Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/sfjItjEswBBDjb9JDKmYN32bp_U.roa
File: sfjItjEswBBDjb9JDKmYN32bp_U.roa (raw, json)
Hash identifier: HYRyvwYeBn/J+iSiJ7UU3GXptzlu47Br2X4p2PTueDc=
Subject key identifier: B1:F8:C8:B6:31:2C:C0:10:43:8D:BF:49:0C:A9:98:37:7D:9B:A7:F5
Certificate issuer: /CN=d8012faf98275ae4f3f8d87f084ee4ff8420c485
Certificate serial: 018E7C7EA69277CD8BB8DFC3DA4798737E58
Authority key identifier: D8:01:2F:AF:98:27:5A:E4:F3:F8:D8:7F:08:4E:E4:FF:84:20:C4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/sfjItjEswBBDjb9JDKmYN32bp_U.roa
Signing time: Tue 26 Mar 2024 20:40:58 +0000
ROA not before: Tue 26 Mar 2024 20:40:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212150
IP address blocks: 185.224.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Apr 2024 06:46:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7c:7e:a6:92:77:cd:8b:b8:df:c3:da:47:98:73:7e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8012faf98275ae4f3f8d87f084ee4ff8420c485
Validity
Not Before: Mar 26 20:40:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1f8c8b6312cc010438dbf490ca998377d9ba7f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9b:34:07:2b:98:28:a1:93:9f:9c:37:1d:f3:
f6:c5:99:d5:95:77:7f:c7:69:7b:b6:53:4e:c8:3a:
68:90:e4:de:6e:74:99:07:63:29:cc:0e:5f:94:7d:
5e:f1:76:0a:ca:22:cd:0a:1e:0d:15:de:4f:75:c2:
ae:71:3b:ec:d3:9e:64:76:16:79:25:5b:c8:00:82:
6e:92:44:7d:b9:96:8e:0b:03:8f:64:97:9f:e7:3b:
a1:b5:f8:15:64:67:7b:1c:bf:b6:77:16:77:14:b1:
fd:54:67:e2:5f:5f:ff:68:9d:3f:23:7c:a9:31:fe:
91:01:74:52:f1:77:8d:e8:63:a0:e5:fe:d6:1c:cf:
cf:5a:f0:58:12:65:4b:4c:c1:7f:fd:0f:a6:1f:3a:
03:f2:aa:ce:1f:49:22:49:ee:01:71:4c:41:ff:3a:
e7:61:6c:c2:25:0a:5d:23:2e:98:b4:19:dd:70:14:
8e:78:6a:ba:f8:39:1b:29:82:b1:55:fd:cd:32:32:
17:93:69:be:b9:f6:bd:37:80:59:2b:bd:69:cd:6a:
9b:b5:a6:9c:9f:6e:32:a4:6f:1a:cd:8c:76:da:05:
f2:93:18:06:7d:dd:f7:38:1d:36:be:1c:09:46:3d:
e7:d2:4f:36:dd:18:ac:69:ce:d7:f5:f7:e3:03:d0:
b3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F8:C8:B6:31:2C:C0:10:43:8D:BF:49:0C:A9:98:37:7D:9B:A7:F5
X509v3 Authority Key Identifier:
keyid:D8:01:2F:AF:98:27:5A:E4:F3:F8:D8:7F:08:4E:E4:FF:84:20:C4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/sfjItjEswBBDjb9JDKmYN32bp_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.3.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:fc:06:ce:aa:54:85:6c:1a:b5:72:3a:da:09:6e:bd:45:9b:
33:97:b2:15:54:32:63:31:4e:41:8e:c7:18:b2:b7:d2:23:97:
ae:2b:96:f7:b3:9f:ce:45:e5:ab:60:62:af:6e:59:7b:33:b3:
f3:cd:ed:cc:7d:d0:56:27:b0:49:83:45:40:3a:fe:86:45:b3:
b0:30:96:89:82:b7:6c:74:7b:44:72:c7:b2:b0:e3:a9:78:e2:
ac:bc:71:f0:bd:7b:a0:80:6e:39:c7:22:32:27:7f:d7:04:34:
3a:d8:16:a3:b3:a0:ae:5c:47:54:04:7f:d3:af:0a:f4:36:ec:
2f:1f:89:af:96:3c:05:7c:8e:e7:11:94:c8:ad:b4:81:77:67:
d8:7c:43:39:b2:62:d0:24:d8:7b:2f:44:00:75:39:4d:f6:49:
ff:4a:5a:93:dc:4a:6f:58:1d:ca:7e:bb:c0:bf:20:ba:9b:51:
84:f2:a7:61:9e:34:26:4a:60:fc:0d:9a:19:8f:ec:50:2f:92:
ff:08:c2:42:f5:8d:2f:0c:46:4b:47:35:fe:55:0c:06:49:03:
1d:a2:4e:6e:81:ee:95:2a:fe:1a:b7:43:69:bd:65:b6:37:de:
76:6e:65:68:ce:31:e2:5c:26:b3:b9:39:ca:ca:3d:5e:e3:2a:
7e:7e:c5:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY58fqaSd82LuN/D2keYc35YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDEyZmFmOTgyNzVhZTRmM2Y4ZDg3ZjA4NGVlNGZmODQy
MGM0ODUwHhcNMjQwMzI2MjA0MDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWY4YzhiNjMxMmNjMDEwNDM4ZGJmNDkwY2E5OTgzNzdkOWJhN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5s0ByuYKKGTn5w3HfP2xZnVlXd/
x2l7tlNOyDpokOTebnSZB2MpzA5flH1e8XYKyiLNCh4NFd5PdcKucTvs055kdhZ5
JVvIAIJukkR9uZaOCwOPZJef5zuhtfgVZGd7HL+2dxZ3FLH9VGfiX1//aJ0/I3yp
Mf6RAXRS8XeN6GOg5f7WHM/PWvBYEmVLTMF//Q+mHzoD8qrOH0kiSe4BcUxB/zrn
YWzCJQpdIy6YtBndcBSOeGq6+DkbKYKxVf3NMjIXk2m+ufa9N4BZK71pzWqbtaac
n24ypG8azYx22gXykxgGfd33OB02vhwJRj3n0k823Risac7X9ffjA9CzpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLH4yLYxLMAQQ42/SQypmDd9m6f1MB8GA1UdIwQY
MBaAFNgBL6+YJ1rk8/jYfwhO5P+EIMSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFFdnI1Z25XdVR6LU5oX0NFN2tfNFFneElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mNjdhYTgtNTFjMi00M2IyLWIwMjIt
NmQ1NjBkZWJmN2IzLzEvc2ZqSXRqRXN3QkJEamI5SkRLbVlOMzJicF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mNjdhYTgtNTFjMi00M2IyLWIwMjItNmQ1NjBkZWJmN2Iz
LzEvMkFFdnI1Z25XdVR6LU5oX0NFN2tfNFFneElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueADMA0G
CSqGSIb3DQEBCwUAA4IBAQAP/AbOqlSFbBq1cjraCW69RZszl7IVVDJjMU5BjscY
srfSI5euK5b3s5/OReWrYGKvbll7M7Pzze3MfdBWJ7BJg0VAOv6GRbOwMJaJgrds
dHtEcseysOOpeOKsvHHwvXuggG45xyIyJ3/XBDQ62Bajs6CuXEdUBH/Trwr0Nuwv
H4mvljwFfI7nEZTIrbSBd2fYfEM5smLQJNh7L0QAdTlN9kn/SlqT3EpvWB3KfrvA
vyC6m1GE8qdhnjQmSmD8DZoZj+xQL5L/CMJC9Y0vDEZLRzX+VQwGSQMdok5uge6V
Kv4at0NpvWW2N952bmVozjHiXCazuTnKyj1e4yp+fsXM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:27 2024 by rpki-client on console-fra.rpki-client.org