Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/doVkqEaE_L2pHbLoSz7BdbCetsQ.roa
File: doVkqEaE_L2pHbLoSz7BdbCetsQ.roa (raw, json)
Hash identifier: 2ucosu3mGVxYcrQ6yTm2GFx7RlaMS8ugJ/xg+iRWd3w=
Subject key identifier: 76:85:64:A8:46:84:FC:BD:A9:1D:B2:E8:4B:3E:C1:75:B0:9E:B6:C4
Certificate issuer: /CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Certificate serial: 0188AF3EF32F0ABDC76B17C1484DA9BB34F2
Authority key identifier: 8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/doVkqEaE_L2pHbLoSz7BdbCetsQ.roa
Signing time: Mon 12 Jun 2023 10:55:18 +0000
ROA not before: Mon 12 Jun 2023 10:55:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202499
IP address blocks: 185.239.64.0/22 maxlen: 22
185.239.64.0/24 maxlen: 24
185.71.168.0/22 maxlen: 22
185.71.168.0/24 maxlen: 24
185.71.169.0/24 maxlen: 24
185.71.170.0/24 maxlen: 24
185.71.171.0/24 maxlen: 24
185.239.65.0/24 maxlen: 24
185.239.66.0/24 maxlen: 24
185.239.67.0/24 maxlen: 24
185.228.240.0/24 maxlen: 24
185.228.241.0/24 maxlen: 24
185.228.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jul 2023 05:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:3e:f3:2f:0a:bd:c7:6b:17:c1:48:4d:a9:bb:34:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Validity
Not Before: Jun 12 10:55:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=768564a84684fcbda91db2e84b3ec175b09eb6c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c8:0b:34:25:e1:12:85:ce:a0:db:24:45:e7:
cb:4a:99:42:3f:fa:ca:c3:ed:cd:9b:90:df:4e:1a:
43:6d:3e:bf:ae:1b:de:51:73:05:ea:1f:e5:d6:85:
dd:a4:e9:53:c1:cb:01:3f:b3:3c:5d:75:28:5d:19:
4c:41:ac:e8:b9:ad:fa:84:8e:ca:ea:8f:07:63:69:
a8:b0:e4:52:ab:a4:31:6b:d0:6f:b1:9b:9c:33:0a:
a2:e3:67:91:53:da:4e:ed:fa:12:78:03:73:fa:34:
13:c0:81:26:a2:7a:ef:8e:eb:95:3b:e7:8c:1a:2b:
d5:71:b6:34:cf:3a:f6:31:47:4a:b1:01:c5:d5:c6:
6b:4b:9d:86:d4:46:f9:75:97:8d:ba:7e:2c:5b:91:
a8:66:27:b1:57:70:2a:cf:95:57:22:3a:ea:2c:5f:
89:6f:e6:61:29:b9:97:1b:26:b2:15:47:e8:b2:45:
1a:6b:6e:27:9a:62:15:a4:c0:73:de:d7:9a:d6:88:
74:e9:84:16:bc:ca:0e:0f:5a:ac:0f:17:b8:e3:cb:
3b:7a:c4:31:80:95:d2:9d:dd:9b:0c:04:df:c4:96:
0a:a2:ac:8a:d3:5e:a7:b3:74:ca:96:e5:f1:45:62:
2f:81:b6:64:03:e0:d8:ba:af:fd:71:07:64:11:9e:
58:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:85:64:A8:46:84:FC:BD:A9:1D:B2:E8:4B:3E:C1:75:B0:9E:B6:C4
X509v3 Authority Key Identifier:
keyid:8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/doVkqEaE_L2pHbLoSz7BdbCetsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/ju56OtFSu4clp9ubt1IIBLbxFV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.168.0/22
185.228.240.0-185.228.242.255
185.239.64.0/22
Signature Algorithm: sha256WithRSAEncryption
96:16:76:a5:50:b3:9d:f0:cd:78:e0:0a:02:b7:9b:4b:0d:04:
f3:8c:d9:17:df:06:8c:c6:39:46:93:6e:52:d5:31:5a:cd:a4:
bc:9d:28:01:9e:7b:43:fb:ea:52:88:59:c1:56:a8:b5:55:b5:
56:1a:ef:1a:05:33:b0:91:55:0c:b5:06:09:ab:3f:19:0f:93:
c0:20:55:2d:e9:dc:4a:2c:e6:f8:27:5e:bd:b2:55:9f:53:cc:
6d:f1:75:01:bf:87:4e:0d:2a:09:14:73:5f:d0:8b:67:84:65:
c2:e2:0a:2d:9d:52:1e:31:1c:10:9b:04:64:d5:2d:be:a0:af:
09:b2:7a:30:01:fe:1c:04:18:0f:9a:30:ed:d5:dc:76:b7:57:
b0:c1:6c:79:4c:5e:4f:e7:49:a6:f9:6c:fb:53:25:b7:4d:bf:
db:1a:4c:ba:a2:5f:68:81:50:d3:da:27:04:20:c0:09:5e:fc:
00:ae:e3:17:27:5a:d9:88:05:24:c6:4a:fe:4e:f6:9c:41:56:
ec:12:52:96:36:ed:54:80:ac:ff:0d:64:ff:fa:c7:18:2d:38:
52:f8:2c:a5:ca:e1:b8:ab:9d:fb:23:d0:12:7f:e5:8a:15:b6:
9f:1e:c4:d1:1e:28:7e:1b:3f:58:42:e3:ba:5a:16:45:55:31:
c4:59:36:a2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYivPvMvCr3HaxfBSE2puzTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZWU3YTNhZDE1MmJiODcyNWE3ZGI5YmI3NTIwODA0YjZm
MTE1NWYwHhcNMjMwNjEyMTA1NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njg1NjRhODQ2ODRmY2JkYTkxZGIyZTg0YjNlYzE3NWIwOWViNmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMgLNCXhEoXOoNskRefLSplCP/rK
w+3Nm5DfThpDbT6/rhveUXMF6h/l1oXdpOlTwcsBP7M8XXUoXRlMQazoua36hI7K
6o8HY2mosORSq6Qxa9BvsZucMwqi42eRU9pO7foSeANz+jQTwIEmonrvjuuVO+eM
GivVcbY0zzr2MUdKsQHF1cZrS52G1Eb5dZeNun4sW5GoZiexV3Aqz5VXIjrqLF+J
b+ZhKbmXGyayFUfoskUaa24nmmIVpMBz3tea1oh06YQWvMoOD1qsDxe448s7esQx
gJXSnd2bDATfxJYKoqyK016ns3TKluXxRWIvgbZkA+DYuq/9cQdkEZ5YaQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHaFZKhGhPy9qR2y6Es+wXWwnrbEMB8GA1UdIwQY
MBaAFI7uejrRUruHJafbm7dSCAS28RVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYt
NDk1OTFhZmUxN2YwLzEvZG9Wa3FFYUVfTDJwSGJMb1N6N0JkYkNldHNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYtNDk1OTFhZmUxN2Yw
LzEvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCuUeoMAwD
BAS55PADBAC55PIDBAK570AwDQYJKoZIhvcNAQELBQADggEBAJYWdqVQs53wzXjg
CgK3m0sNBPOM2RffBozGOUaTblLVMVrNpLydKAGee0P76lKIWcFWqLVVtVYa7xoF
M7CRVQy1BgmrPxkPk8AgVS3p3Eos5vgnXr2yVZ9TzG3xdQG/h04NKgkUc1/Qi2eE
ZcLiCi2dUh4xHBCbBGTVLb6grwmyejAB/hwEGA+aMO3V3Ha3V7DBbHlMXk/nSab5
bPtTJbdNv9saTLqiX2iBUNPaJwQgwAle/ACu4xcnWtmIBSTGSv5O9pxBVuwSUpY2
7VSArP8NZP/6xxgtOFL4LKXK4birnfsj0BJ/5YoVtp8exNEeKH4bP1hC47paFkVV
McRZNqI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org