Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/NdwgmDgV6ZEJPhYOWUzgA6DfJjQ.roa
File: NdwgmDgV6ZEJPhYOWUzgA6DfJjQ.roa (raw, json)
Hash identifier: mgsqI4WE56Fa8x03LX4wqDjydIGoOqjetEao/AzbpJ0=
Subject key identifier: 35:DC:20:98:38:15:E9:91:09:3E:16:0E:59:4C:E0:03:A0:DF:26:34
Certificate issuer: /CN=765ea3400a3748c3b6c61268d492f8bf0a908239
Certificate serial: 01856E140DCC1BA1C45AF596E57FA8C0A5DF
Authority key identifier: 76:5E:A3:40:0A:37:48:C3:B6:C6:12:68:D4:92:F8:BF:0A:90:82:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dl6jQAo3SMO2xhJo1JL4vwqQgjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/NdwgmDgV6ZEJPhYOWUzgA6DfJjQ.roa
Signing time: Sun 01 Jan 2023 16:04:45 +0000
ROA not before: Sun 01 Jan 2023 16:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207254
IP address blocks: 185.154.221.0/24 maxlen: 24
185.154.223.0/24 maxlen: 24
185.154.220.0/24 maxlen: 24
185.154.222.0/24 maxlen: 24
2a0b:6140:2::/48 maxlen: 48
2a0b:6140:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:0d:cc:1b:a1:c4:5a:f5:96:e5:7f:a8:c0:a5:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=765ea3400a3748c3b6c61268d492f8bf0a908239
Validity
Not Before: Jan 1 16:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35dc20983815e991093e160e594ce003a0df2634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:50:54:a9:77:a3:54:59:2b:d1:e6:4d:73:b9:
4b:a3:34:16:08:be:e6:d7:20:ae:71:0f:a3:98:4a:
e3:50:1a:4a:e5:df:94:c3:90:b2:4d:05:f5:5b:65:
3d:aa:f5:95:34:7d:34:16:eb:fa:e5:47:79:55:70:
71:32:c3:8f:9e:86:ef:37:b1:09:99:b2:37:4b:13:
4d:e2:7e:81:85:60:39:93:dc:ed:7b:8f:a0:ad:39:
15:82:a3:b7:f2:a9:6c:ee:b1:e7:b9:37:00:cb:50:
cd:a7:88:2e:30:ec:6a:cf:59:dd:0f:87:02:a9:69:
43:cd:e2:6b:e6:6d:42:14:dd:73:e1:14:1f:47:b9:
6b:05:ae:05:06:b8:c6:b8:5a:74:2f:6a:78:0b:a3:
60:5f:7c:fa:ac:50:96:46:5f:5f:55:0f:66:4a:cc:
df:23:03:e8:6a:26:91:cc:e6:d7:af:5f:85:9d:bc:
15:a4:e0:93:67:13:18:14:3f:37:fd:15:66:6e:cf:
01:69:b7:a0:55:89:87:ee:41:07:e9:35:bd:bc:99:
7b:16:e6:e1:41:22:d4:98:3b:7a:44:63:22:32:70:
29:b7:20:73:01:84:e3:ca:59:00:ca:37:ec:ec:b5:
ad:4c:8c:8c:2a:57:08:f4:f1:e8:f6:64:b8:50:fa:
db:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DC:20:98:38:15:E9:91:09:3E:16:0E:59:4C:E0:03:A0:DF:26:34
X509v3 Authority Key Identifier:
keyid:76:5E:A3:40:0A:37:48:C3:B6:C6:12:68:D4:92:F8:BF:0A:90:82:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dl6jQAo3SMO2xhJo1JL4vwqQgjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/NdwgmDgV6ZEJPhYOWUzgA6DfJjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/dl6jQAo3SMO2xhJo1JL4vwqQgjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.220.0/22
IPv6:
2a0b:6140:1::-2a0b:6140:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7d:9d:53:1b:3e:61:d5:3c:53:ab:8f:33:91:88:c4:8e:17:96:
bb:07:54:20:ad:1d:89:ab:69:cb:e8:66:4f:29:27:17:af:49:
80:8e:9b:a6:8c:c9:29:82:ed:d3:c2:72:01:de:8a:33:90:d4:
fd:e0:df:0b:01:bd:c3:56:b7:45:7c:b2:dd:92:73:70:9d:1b:
03:6e:be:d4:28:21:75:50:a9:5d:0a:d3:df:12:2b:85:ca:4c:
95:3e:f9:aa:ca:eb:61:e5:40:28:6e:ab:6b:32:07:a0:55:41:
09:ad:42:9a:c8:f6:5f:eb:54:be:fe:5d:6a:23:1a:d0:e7:bf:
5f:15:40:1e:97:69:4d:eb:c3:f4:44:93:c2:9a:7a:d2:09:4e:
e4:07:b9:08:e2:fb:91:cc:8a:bf:cd:2e:94:19:c1:a5:ce:0d:
1f:06:9a:2b:36:4e:fd:2b:2d:57:05:b0:b3:b5:e7:97:e8:81:
14:51:8b:75:7c:97:fa:e2:64:4a:01:15:e7:9c:6a:e0:e0:42:
15:02:f0:1f:61:60:9e:42:45:a7:25:f9:e4:ac:d8:e2:8f:53:
ca:c3:66:4d:1e:c8:ad:28:9e:da:1b:de:9c:f6:17:67:c4:71:
06:b4:3b:d8:ed:b8:11:53:f6:45:6a:7d:05:0c:f1:78:bc:a4:
cf:ec:c1:e9
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVuFA3MG6HEWvWW5X+owKXfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NWVhMzQwMGEzNzQ4YzNiNmM2MTI2OGQ0OTJmOGJmMGE5
MDgyMzkwHhcNMjMwMTAxMTYwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWRjMjA5ODM4MTVlOTkxMDkzZTE2MGU1OTRjZTAwM2EwZGYyNjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lBUqXejVFkr0eZNc7lLozQWCL7m
1yCucQ+jmErjUBpK5d+Uw5CyTQX1W2U9qvWVNH00Fuv65Ud5VXBxMsOPnobvN7EJ
mbI3SxNN4n6BhWA5k9zte4+grTkVgqO38qls7rHnuTcAy1DNp4guMOxqz1ndD4cC
qWlDzeJr5m1CFN1z4RQfR7lrBa4FBrjGuFp0L2p4C6NgX3z6rFCWRl9fVQ9mSszf
IwPoaiaRzObXr1+FnbwVpOCTZxMYFD83/RVmbs8BabegVYmH7kEH6TW9vJl7Fubh
QSLUmDt6RGMiMnAptyBzAYTjylkAyjfs7LWtTIyMKlcI9PHo9mS4UPrb4wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDXcIJg4FemRCT4WDllM4AOg3yY0MB8GA1UdIwQY
MBaAFHZeo0AKN0jDtsYSaNSS+L8KkII5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGw2alFBbzNTTU8yeGhKbzFKTDR2d3FRZ2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NGUxNWYtZjQ4Ny00NTU5LWJmZGQt
MGZjNThlNThjYWM5LzEvTmR3Z21EZ1Y2WkVKUGhZT1dVemdBNkRmSmpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NGUxNWYtZjQ4Ny00NTU5LWJmZGQtMGZjNThlNThjYWM5
LzEvZGw2alFBbzNTTU8yeGhKbzFKTDR2d3FRZ2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuZrcMBoE
AgACMBQwEgMHACoLYUAAAQMHACoLYUAAAjANBgkqhkiG9w0BAQsFAAOCAQEAfZ1T
Gz5h1TxTq48zkYjEjheWuwdUIK0diatpy+hmTyknF69JgI6bpozJKYLt08JyAd6K
M5DU/eDfCwG9w1a3RXyy3ZJzcJ0bA26+1CghdVCpXQrT3xIrhcpMlT75qsrrYeVA
KG6razIHoFVBCa1Cmsj2X+tUvv5daiMa0Oe/XxVAHpdpTevD9ESTwpp60glO5Ae5
COL7kcyKv80ulBnBpc4NHwaaKzZO/SstVwWws7Xnl+iBFFGLdXyX+uJkSgEV55xq
4OBCFQLwH2FgnkJFpyX55KzY4o9TysNmTR7IrSie2hvenPYXZ8RxBrQ72O24EVP2
RWp9BQzxeLykz+zB6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:02 2024 by rpki-client on console-ams.rpki-client.org