Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/kIybAocvqXh7Ymr4ofyBSCEYmww.roa
File: kIybAocvqXh7Ymr4ofyBSCEYmww.roa (raw, json)
Hash identifier: Ss3mrswzNtDaTX+pqolgVdVUdnJloIWj+yGzqQ+akl0=
Subject key identifier: 90:8C:9B:02:87:2F:A9:78:7B:62:6A:F8:A1:FC:81:48:21:18:9B:0C
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 018AD105DCE74BD9D51362F468BA0B9BA7D3
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/kIybAocvqXh7Ymr4ofyBSCEYmww.roa
Signing time: Tue 26 Sep 2023 10:25:36 +0000
ROA not before: Tue 26 Sep 2023 10:25:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206065
IP address blocks: 185.84.220.0/22 maxlen: 22
109.122.243.0/24 maxlen: 24
109.122.244.0/22 maxlen: 22
109.122.248.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:05:dc:e7:4b:d9:d5:13:62:f4:68:ba:0b:9b:a7:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Sep 26 10:25:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=908c9b02872fa9787b626af8a1fc814821189b0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7b:e5:84:88:93:28:06:7c:eb:0f:44:d2:40:
47:97:30:13:f9:fe:f0:95:64:52:0e:b3:d1:89:7c:
b1:e9:03:16:ca:f6:30:9a:91:a0:70:41:d0:11:1b:
9a:92:18:a5:f5:84:27:f4:64:21:2c:07:a9:dd:03:
cb:ff:f4:8c:05:86:2f:d7:40:8f:28:f8:55:0b:c0:
bc:eb:3e:26:34:21:d3:50:fc:35:02:df:31:c2:3d:
60:3c:4b:50:27:8b:d3:4a:9b:8e:b5:e7:95:cc:eb:
14:a9:35:63:29:03:08:77:84:0e:15:5a:b6:9b:bd:
70:bb:c5:9c:e3:92:68:5a:83:01:35:e0:d2:d6:f5:
11:0f:c7:4e:78:30:b1:b5:8e:9e:71:e7:d6:26:f1:
23:04:f4:73:df:63:6f:16:56:64:a9:33:52:14:34:
af:9b:66:49:1a:69:bf:77:31:70:27:e5:9b:de:b4:
ef:f9:75:69:9e:45:72:99:e8:c2:67:2c:46:96:24:
f6:51:94:9f:7d:56:4b:68:e6:78:28:6c:d3:5f:63:
52:3b:94:ce:12:e0:96:a5:2a:cd:65:35:3e:2f:07:
fc:1f:b1:75:46:a5:b5:84:74:e1:c7:e4:a3:92:78:
29:0e:d9:a5:af:11:29:21:11:d2:df:66:95:1f:ad:
71:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:8C:9B:02:87:2F:A9:78:7B:62:6A:F8:A1:FC:81:48:21:18:9B:0C
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/kIybAocvqXh7Ymr4ofyBSCEYmww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.243.0-109.122.251.255
185.84.220.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:e9:f9:a1:3a:64:b9:10:a9:96:d2:63:0d:35:0a:c4:9a:cc:
d3:be:b6:54:b8:7b:b8:74:9e:e2:1b:bd:33:0d:14:1e:7e:19:
f1:d5:18:bf:d0:3a:c2:de:90:b0:23:77:a7:6e:d3:01:23:cc:
bc:28:d2:5d:ea:42:3e:25:b6:e6:9c:34:13:6b:dc:e8:32:c2:
e5:d5:c2:46:ad:46:e7:55:c3:22:04:21:75:63:a1:5d:8f:ff:
d9:92:18:b5:0e:0d:f8:b6:be:b2:a2:86:35:01:70:ce:5a:5e:
dd:aa:20:6d:f4:38:6d:9a:84:76:2b:df:4b:7c:e0:24:89:36:
24:ae:74:e7:d7:7a:40:c2:a5:6d:f2:e8:ab:f8:f7:10:65:28:
19:01:90:b1:ce:ab:36:64:7f:9e:ec:ff:5a:bb:89:2b:9d:f1:
8e:3a:ff:56:bd:3e:f1:0f:2a:19:73:f8:72:ad:cc:7e:52:09:
ee:87:ed:ee:a9:11:b5:52:b3:31:65:55:dc:6a:60:cd:2a:9d:
20:f8:93:d0:8f:68:64:cc:56:5b:5a:69:2c:6e:0b:50:9a:c9:
2c:b0:24:84:8b:23:cf:cc:be:90:fb:e3:10:03:50:f8:14:27:
7a:9d:27:43:a9:3e:3a:a0:25:61:3a:f4:ad:8c:4c:9e:18:bf:
2d:f5:8b:fa
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYrRBdznS9nVE2L0aLoLm6fTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjMwOTI2MTAyNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDhjOWIwMjg3MmZhOTc4N2I2MjZhZjhhMWZjODE0ODIxMTg5YjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nvlhIiTKAZ86w9E0kBHlzAT+f7w
lWRSDrPRiXyx6QMWyvYwmpGgcEHQERuakhil9YQn9GQhLAep3QPL//SMBYYv10CP
KPhVC8C86z4mNCHTUPw1At8xwj1gPEtQJ4vTSpuOteeVzOsUqTVjKQMId4QOFVq2
m71wu8Wc45JoWoMBNeDS1vURD8dOeDCxtY6ecefWJvEjBPRz32NvFlZkqTNSFDSv
m2ZJGmm/dzFwJ+Wb3rTv+XVpnkVymejCZyxGliT2UZSffVZLaOZ4KGzTX2NSO5TO
EuCWpSrNZTU+Lwf8H7F1RqW1hHThx+SjkngpDtmlrxEpIRHS32aVH61xdwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJCMmwKHL6l4e2Jq+KH8gUghGJsMMB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEva0l5YkFvY3ZxWGg3WW1yNG9meUJTQ0VZbXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABtevMD
BAJtevgDBAK5VNwwDQYJKoZIhvcNAQELBQADggEBAC/p+aE6ZLkQqZbSYw01CsSa
zNO+tlS4e7h0nuIbvTMNFB5+GfHVGL/QOsLekLAjd6du0wEjzLwo0l3qQj4ltuac
NBNr3OgywuXVwkatRudVwyIEIXVjoV2P/9mSGLUODfi2vrKihjUBcM5aXt2qIG30
OG2ahHYr30t84CSJNiSudOfXekDCpW3y6Kv49xBlKBkBkLHOqzZkf57s/1q7iSud
8Y46/1a9PvEPKhlz+HKtzH5SCe6H7e6pEbVSszFlVdxqYM0qnSD4k9CPaGTMVlta
aSxuC1CaySywJISLI8/MvpD74xADUPgUJ3qdJ0OpPjqgJWE69K2MTJ4Yvy31i/o=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:02 2024 by rpki-client on console-ams.rpki-client.org