Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/FhDtFWCbD3IONVTTCRhSCpwmn3M.roa
File: FhDtFWCbD3IONVTTCRhSCpwmn3M.roa (raw, json)
Hash identifier: ZI6osNls6mzKqYwsJzR+HMZzletpt9Z+Kq33/gHF6Us=
Subject key identifier: 16:10:ED:15:60:9B:0F:72:0E:35:54:D3:09:18:52:0A:9C:26:9F:73
Certificate issuer: /CN=25fd5781576f3d4225af99453e93a92598527126
Certificate serial: 01856D81B894E48A90ED6D13D314A43A3C57
Authority key identifier: 25:FD:57:81:57:6F:3D:42:25:AF:99:45:3E:93:A9:25:98:52:71:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jf1XgVdvPUIlr5lFPpOpJZhScSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/FhDtFWCbD3IONVTTCRhSCpwmn3M.roa
Signing time: Sun 01 Jan 2023 13:24:56 +0000
ROA not before: Sun 01 Jan 2023 13:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208738
IP address blocks: 185.252.186.0/24 maxlen: 24
185.252.184.0/24 maxlen: 24
185.252.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:b8:94:e4:8a:90:ed:6d:13:d3:14:a4:3a:3c:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25fd5781576f3d4225af99453e93a92598527126
Validity
Not Before: Jan 1 13:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1610ed15609b0f720e3554d30918520a9c269f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:31:04:d7:ac:c2:86:37:e0:12:b1:f2:d2:6c:
4a:85:b6:54:db:18:ef:70:e7:7c:ee:83:5c:b5:2c:
49:d9:e7:e0:63:42:86:c4:53:70:9c:49:f5:12:ae:
79:89:16:39:ca:9d:f5:b7:fb:0c:52:a6:38:fb:56:
86:c2:35:ca:a1:3f:86:e0:d0:a7:49:82:af:f6:1e:
2a:21:7a:26:56:f8:93:34:12:0e:55:f8:31:92:07:
08:4c:39:58:68:76:46:e2:a0:c1:9c:5c:2e:56:1d:
b1:60:37:8e:eb:16:ae:3c:aa:52:53:b8:ef:ca:f5:
41:3a:54:f7:94:02:27:f7:92:7f:0b:c5:61:be:8e:
fd:2d:34:02:2d:1c:32:50:5b:2d:4e:fb:17:b3:75:
98:f0:0b:a0:c0:63:0d:86:c6:70:75:40:a6:a9:be:
66:d7:01:56:62:8f:61:3c:e7:5e:f6:14:e0:09:af:
74:13:03:5a:a1:21:85:6a:7b:e8:3f:45:69:64:40:
e4:bb:65:0c:97:4a:4b:69:a3:0a:81:52:f7:bb:f4:
81:bc:5d:a9:d2:bb:c4:6b:dd:a0:46:30:0a:52:9f:
07:05:80:c0:3d:3a:5e:30:22:3e:4b:8e:d7:df:7b:
7c:14:d0:39:c4:be:8a:7b:d0:52:6a:46:b2:70:89:
48:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:10:ED:15:60:9B:0F:72:0E:35:54:D3:09:18:52:0A:9C:26:9F:73
X509v3 Authority Key Identifier:
keyid:25:FD:57:81:57:6F:3D:42:25:AF:99:45:3E:93:A9:25:98:52:71:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jf1XgVdvPUIlr5lFPpOpJZhScSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/FhDtFWCbD3IONVTTCRhSCpwmn3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/Jf1XgVdvPUIlr5lFPpOpJZhScSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.184.0/24
185.252.186.0/23
Signature Algorithm: sha256WithRSAEncryption
52:19:76:01:e7:6a:80:69:65:ae:da:e3:0a:75:96:b7:43:63:
83:84:f1:18:02:50:73:cb:70:e6:e9:a3:a6:a9:b6:7e:9d:56:
7b:8a:e5:c4:bc:84:b3:b5:a0:80:29:72:96:52:78:8e:0f:4d:
ca:02:bc:bb:52:26:3f:c1:fd:f0:5e:84:fa:bf:c9:5f:37:31:
a9:f6:f4:35:45:7d:0e:7a:65:fd:f4:db:d0:1c:df:c5:12:71:
47:52:e1:5b:56:ed:a1:b8:2d:af:0f:7b:1d:14:33:09:6a:dd:
87:3c:27:65:56:e5:77:2f:af:10:19:af:7f:5e:56:cc:da:b7:
ee:dc:dc:12:28:7c:5e:c1:37:9d:56:58:eb:b0:7e:00:0c:00:
9e:72:2a:4a:9b:b7:ee:23:d6:54:75:6f:ad:3d:f0:a8:f5:7d:
10:1f:c8:ec:a5:be:90:5b:9a:f9:15:fd:cc:dd:d2:fa:77:0e:
1a:64:0a:7d:15:72:8d:92:34:12:56:9c:30:20:32:65:5d:b7:
ab:04:9d:30:1f:ff:87:0a:1f:7f:b7:0e:14:85:9f:67:a0:1c:
b7:de:a6:f6:d0:69:a1:ce:ec:53:c1:6c:ad:69:92:52:d6:6d:
01:dc:c9:d2:4d:ee:6f:cc:9f:e1:6b:4e:2f:b7:a9:3c:a4:a8:
1b:ce:ec:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtgbiU5IqQ7W0T0xSkOjxXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZmQ1NzgxNTc2ZjNkNDIyNWFmOTk0NTNlOTNhOTI1OTg1
MjcxMjYwHhcNMjMwMTAxMTMyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjEwZWQxNTYwOWIwZjcyMGUzNTU0ZDMwOTE4NTIwYTljMjY5ZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjEE16zChjfgErHy0mxKhbZU2xjv
cOd87oNctSxJ2efgY0KGxFNwnEn1Eq55iRY5yp31t/sMUqY4+1aGwjXKoT+G4NCn
SYKv9h4qIXomVviTNBIOVfgxkgcITDlYaHZG4qDBnFwuVh2xYDeO6xauPKpSU7jv
yvVBOlT3lAIn95J/C8Vhvo79LTQCLRwyUFstTvsXs3WY8AugwGMNhsZwdUCmqb5m
1wFWYo9hPOde9hTgCa90EwNaoSGFanvoP0VpZEDku2UMl0pLaaMKgVL3u/SBvF2p
0rvEa92gRjAKUp8HBYDAPTpeMCI+S47X33t8FNA5xL6Ke9BSakaycIlIcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBYQ7RVgmw9yDjVU0wkYUgqcJp9zMB8GA1UdIwQY
MBaAFCX9V4FXbz1CJa+ZRT6TqSWYUnEmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmYxWGdWZHZQVUlscjVsRlBwT3BKWmhTY1NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85NDlkZGUtZTgxNC00ZmIyLTlmOWIt
NTk0ODNmYTA5ZmUxLzEvRmhEdEZXQ2JEM0lPTlZUVENSaFNDcHdtbjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85NDlkZGUtZTgxNC00ZmIyLTlmOWItNTk0ODNmYTA5ZmUx
LzEvSmYxWGdWZHZQVUlscjVsRlBwT3BKWmhTY1NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufy4AwQB
ufy6MA0GCSqGSIb3DQEBCwUAA4IBAQBSGXYB52qAaWWu2uMKdZa3Q2ODhPEYAlBz
y3Dm6aOmqbZ+nVZ7iuXEvISztaCAKXKWUniOD03KAry7UiY/wf3wXoT6v8lfNzGp
9vQ1RX0OemX99NvQHN/FEnFHUuFbVu2huC2vD3sdFDMJat2HPCdlVuV3L68QGa9/
XlbM2rfu3NwSKHxewTedVljrsH4ADACecipKm7fuI9ZUdW+tPfCo9X0QH8jspb6Q
W5r5Ff3M3dL6dw4aZAp9FXKNkjQSVpwwIDJlXberBJ0wH/+HCh9/tw4UhZ9noBy3
3qb20GmhzuxTwWytaZJS1m0B3MnSTe5vzJ/ha04vt6k8pKgbzuxZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:18 2024 by rpki-client on console-ams.rpki-client.org