Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/7nXmcyfvxiTrL8h3QPmpbh5N-ao.roa
File: 7nXmcyfvxiTrL8h3QPmpbh5N-ao.roa (raw, json)
Hash identifier: fowd6+EgT9bXgO5DewbJY3XK1gE1v7S8U3Mbs5U5zKs=
Subject key identifier: EE:75:E6:73:27:EF:C6:24:EB:2F:C8:77:40:F9:A9:6E:1E:4D:F9:AA
Certificate issuer: /CN=c33484590ccff09a3dd5dd8085beedb42fc4ad84
Certificate serial: 01856DCAC75B361B2989474000E5718EC3E9
Authority key identifier: C3:34:84:59:0C:CF:F0:9A:3D:D5:DD:80:85:BE:ED:B4:2F:C4:AD:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzSEWQzP8Jo91d2Ahb7ttC_ErYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/7nXmcyfvxiTrL8h3QPmpbh5N-ao.roa
Signing time: Sun 01 Jan 2023 14:44:43 +0000
ROA not before: Sun 01 Jan 2023 14:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205645
IP address blocks: 185.210.244.0/22 maxlen: 22
193.30.8.0/22 maxlen: 22
2a0a:3b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:c7:5b:36:1b:29:89:47:40:00:e5:71:8e:c3:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c33484590ccff09a3dd5dd8085beedb42fc4ad84
Validity
Not Before: Jan 1 14:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee75e67327efc624eb2fc87740f9a96e1e4df9aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6b:77:e9:2b:d4:8b:8f:89:a3:3b:cc:b5:c7:
f4:b2:c3:b8:b7:01:17:18:07:5e:61:0b:a9:07:8f:
6e:38:c2:25:8b:82:22:55:29:86:4a:86:2d:84:f1:
db:d8:2a:68:43:e7:11:fa:f3:f5:1a:22:1e:13:d9:
ae:3e:b7:5a:9e:73:a9:17:09:57:fa:85:78:57:a5:
fc:01:e1:43:25:09:ae:ea:22:b8:18:12:b4:d5:02:
ae:cd:19:1d:01:0e:79:46:b9:6f:95:de:4f:c8:4b:
49:42:5a:dd:db:20:09:1d:7f:74:3d:b9:2c:41:06:
c4:a8:a3:a7:e5:e8:42:45:c8:ef:1e:db:f1:de:19:
29:74:fa:5a:cf:30:79:1d:66:08:a2:90:5b:28:af:
51:7a:67:6a:45:a7:51:7d:8d:9e:e9:20:4b:18:2c:
e3:11:a4:f4:ad:3c:c5:b1:61:da:aa:5c:96:6c:c8:
d7:fb:25:f5:d5:c6:e2:6c:ab:5a:2c:2c:12:94:fb:
2d:24:38:7d:e0:a4:26:13:60:d3:b5:51:36:29:48:
26:e6:f8:39:30:7b:3a:ca:fd:d7:47:08:b7:aa:c1:
7a:a9:b8:03:71:21:25:e0:75:6d:ee:40:de:40:ae:
56:79:41:1c:73:fe:ae:7c:1c:9f:4c:37:99:97:07:
6c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:75:E6:73:27:EF:C6:24:EB:2F:C8:77:40:F9:A9:6E:1E:4D:F9:AA
X509v3 Authority Key Identifier:
keyid:C3:34:84:59:0C:CF:F0:9A:3D:D5:DD:80:85:BE:ED:B4:2F:C4:AD:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzSEWQzP8Jo91d2Ahb7ttC_ErYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/7nXmcyfvxiTrL8h3QPmpbh5N-ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/wzSEWQzP8Jo91d2Ahb7ttC_ErYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.244.0/22
193.30.8.0/22
IPv6:
2a0a:3b80::/29
Signature Algorithm: sha256WithRSAEncryption
1c:36:e1:fd:27:60:1c:a4:4d:44:56:63:0b:36:f7:47:eb:47:
e8:c9:43:54:67:30:38:a5:7b:7c:6d:d2:58:90:e0:f0:c0:8e:
d5:f8:05:9d:2e:88:d4:95:64:25:8e:97:59:81:6c:1d:47:8a:
19:15:45:50:f4:c5:e4:cb:2a:41:b2:13:2a:09:f8:b7:57:e9:
df:26:27:e2:c4:51:17:ae:e4:6e:27:7e:08:42:70:46:bd:c2:
7d:71:ad:3c:71:ee:76:d5:97:94:fa:dd:6f:c8:c9:67:2b:66:
0c:2f:f8:ff:df:04:53:b8:c2:01:36:e9:6b:ec:c0:37:91:69:
c2:70:0c:c2:92:6a:78:67:1b:84:58:72:07:25:e1:a4:31:c0:
aa:1b:23:86:37:26:6e:e1:eb:eb:fd:3e:8f:cb:c2:26:3e:5a:
4a:29:d0:54:e3:0b:81:89:04:70:2a:4b:69:fb:ab:6e:63:d4:
3d:a7:55:b8:07:2e:4d:e4:fe:ab:8b:16:98:42:1f:26:4e:67:
3a:db:be:26:9f:d3:fd:0a:0c:0f:24:c8:ee:11:1b:68:ff:7b:
88:0b:48:53:ed:6e:eb:5b:1a:f6:8f:d4:bf:fc:d6:b0:ad:94:
59:87:eb:73:e7:2e:c6:18:33:25:1f:8c:41:04:6d:74:c7:72:
2f:ab:1e:15
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtysdbNhspiUdAAOVxjsPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMzQ4NDU5MGNjZmYwOWEzZGQ1ZGQ4MDg1YmVlZGI0MmZj
NGFkODQwHhcNMjMwMTAxMTQ0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTc1ZTY3MzI3ZWZjNjI0ZWIyZmM4Nzc0MGY5YTk2ZTFlNGRmOWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmt36SvUi4+JozvMtcf0ssO4twEX
GAdeYQupB49uOMIli4IiVSmGSoYthPHb2CpoQ+cR+vP1GiIeE9muPrdannOpFwlX
+oV4V6X8AeFDJQmu6iK4GBK01QKuzRkdAQ55Rrlvld5PyEtJQlrd2yAJHX90Pbks
QQbEqKOn5ehCRcjvHtvx3hkpdPpazzB5HWYIopBbKK9RemdqRadRfY2e6SBLGCzj
EaT0rTzFsWHaqlyWbMjX+yX11cbibKtaLCwSlPstJDh94KQmE2DTtVE2KUgm5vg5
MHs6yv3XRwi3qsF6qbgDcSEl4HVt7kDeQK5WeUEcc/6ufByfTDeZlwdsBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO515nMn78Yk6y/Id0D5qW4eTfmqMB8GA1UdIwQY
MBaAFMM0hFkMz/CaPdXdgIW+7bQvxK2EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3pTRVdRelA4Sm85MWQyQWhiN3R0Q19FcllRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iOGE1MGEtODZhMC00YmY0LThlZmYt
ZjY0N2M1MGMyMWE1LzEvN25YbWN5ZnZ4aVRyTDhoM1FQbXBiaDVOLWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9iOGE1MGEtODZhMC00YmY0LThlZmYtZjY0N2M1MGMyMWE1
LzEvd3pTRVdRelA4Sm85MWQyQWhiN3R0Q19FcllRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudL0AwQC
wR4IMA0EAgACMAcDBQMqCjuAMA0GCSqGSIb3DQEBCwUAA4IBAQAcNuH9J2AcpE1E
VmMLNvdH60foyUNUZzA4pXt8bdJYkODwwI7V+AWdLojUlWQljpdZgWwdR4oZFUVQ
9MXkyypBshMqCfi3V+nfJifixFEXruRuJ34IQnBGvcJ9ca08ce521ZeU+t1vyMln
K2YML/j/3wRTuMIBNulr7MA3kWnCcAzCkmp4ZxuEWHIHJeGkMcCqGyOGNyZu4evr
/T6Py8ImPlpKKdBU4wuBiQRwKktp+6tuY9Q9p1W4By5N5P6rixaYQh8mTmc6274m
n9P9CgwPJMjuERto/3uIC0hT7W7rWxr2j9S//NawrZRZh+tz5y7GGDMlH4xBBG10
x3Ivqx4V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:22 2024 by rpki-client on console-ams.rpki-client.org