Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/h7iDRmYeBIqytCBSno_VnCbnF90.roa
File: h7iDRmYeBIqytCBSno_VnCbnF90.roa (raw, json)
Hash identifier: lqIbjZw5RHInSIDzBvdKX7QjVxAKihTKMfltu0qpyck=
Subject key identifier: 87:B8:83:46:66:1E:04:8A:B2:B4:20:52:9E:8F:D5:9C:26:E7:17:DD
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01856C53D33439DCA93D2F64E65C9D535C53
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/h7iDRmYeBIqytCBSno_VnCbnF90.roa
Signing time: Sun 01 Jan 2023 07:55:10 +0000
ROA not before: Sun 01 Jan 2023 07:55:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209711
IP address blocks: 185.86.155.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d3:34:39:dc:a9:3d:2f:64:e6:5c:9d:53:5c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 07:55:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87b88346661e048ab2b420529e8fd59c26e717dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:12:09:c1:6a:38:a3:c1:d0:d3:8e:7d:ac:fa:
ac:13:1f:cf:d9:de:41:4c:f9:37:30:74:27:6a:d9:
55:01:7f:3d:2f:d5:2a:dc:3f:0a:24:e9:44:cd:f4:
46:da:10:da:ac:d0:8a:fb:54:bd:e7:77:2a:4b:9b:
6b:03:7d:f6:e8:37:31:77:e5:c0:59:4e:1d:10:82:
7b:59:23:3e:56:b0:52:03:55:c9:6d:a8:2e:7d:b3:
3a:b1:03:9e:cd:a2:e5:a0:15:29:68:e5:4b:ef:f1:
6e:22:d2:6d:48:a7:75:1e:31:11:21:c2:0b:3a:a1:
ac:a2:bb:73:02:ae:8b:94:3b:38:3d:a3:5a:69:9f:
83:79:5e:d5:29:85:ed:23:56:58:3a:dc:18:f5:e4:
a3:cb:c9:9b:7f:d0:aa:1e:9c:dd:80:4b:09:d9:1b:
79:e9:f2:32:79:96:13:0d:71:c9:d8:0c:90:f1:0e:
f1:73:4e:98:78:8a:ea:57:6f:55:5b:c3:74:ed:95:
d7:e1:ca:51:66:5d:4d:df:e7:6b:5b:be:e9:e6:4b:
3a:df:e1:cd:f8:dd:6f:11:ab:1e:32:44:8d:bb:62:
1d:87:ea:86:1e:d1:e2:5b:29:7c:66:f7:5a:8d:06:
c2:3c:67:de:44:20:95:ec:08:a1:05:e5:90:fe:06:
68:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B8:83:46:66:1E:04:8A:B2:B4:20:52:9E:8F:D5:9C:26:E7:17:DD
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/h7iDRmYeBIqytCBSno_VnCbnF90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.155.0/24
185.98.62.0/24
185.184.25.0-185.184.26.255
Signature Algorithm: sha256WithRSAEncryption
17:3f:ad:5a:fe:2d:a5:90:a4:39:92:5f:80:eb:49:9e:e9:67:
8a:d7:27:a0:6c:48:0f:d0:66:2a:cc:3a:0f:ea:1d:6b:44:8c:
4c:b5:79:b6:9d:22:54:29:e4:18:86:25:6c:5a:f8:bb:f7:b6:
97:e0:e5:1a:02:56:f0:44:56:de:c4:24:b9:88:56:bb:39:f5:
c6:12:12:bf:ed:01:66:36:50:c0:2c:df:85:b1:49:5a:aa:d3:
1b:9c:f2:15:c2:fc:0e:56:d2:e0:16:96:73:2a:cb:bc:d0:f6:
da:a9:b2:98:03:ed:bf:a2:3f:3c:0e:cf:2d:b0:47:f8:92:9a:
58:87:57:2f:50:c0:65:31:8b:83:c1:ee:ea:bb:a0:83:dc:2a:
0a:5d:78:0a:17:4a:69:35:f1:18:a4:4a:2e:3a:f1:8f:e9:2f:
e7:64:6c:9e:6e:38:07:8d:1a:bd:50:42:1b:7f:d7:fa:fe:e0:
dc:3f:c0:84:02:5e:96:a2:a5:e8:80:de:98:8a:a4:99:83:a2:
35:74:59:08:42:17:fa:f1:e3:58:a8:66:d2:9e:64:ad:6e:bc:
0d:2a:76:48:0e:22:23:18:07:fc:23:71:34:c6:0e:17:4c:27:
d3:f6:b5:77:e7:c2:74:1d:99:5f:b7:92:9b:6b:ae:7c:c0:ec:
0a:0d:5b:e2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVsU9M0OdypPS9k5lydU1xTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMTAxMDc1NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I4ODM0NjY2MWUwNDhhYjJiNDIwNTI5ZThmZDU5YzI2ZTcxN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRIJwWo4o8HQ0459rPqsEx/P2d5B
TPk3MHQnatlVAX89L9Uq3D8KJOlEzfRG2hDarNCK+1S953cqS5trA3326Dcxd+XA
WU4dEIJ7WSM+VrBSA1XJbagufbM6sQOezaLloBUpaOVL7/FuItJtSKd1HjERIcIL
OqGsortzAq6LlDs4PaNaaZ+DeV7VKYXtI1ZYOtwY9eSjy8mbf9CqHpzdgEsJ2Rt5
6fIyeZYTDXHJ2AyQ8Q7xc06YeIrqV29VW8N07ZXX4cpRZl1N3+drW77p5ks63+HN
+N1vEaseMkSNu2Idh+qGHtHiWyl8ZvdajQbCPGfeRCCV7AihBeWQ/gZoHQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIe4g0ZmHgSKsrQgUp6P1Zwm5xfdMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvaDdpRFJtWWVCSXF5dENCU25vX1ZuQ2JuRjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAuVabAwQA
uWI+MAwDBAC5uBkDBAC5uBowDQYJKoZIhvcNAQELBQADggEBABc/rVr+LaWQpDmS
X4DrSZ7pZ4rXJ6BsSA/QZirMOg/qHWtEjEy1ebadIlQp5BiGJWxa+Lv3tpfg5RoC
VvBEVt7EJLmIVrs59cYSEr/tAWY2UMAs34WxSVqq0xuc8hXC/A5W0uAWlnMqy7zQ
9tqpspgD7b+iPzwOzy2wR/iSmliHVy9QwGUxi4PB7uq7oIPcKgpdeAoXSmk18Rik
Si468Y/pL+dkbJ5uOAeNGr1QQht/1/r+4Nw/wIQCXpaipeiA3piKpJmDojV0WQhC
F/rx41ioZtKeZK1uvA0qdkgOIiMYB/wjcTTGDhdMJ9P2tXfnwnQdmV+3kptrrnzA
7AoNW+I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:24 2024 by rpki-client on console-ams.rpki-client.org