Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/ROaHiioZTZI8QEDw_7IVMgoMyK8.roa
File: ROaHiioZTZI8QEDw_7IVMgoMyK8.roa (raw, json)
Hash identifier: bwbBO7RpcYyFlwx6hxRgfJZ+HUd/fcsHEMPprvjxfr4=
Subject key identifier: 44:E6:87:8A:2A:19:4D:92:3C:40:40:F0:FF:B2:15:32:0A:0C:C8:AF
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01856FD529CD5935B43225CC0C87B24B0E3F
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/ROaHiioZTZI8QEDw_7IVMgoMyK8.roa
Signing time: Mon 02 Jan 2023 00:15:18 +0000
ROA not before: Mon 02 Jan 2023 00:15:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200746
IP address blocks: 185.109.220.0/24 maxlen: 24
2a0b:8f80:200::/48 maxlen: 48
2a0b:8f80:300::/48 maxlen: 48
2a0b:8f80:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:29:cd:59:35:b4:32:25:cc:0c:87:b2:4b:0e:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 2 00:15:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44e6878a2a194d923c4040f0ffb215320a0cc8af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:98:09:5d:eb:2e:08:21:ea:dc:1a:da:67:74:
d7:e5:b6:a3:1d:a1:68:0e:20:8b:84:4d:64:11:8a:
be:2f:a9:97:c2:a1:11:7b:c2:9c:dd:e1:c9:56:00:
62:1b:6a:2f:72:be:82:97:ff:2a:5d:76:5e:4c:ab:
85:2d:0c:23:59:a7:8d:bb:c4:9b:2c:87:c2:0f:c1:
09:09:25:fe:37:56:78:b1:8b:6c:2f:8b:e4:f0:17:
3f:7d:38:dc:4a:11:9b:94:7e:ab:15:a6:ff:ca:5a:
70:26:5d:b9:17:c7:cb:6a:a0:6a:30:07:59:a6:5b:
7f:6d:9a:39:58:53:a9:11:4d:43:5f:5b:48:81:d6:
26:86:90:52:af:e1:02:8b:69:19:ee:72:cb:0a:1a:
42:44:4b:fd:d9:12:ac:8d:4d:bd:14:51:a7:ae:de:
b7:30:c1:f8:0f:bf:10:37:9c:67:d6:ec:26:2e:ec:
58:57:e9:bd:68:9e:83:cd:da:db:9d:28:5f:d7:e5:
06:85:ae:4c:a5:f9:ad:9b:5e:70:b4:58:a7:bc:45:
96:69:96:14:bf:6e:79:42:74:ed:b6:99:08:31:19:
0f:bb:be:79:66:f4:2d:1d:99:77:a2:2e:8e:a5:49:
73:ff:fe:44:36:3c:8d:39:19:0c:be:41:24:8a:35:
be:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E6:87:8A:2A:19:4D:92:3C:40:40:F0:FF:B2:15:32:0A:0C:C8:AF
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/ROaHiioZTZI8QEDw_7IVMgoMyK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.220.0/24
IPv6:
2a0b:8f80:1::/48
2a0b:8f80:200::/48
2a0b:8f80:300::/48
Signature Algorithm: sha256WithRSAEncryption
96:f5:24:39:37:93:51:55:4d:9f:ec:88:ce:7c:fd:9c:6f:5c:
e2:da:d0:48:38:f5:c6:5f:c9:8b:0a:68:61:59:51:15:7f:40:
fb:e3:60:1c:b2:0c:67:c8:c2:d1:2b:59:40:20:2f:16:f1:a9:
5f:4a:b4:88:14:1b:bb:15:3a:e4:06:2b:58:ad:e9:69:80:13:
fa:ee:37:15:2a:4c:a9:9d:86:6c:86:ac:63:6c:40:3d:fa:88:
df:07:8d:61:01:bc:88:0b:69:e9:c1:63:3e:6f:95:dc:1b:ef:
a7:af:27:5b:f5:23:e4:83:32:76:c8:b2:37:7d:5e:b8:5b:5d:
18:8f:ee:37:88:50:6f:aa:2f:f5:89:f0:90:00:99:7a:de:5c:
04:c2:7d:37:5a:75:4c:b7:d8:49:18:dc:76:53:35:b9:44:f7:
45:db:37:fe:93:8c:cf:67:46:1b:80:c4:8a:68:75:63:de:3c:
c4:4d:d6:3a:43:ec:d9:44:f8:9e:fa:57:7f:62:33:71:7f:21:
1a:8c:f2:92:d2:69:0a:bc:9a:a9:4a:83:99:4f:c2:f8:c8:68:
b1:8c:65:6c:84:00:36:80:99:a7:c6:83:1f:8a:bd:bd:50:e0:
be:59:b1:da:d7:69:41:e2:e6:cd:ee:37:53:1b:bb:dc:42:6d:
8b:70:d8:d1
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVv1SnNWTW0MiXMDIeySw4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMwMTAyMDAxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGU2ODc4YTJhMTk0ZDkyM2M0MDQwZjBmZmIyMTUzMjBhMGNjOGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJgJXesuCCHq3BraZ3TX5bajHaFo
DiCLhE1kEYq+L6mXwqERe8Kc3eHJVgBiG2ovcr6Cl/8qXXZeTKuFLQwjWaeNu8Sb
LIfCD8EJCSX+N1Z4sYtsL4vk8Bc/fTjcShGblH6rFab/ylpwJl25F8fLaqBqMAdZ
plt/bZo5WFOpEU1DX1tIgdYmhpBSr+ECi2kZ7nLLChpCREv92RKsjU29FFGnrt63
MMH4D78QN5xn1uwmLuxYV+m9aJ6DzdrbnShf1+UGha5Mpfmtm15wtFinvEWWaZYU
v255QnTttpkIMRkPu755ZvQtHZl3oi6OpUlz//5ENjyNORkMvkEkijW+PwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFETmh4oqGU2SPEBA8P+yFTIKDMivMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvUk9hSGlpb1pUWkk4UUVEd183SVZNZ29NeUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAuW3cMCEE
AgACMBsDBwAqC4+AAAEDBwAqC4+AAgADBwAqC4+AAwAwDQYJKoZIhvcNAQELBQAD
ggEBAJb1JDk3k1FVTZ/siM58/ZxvXOLa0Eg49cZfyYsKaGFZURV/QPvjYByyDGfI
wtErWUAgLxbxqV9KtIgUG7sVOuQGK1it6WmAE/ruNxUqTKmdhmyGrGNsQD36iN8H
jWEBvIgLaenBYz5vldwb76evJ1v1I+SDMnbIsjd9XrhbXRiP7jeIUG+qL/WJ8JAA
mXreXATCfTdadUy32EkY3HZTNblE90XbN/6TjM9nRhuAxIpodWPePMRN1jpD7NlE
+J76V39iM3F/IRqM8pLSaQq8mqlKg5lPwvjIaLGMZWyEADaAmafGgx+Kvb1Q4L5Z
sdrXaUHi5s3uN1Mbu9xCbYtw2NE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:15 2024 by rpki-client on console-fra.rpki-client.org