Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/fHms9RtTf_rBsRvaBT-y8iarYAw.roa
File: fHms9RtTf_rBsRvaBT-y8iarYAw.roa (raw, json)
Hash identifier: 44BEucj8zw0mR4DC/ilSQ/115EDVMUoSAa8ingS7wpI=
Subject key identifier: 7C:79:AC:F5:1B:53:7F:FA:C1:B1:1B:DA:05:3F:B2:F2:26:AB:60:0C
Certificate issuer: /CN=955fcf92798a9dbb30abd2b9fa29bfa8804220f3
Certificate serial: 01856C5CB3F0D7E2151E22361BE100FAC5DB
Authority key identifier: 95:5F:CF:92:79:8A:9D:BB:30:AB:D2:B9:FA:29:BF:A8:80:42:20:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lV_PknmKnbswq9K5-im_qIBCIPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/fHms9RtTf_rBsRvaBT-y8iarYAw.roa
Signing time: Sun 01 Jan 2023 08:04:52 +0000
ROA not before: Sun 01 Jan 2023 08:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21368
IP address blocks: 185.109.253.0/24 maxlen: 24
185.109.252.0/23 maxlen: 23
185.109.252.0/24 maxlen: 24
185.109.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Jan 2023 11:44:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b3:f0:d7:e2:15:1e:22:36:1b:e1:00:fa:c5:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=955fcf92798a9dbb30abd2b9fa29bfa8804220f3
Validity
Not Before: Jan 1 08:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c79acf51b537ffac1b11bda053fb2f226ab600c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b4:c6:ff:dc:7a:ae:de:1c:a4:b0:68:43:c3:
61:b2:af:d8:0b:76:6a:fa:b7:f3:aa:a2:0b:46:73:
f4:54:21:e5:27:c1:11:f3:ec:8e:d5:5a:28:93:c5:
ed:3b:12:db:f6:e4:58:d0:0a:62:54:09:6c:05:2f:
8f:9c:0b:37:f4:cd:9b:10:46:e8:e2:b6:b0:e5:a6:
b7:f5:4c:d5:4e:9c:07:ca:41:60:24:79:e3:d0:0e:
4b:61:d3:10:bb:e9:95:65:7f:3f:76:26:79:47:18:
67:0e:34:82:d1:b3:4e:9f:4d:97:bc:4d:e5:6f:76:
47:24:ca:64:24:91:bc:eb:17:71:21:6d:c0:f3:4d:
7a:eb:ce:3d:3e:46:8c:37:6a:51:09:2d:0c:54:9b:
f5:91:bb:73:ac:59:6c:0f:c1:33:c8:84:a9:e0:be:
8f:a2:9c:70:bf:54:7f:77:92:08:52:01:14:81:52:
9d:62:29:28:69:e3:2f:1b:71:d4:aa:6d:02:07:a8:
af:a6:fb:28:e0:9b:28:d7:21:71:9f:8a:83:05:86:
7e:ce:1a:6d:48:96:ac:03:90:c4:67:b2:11:48:d4:
d7:61:9f:74:18:d7:22:94:b2:70:de:2d:ac:9b:68:
3a:ae:35:8a:6e:93:b7:8b:dd:ba:d5:cb:07:b8:57:
c4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:79:AC:F5:1B:53:7F:FA:C1:B1:1B:DA:05:3F:B2:F2:26:AB:60:0C
X509v3 Authority Key Identifier:
keyid:95:5F:CF:92:79:8A:9D:BB:30:AB:D2:B9:FA:29:BF:A8:80:42:20:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lV_PknmKnbswq9K5-im_qIBCIPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/fHms9RtTf_rBsRvaBT-y8iarYAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/lV_PknmKnbswq9K5-im_qIBCIPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.252.0/23
185.109.255.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:0d:6c:24:24:76:45:dd:c9:7f:fb:c2:23:91:e9:29:b9:b3:
34:0e:a8:91:75:af:7e:aa:34:b5:33:6d:d8:a4:0b:ce:ed:0a:
c2:a1:eb:b8:dc:ea:db:99:00:c7:bf:da:00:88:c1:d0:89:aa:
b8:c2:8f:98:33:d9:cb:96:42:ce:df:43:b6:89:61:2a:bb:b5:
3d:64:0a:e4:6e:59:21:51:72:17:de:e6:2a:b2:81:ad:3c:30:
e7:3f:33:6f:af:2a:00:4c:aa:77:e9:ed:da:96:4f:4c:34:3a:
73:d3:b5:4b:43:16:90:bf:d5:01:32:1a:cf:1c:97:7d:24:22:
04:7a:4d:ab:80:1a:84:7d:99:5e:16:0d:5d:c1:4f:ee:4a:2e:
68:82:14:55:63:4e:b2:69:9e:5a:71:b5:61:5b:30:07:ad:df:
cf:65:49:28:d2:55:8f:97:c5:07:3d:b1:90:fc:e2:09:71:48:
3e:46:fe:10:f8:06:de:27:b2:bf:b7:1d:cc:cf:52:7f:9f:20:
29:82:27:ee:97:91:74:ea:18:7a:0b:e1:d0:d2:81:a1:b7:a7:
10:a8:5c:0d:74:01:ef:62:a0:3a:d2:83:09:37:26:1f:a3:41:
66:41:36:ac:c3:3d:f0:85:87:8d:b8:ab:a5:55:89:0a:94:0f:
3f:a0:c2:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsXLPw1+IVHiI2G+EA+sXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NWZjZjkyNzk4YTlkYmIzMGFiZDJiOWZhMjliZmE4ODA0
MjIwZjMwHhcNMjMwMTAxMDgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzc5YWNmNTFiNTM3ZmZhYzFiMTFiZGEwNTNmYjJmMjI2YWI2MDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbTG/9x6rt4cpLBoQ8Nhsq/YC3Zq
+rfzqqILRnP0VCHlJ8ER8+yO1Vook8XtOxLb9uRY0ApiVAlsBS+PnAs39M2bEEbo
4raw5aa39UzVTpwHykFgJHnj0A5LYdMQu+mVZX8/diZ5RxhnDjSC0bNOn02XvE3l
b3ZHJMpkJJG86xdxIW3A80166849PkaMN2pRCS0MVJv1kbtzrFlsD8EzyISp4L6P
opxwv1R/d5IIUgEUgVKdYikoaeMvG3HUqm0CB6ivpvso4Jso1yFxn4qDBYZ+zhpt
SJasA5DEZ7IRSNTXYZ90GNcilLJw3i2sm2g6rjWKbpO3i9261csHuFfEoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHx5rPUbU3/6wbEb2gU/svImq2AMMB8GA1UdIwQY
MBaAFJVfz5J5ip27MKvSufopv6iAQiDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFZfUGtubUtuYnN3cTlLNS1pbV9xSUJDSVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9kZjE0MGEtMGFjMy00MTA1LWI4M2Et
MDUxODg2ZDBlZDRlLzEvZkhtczlSdFRmX3JCc1J2YUJULXk4aWFyWUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9kZjE0MGEtMGFjMy00MTA1LWI4M2EtMDUxODg2ZDBlZDRl
LzEvbFZfUGtubUtuYnN3cTlLNS1pbV9xSUJDSVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuW38AwQA
uW3/MA0GCSqGSIb3DQEBCwUAA4IBAQA+DWwkJHZF3cl/+8IjkekpubM0DqiRda9+
qjS1M23YpAvO7QrCoeu43OrbmQDHv9oAiMHQiaq4wo+YM9nLlkLO30O2iWEqu7U9
ZArkblkhUXIX3uYqsoGtPDDnPzNvryoATKp36e3alk9MNDpz07VLQxaQv9UBMhrP
HJd9JCIEek2rgBqEfZleFg1dwU/uSi5oghRVY06yaZ5acbVhWzAHrd/PZUko0lWP
l8UHPbGQ/OIJcUg+Rv4Q+AbeJ7K/tx3Mz1J/nyApgiful5F06hh6C+HQ0oGht6cQ
qFwNdAHvYqA60oMJNyYfo0FmQTaswz3whYeNuKulVYkKlA8/oMJj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:36 2024 by rpki-client on console-fra.rpki-client.org