Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/1-7drSW-Dwbi0B3o3D203r7ILsvY.roa
File: 1-7drSW-Dwbi0B3o3D203r7ILsvY.roa (raw, json)
Hash identifier: ypmYl/rG3ZaQmBKYHXoEUX5nHmV3BAEoqQ4n7qy21u0=
Subject key identifier: FB:B7:6B:49:6F:83:C1:B8:B4:07:7A:37:0F:6D:37:AF:B2:0B:B2:F6
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 0191BC8ADCA9A4BF458D312F7C294CA35671
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/1-7drSW-Dwbi0B3o3D203r7ILsvY.roa
Signing time: Wed 04 Sep 2024 10:18:22 +0000
ROA not before: Wed 04 Sep 2024 10:18:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 185.65.202.0/24 maxlen: 24
185.120.59.0/24 maxlen: 24
185.255.178.0/24 maxlen: 24
185.255.179.0/24 maxlen: 24
212.22.74.0/24 maxlen: 24
212.22.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 06:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bc:8a:dc:a9:a4:bf:45:8d:31:2f:7c:29:4c:a3:56:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Sep 4 10:18:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbb76b496f83c1b8b4077a370f6d37afb20bb2f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c9:b5:f8:04:47:44:fa:9d:68:3b:41:db:2c:
b7:7c:31:84:1b:ac:28:88:4e:95:48:34:73:3b:c1:
aa:af:b9:28:d8:a2:77:58:a7:8d:f2:ac:1f:06:a8:
ad:88:76:5c:03:1e:cf:32:f0:48:77:bc:0a:f0:4a:
85:1c:58:33:2e:3e:13:9f:db:29:06:8c:d3:67:a7:
b2:22:32:9d:b6:b2:84:74:b4:5e:61:0e:1e:05:35:
81:d6:57:bf:2a:df:bc:a7:0a:8c:0f:98:18:16:98:
c1:45:1a:1c:90:44:f0:10:c4:af:18:47:9b:74:49:
c5:cd:92:c1:65:d1:1a:10:db:4a:22:20:aa:69:b3:
cb:c0:b4:ce:2c:a2:ca:6c:39:e6:d7:a1:ad:bb:e4:
f1:e6:98:5b:4f:22:6a:0f:d7:ee:df:94:ab:53:5d:
bb:8b:43:7f:ae:4c:6b:21:7f:6b:95:fc:b4:6d:fa:
a3:02:e1:1c:05:6e:bf:a5:26:a4:75:00:de:59:ff:
8f:ab:34:aa:ed:8d:5f:ee:cd:76:8d:01:f0:96:0e:
e3:2c:3e:6d:82:e7:e2:86:61:34:45:cf:35:88:6a:
e9:11:16:d6:08:af:62:60:79:bf:d8:61:12:fd:4c:
cd:cf:5b:7d:59:8b:82:b5:65:fb:1b:3d:71:0e:f0:
66:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B7:6B:49:6F:83:C1:B8:B4:07:7A:37:0F:6D:37:AF:B2:0B:B2:F6
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/1-7drSW-Dwbi0B3o3D203r7ILsvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.202.0/24
185.120.59.0/24
185.255.178.0/23
212.22.74.0/24
212.22.82.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:af:67:a0:b8:10:2c:6a:ec:eb:c9:ff:8a:9e:ca:76:6c:8a:
41:23:df:16:25:83:98:26:77:a2:82:6c:f7:f0:b2:c4:fb:3b:
25:fb:06:38:96:5d:4e:61:b4:e3:77:e3:45:c5:81:28:bc:51:
cc:d2:04:f0:1c:eb:f7:58:7f:74:f8:a0:9a:ee:1e:c3:c9:39:
67:4c:86:22:53:dd:c8:9f:83:63:1b:2f:ee:69:06:3b:a2:94:
04:e5:5f:25:2b:57:bc:39:86:a6:95:ba:e0:f2:55:9c:2d:29:
71:1b:3d:69:79:88:be:1a:3d:9b:ad:1b:00:26:72:02:e0:e6:
4d:5c:4f:e7:84:3b:b3:7e:49:c8:42:fa:15:ef:a9:e8:12:43:
fa:d7:ef:68:54:68:f8:27:67:bb:83:d5:fd:35:9b:1b:1b:60:
79:18:5a:79:93:6a:b7:eb:e4:75:24:cf:3c:d3:c9:a6:ca:64:
46:b5:38:5b:98:bd:bb:62:85:a7:42:7e:9c:ac:20:e1:50:43:
a2:95:3c:b0:ba:b8:05:12:bb:92:2f:a4:38:7f:3f:be:32:1b:
06:28:7b:c8:19:f5:af:5d:3d:be:25:a6:85:19:ff:f3:f6:ed:
67:6e:7d:f8:30:40:82:69:88:fd:8f:8b:2b:94:62:81:b8:1e:
5e:27:5d:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZG8ityppL9FjTEvfClMo1ZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjQwOTA0MTAxODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmI3NmI0OTZmODNjMWI4YjQwNzdhMzcwZjZkMzdhZmIyMGJiMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8m1+ARHRPqdaDtB2yy3fDGEG6wo
iE6VSDRzO8Gqr7ko2KJ3WKeN8qwfBqitiHZcAx7PMvBId7wK8EqFHFgzLj4Tn9sp
BozTZ6eyIjKdtrKEdLReYQ4eBTWB1le/Kt+8pwqMD5gYFpjBRRockETwEMSvGEeb
dEnFzZLBZdEaENtKIiCqabPLwLTOLKLKbDnm16Gtu+Tx5phbTyJqD9fu35SrU127
i0N/rkxrIX9rlfy0bfqjAuEcBW6/pSakdQDeWf+PqzSq7Y1f7s12jQHwlg7jLD5t
gufihmE0Rc81iGrpERbWCK9iYHm/2GES/UzNz1t9WYuCtWX7Gz1xDvBmPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPu3a0lvg8G4tAd6Nw9tN6+yC7L2MB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvMS03ZHJTVy1Ed2JpMEIzbzNEMjAzcjdJTHN2WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvYWVhMzZkLWJhYmYtNDQ3NC1hNzhiLTZhNGVjYWY4YjNi
MS8xL2RHTmxOVnRtVldTaUVNTll4b29CRjdmNzY1by5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEALlBygME
ALl4OwMEAbn/sgMEANQWSgMEANQWUjANBgkqhkiG9w0BAQsFAAOCAQEAPa9noLgQ
LGrs68n/ip7KdmyKQSPfFiWDmCZ3ooJs9/CyxPs7JfsGOJZdTmG043fjRcWBKLxR
zNIE8Bzr91h/dPigmu4ew8k5Z0yGIlPdyJ+DYxsv7mkGO6KUBOVfJStXvDmGppW6
4PJVnC0pcRs9aXmIvho9m60bACZyAuDmTVxP54Q7s35JyEL6Fe+p6BJD+tfvaFRo
+Cdnu4PV/TWbGxtgeRhaeZNqt+vkdSTPPNPJpspkRrU4W5i9u2KFp0J+nKwg4VBD
opU8sLq4BRK7ki+kOH8/vjIbBih7yBn1r109viWmhRn/8/btZ259+DBAgmmI/Y+L
K5RigbgeXidd0Q==
-----END CERTIFICATE-----
Generated at Wed Sep 25 08:29:27 2024 by rpki-client on console-ams.rpki-client.org