Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/e61985-f881-4035-ab5b-c9a9baa43f94/1/Mb51e9iAOYqPRp5-oVp50dFmt-w.roa
File: Mb51e9iAOYqPRp5-oVp50dFmt-w.roa (raw, json)
Hash identifier: 8aSdY8DoGHzBWclUYa42mtWx9qTTqdQViYkmFoimf5A=
Subject key identifier: 31:BE:75:7B:D8:80:39:8A:8F:46:9E:7E:A1:5A:79:D1:D1:66:B7:EC
Certificate issuer: /CN=607cea6e103a2325c48c1667a99c7b17eb3ce7b6
Certificate serial: 01856CB827E53C8E2940FB150AE8958EF749
Authority key identifier: 60:7C:EA:6E:10:3A:23:25:C4:8C:16:67:A9:9C:7B:17:EB:3C:E7:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YHzqbhA6IyXEjBZnqZx7F-s857Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/e61985-f881-4035-ab5b-c9a9baa43f94/1/Mb51e9iAOYqPRp5-oVp50dFmt-w.roa
Signing time: Sun 01 Jan 2023 09:44:46 +0000
ROA not before: Sun 01 Jan 2023 09:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205894
IP address blocks: 185.232.177.0/24 maxlen: 24
185.232.176.0/22 maxlen: 22
185.232.176.0/24 maxlen: 24
185.232.179.0/24 maxlen: 24
185.232.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:27:e5:3c:8e:29:40:fb:15:0a:e8:95:8e:f7:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=607cea6e103a2325c48c1667a99c7b17eb3ce7b6
Validity
Not Before: Jan 1 09:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31be757bd880398a8f469e7ea15a79d1d166b7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e3:ad:59:74:db:f9:6c:4b:8a:c6:b9:dc:39:
e7:77:c1:e2:2e:f7:18:fd:bd:c0:83:4d:82:63:27:
fd:62:0e:2f:a1:39:14:e6:7c:ba:15:a4:2d:f7:9e:
9d:22:08:e6:ce:70:a2:a7:a5:ab:45:b2:80:f3:ce:
ba:ac:51:e1:d7:05:26:5a:ac:f0:8a:e5:3f:97:2b:
a0:8d:a2:ff:0a:12:e2:a8:73:92:c9:4f:f2:3a:1c:
43:0b:0f:68:07:cd:e2:d4:ca:5b:71:77:e7:65:f1:
ea:67:54:af:89:ad:b8:0a:3b:2c:16:37:8d:c5:87:
a5:e0:6f:dd:67:56:9b:c3:15:b1:87:88:19:c1:4b:
79:ce:b2:36:d5:ab:e6:0f:10:36:3a:7d:0d:44:f6:
9c:a1:be:ee:09:e1:9d:fa:5d:f3:ea:a5:49:99:b9:
1f:00:40:3a:79:97:01:69:06:18:c7:7f:69:0b:58:
9f:84:0b:7f:78:a7:3d:d2:f6:55:31:7e:68:de:0c:
16:23:d0:e1:20:95:3a:9a:33:e4:a9:37:08:40:1a:
66:b5:3c:f6:f1:c2:68:21:87:bf:dc:f5:6d:0e:5c:
5a:c6:af:3f:fb:04:73:8c:f6:7d:83:c1:94:57:2d:
25:3d:3a:ce:82:dc:b7:57:39:0b:33:e0:53:d0:38:
d6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:BE:75:7B:D8:80:39:8A:8F:46:9E:7E:A1:5A:79:D1:D1:66:B7:EC
X509v3 Authority Key Identifier:
keyid:60:7C:EA:6E:10:3A:23:25:C4:8C:16:67:A9:9C:7B:17:EB:3C:E7:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YHzqbhA6IyXEjBZnqZx7F-s857Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/e61985-f881-4035-ab5b-c9a9baa43f94/1/Mb51e9iAOYqPRp5-oVp50dFmt-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/e61985-f881-4035-ab5b-c9a9baa43f94/1/YHzqbhA6IyXEjBZnqZx7F-s857Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.176.0/22
Signature Algorithm: sha256WithRSAEncryption
be:49:06:28:2a:89:a5:f3:1c:7c:63:62:c3:85:78:d7:04:4c:
fe:fc:50:1e:e3:5d:ec:3b:f0:df:15:18:31:d1:88:43:3d:08:
a4:bd:7a:64:fc:97:5e:85:d4:d5:52:dc:c3:86:c8:2d:99:d0:
c9:f7:81:0f:9c:da:de:bb:a8:d6:45:e8:d1:72:79:82:81:55:
f2:d2:7d:34:3b:7d:fd:86:17:4b:ae:29:aa:b2:7d:40:87:db:
21:90:6a:2e:72:b4:8a:80:b9:34:c4:bf:19:40:8d:42:4a:ba:
e2:33:59:f1:a9:da:52:3a:47:ad:a8:13:4d:68:c0:a5:bf:70:
a9:2f:40:70:f6:d8:e7:8a:c2:3d:0e:4c:0d:e7:5e:15:12:94:
ca:a4:2d:35:b8:ee:26:85:b0:56:21:54:66:78:2a:f4:1f:d8:
46:4f:56:98:b3:14:72:41:13:cc:ba:0f:bb:4b:f6:94:6a:4e:
94:34:02:57:b9:23:4a:57:53:28:17:50:f9:b4:a6:83:92:c5:
ea:d1:e2:2b:c0:62:65:57:ff:dc:84:b7:62:62:5c:81:f1:8d:
e2:f4:29:fe:b7:de:72:dc:07:a2:80:de:2a:e9:64:a9:9a:8d:
2e:c5:f2:67:63:91:60:57:f0:7f:27:3f:6a:1d:13:63:aa:5c:
1f:96:05:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuCflPI4pQPsVCuiVjvdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwN2NlYTZlMTAzYTIzMjVjNDhjMTY2N2E5OWM3YjE3ZWIz
Y2U3YjYwHhcNMjMwMTAxMDk0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWJlNzU3YmQ4ODAzOThhOGY0NjllN2VhMTVhNzlkMWQxNjZiN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOOtWXTb+WxLisa53Dnnd8HiLvcY
/b3Ag02CYyf9Yg4voTkU5ny6FaQt956dIgjmznCip6WrRbKA8866rFHh1wUmWqzw
iuU/lyugjaL/ChLiqHOSyU/yOhxDCw9oB83i1MpbcXfnZfHqZ1Svia24CjssFjeN
xYel4G/dZ1abwxWxh4gZwUt5zrI21avmDxA2On0NRPacob7uCeGd+l3z6qVJmbkf
AEA6eZcBaQYYx39pC1ifhAt/eKc90vZVMX5o3gwWI9DhIJU6mjPkqTcIQBpmtTz2
8cJoIYe/3PVtDlxaxq8/+wRzjPZ9g8GUVy0lPTrOgty3VzkLM+BT0DjWRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDG+dXvYgDmKj0aefqFaedHRZrfsMB8GA1UdIwQY
MBaAFGB86m4QOiMlxIwWZ6mcexfrPOe2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUh6cWJoQTZJeVhFakJabnFaeDdGLXM4NTdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9lNjE5ODUtZjg4MS00MDM1LWFiNWIt
YzlhOWJhYTQzZjk0LzEvTWI1MWU5aUFPWXFQUnA1LW9WcDUwZEZtdC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9lNjE5ODUtZjg4MS00MDM1LWFiNWItYzlhOWJhYTQzZjk0
LzEvWUh6cWJoQTZJeVhFakJabnFaeDdGLXM4NTdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueiwMA0G
CSqGSIb3DQEBCwUAA4IBAQC+SQYoKoml8xx8Y2LDhXjXBEz+/FAe413sO/DfFRgx
0YhDPQikvXpk/JdehdTVUtzDhsgtmdDJ94EPnNreu6jWRejRcnmCgVXy0n00O339
hhdLrimqsn1Ah9shkGoucrSKgLk0xL8ZQI1CSrriM1nxqdpSOketqBNNaMClv3Cp
L0Bw9tjnisI9DkwN514VEpTKpC01uO4mhbBWIVRmeCr0H9hGT1aYsxRyQRPMug+7
S/aUak6UNAJXuSNKV1MoF1D5tKaDksXq0eIrwGJlV//chLdiYlyB8Y3i9Cn+t95y
3AeigN4q6WSpmo0uxfJnY5FgV/B/Jz9qHRNjqlwflgVJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:51 2024 by rpki-client on console-ams.rpki-client.org