Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/ecaa96-9af6-4b99-957f-6b7599fcdc33/1/F8AdlFg4bilZDhaY5qG_3KaCdNo.roa
File: F8AdlFg4bilZDhaY5qG_3KaCdNo.roa (raw, json)
Hash identifier: QVQxWNX5Twl0/Pe0nIjTbOglffD7XoYoaPsrc6Z5PgI=
Subject key identifier: 17:C0:1D:94:58:38:6E:29:59:0E:16:98:E6:A1:BF:DC:A6:82:74:DA
Certificate issuer: /CN=810cd50db437c789464cb64dfabfe405ca981b1a
Certificate serial: 01856F9DC80DF43D1F812D30E516D14B0058
Authority key identifier: 81:0C:D5:0D:B4:37:C7:89:46:4C:B6:4D:FA:BF:E4:05:CA:98:1B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQzVDbQ3x4lGTLZN-r_kBcqYGxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/ecaa96-9af6-4b99-957f-6b7599fcdc33/1/F8AdlFg4bilZDhaY5qG_3KaCdNo.roa
Signing time: Sun 01 Jan 2023 23:14:49 +0000
ROA not before: Sun 01 Jan 2023 23:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196798
IP address blocks: 185.110.208.0/22 maxlen: 22
188.94.224.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c8:0d:f4:3d:1f:81:2d:30:e5:16:d1:4b:00:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=810cd50db437c789464cb64dfabfe405ca981b1a
Validity
Not Before: Jan 1 23:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17c01d9458386e29590e1698e6a1bfdca68274da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:dd:d1:e7:12:22:be:c0:60:eb:ba:4d:ed:b3:
ea:cd:da:a6:9b:15:5e:9f:c8:6c:26:81:d6:62:41:
e9:7b:d8:82:b1:81:f4:2f:db:29:3a:60:b9:cf:4a:
d7:84:d9:44:ff:4a:22:33:f9:0b:fc:c3:eb:b8:0d:
ba:1c:13:2c:36:1c:fb:61:1b:90:47:df:42:3c:67:
03:40:45:20:5b:7b:83:56:dd:0e:dc:48:6d:56:a6:
65:03:6d:56:1d:8c:e0:67:26:5c:29:27:92:c9:1e:
17:94:48:74:a8:c1:ed:fd:90:dc:98:f6:49:59:ab:
0c:72:2d:5c:95:3c:b6:f8:1b:9d:3a:31:dc:35:57:
e4:b7:01:85:ae:7b:82:1b:58:45:d9:03:c4:c6:d7:
f2:90:cf:a2:64:1c:f4:2b:9b:92:b8:ba:37:fa:01:
75:12:ce:f8:b2:f1:64:61:c6:5f:d8:0a:d9:1b:6f:
31:92:a3:3a:d2:bf:9e:96:06:98:d7:d5:af:10:4d:
72:2d:d7:94:d6:c0:ff:ba:99:b9:03:0d:c7:7c:67:
36:5c:08:70:13:c3:a1:fd:55:e6:2c:09:c7:34:50:
73:2d:47:ac:34:8f:dc:3c:23:88:34:64:22:95:bf:
a4:10:10:b0:72:d0:da:b9:f6:33:9c:88:5f:90:71:
18:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C0:1D:94:58:38:6E:29:59:0E:16:98:E6:A1:BF:DC:A6:82:74:DA
X509v3 Authority Key Identifier:
keyid:81:0C:D5:0D:B4:37:C7:89:46:4C:B6:4D:FA:BF:E4:05:CA:98:1B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQzVDbQ3x4lGTLZN-r_kBcqYGxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ecaa96-9af6-4b99-957f-6b7599fcdc33/1/F8AdlFg4bilZDhaY5qG_3KaCdNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ecaa96-9af6-4b99-957f-6b7599fcdc33/1/gQzVDbQ3x4lGTLZN-r_kBcqYGxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.208.0/22
188.94.224.0/21
Signature Algorithm: sha256WithRSAEncryption
61:3c:08:2f:07:41:7a:89:de:e3:2f:8d:5d:81:58:5b:a2:30:
53:75:fc:47:48:53:2a:07:5b:40:fd:f9:09:7d:57:35:37:a8:
6c:df:ad:e5:af:3d:70:98:b9:a6:a4:92:50:a9:55:82:22:69:
ce:91:c9:8e:39:07:7f:07:31:54:e8:23:5d:db:76:79:1a:eb:
c1:be:7f:ce:01:5d:f5:c5:b6:f0:b3:e1:6a:be:66:54:3a:bf:
38:1e:ce:d3:bc:67:71:f8:b7:dd:d9:45:ce:62:2f:57:b9:88:
41:4e:e3:19:1b:af:61:bf:89:3b:f6:1f:e8:4b:cc:33:47:7b:
ea:18:6d:b7:fe:d5:13:27:a1:22:06:c0:a8:b2:32:92:f0:b0:
7a:ca:7f:ef:d1:38:ea:e5:eb:bb:09:84:a6:0f:20:4a:36:02:
6f:a1:b4:1f:d1:bb:db:a4:b0:6f:74:59:1f:ab:8c:d4:58:79:
43:bb:93:88:c1:4f:02:82:d7:74:52:de:47:f2:9a:cb:fb:17:
56:a8:4c:32:de:d9:c3:95:9b:e7:e6:d5:f3:9d:9b:88:30:c8:
5b:7b:76:db:5a:25:ce:b1:21:93:b6:ec:41:17:cf:47:ca:f6:
2f:4d:39:75:31:e1:1c:ba:18:2c:78:79:50:f4:13:5f:60:67:
63:fc:97:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvncgN9D0fgS0w5RbRSwBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMGNkNTBkYjQzN2M3ODk0NjRjYjY0ZGZhYmZlNDA1Y2E5
ODFiMWEwHhcNMjMwMTAxMjMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2MwMWQ5NDU4Mzg2ZTI5NTkwZTE2OThlNmExYmZkY2E2ODI3NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid3R5xIivsBg67pN7bPqzdqmmxVe
n8hsJoHWYkHpe9iCsYH0L9spOmC5z0rXhNlE/0oiM/kL/MPruA26HBMsNhz7YRuQ
R99CPGcDQEUgW3uDVt0O3EhtVqZlA21WHYzgZyZcKSeSyR4XlEh0qMHt/ZDcmPZJ
WasMci1clTy2+BudOjHcNVfktwGFrnuCG1hF2QPExtfykM+iZBz0K5uSuLo3+gF1
Es74svFkYcZf2ArZG28xkqM60r+elgaY19WvEE1yLdeU1sD/upm5Aw3HfGc2XAhw
E8Oh/VXmLAnHNFBzLUesNI/cPCOINGQilb+kEBCwctDaufYznIhfkHEY8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBfAHZRYOG4pWQ4WmOahv9ymgnTaMB8GA1UdIwQY
MBaAFIEM1Q20N8eJRky2Tfq/5AXKmBsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1F6VkRiUTN4NGxHVExaTi1yX2tCY3FZR3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9lY2FhOTYtOWFmNi00Yjk5LTk1N2Yt
NmI3NTk5ZmNkYzMzLzEvRjhBZGxGZzRiaWxaRGhhWTVxR18zS2FDZE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9lY2FhOTYtOWFmNi00Yjk5LTk1N2YtNmI3NTk5ZmNkYzMz
LzEvZ1F6VkRiUTN4NGxHVExaTi1yX2tCY3FZR3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuW7QAwQD
vF7gMA0GCSqGSIb3DQEBCwUAA4IBAQBhPAgvB0F6id7jL41dgVhbojBTdfxHSFMq
B1tA/fkJfVc1N6hs363lrz1wmLmmpJJQqVWCImnOkcmOOQd/BzFU6CNd23Z5GuvB
vn/OAV31xbbws+FqvmZUOr84Hs7TvGdx+Lfd2UXOYi9XuYhBTuMZG69hv4k79h/o
S8wzR3vqGG23/tUTJ6EiBsCosjKS8LB6yn/v0Tjq5eu7CYSmDyBKNgJvobQf0bvb
pLBvdFkfq4zUWHlDu5OIwU8Cgtd0Ut5H8prL+xdWqEwy3tnDlZvn5tXznZuIMMhb
e3bbWiXOsSGTtuxBF89HyvYvTTl1MeEcuhgseHlQ9BNfYGdj/JdK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:16 2024 by rpki-client on console-fra.rpki-client.org