Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/eaf974-6efd-4633-b84a-a8aaf886c820/1/jjCiiBdKH7mE7Tl9ggrhGJbmkSA.roa
File: jjCiiBdKH7mE7Tl9ggrhGJbmkSA.roa (raw, json)
Hash identifier: I2u0HIsmmLecrA8QD6yHqMQOIwtCZu0mz8VyMg/YiQ8=
Subject key identifier: 8E:30:A2:88:17:4A:1F:B9:84:ED:39:7D:82:0A:E1:18:96:E6:91:20
Certificate issuer: /CN=d0d852703295ecf8b97201f916310f88f4c08ab7
Certificate serial: 018572A7EEF96998BB2E624DB3FE1744CAF9
Authority key identifier: D0:D8:52:70:32:95:EC:F8:B9:72:01:F9:16:31:0F:88:F4:C0:8A:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0NhScDKV7Pi5cgH5FjEPiPTAirc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/eaf974-6efd-4633-b84a-a8aaf886c820/1/jjCiiBdKH7mE7Tl9ggrhGJbmkSA.roa
Signing time: Mon 02 Jan 2023 13:24:46 +0000
ROA not before: Mon 02 Jan 2023 13:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201079
IP address blocks: 185.250.192.0/24 maxlen: 24
185.250.192.0/22 maxlen: 22
185.250.195.0/24 maxlen: 24
185.250.194.0/24 maxlen: 24
185.250.193.0/24 maxlen: 24
185.85.206.0/24 maxlen: 24
185.85.205.0/24 maxlen: 24
185.85.204.0/22 maxlen: 22
185.85.204.0/24 maxlen: 24
185.85.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:ee:f9:69:98:bb:2e:62:4d:b3:fe:17:44:ca:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0d852703295ecf8b97201f916310f88f4c08ab7
Validity
Not Before: Jan 2 13:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e30a288174a1fb984ed397d820ae11896e69120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ad:d0:29:7b:f9:ba:e1:fa:d4:cd:b5:87:b4:
8c:75:0c:ce:b7:32:1b:97:17:97:90:92:41:b2:f6:
a5:f6:0c:1a:e6:26:5d:95:96:0d:92:09:f2:5f:72:
fd:1e:77:a9:29:13:bc:a7:fd:e9:5f:fc:0d:42:14:
33:c4:51:81:4c:00:51:ea:41:c4:d8:64:d2:95:f6:
cd:85:e5:12:b6:9b:9e:08:19:8a:3e:7f:dc:c1:72:
ef:6a:3c:3a:f5:a2:ce:3a:64:d8:fc:1b:be:09:85:
e0:88:ef:6e:ec:69:22:ce:f5:66:91:45:ff:25:a3:
18:53:32:92:5f:1e:19:72:80:0f:56:d8:0c:a7:20:
6a:5e:c4:5e:00:57:3b:9f:c4:ea:12:52:c2:3e:27:
17:e8:ae:7a:c5:29:ed:a2:43:1a:ba:0c:fd:0f:b2:
94:53:af:79:1a:8d:42:ef:4e:5f:78:99:76:37:78:
79:27:28:83:79:47:5c:3f:ac:5a:d4:60:f8:0a:ea:
eb:ac:b9:5e:d5:78:1d:71:5a:8d:58:e3:0b:8f:3c:
2e:e1:7f:74:45:28:9d:7b:ec:d5:1d:3d:30:53:aa:
c7:08:54:aa:3e:cc:b3:e7:11:15:cf:72:83:21:99:
6a:9d:7c:6d:f5:29:2c:2f:44:74:da:0e:90:de:71:
3f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:30:A2:88:17:4A:1F:B9:84:ED:39:7D:82:0A:E1:18:96:E6:91:20
X509v3 Authority Key Identifier:
keyid:D0:D8:52:70:32:95:EC:F8:B9:72:01:F9:16:31:0F:88:F4:C0:8A:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0NhScDKV7Pi5cgH5FjEPiPTAirc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/eaf974-6efd-4633-b84a-a8aaf886c820/1/jjCiiBdKH7mE7Tl9ggrhGJbmkSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/eaf974-6efd-4633-b84a-a8aaf886c820/1/0NhScDKV7Pi5cgH5FjEPiPTAirc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.204.0/22
185.250.192.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:f5:54:ad:4d:63:38:b0:92:53:25:0a:b0:67:1d:92:f0:aa:
17:b0:a8:41:e6:3f:fa:8a:f9:46:cc:85:2e:13:78:5c:af:df:
0d:74:b4:1b:3e:b1:ff:f2:c1:a6:f7:ba:fe:21:0e:4e:00:97:
23:13:11:d9:76:96:65:e6:72:ea:53:c3:44:90:24:45:b2:4a:
61:07:6d:b5:0c:e8:89:93:04:98:a8:ac:a5:be:3d:5d:c5:d4:
14:bb:dd:3b:47:2b:a0:98:4d:67:b6:c3:54:4f:79:5b:92:b4:
e8:91:b5:13:89:0a:f2:1a:7d:f1:11:3c:98:37:36:af:14:eb:
f2:89:a0:51:c7:ea:32:be:42:9f:0f:e1:c8:4f:11:a0:91:21:
ca:09:5c:70:51:6f:1a:41:5c:fd:d5:e2:80:d7:48:f1:0e:55:
b4:13:55:74:aa:35:e2:b1:3c:1b:70:43:ae:aa:fb:47:2c:6e:
86:1d:56:16:2c:bc:37:a4:81:1b:96:e5:fe:3b:77:af:1e:ce:
1d:5f:7f:a9:f9:8b:05:72:4b:e5:73:de:24:b7:16:1b:27:ac:
ba:6d:80:66:70:d4:c4:1d:ae:b4:19:15:64:6a:e4:2d:79:fd:
8e:4e:a7:7f:fd:6a:76:3b:b4:32:b7:da:09:17:67:e1:62:00:
4c:11:a8:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyp+75aZi7LmJNs/4XRMr5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZDg1MjcwMzI5NWVjZjhiOTcyMDFmOTE2MzEwZjg4ZjRj
MDhhYjcwHhcNMjMwMTAyMTMyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTMwYTI4ODE3NGExZmI5ODRlZDM5N2Q4MjBhZTExODk2ZTY5MTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa3QKXv5uuH61M21h7SMdQzOtzIb
lxeXkJJBsval9gwa5iZdlZYNkgnyX3L9HnepKRO8p/3pX/wNQhQzxFGBTABR6kHE
2GTSlfbNheUStpueCBmKPn/cwXLvajw69aLOOmTY/Bu+CYXgiO9u7GkizvVmkUX/
JaMYUzKSXx4ZcoAPVtgMpyBqXsReAFc7n8TqElLCPicX6K56xSntokMaugz9D7KU
U695Go1C705feJl2N3h5JyiDeUdcP6xa1GD4CurrrLle1XgdcVqNWOMLjzwu4X90
RSide+zVHT0wU6rHCFSqPsyz5xEVz3KDIZlqnXxt9SksL0R02g6Q3nE/qwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI4woogXSh+5hO05fYIK4RiW5pEgMB8GA1UdIwQY
MBaAFNDYUnAylez4uXIB+RYxD4j0wIq3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME5oU2NES1Y3UGk1Y2dINUZqRVBpUFRBaXJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lYWY5NzQtNmVmZC00NjMzLWI4NGEt
YThhYWY4ODZjODIwLzEvampDaWlCZEtIN21FN1RsOWdncmhHSmJta1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lYWY5NzQtNmVmZC00NjMzLWI4NGEtYThhYWY4ODZjODIw
LzEvME5oU2NES1Y3UGk1Y2dINUZqRVBpUFRBaXJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVXMAwQC
ufrAMA0GCSqGSIb3DQEBCwUAA4IBAQB+9VStTWM4sJJTJQqwZx2S8KoXsKhB5j/6
ivlGzIUuE3hcr98NdLQbPrH/8sGm97r+IQ5OAJcjExHZdpZl5nLqU8NEkCRFskph
B221DOiJkwSYqKylvj1dxdQUu907RyugmE1ntsNUT3lbkrTokbUTiQryGn3xETyY
NzavFOvyiaBRx+oyvkKfD+HITxGgkSHKCVxwUW8aQVz91eKA10jxDlW0E1V0qjXi
sTwbcEOuqvtHLG6GHVYWLLw3pIEbluX+O3evHs4dX3+p+YsFckvlc94ktxYbJ6y6
bYBmcNTEHa60GRVkauQtef2OTqd//Wp2O7Qyt9oJF2fhYgBMEagq
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:24 2024 by rpki-client on console-fra.rpki-client.org