Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/jLR0Gs5_DvUjeUmXuxVhLRU7PFM.roa
File: jLR0Gs5_DvUjeUmXuxVhLRU7PFM.roa (raw, json)
Hash identifier: MgcgTePqPoIRxtAme312nOEhHgTBFq1pRtIvT7PE/v8=
Subject key identifier: 8C:B4:74:1A:CE:7F:0E:F5:23:79:49:97:BB:15:61:2D:15:3B:3C:53
Certificate issuer: /CN=77c6fb655461d73fcf21e8612c318706a089a5c2
Certificate serial: 018DB52782A35C375BB19A9547755305FBE6
Authority key identifier: 77:C6:FB:65:54:61:D7:3F:CF:21:E8:61:2C:31:87:06:A0:89:A5:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8b7ZVRh1z_PIehhLDGHBqCJpcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/jLR0Gs5_DvUjeUmXuxVhLRU7PFM.roa
Signing time: Sat 17 Feb 2024 03:41:21 +0000
ROA not before: Sat 17 Feb 2024 03:41:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211090
IP address blocks: 185.172.230.0/24 maxlen: 24
185.172.231.0/24 maxlen: 24
2a0b:81c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 20 Feb 2024 17:24:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b5:27:82:a3:5c:37:5b:b1:9a:95:47:75:53:05:fb:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c6fb655461d73fcf21e8612c318706a089a5c2
Validity
Not Before: Feb 17 03:41:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cb4741ace7f0ef523794997bb15612d153b3c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:07:62:49:89:c2:ed:4a:c8:9a:24:fd:f9:eb:
a5:97:a0:05:49:5b:f6:b5:1b:39:15:54:eb:50:fa:
24:55:10:b4:dc:33:a3:f6:38:68:d4:a8:ef:8f:b9:
a3:3e:d8:c2:c9:88:96:5b:1e:37:e2:61:db:a3:e9:
43:9a:94:46:b0:6e:bc:3e:d7:3f:af:8b:f1:08:15:
96:88:8d:be:5b:46:08:b7:98:b2:85:88:7c:e7:a8:
ca:af:51:4b:0b:54:a1:86:5a:55:5a:03:1e:37:dd:
2c:68:df:ca:95:a2:36:69:90:b8:11:33:84:08:33:
27:e4:22:0c:59:c3:69:3e:7d:fd:08:e7:90:2b:e2:
76:12:f6:61:30:cc:18:a1:e5:c3:3e:9e:93:30:91:
f1:2c:48:3e:21:cc:03:ce:f9:c5:f6:8c:28:24:be:
48:c2:b7:7b:79:c9:cb:a0:bb:f7:89:69:27:a0:7d:
e0:86:c9:5c:ee:fa:8d:7b:88:53:8e:b6:7f:d9:12:
13:50:95:f1:06:bd:6a:d4:16:22:7e:d5:17:ad:8c:
5a:6f:f5:7c:1f:69:3e:cd:78:7e:b3:28:6c:ec:38:
20:18:a2:7e:ef:b4:09:fa:23:df:88:7f:ee:22:7c:
1d:01:c1:b9:ba:6d:bf:dd:58:7f:47:e7:45:dc:5b:
dc:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B4:74:1A:CE:7F:0E:F5:23:79:49:97:BB:15:61:2D:15:3B:3C:53
X509v3 Authority Key Identifier:
keyid:77:C6:FB:65:54:61:D7:3F:CF:21:E8:61:2C:31:87:06:A0:89:A5:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8b7ZVRh1z_PIehhLDGHBqCJpcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/jLR0Gs5_DvUjeUmXuxVhLRU7PFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/d8b7ZVRh1z_PIehhLDGHBqCJpcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.230.0/23
IPv6:
2a0b:81c0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:18:6e:18:23:17:07:64:1e:fd:4b:24:43:06:4d:f6:4d:b8:
74:8a:62:08:fb:31:0c:5f:b1:ab:2b:57:fb:0f:8b:05:95:48:
72:e9:b1:e6:25:d3:9e:d9:66:0f:fb:46:a5:40:08:b2:78:b2:
2e:e4:cd:60:94:9e:d9:b3:6e:8e:56:c1:2f:35:13:60:1e:33:
0b:f1:09:4f:6b:42:06:c7:96:37:a2:1b:d8:27:de:ab:67:bf:
2d:ed:68:29:06:b2:ad:a9:2c:a8:81:b7:3f:d0:79:2d:cb:6a:
3b:54:c2:42:58:9f:60:11:f9:a4:b7:52:8b:32:20:1b:1c:7a:
79:65:51:60:88:59:76:79:6d:49:b7:ca:8b:05:f0:e5:9a:58:
f3:ac:d5:f1:b0:dc:1c:a1:9d:c3:c5:e9:a7:29:35:53:6e:09:
4d:b2:a5:19:91:ae:49:71:4e:cb:44:a5:9f:ce:ba:89:f4:b0:
f3:27:57:28:08:c0:3c:58:af:a6:64:01:aa:d9:19:50:63:28:
7d:b1:84:d3:34:eb:b1:1e:08:d8:1a:a7:5e:5e:ba:83:c9:e5:
28:73:f2:dd:88:ee:a4:3d:6b:ed:b7:7b:f0:f3:72:4c:aa:e1:
41:fe:04:56:94:d7:3d:b6:64:93:0f:c6:7e:d4:ab:b5:8d:4e:
ec:bf:6f:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY21J4KjXDdbsZqVR3VTBfvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YzZmYjY1NTQ2MWQ3M2ZjZjIxZTg2MTJjMzE4NzA2YTA4
OWE1YzIwHhcNMjQwMjE3MDM0MTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2I0NzQxYWNlN2YwZWY1MjM3OTQ5OTdiYjE1NjEyZDE1M2IzYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigdiSYnC7UrImiT9+eull6AFSVv2
tRs5FVTrUPokVRC03DOj9jho1Kjvj7mjPtjCyYiWWx434mHbo+lDmpRGsG68Ptc/
r4vxCBWWiI2+W0YIt5iyhYh856jKr1FLC1ShhlpVWgMeN90saN/KlaI2aZC4ETOE
CDMn5CIMWcNpPn39COeQK+J2EvZhMMwYoeXDPp6TMJHxLEg+IcwDzvnF9owoJL5I
wrd7ecnLoLv3iWknoH3ghslc7vqNe4hTjrZ/2RITUJXxBr1q1BYiftUXrYxab/V8
H2k+zXh+syhs7DggGKJ+77QJ+iPfiH/uInwdAcG5um2/3Vh/R+dF3FvcCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIy0dBrOfw71I3lJl7sVYS0VOzxTMB8GA1UdIwQY
MBaAFHfG+2VUYdc/zyHoYSwxhwagiaXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhiN1pWUmgxel9QSWVoaExER0hCcUNKcGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kZjBlMTEtNTkzYS00ZWU0LThkY2Yt
YWIzMDgxYjJhYmE0LzEvakxSMEdzNV9EdlVqZVVtWHV4VmhMUlU3UEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kZjBlMTEtNTkzYS00ZWU0LThkY2YtYWIzMDgxYjJhYmE0
LzEvZDhiN1pWUmgxel9QSWVoaExER0hCcUNKcGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuazmMA0E
AgACMAcDBQMqC4HAMA0GCSqGSIb3DQEBCwUAA4IBAQBvGG4YIxcHZB79SyRDBk32
Tbh0imII+zEMX7GrK1f7D4sFlUhy6bHmJdOe2WYP+0alQAiyeLIu5M1glJ7Zs26O
VsEvNRNgHjML8QlPa0IGx5Y3ohvYJ96rZ78t7WgpBrKtqSyogbc/0Hkty2o7VMJC
WJ9gEfmkt1KLMiAbHHp5ZVFgiFl2eW1Jt8qLBfDlmljzrNXxsNwcoZ3DxemnKTVT
bglNsqUZka5JcU7LRKWfzrqJ9LDzJ1coCMA8WK+mZAGq2RlQYyh9sYTTNOuxHgjY
GqdeXrqDyeUoc/LdiO6kPWvtt3vw83JMquFB/gRWlNc9tmSTD8Z+1Ku1jU7sv29K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:44 2024 by rpki-client on console-fra.rpki-client.org