Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/25e38f-a091-4e5c-bf63-66dd2a91faca/1/viFYKuw4R_IrASq8RRYCbsmhJe0.roa
File: viFYKuw4R_IrASq8RRYCbsmhJe0.roa (raw, json)
Hash identifier: 2Z3wAxN8SIS9bUmwEAwBbvi4I9o6r1Q+IvHRS+y3gh8=
Subject key identifier: BE:21:58:2A:EC:38:47:F2:2B:01:2A:BC:45:16:02:6E:C9:A1:25:ED
Certificate issuer: /CN=39469af33611b79084f575e95b13e66550edb383
Certificate serial: 0185723A4A5B6FC5955EAFD185F15C1DACB4
Authority key identifier: 39:46:9A:F3:36:11:B7:90:84:F5:75:E9:5B:13:E6:65:50:ED:B3:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUaa8zYRt5CE9XXpWxPmZVDts4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/25e38f-a091-4e5c-bf63-66dd2a91faca/1/viFYKuw4R_IrASq8RRYCbsmhJe0.roa
Signing time: Mon 02 Jan 2023 11:25:00 +0000
ROA not before: Mon 02 Jan 2023 11:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55081
IP address blocks: 185.83.68.0/24 maxlen: 24
185.83.69.0/24 maxlen: 24
185.83.70.0/24 maxlen: 24
185.83.68.0/22 maxlen: 22
185.83.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:4a:5b:6f:c5:95:5e:af:d1:85:f1:5c:1d:ac:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39469af33611b79084f575e95b13e66550edb383
Validity
Not Before: Jan 2 11:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be21582aec3847f22b012abc4516026ec9a125ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:8d:3c:9a:e5:b4:c3:5a:c4:8c:41:b4:88:
4e:33:2b:85:75:9d:b3:b6:f6:ce:ec:c2:fe:ca:94:
bc:2b:f8:b2:48:3a:2b:6f:d5:d1:1e:73:9f:5d:e6:
d9:7c:cf:47:0f:d4:e0:59:13:a4:d8:4c:e8:b1:08:
ce:95:7e:3a:f7:f4:50:88:b4:e8:c4:1a:5c:4b:e9:
5a:7a:1b:2a:14:95:1e:ce:ec:d5:d1:b8:03:4f:19:
ce:cc:e2:36:2c:e7:67:64:37:af:5b:20:a6:af:fd:
8c:2b:52:9d:ce:b2:0b:f1:c0:a4:e2:87:4b:8b:8f:
02:de:b7:c2:59:27:b4:16:d2:3e:98:a6:fe:04:9a:
b0:c0:92:9a:59:ac:84:3b:e1:3f:e7:74:08:b6:10:
80:17:c9:4b:93:49:d7:34:57:b3:a9:0a:48:53:03:
2c:7d:19:91:c0:81:4c:56:3d:67:16:55:ba:93:51:
99:ae:0d:3a:a4:b6:b5:63:1a:e7:92:44:cd:df:51:
83:8d:f2:85:9f:91:eb:ad:b7:e2:17:e1:b4:71:17:
ad:63:0f:30:2f:9a:19:2f:96:b4:58:35:ee:5c:4d:
c1:08:df:5e:77:a7:7c:cf:62:03:a5:49:c7:0c:0a:
df:94:2c:b5:2b:a1:a0:2f:3d:78:56:13:a6:5e:20:
1f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:21:58:2A:EC:38:47:F2:2B:01:2A:BC:45:16:02:6E:C9:A1:25:ED
X509v3 Authority Key Identifier:
keyid:39:46:9A:F3:36:11:B7:90:84:F5:75:E9:5B:13:E6:65:50:ED:B3:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUaa8zYRt5CE9XXpWxPmZVDts4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/25e38f-a091-4e5c-bf63-66dd2a91faca/1/viFYKuw4R_IrASq8RRYCbsmhJe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/25e38f-a091-4e5c-bf63-66dd2a91faca/1/OUaa8zYRt5CE9XXpWxPmZVDts4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.68.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:6a:d0:c7:57:ae:43:5a:80:41:a7:21:f8:82:0a:12:58:ec:
f0:96:e1:60:19:e8:40:80:0a:1f:52:52:64:58:27:6a:ce:41:
a6:14:c1:b2:83:ed:d7:e3:20:08:66:64:28:b2:9b:f3:42:46:
c5:13:14:5f:cd:bd:54:26:fb:be:8f:26:c9:b7:ff:2d:9f:9b:
7b:56:97:02:f1:3e:2a:c1:7d:fa:b3:cd:39:95:4f:ff:b1:de:
86:5c:47:95:a0:11:77:a6:aa:c1:5c:b5:9a:db:b7:4c:6b:e7:
63:b4:d4:1d:57:f2:e1:02:ff:e2:1f:9b:7e:f6:8b:2e:47:cc:
9e:53:38:fd:bb:bc:14:aa:c9:0f:47:78:3d:38:2b:35:76:91:
ba:89:74:52:f6:15:0f:39:1e:21:42:7a:69:0d:a3:61:52:fb:
b1:97:73:8c:7e:82:47:ab:e2:41:d4:4d:27:7e:6e:9b:32:a8:
35:30:a1:ba:57:8e:76:f5:d1:28:9b:2c:97:5a:02:6e:a5:61:
d5:60:d7:1f:5a:a8:82:98:35:72:f7:f2:40:40:86:f9:d6:5d:
da:77:70:62:e6:b9:e3:46:99:17:b7:fe:72:f5:64:4c:19:fa:
eb:4f:a4:5f:7c:e5:26:21:6e:6c:68:46:ed:f5:54:f6:b7:53:
06:21:b2:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyOkpbb8WVXq/RhfFcHay0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDY5YWYzMzYxMWI3OTA4NGY1NzVlOTViMTNlNjY1NTBl
ZGIzODMwHhcNMjMwMTAyMTEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTIxNTgyYWVjMzg0N2YyMmIwMTJhYmM0NTE2MDI2ZWM5YTEyNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugeNPJrltMNaxIxBtIhOMyuFdZ2z
tvbO7ML+ypS8K/iySDorb9XRHnOfXebZfM9HD9TgWROk2EzosQjOlX469/RQiLTo
xBpcS+laehsqFJUezuzV0bgDTxnOzOI2LOdnZDevWyCmr/2MK1KdzrIL8cCk4odL
i48C3rfCWSe0FtI+mKb+BJqwwJKaWayEO+E/53QIthCAF8lLk0nXNFezqQpIUwMs
fRmRwIFMVj1nFlW6k1GZrg06pLa1YxrnkkTN31GDjfKFn5HrrbfiF+G0cRetYw8w
L5oZL5a0WDXuXE3BCN9ed6d8z2IDpUnHDArflCy1K6GgLz14VhOmXiAfhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL4hWCrsOEfyKwEqvEUWAm7JoSXtMB8GA1UdIwQY
MBaAFDlGmvM2EbeQhPV16VsT5mVQ7bODMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1VhYTh6WVJ0NUNFOVhYcFd4UG1aVkR0czRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yNWUzOGYtYTA5MS00ZTVjLWJmNjMt
NjZkZDJhOTFmYWNhLzEvdmlGWUt1dzRSX0lyQVNxOFJSWUNic21oSmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yNWUzOGYtYTA5MS00ZTVjLWJmNjMtNjZkZDJhOTFmYWNh
LzEvT1VhYTh6WVJ0NUNFOVhYcFd4UG1aVkR0czRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVNEMA0G
CSqGSIb3DQEBCwUAA4IBAQC/atDHV65DWoBBpyH4ggoSWOzwluFgGehAgAofUlJk
WCdqzkGmFMGyg+3X4yAIZmQospvzQkbFExRfzb1UJvu+jybJt/8tn5t7VpcC8T4q
wX36s805lU//sd6GXEeVoBF3pqrBXLWa27dMa+djtNQdV/LhAv/iH5t+9osuR8ye
Uzj9u7wUqskPR3g9OCs1dpG6iXRS9hUPOR4hQnppDaNhUvuxl3OMfoJHq+JB1E0n
fm6bMqg1MKG6V4529dEomyyXWgJupWHVYNcfWqiCmDVy9/JAQIb51l3ad3Bi5rnj
RpkXt/5y9WRMGfrrT6RffOUmIW5saEbt9VT2t1MGIbI9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:05 2024 by rpki-client on console-fra.rpki-client.org