Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/pbPfRaEqdYKdMem-muHKtPcGl5I.roa
File: pbPfRaEqdYKdMem-muHKtPcGl5I.roa (raw, json)
Hash identifier: nYRMcJMNkSCgRQcQZzoD9mwAkVSc3jNFkfftoOR7wpI=
Subject key identifier: A5:B3:DF:45:A1:2A:75:82:9D:31:E9:BE:9A:E1:CA:B4:F7:06:97:92
Certificate issuer: /CN=695dce5e37a862538a0f66883de206ffb7c93b69
Certificate serial: 018C4393968084175957D9311F6AC4F413AD
Authority key identifier: 69:5D:CE:5E:37:A8:62:53:8A:0F:66:88:3D:E2:06:FF:B7:C9:3B:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/pbPfRaEqdYKdMem-muHKtPcGl5I.roa
Signing time: Thu 07 Dec 2023 09:19:54 +0000
ROA not before: Thu 07 Dec 2023 09:19:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205073
IP address blocks: 185.231.0.0/24 maxlen: 24
185.231.1.0/24 maxlen: 24
185.231.2.0/24 maxlen: 24
185.231.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:93:96:80:84:17:59:57:d9:31:1f:6a:c4:f4:13:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=695dce5e37a862538a0f66883de206ffb7c93b69
Validity
Not Before: Dec 7 09:19:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5b3df45a12a75829d31e9be9ae1cab4f7069792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f3:c6:2f:db:b9:cf:d1:e2:29:d5:c8:57:b6:
eb:b6:fb:20:54:19:85:77:52:64:30:c7:e6:f8:11:
7f:39:12:f8:b0:73:61:e4:54:32:6e:9e:61:e9:8b:
43:1c:f9:d2:8e:fb:ec:39:45:c7:bc:9d:0d:f2:2b:
3f:04:1e:f0:c5:6f:83:22:26:78:17:02:a5:30:12:
c8:75:1c:8b:1c:e9:48:a6:42:70:5a:17:b7:a7:df:
04:d8:1e:1d:e6:ac:c3:26:e8:32:66:15:ae:dd:28:
19:94:1d:80:d6:e8:f5:15:86:81:80:82:c8:85:66:
42:3e:b4:6a:52:09:09:48:5a:ef:c6:63:e8:f8:00:
70:7f:83:ef:15:3a:97:93:5a:49:dd:ba:16:fa:12:
1c:e1:c0:d1:cf:1a:69:0d:d1:21:e7:dd:2c:de:f3:
da:e4:70:98:55:46:83:b4:90:e0:91:25:1c:51:97:
7d:c2:0c:f7:19:f7:c6:c0:91:7b:f5:44:35:a1:56:
8b:68:5e:b8:86:b3:78:49:29:b5:0b:ed:92:23:c6:
61:58:50:bf:15:02:f2:40:14:0f:6b:bc:18:da:df:
78:d2:0f:56:66:ca:e8:d2:46:63:ac:15:3c:c8:d6:
ba:92:6a:28:ef:90:55:15:f4:f1:92:9d:48:55:40:
a1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B3:DF:45:A1:2A:75:82:9D:31:E9:BE:9A:E1:CA:B4:F7:06:97:92
X509v3 Authority Key Identifier:
keyid:69:5D:CE:5E:37:A8:62:53:8A:0F:66:88:3D:E2:06:FF:B7:C9:3B:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aV3OXjeoYlOKD2aIPeIG_7fJO2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/pbPfRaEqdYKdMem-muHKtPcGl5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/716911-30de-4b74-959b-017dee452ec4/1/aV3OXjeoYlOKD2aIPeIG_7fJO2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.0.0/22
Signature Algorithm: sha256WithRSAEncryption
47:9f:4c:04:be:c2:03:66:50:9f:39:6a:11:cd:21:d6:83:84:
81:8b:78:2a:0b:7b:43:82:7c:2e:4d:74:75:4a:02:61:cd:8e:
f4:a0:a5:80:dc:b3:c1:51:d2:20:4a:9e:5d:2f:e0:53:9b:7f:
c8:37:66:ac:fd:a7:1d:a6:68:76:3a:5e:4e:6b:f0:95:83:54:
b6:db:8d:2f:fa:8b:cf:d2:74:26:24:27:90:43:22:b8:27:be:
9a:de:6c:ce:93:42:e5:2f:e1:81:d6:ed:ea:e5:96:85:82:e9:
0a:db:27:48:b5:bc:09:ed:c1:38:0d:e5:e6:4c:a4:1f:43:6e:
54:5d:08:8c:ce:a6:70:54:b0:78:36:2d:82:64:23:0e:29:ba:
f5:c1:32:44:3f:bf:e0:3b:c3:25:91:d4:7d:de:52:66:bb:17:
6f:4b:8f:4d:87:f1:b4:59:da:d8:96:d4:e9:16:67:80:ff:6a:
dd:73:06:e6:69:91:77:d7:9e:9d:35:6d:ca:66:1a:e8:b6:31:
3f:bc:2f:9d:6e:f9:92:5c:e3:fe:be:af:5c:44:0a:5f:53:2c:
0b:52:05:12:5d:70:f7:34:4a:6b:60:c7:21:5f:45:2c:55:ba:
3c:2d:5b:54:0d:83:c2:d1:50:1d:6b:49:dd:89:09:18:a7:85:
cb:30:6c:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxDk5aAhBdZV9kxH2rE9BOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NWRjZTVlMzdhODYyNTM4YTBmNjY4ODNkZTIwNmZmYjdj
OTNiNjkwHhcNMjMxMjA3MDkxOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWIzZGY0NWExMmE3NTgyOWQzMWU5YmU5YWUxY2FiNGY3MDY5NzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fPGL9u5z9HiKdXIV7brtvsgVBmF
d1JkMMfm+BF/ORL4sHNh5FQybp5h6YtDHPnSjvvsOUXHvJ0N8is/BB7wxW+DIiZ4
FwKlMBLIdRyLHOlIpkJwWhe3p98E2B4d5qzDJugyZhWu3SgZlB2A1uj1FYaBgILI
hWZCPrRqUgkJSFrvxmPo+ABwf4PvFTqXk1pJ3boW+hIc4cDRzxppDdEh590s3vPa
5HCYVUaDtJDgkSUcUZd9wgz3GffGwJF79UQ1oVaLaF64hrN4SSm1C+2SI8ZhWFC/
FQLyQBQPa7wY2t940g9WZsro0kZjrBU8yNa6kmoo75BVFfTxkp1IVUChKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWz30WhKnWCnTHpvprhyrT3BpeSMB8GA1UdIwQY
MBaAFGldzl43qGJTig9miD3iBv+3yTtpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83MTY5MTEtMzBkZS00Yjc0LTk1OWIt
MDE3ZGVlNDUyZWM0LzEvcGJQZlJhRXFkWUtkTWVtLW11SEt0UGNHbDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83MTY5MTEtMzBkZS00Yjc0LTk1OWItMDE3ZGVlNDUyZWM0
LzEvYVYzT1hqZW9ZbE9LRDJhSVBlSUdfN2ZKTzJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuecAMA0G
CSqGSIb3DQEBCwUAA4IBAQBHn0wEvsIDZlCfOWoRzSHWg4SBi3gqC3tDgnwuTXR1
SgJhzY70oKWA3LPBUdIgSp5dL+BTm3/IN2as/acdpmh2Ol5Oa/CVg1S2240v+ovP
0nQmJCeQQyK4J76a3mzOk0LlL+GB1u3q5ZaFgukK2ydItbwJ7cE4DeXmTKQfQ25U
XQiMzqZwVLB4Ni2CZCMOKbr1wTJEP7/gO8MlkdR93lJmuxdvS49Nh/G0WdrYltTp
FmeA/2rdcwbmaZF3156dNW3KZhrotjE/vC+dbvmSXOP+vq9cRApfUywLUgUSXXD3
NEprYMchX0UsVbo8LVtUDYPC0VAda0ndiQkYp4XLMGyL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:07 2024 by rpki-client on console-ams.rpki-client.org