Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/kFsSXJagIAXH1LHXlPThFzwQpkw.roa
File: kFsSXJagIAXH1LHXlPThFzwQpkw.roa (raw, json)
Hash identifier: Dt5/mQY3vxaZLnwwg3DAEl7DshoL+2m/I00mZyQFwRI=
Subject key identifier: 90:5B:12:5C:96:A0:20:05:C7:D4:B1:D7:94:F4:E1:17:3C:10:A6:4C
Certificate issuer: /CN=335ca521362226d03c1829003d81d498aa838f33
Certificate serial: 01860DF47DDDFA2526243DF74013CD189E8A
Authority key identifier: 33:5C:A5:21:36:22:26:D0:3C:18:29:00:3D:81:D4:98:AA:83:8F:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/kFsSXJagIAXH1LHXlPThFzwQpkw.roa
Signing time: Wed 01 Feb 2023 17:09:32 +0000
ROA not before: Wed 01 Feb 2023 17:09:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200393
IP address blocks: 185.186.223.0/24 maxlen: 24
2a11:1e40:5aa5::/48 maxlen: 48
2a11:1e40:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 Nov 2023 17:42:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0d:f4:7d:dd:fa:25:26:24:3d:f7:40:13:cd:18:9e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=335ca521362226d03c1829003d81d498aa838f33
Validity
Not Before: Feb 1 17:09:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=905b125c96a02005c7d4b1d794f4e1173c10a64c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a9:3c:f9:23:10:dc:96:ea:c8:30:ff:15:6a:
c0:47:bf:5f:89:98:11:95:33:dd:bd:56:54:61:1c:
ea:3b:b5:f5:4e:27:d5:b0:41:e8:29:5b:15:6a:fb:
a3:2b:2a:c7:e6:24:5d:31:53:ab:f9:c9:ba:ca:1a:
b0:8f:e5:cb:41:47:25:4f:c7:3d:51:32:62:a8:5f:
22:61:ff:cb:8f:c3:45:74:a3:ef:50:b5:10:bc:80:
aa:bc:20:62:43:a2:bb:82:ad:20:28:6c:30:14:77:
80:a2:2d:c9:cd:9b:6c:49:02:7c:9b:46:de:e6:15:
26:cf:5d:7d:61:92:ba:c4:6d:ef:d3:2b:d9:62:d2:
18:1b:42:a7:4e:12:bc:8e:b9:7f:10:23:a4:c4:15:
61:52:4a:8b:c3:4a:d2:18:20:20:2a:88:61:af:e6:
b6:17:6c:e9:cd:c7:79:d0:40:55:04:a8:51:81:27:
50:6b:44:8b:1a:e3:16:1e:1d:21:91:44:e4:bb:5b:
16:0c:49:e4:6e:d8:b0:d0:0c:93:38:f6:a5:ed:30:
9f:bd:2e:0d:38:9c:9a:ca:d7:31:d6:64:80:5f:b8:
6a:ba:44:b5:d9:bd:68:4d:7a:73:b4:2b:8a:0d:c2:
69:29:cf:1b:1b:3c:34:ee:04:e0:3a:e2:b8:5a:ff:
43:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:5B:12:5C:96:A0:20:05:C7:D4:B1:D7:94:F4:E1:17:3C:10:A6:4C
X509v3 Authority Key Identifier:
keyid:33:5C:A5:21:36:22:26:D0:3C:18:29:00:3D:81:D4:98:AA:83:8F:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/kFsSXJagIAXH1LHXlPThFzwQpkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/M1ylITYiJtA8GCkAPYHUmKqDjzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.223.0/24
IPv6:
2a11:1e40:3::/48
2a11:1e40:5aa5::/48
Signature Algorithm: sha256WithRSAEncryption
90:60:54:91:aa:71:ce:bf:d6:0d:3d:c0:de:81:b2:ec:73:b5:
f1:47:7a:40:1e:e7:a4:20:ee:85:27:f5:5d:6e:50:7d:65:58:
70:dc:2e:09:67:15:3a:08:cf:04:59:da:08:b6:b8:2f:8e:7c:
9d:ba:cc:20:40:76:5d:73:dc:7a:c9:af:45:9f:13:f9:54:0b:
51:be:6b:24:b7:ac:ee:74:36:34:63:e7:68:09:2a:a9:76:79:
8e:a6:4d:06:90:c3:e4:3d:1b:3c:ee:d3:c2:c5:58:9c:b7:a2:
aa:df:9c:71:2a:94:dd:8c:51:b9:68:8c:4b:d8:0a:62:13:07:
d4:30:0f:39:55:25:6f:0d:28:df:0e:f4:ac:e7:94:65:95:db:
65:05:a4:bf:f8:e6:7d:40:8f:14:58:bd:2e:11:5d:55:88:1f:
e6:8f:cb:19:32:de:d8:21:83:d7:b7:dd:d7:aa:fb:fb:2a:5b:
ac:13:8b:c1:b6:99:fe:d0:5e:ca:ab:f8:32:6e:75:14:a0:5a:
e1:2d:69:e8:35:af:70:38:a3:0c:2b:7b:4a:69:5a:1d:ae:c0:
fe:ee:b9:a3:28:ea:e9:f1:97:5f:f4:23:b2:a3:39:d3:06:a9:
af:59:f3:b2:4e:f6:65:15:b4:60:02:f3:c8:50:3c:2d:56:e0:
0c:88:9a:75
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYYN9H3d+iUmJD33QBPNGJ6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNWNhNTIxMzYyMjI2ZDAzYzE4MjkwMDNkODFkNDk4YWE4
MzhmMzMwHhcNMjMwMjAxMTcwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDViMTI1Yzk2YTAyMDA1YzdkNGIxZDc5NGY0ZTExNzNjMTBhNjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqk8+SMQ3JbqyDD/FWrAR79fiZgR
lTPdvVZUYRzqO7X1TifVsEHoKVsVavujKyrH5iRdMVOr+cm6yhqwj+XLQUclT8c9
UTJiqF8iYf/Lj8NFdKPvULUQvICqvCBiQ6K7gq0gKGwwFHeAoi3JzZtsSQJ8m0be
5hUmz119YZK6xG3v0yvZYtIYG0KnThK8jrl/ECOkxBVhUkqLw0rSGCAgKohhr+a2
F2zpzcd50EBVBKhRgSdQa0SLGuMWHh0hkUTku1sWDEnkbtiw0AyTOPal7TCfvS4N
OJyaytcx1mSAX7hqukS12b1oTXpztCuKDcJpKc8bGzw07gTgOuK4Wv9DwQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJBbElyWoCAFx9Sx15T04Rc8EKZMMB8GA1UdIwQY
MBaAFDNcpSE2IibQPBgpAD2B1Jiqg48zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTF5bElUWWlKdEE4R0NrQVBZSFVtS3FEanpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9kYzYwOGEtMTc1ZS00MmQzLTkzZDgt
OTc0YzQ0YWI5Y2ZiLzEva0ZzU1hKYWdJQVhIMUxIWGxQVGhGendRcGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9kYzYwOGEtMTc1ZS00MmQzLTkzZDgtOTc0YzQ0YWI5Y2Zi
LzEvTTF5bElUWWlKdEE4R0NrQVBZSFVtS3FEanpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAubrfMBgE
AgACMBIDBwAqER5AAAMDBwAqER5AWqUwDQYJKoZIhvcNAQELBQADggEBAJBgVJGq
cc6/1g09wN6BsuxztfFHekAe56Qg7oUn9V1uUH1lWHDcLglnFToIzwRZ2gi2uC+O
fJ26zCBAdl1z3HrJr0WfE/lUC1G+ayS3rO50NjRj52gJKql2eY6mTQaQw+Q9Gzzu
08LFWJy3oqrfnHEqlN2MUblojEvYCmITB9QwDzlVJW8NKN8O9KznlGWV22UFpL/4
5n1AjxRYvS4RXVWIH+aPyxky3tghg9e33deq+/sqW6wTi8G2mf7QXsqr+DJudRSg
WuEtaeg1r3A4owwre0ppWh2uwP7uuaMo6unxl1/0I7KjOdMGqa9Z87JO9mUVtGAC
88hQPC1W4AyImnU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org