Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/7_Ov4Go6R3APUxOTxX7rH_UQWks.roa
File: 7_Ov4Go6R3APUxOTxX7rH_UQWks.roa (raw, json)
Hash identifier: HJgYeJa0mnNzpg5d3SY2QkYF+lPJHdnue870cFPqBWU=
Subject key identifier: EF:F3:AF:E0:6A:3A:47:70:0F:53:13:93:C5:7E:EB:1F:F5:10:5A:4B
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01856C53D0C708ACC7325FAA97AF1675A1D4
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/7_Ov4Go6R3APUxOTxX7rH_UQWks.roa
Signing time: Sun 01 Jan 2023 07:55:10 +0000
ROA not before: Sun 01 Jan 2023 07:55:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207582
IP address blocks: 185.185.234.0/24 maxlen: 24
185.87.120.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d0:c7:08:ac:c7:32:5f:aa:97:af:16:75:a1:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 07:55:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eff3afe06a3a47700f531393c57eeb1ff5105a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0b:12:0a:5b:fd:7a:54:c2:9d:38:c1:4e:5e:
66:18:2b:2d:0a:35:f9:ff:0f:dc:e4:e2:16:5f:a7:
ae:1c:ba:f1:ef:0b:c2:7f:a3:d4:87:09:25:23:32:
db:77:ed:96:97:7a:d3:b1:70:6f:47:d2:88:1e:00:
9b:31:23:11:09:02:56:9e:f3:da:c4:a3:5f:96:0a:
20:ca:5f:01:df:b8:2b:ea:12:49:17:40:fa:5b:8a:
e8:0d:15:d4:fc:4b:d0:96:cf:ef:3d:84:50:8b:de:
3d:bb:03:8e:cb:10:0f:9d:62:f6:9e:09:a8:1c:95:
13:f9:4d:dd:a5:cc:fd:9d:54:86:2d:df:f0:de:7a:
96:56:96:72:a0:cf:af:2b:5d:70:ba:20:e5:9f:a2:
f3:8a:f7:28:ec:14:65:54:24:35:ee:18:d2:1f:d3:
c0:45:49:8c:ff:57:56:6f:75:f5:0d:73:08:c1:75:
16:27:21:3e:29:fa:ca:ef:da:ab:02:f7:1b:13:09:
5d:e7:32:e0:65:e3:6b:28:ed:da:71:49:25:08:ac:
d2:fe:51:da:91:5b:c6:db:13:05:93:6e:b6:ce:e6:
f4:66:46:5a:a5:80:71:c0:fd:51:c0:43:45:88:5f:
09:28:ae:15:37:27:55:8b:da:25:23:cc:50:b8:b5:
a7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:F3:AF:E0:6A:3A:47:70:0F:53:13:93:C5:7E:EB:1F:F5:10:5A:4B
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/7_Ov4Go6R3APUxOTxX7rH_UQWks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.7.0/24
185.86.15.0/24
185.87.120.0/24
185.185.234.0/24
Signature Algorithm: sha256WithRSAEncryption
23:d9:c5:c7:0a:55:1d:48:fd:76:22:77:6a:aa:9e:cd:9d:3c:
a8:e2:37:9b:18:33:4c:5e:e8:3d:40:4f:77:7c:44:7d:a2:4c:
b4:c1:3c:64:86:63:c0:41:ae:00:94:ed:97:64:a4:6a:d5:6c:
d4:7d:82:d6:ec:d3:10:82:dc:89:9b:2f:6b:cf:88:c3:f2:c9:
51:e5:93:a9:29:1f:92:a4:60:f1:ac:d2:a3:71:0e:6d:56:e9:
d9:3e:1d:de:44:9b:2b:c2:1f:a7:26:df:c2:99:25:35:db:8d:
61:53:39:86:cc:a9:d8:df:ad:6e:1e:b1:e3:37:06:b7:58:21:
4a:54:c2:73:55:ed:ee:ec:79:e8:17:78:3d:c3:04:21:10:8a:
ca:bb:8d:bc:95:9e:ad:ed:05:31:c2:0c:71:43:3a:8b:59:d8:
98:59:0d:0f:4d:47:fa:40:2d:72:b8:46:b1:46:57:61:ab:bc:
e0:08:bf:bc:fe:fb:f7:41:ac:6c:39:44:cb:43:7f:ff:80:0b:
93:3d:1a:14:65:70:b8:25:14:f0:81:b6:b8:cc:92:b8:a5:de:
84:78:d4:bc:8a:00:28:ec:7f:74:00:28:3f:69:79:7a:44:9f:
4c:b6:24:0e:63:45:94:28:3c:e6:51:6f:af:79:5f:e6:7f:a2:
d3:bc:92:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsU9DHCKzHMl+ql68WdaHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMTAxMDc1NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmYzYWZlMDZhM2E0NzcwMGY1MzEzOTNjNTdlZWIxZmY1MTA1YTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwsSClv9elTCnTjBTl5mGCstCjX5
/w/c5OIWX6euHLrx7wvCf6PUhwklIzLbd+2Wl3rTsXBvR9KIHgCbMSMRCQJWnvPa
xKNflgogyl8B37gr6hJJF0D6W4roDRXU/EvQls/vPYRQi949uwOOyxAPnWL2ngmo
HJUT+U3dpcz9nVSGLd/w3nqWVpZyoM+vK11wuiDln6Lzivco7BRlVCQ17hjSH9PA
RUmM/1dWb3X1DXMIwXUWJyE+KfrK79qrAvcbEwld5zLgZeNrKO3acUklCKzS/lHa
kVvG2xMFk262zub0ZkZapYBxwP1RwENFiF8JKK4VNydVi9olI8xQuLWn5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO/zr+BqOkdwD1MTk8V+6x/1EFpLMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvN19PdjRHbzZSM0FQVXhPVHhYN3JIX1VRV2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuVYHAwQA
uVYPAwQAuVd4AwQAubnqMA0GCSqGSIb3DQEBCwUAA4IBAQAj2cXHClUdSP12Indq
qp7NnTyo4jebGDNMXug9QE93fER9oky0wTxkhmPAQa4AlO2XZKRq1WzUfYLW7NMQ
gtyJmy9rz4jD8slR5ZOpKR+SpGDxrNKjcQ5tVunZPh3eRJsrwh+nJt/CmSU1241h
UzmGzKnY361uHrHjNwa3WCFKVMJzVe3u7HnoF3g9wwQhEIrKu428lZ6t7QUxwgxx
QzqLWdiYWQ0PTUf6QC1yuEaxRldhq7zgCL+8/vv3QaxsOUTLQ3//gAuTPRoUZXC4
JRTwgba4zJK4pd6EeNS8igAo7H90ACg/aXl6RJ9MtiQOY0WUKDzmUW+veV/mf6LT
vJIt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org