Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/9fcccf-e7aa-4c44-9590-1cf0feaaa3ea/1/dOMR91crqIJ-35PXYiV4-x6IAxc.roa
File: dOMR91crqIJ-35PXYiV4-x6IAxc.roa (raw, json)
Hash identifier: ntr3NlGUfDAO9QT1yRH69ZhqJXTdEpHMrnF3cyCwQtM=
Subject key identifier: 74:E3:11:F7:57:2B:A8:82:7E:DF:93:D7:62:25:78:FB:1E:88:03:17
Certificate issuer: /CN=3f0289affaaf080e252718e3f4489da29d9fa55a
Certificate serial: 0185711E84229712DF856C1C4D94D60A11B9
Authority key identifier: 3F:02:89:AF:FA:AF:08:0E:25:27:18:E3:F4:48:9D:A2:9D:9F:A5:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PwKJr_qvCA4lJxjj9Eidop2fpVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/9fcccf-e7aa-4c44-9590-1cf0feaaa3ea/1/dOMR91crqIJ-35PXYiV4-x6IAxc.roa
Signing time: Mon 02 Jan 2023 06:15:03 +0000
ROA not before: Mon 02 Jan 2023 06:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198167
IP address blocks: 185.119.218.0/24 maxlen: 24
185.119.216.0/22 maxlen: 23
2a03:78c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:84:22:97:12:df:85:6c:1c:4d:94:d6:0a:11:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f0289affaaf080e252718e3f4489da29d9fa55a
Validity
Not Before: Jan 2 06:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74e311f7572ba8827edf93d7622578fb1e880317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:00:9c:67:89:7c:4c:44:82:f7:60:47:4e:4f:
2b:d0:21:5e:9d:d9:96:8d:09:87:df:8e:a9:d2:77:
15:40:91:bb:13:10:4a:80:56:37:1f:2c:3e:33:29:
d4:6c:5d:48:63:d7:35:bd:39:d8:6d:0b:04:59:e6:
35:d3:db:73:95:70:ca:5d:37:33:44:4d:f8:5f:61:
3f:d6:78:b5:95:a9:3c:97:33:1b:3c:5c:86:e9:8b:
91:c0:fa:db:59:00:60:4a:2a:19:b3:50:d9:00:f6:
f0:e0:17:5e:32:3c:46:6d:2e:cc:2a:a4:a4:26:08:
38:19:f9:fb:48:dd:61:55:8c:20:19:e3:08:b7:49:
6f:99:93:22:3c:5c:c6:81:d6:52:76:00:0c:86:2a:
8b:4d:53:9a:6c:d5:ec:42:ba:d6:b1:02:77:a8:d9:
91:72:2b:e3:be:90:08:a7:ba:e5:da:09:99:a8:a1:
a6:ef:93:e4:15:cb:6e:f9:9c:bb:e0:2e:91:bf:32:
86:cc:9f:94:39:7b:6a:fd:6a:31:09:93:63:15:5a:
2c:00:39:16:a1:0d:8e:2f:f8:6d:cb:9d:25:7c:b5:
66:73:cb:cf:05:59:df:c8:38:e5:0c:31:89:ce:2c:
e8:52:61:11:9a:d8:1b:bf:fc:c5:38:fd:b7:6a:ff:
d3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E3:11:F7:57:2B:A8:82:7E:DF:93:D7:62:25:78:FB:1E:88:03:17
X509v3 Authority Key Identifier:
keyid:3F:02:89:AF:FA:AF:08:0E:25:27:18:E3:F4:48:9D:A2:9D:9F:A5:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PwKJr_qvCA4lJxjj9Eidop2fpVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9fcccf-e7aa-4c44-9590-1cf0feaaa3ea/1/dOMR91crqIJ-35PXYiV4-x6IAxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9fcccf-e7aa-4c44-9590-1cf0feaaa3ea/1/PwKJr_qvCA4lJxjj9Eidop2fpVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.216.0/22
IPv6:
2a03:78c0::/32
Signature Algorithm: sha256WithRSAEncryption
c1:63:01:53:30:0d:5d:5c:93:c2:e2:04:a2:78:52:ea:54:77:
fa:9c:e7:8c:5d:60:20:69:ad:f0:14:d9:ff:28:01:16:cb:94:
af:0c:af:e4:2d:e6:17:9b:5c:ce:04:9b:9d:df:37:b1:5d:99:
6c:35:33:f6:c3:c9:69:46:8b:8f:fb:a8:07:f4:e6:8c:c0:ea:
db:af:f3:e9:c5:be:b5:a1:4c:a9:c8:1f:94:da:50:fa:ed:68:
96:dd:9b:a1:79:d2:cb:3d:85:32:17:fd:ed:54:c5:48:64:a9:
5e:a5:4c:53:7e:91:a0:f7:75:c4:fa:82:36:71:0c:09:c4:43:
3c:60:09:90:16:52:be:e2:2c:e8:8b:49:49:cb:41:0c:c3:84:
48:70:af:dd:d0:82:ba:11:ec:a4:4f:1a:b0:55:3b:9b:d9:31:
64:63:56:d3:90:82:12:1e:ff:a8:47:77:03:24:53:b5:c9:4d:
bd:13:a9:3e:f8:73:1e:20:fa:fe:1d:5a:61:f1:b7:4e:c1:ac:
b1:60:29:f9:f9:ed:e7:46:06:c3:77:37:f7:7b:eb:49:1c:32:
d1:16:90:2e:22:49:7b:ca:17:9d:9d:4f:91:cb:af:78:c9:a1:
8e:61:c9:a4:cc:d0:8d:76:6b:69:0b:e0:16:cf:59:22:4b:ee:
18:c6:f1:9a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxHoQilxLfhWwcTZTWChG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMDI4OWFmZmFhZjA4MGUyNTI3MThlM2Y0NDg5ZGEyOWQ5
ZmE1NWEwHhcNMjMwMTAyMDYxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGUzMTFmNzU3MmJhODgyN2VkZjkzZDc2MjI1NzhmYjFlODgwMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQCcZ4l8TESC92BHTk8r0CFendmW
jQmH346p0ncVQJG7ExBKgFY3Hyw+MynUbF1IY9c1vTnYbQsEWeY109tzlXDKXTcz
RE34X2E/1ni1lak8lzMbPFyG6YuRwPrbWQBgSioZs1DZAPbw4BdeMjxGbS7MKqSk
Jgg4Gfn7SN1hVYwgGeMIt0lvmZMiPFzGgdZSdgAMhiqLTVOabNXsQrrWsQJ3qNmR
civjvpAIp7rl2gmZqKGm75PkFctu+Zy74C6RvzKGzJ+UOXtq/WoxCZNjFVosADkW
oQ2OL/hty50lfLVmc8vPBVnfyDjlDDGJzizoUmERmtgbv/zFOP23av/TGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHTjEfdXK6iCft+T12IlePseiAMXMB8GA1UdIwQY
MBaAFD8Cia/6rwgOJScY4/RInaKdn6VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHdLSnJfcXZDQTRsSnhqajlFaWRvcDJmcFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85ZmNjY2YtZTdhYS00YzQ0LTk1OTAt
MWNmMGZlYWFhM2VhLzEvZE9NUjkxY3JxSUotMzVQWFlpVjQteDZJQXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85ZmNjY2YtZTdhYS00YzQ0LTk1OTAtMWNmMGZlYWFhM2Vh
LzEvUHdLSnJfcXZDQTRsSnhqajlFaWRvcDJmcFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXfYMA0E
AgACMAcDBQAqA3jAMA0GCSqGSIb3DQEBCwUAA4IBAQDBYwFTMA1dXJPC4gSieFLq
VHf6nOeMXWAgaa3wFNn/KAEWy5SvDK/kLeYXm1zOBJud3zexXZlsNTP2w8lpRouP
+6gH9OaMwOrbr/Ppxb61oUypyB+U2lD67WiW3ZuhedLLPYUyF/3tVMVIZKlepUxT
fpGg93XE+oI2cQwJxEM8YAmQFlK+4izoi0lJy0EMw4RIcK/d0IK6EeykTxqwVTub
2TFkY1bTkIISHv+oR3cDJFO1yU29E6k++HMeIPr+HVph8bdOwayxYCn5+e3nRgbD
dzf3e+tJHDLRFpAuIkl7yhednU+Ry694yaGOYcmkzNCNdmtpC+AWz1kiS+4YxvGa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:22 2024 by rpki-client on console-fra.rpki-client.org