Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/crO0kIHF0PyPxOrr9WEWY3UODAo.roa
File: crO0kIHF0PyPxOrr9WEWY3UODAo.roa (raw, json)
Hash identifier: TFoyUNJ84pyC/iPHeFCe2JK7a4sVZDC8x7Nt8sFcVsk=
Subject key identifier: 72:B3:B4:90:81:C5:D0:FC:8F:C4:EA:EB:F5:61:16:63:75:0E:0C:0A
Certificate issuer: /CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Certificate serial: 01856F66E85EDE70CA164BE26D18B526AF84
Authority key identifier: BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/crO0kIHF0PyPxOrr9WEWY3UODAo.roa
Signing time: Sun 01 Jan 2023 22:14:53 +0000
ROA not before: Sun 01 Jan 2023 22:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208257
IP address blocks: 185.251.70.0/24 maxlen: 24
2a0f:6a00::/29 maxlen: 29
2a10:aec0::/29 maxlen: 29
2a0f:f200::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 31 Jan 2023 08:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:e8:5e:de:70:ca:16:4b:e2:6d:18:b5:26:af:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Validity
Not Before: Jan 1 22:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72b3b49081c5d0fc8fc4eaebf5611663750e0c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fb:47:ba:e5:4e:58:cf:05:ea:9e:5f:b6:ee:
89:be:e7:03:26:20:4f:9b:8f:03:6c:a1:12:0d:fe:
35:6b:57:04:c0:89:e3:7e:9f:c4:3f:07:ed:64:df:
78:34:1b:cf:4e:b7:22:5f:0c:6c:c8:0c:e2:c1:ac:
6f:a9:ca:63:01:94:b7:e7:21:fe:ab:5b:ac:74:6c:
72:08:f5:7e:2c:80:ed:b0:49:22:c0:28:eb:f9:a3:
51:a8:5f:af:c3:4e:e1:a7:7e:79:f1:5c:d6:fe:0a:
95:ad:3f:6b:9f:82:96:06:99:a4:d8:5a:8f:b6:29:
f6:60:f7:da:f8:a5:1a:c9:4d:9b:7e:ad:af:6d:5c:
57:98:99:33:a8:ac:1b:64:a5:e7:ec:df:42:fe:58:
9d:49:48:99:b7:74:60:d0:5b:0a:31:c3:53:6a:30:
f2:46:54:f6:c9:17:c8:3e:7b:36:60:65:0f:81:14:
47:28:80:71:ea:d3:43:38:08:04:08:d9:11:f3:9e:
19:07:ea:69:ca:62:03:72:40:be:37:aa:bf:e8:da:
99:c8:48:ec:3f:a4:98:32:20:95:31:6d:4b:4c:42:
d8:e2:2e:12:3c:26:c5:3f:62:8d:5e:12:44:6d:75:
ef:f6:4d:13:04:28:09:61:40:71:0f:98:46:9b:c6:
94:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B3:B4:90:81:C5:D0:FC:8F:C4:EA:EB:F5:61:16:63:75:0E:0C:0A
X509v3 Authority Key Identifier:
keyid:BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/crO0kIHF0PyPxOrr9WEWY3UODAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/vxB-B5UsBpNYzT-CquzrTGlIPKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.70.0/24
IPv6:
2a0f:6a00::/29
2a0f:f200::/29
2a10:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
ac:b4:e2:0a:fc:b6:25:b1:31:b9:92:72:28:69:03:68:aa:51:
72:c0:13:11:f7:c7:55:a5:00:74:9d:d0:a1:a0:0f:89:7a:f1:
b5:00:e3:09:0d:bc:97:ea:65:2a:6a:41:28:d4:d6:36:df:2a:
b4:33:32:82:64:06:8f:0e:65:5b:7d:d0:5f:9c:2f:29:2a:b8:
27:95:b2:a6:37:47:59:f8:ea:66:9f:3e:3b:28:69:8c:ad:2e:
d5:9b:cf:d5:1a:b2:77:79:f5:4c:83:3a:8e:cb:e0:af:7c:d1:
95:3e:70:8d:e5:7d:cd:fb:12:8e:39:99:2c:8f:a9:3e:6b:d1:
da:58:e4:ec:e5:4f:23:75:ac:e5:6a:f0:51:76:80:37:80:cd:
7f:63:85:b1:a3:9e:db:42:49:59:68:f9:fd:df:11:3c:3f:c9:
4f:c3:53:08:27:59:1b:40:39:39:1e:b8:86:35:29:a2:68:92:
64:62:23:b8:df:76:dc:a4:40:be:b2:60:31:e4:89:92:d0:f9:
65:17:a0:44:3b:47:47:e8:08:e5:04:4e:a7:7c:7e:b7:17:d3:
42:84:4b:51:1f:52:d7:1f:c7:d4:dc:c3:f0:25:fc:82:f0:49:
b4:43:9d:03:f1:ff:10:b9:22:18:ca:6b:05:dc:8b:4c:45:88:
6f:93:8a:59
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVvZuhe3nDKFkvibRi1Jq+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMTA3ZTA3OTUyYzA2OTM1OGNkM2Y4MmFhZWNlYjRjNjk0
ODNjYTkwHhcNMjMwMTAxMjIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmIzYjQ5MDgxYzVkMGZjOGZjNGVhZWJmNTYxMTY2Mzc1MGUwYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjftHuuVOWM8F6p5ftu6JvucDJiBP
m48DbKESDf41a1cEwInjfp/EPwftZN94NBvPTrciXwxsyAziwaxvqcpjAZS35yH+
q1usdGxyCPV+LIDtsEkiwCjr+aNRqF+vw07hp3558VzW/gqVrT9rn4KWBpmk2FqP
tin2YPfa+KUayU2bfq2vbVxXmJkzqKwbZKXn7N9C/lidSUiZt3Rg0FsKMcNTajDy
RlT2yRfIPns2YGUPgRRHKIBx6tNDOAgECNkR854ZB+ppymIDckC+N6q/6NqZyEjs
P6SYMiCVMW1LTELY4i4SPCbFP2KNXhJEbXXv9k0TBCgJYUBxD5hGm8aUXwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHKztJCBxdD8j8Tq6/VhFmN1DgwKMB8GA1UdIwQY
MBaAFL8QfgeVLAaTWM0/gqrs60xpSDypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2It
NDg2MzNkNzE4NTkwLzEvY3JPMGtJSEYwUHlQeE9ycjlXRVdZM1VPREFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2ItNDg2MzNkNzE4NTkw
LzEvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQAuftGMBsE
AgACMBUDBQMqD2oAAwUDKg/yAAMFAyoQrsAwDQYJKoZIhvcNAQELBQADggEBAKy0
4gr8tiWxMbmScihpA2iqUXLAExH3x1WlAHSd0KGgD4l68bUA4wkNvJfqZSpqQSjU
1jbfKrQzMoJkBo8OZVt90F+cLykquCeVsqY3R1n46mafPjsoaYytLtWbz9Uasnd5
9UyDOo7L4K980ZU+cI3lfc37Eo45mSyPqT5r0dpY5OzlTyN1rOVq8FF2gDeAzX9j
hbGjnttCSVlo+f3fETw/yU/DUwgnWRtAOTkeuIY1KaJokmRiI7jfdtykQL6yYDHk
iZLQ+WUXoEQ7R0foCOUETqd8frcX00KES1EfUtcfx9Tcw/Al/ILwSbRDnQPx/xC5
IhjKawXci0xFiG+Tilk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:36 2024 by rpki-client on console-ams.rpki-client.org