:e0:2f:d7:44:af:92:
8f:cd:2e:8c:2e:ff:72:ca:c3:e4:88:21:1e:a3:fc:
b2:62:2e:53:6a:9b:6d:c0:63:23:c9:52:a4:42:70:
91:9f:c9:ba:e7:09:17:f8:1d:b9:93:91:27:ae:ca:
0f:23:52:ae:3d:6d:cc:c2:43:be:47:1c:09:75:79:
b1:fa:1c:52:2a:64:56:b0:81:55:76:70:4e:c0:49:
14:ac:c2:eb:34:01:d5:2c:7a:fe:18:80:f7:b1:30:
b1:11:e8:21:48:5f:b0:c8:ce:cc:c6:b2:dc:bf:aa:
73:fe:6c:ba:a6:32:b9:27:e1:14:f3:e6:c1:27:34:
35:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:6F:63:32:0D:E1:C9:8B:C5:D2:17:84:8F:15:AA:FC:EF:5F:86:9D
X509v3 Authority Key Identifier:
keyid:77:C6:FB:65:54:61:D7:3F:CF:21:E8:61:2C:31:87:06:A0:89:A5:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8b7ZVRh1z_PIehhLDGHBqCJpcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/DW9jMg3hyYvF0heEjxWq_O9fhp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/d8b7ZVRh1z_PIehhLDGHBqCJpcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.228.0-185.172.230.255
IPv6:
2a0b:81c0::/29
Signature Algorithm: sha256WithRSAEncryption
44:60:ca:33:bf:2e:c9:85:0f:bb:d3:0e:16:fd:ab:80:7a:61:
30:0c:2b:5f:25:c1:8c:b0:57:58:68:54:4a:3e:4b:87:f3:76:
59:82:7c:de:d7:48:70:c4:c5:f5:75:55:15:f8:78:be:0c:4e:
2b:66:f3:81:0b:94:00:c6:cc:41:79:87:1f:99:4f:d9:eb:d1:
da:34:83:56:97:94:b5:65:dc:2e:5b:7f:55:43:e2:81:50:67:
e4:2f:c0:b5:e1:c2:07:60:94:da:a0:98:d2:5e:dc:89:66:56:
db:38:55:0d:31:4e:d8:89:28:47:1b:f8:c6:73:d9:40:ed:c2:
d6:3a:a4:4b:22:82:ea:35:dd:d4:16:26:25:81:f1:d6:0d:99:
a2:fa:5f:f9:7d:3c:be:65:08:86:b1:f2:cb:91:7b:14:da:2d:
3d:0a:9e:67:96:e6:f0:3d:96:59:87:a7:ce:c3:8c:84:5f:cf:
4b:ff:1c:e2:f6:57:b4:be:07:3a:63:49:43:26:53:87:6c:2e:
fc:9a:ad:b0:2e:91:6b:6c:9b:83:97:3d:c2:f4:67:a6:54:98:
dc:50:3b:71:41:3f:c8:78:f0:4e:7c:ea:3b:65:f0:53:89:1b:
03:29:66:85:eb:31:ae:10:30:d1:1b:5c:50:a3:f9:5c:ee:46:
f5:97:76:09
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYvsvhKDUjm6/ODTMcpEoAOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YzZmYjY1NTQ2MWQ3M2ZjZjIxZTg2MTJjMzE4NzA2YTA4
OWE1YzIwHhcNMjMxMTIwMTIzOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDZmNjMzMjBkZTFjOThiYzVkMjE3ODQ4ZjE1YWFmY2VmNWY4NjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklP9R+5kEuOBiEEuUPir0D+Q3NW2
edqFkCYxDikpayti6IADRe5YZxyUJ7qXyeEOiUblGK0OPYw1auoD1ysHFzsdXcAm
3H8JLlxvXThoKdjF6TplB1xWd8Tx0hJb8L8432H/frl1SoEtdRztCuaPhj9a1Sot
hk0BKcjVDNv526LgL9dEr5KPzS6MLv9yysPkiCEeo/yyYi5TapttwGMjyVKkQnCR
n8m65wkX+B25k5EnrsoPI1KuPW3MwkO+RxwJdXmx+hxSKmRWsIFVdnBOwEkUrMLr
NAHVLHr+GID3sTCxEeghSF+wyM7MxrLcv6pz/my6pjK5J+EU8+bBJzQ1JQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFA1vYzIN4cmLxdIXhI8VqvzvX4adMB8GA1UdIwQY
MBaAFHfG+2VUYdc/zyHoYSwxhwagiaXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhiN1pWUmgxel9QSWVoaExER0hCcUNKcGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kZjBlMTEtNTkzYS00ZWU0LThkY2Yt
YWIzMDgxYjJhYmE0LzEvRFc5ak1nM2h5WXZGMGhlRWp4V3FfTzlmaHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kZjBlMTEtNTkzYS00ZWU0LThkY2YtYWIzMDgxYjJhYmE0
LzEvZDhiN1pWUmgxel9QSWVoaExER0hCcUNKcGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5rOQD
BAC5rOYwDQQCAAIwBwMFAyoLgcAwDQYJKoZIhvcNAQELBQADggEBAERgyjO/LsmF
D7vTDhb9q4B6YTAMK18lwYywV1hoVEo+S4fzdlmCfN7XSHDExfV1VRX4eL4MTitm
84ELlADGzEF5hx+ZT9nr0do0g1aXlLVl3C5bf1VD4oFQZ+QvwLXhwgdglNqgmNJe
3IlmVts4VQ0xTtiJKEcb+MZz2UDtwtY6pEsiguo13dQWJiWB8dYNmaL6X/l9PL5l
CIax8suRexTaLT0KnmeW5vA9llmHp87DjIRfz0v/HOL2V7S+BzpjSUMmU4dsLvya
rbAukWtsm4OXPcL0Z6ZUmNxQO3FBP8h48E586jtl8FOJGwMpZoXrMa4QMNEbXFCj
+VzuRvWXdgk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:30 2024 by rpki-client on console-ams.rpki-client.org