Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/1N566-YzRg3iw8rF2uPdOiZG-4E.roa
File: 1N566-YzRg3iw8rF2uPdOiZG-4E.roa (raw, json)
Hash identifier: DW+jC2ocx7KYfznVsM3ckz9Sq2MVuW0JTzsBoTeb/Gs=
Subject key identifier: D4:DE:7A:EB:E6:33:46:0D:E2:C3:CA:C5:DA:E3:DD:3A:26:46:FB:81
Certificate issuer: /CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Certificate serial: 018ADFBCB160EB20BF2ADF79CBFBF564B572
Authority key identifier: 88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/1N566-YzRg3iw8rF2uPdOiZG-4E.roa
Signing time: Fri 29 Sep 2023 06:59:59 +0000
ROA not before: Fri 29 Sep 2023 06:59:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206011
IP address blocks: 185.199.10.0/24 maxlen: 24
185.199.8.0/24 maxlen: 24
185.199.9.0/24 maxlen: 24
80.244.44.0/22 maxlen: 22
80.244.40.0/22 maxlen: 22
80.244.40.0/21 maxlen: 21
2a0a:9740::/32 maxlen: 32
2a0a:9740:d000::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 01 Oct 2023 17:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:bc:b1:60:eb:20:bf:2a:df:79:cb:fb:f5:64:b5:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Validity
Not Before: Sep 29 06:59:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4de7aebe633460de2c3cac5dae3dd3a2646fb81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e7:d7:7b:27:67:77:67:10:42:e5:2f:c5:b7:
bd:ec:15:18:b4:d0:0a:f4:64:3b:d1:5a:46:9b:93:
67:20:48:33:18:9d:99:9a:1f:36:84:b3:2e:7d:cc:
8b:3b:1c:1b:67:f5:7e:4b:9e:c8:ed:81:6d:4d:df:
9d:e8:71:f4:9b:1f:3f:49:5f:d7:18:25:9d:bf:f4:
a0:85:10:51:4d:17:da:09:0a:a9:e0:c0:9c:06:f2:
1d:94:62:cc:07:df:fd:c0:a0:b4:1f:b5:8a:ab:0a:
f8:b0:b8:e2:a7:57:f8:29:10:61:d6:52:46:28:94:
ab:fa:6d:01:a6:28:6b:03:ea:98:e2:69:0a:9a:bf:
cc:58:da:2d:78:f0:70:6c:fc:c9:4d:35:0a:a3:7a:
57:ac:42:a2:04:87:2e:28:46:46:78:de:05:a0:8e:
cd:b5:38:cb:0f:2a:2f:3b:b3:78:5a:fa:9e:a8:11:
6b:36:99:34:60:a4:1a:61:80:a8:2e:68:06:17:2b:
cc:93:95:6e:fe:ac:ed:b2:ac:00:61:fe:35:0d:fc:
a4:c2:28:ab:01:4e:e1:e5:98:38:95:5b:34:2f:f5:
76:8e:e3:d1:0b:41:99:7d:dd:8b:46:65:af:64:47:
bc:ac:ce:ad:0e:e5:1b:7a:5b:c4:ac:06:37:dc:3e:
f1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DE:7A:EB:E6:33:46:0D:E2:C3:CA:C5:DA:E3:DD:3A:26:46:FB:81
X509v3 Authority Key Identifier:
keyid:88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/1N566-YzRg3iw8rF2uPdOiZG-4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/iC-gGQL06MNH8hFuRkXaGmtOCWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.40.0/21
185.199.8.0-185.199.10.255
IPv6:
2a0a:9740::/32
Signature Algorithm: sha256WithRSAEncryption
27:76:74:78:98:d1:66:94:c5:da:f5:45:92:8f:01:b1:94:62:
5c:37:71:e2:be:59:17:1a:af:8d:7e:58:d4:ae:e7:66:00:0a:
57:e8:5d:ad:2d:5c:e2:d7:84:98:70:09:06:e2:ee:85:6d:f8:
d9:9d:50:53:9c:33:b4:1c:11:26:e7:97:a8:ae:e6:1e:7b:b4:
6e:ca:41:da:a1:39:fd:2a:4e:9f:64:8d:24:f8:73:ef:5f:48:
36:72:94:f6:57:b3:09:e4:7b:41:3e:7b:87:25:7b:86:af:09:
9d:49:b9:a6:c0:7c:17:ca:35:74:e6:70:8a:31:63:81:00:ac:
12:15:49:93:93:62:56:51:d3:cb:0a:01:c8:4a:ea:ae:97:d0:
14:14:d9:c4:a8:12:b1:7c:a3:77:68:f6:b7:59:02:50:a6:15:
82:80:5a:77:0a:ec:4f:d3:27:6a:df:f2:32:be:ca:d7:91:d2:
b9:3e:fd:fa:59:29:5f:2d:db:77:48:23:9f:11:3f:cb:64:b1:
2e:05:3f:92:bb:f7:72:44:e4:58:7d:1b:56:07:93:fd:5c:48:
21:51:b6:08:5a:e1:93:95:f9:cb:06:a1:08:2e:60:b5:d7:a5:
02:55:35:29:ca:e7:b6:55:e4:af:ec:5e:a1:11:30:bd:18:ec:
18:b0:f0:d3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYrfvLFg6yC/Kt95y/v1ZLVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MmZhMDE5MDJmNGU4YzM0N2YyMTE2ZTQ2NDVkYTFhNmI0
ZTA5NjIwHhcNMjMwOTI5MDY1OTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGRlN2FlYmU2MzM0NjBkZTJjM2NhYzVkYWUzZGQzYTI2NDZmYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjefXeydnd2cQQuUvxbe97BUYtNAK
9GQ70VpGm5NnIEgzGJ2Zmh82hLMufcyLOxwbZ/V+S57I7YFtTd+d6HH0mx8/SV/X
GCWdv/SghRBRTRfaCQqp4MCcBvIdlGLMB9/9wKC0H7WKqwr4sLjip1f4KRBh1lJG
KJSr+m0BpihrA+qY4mkKmr/MWNotePBwbPzJTTUKo3pXrEKiBIcuKEZGeN4FoI7N
tTjLDyovO7N4WvqeqBFrNpk0YKQaYYCoLmgGFyvMk5Vu/qztsqwAYf41Dfykwiir
AU7h5Zg4lVs0L/V2juPRC0GZfd2LRmWvZEe8rM6tDuUbelvErAY33D7xRQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNTeeuvmM0YN4sPKxdrj3TomRvuBMB8GA1UdIwQY
MBaAFIgvoBkC9OjDR/IRbkZF2hprTgliMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAt
NWMyZDI2NTcwNWUwLzEvMU41NjYtWXpSZzNpdzhyRjJ1UGRPaVpHLTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAtNWMyZDI2NTcwNWUw
LzEvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDUPQoMAwD
BAO5xwgDBAC5xwowDQQCAAIwBwMFACoKl0AwDQYJKoZIhvcNAQELBQADggEBACd2
dHiY0WaUxdr1RZKPAbGUYlw3ceK+WRcar41+WNSu52YAClfoXa0tXOLXhJhwCQbi
7oVt+NmdUFOcM7QcESbnl6iu5h57tG7KQdqhOf0qTp9kjST4c+9fSDZylPZXswnk
e0E+e4cle4avCZ1JuabAfBfKNXTmcIoxY4EArBIVSZOTYlZR08sKAchK6q6X0BQU
2cSoErF8o3do9rdZAlCmFYKAWncK7E/TJ2rf8jK+yteR0rk+/fpZKV8t23dII58R
P8tksS4FP5K793JE5Fh9G1YHk/1cSCFRtgha4ZOV+csGoQguYLXXpQJVNSnK57ZV
5K/sXqERML0Y7Biw8NM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:54 2024 by rpki-client on console-ams.rpki-client.org