Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/aDyTWOzZSRsrJ8NRAAjrMkRKrP0.roa
File: aDyTWOzZSRsrJ8NRAAjrMkRKrP0.roa (raw, json)
Hash identifier: DDkeeY/42IJZBRC0H3y0Dl7aDB2XobK7UMbX07fVwLA=
Subject key identifier: 68:3C:93:58:EC:D9:49:1B:2B:27:C3:51:00:08:EB:32:44:4A:AC:FD
Certificate issuer: /CN=e7739db90c1ce98431df348a1376e53ac6e0523c
Certificate serial: 018572CCB4075D867D4C36C118CC3A490D88
Authority key identifier: E7:73:9D:B9:0C:1C:E9:84:31:DF:34:8A:13:76:E5:3A:C6:E0:52:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/53OduQwc6YQx3zSKE3blOsbgUjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/aDyTWOzZSRsrJ8NRAAjrMkRKrP0.roa
Signing time: Mon 02 Jan 2023 14:04:56 +0000
ROA not before: Mon 02 Jan 2023 14:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203257
IP address blocks: 185.140.192.0/24 maxlen: 24
185.140.195.0/24 maxlen: 24
185.140.193.0/24 maxlen: 24
185.140.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:b4:07:5d:86:7d:4c:36:c1:18:cc:3a:49:0d:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7739db90c1ce98431df348a1376e53ac6e0523c
Validity
Not Before: Jan 2 14:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=683c9358ecd9491b2b27c3510008eb32444aacfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:95:22:6e:2f:f9:9a:2e:9e:1f:84:8b:8b:27:
52:59:0d:dc:72:c6:d1:7e:11:88:96:96:58:e9:04:
62:d8:00:e1:38:1b:59:7c:82:6d:1f:4e:91:56:83:
02:c3:e8:dc:0d:fe:aa:19:f0:7d:73:77:0b:95:09:
b4:8f:59:5e:22:d9:db:3a:ae:86:5b:02:3e:93:c6:
19:b1:5a:9d:ff:cf:38:1a:ee:06:bb:35:2a:a2:a5:
6f:d6:1b:f5:bc:bd:6e:1f:d7:7d:8e:e9:f6:d3:65:
fd:ef:6d:23:85:1a:ef:0b:0a:59:bf:c6:2e:b7:cc:
b4:c2:eb:74:37:0b:d2:92:7f:c2:be:b9:f0:8a:ad:
96:88:10:49:1c:c9:cf:5d:49:5e:f4:97:ec:83:f8:
a2:9d:3a:b2:8c:c0:9b:b8:f0:41:37:b6:fc:97:69:
9a:11:b6:1f:65:4e:7f:fc:c1:ba:34:52:e1:bf:ee:
fc:19:c8:5d:10:a1:e8:f5:b5:04:93:f1:d4:32:46:
af:ef:65:75:d4:b5:da:1e:64:58:0e:9f:fe:d5:77:
a3:50:6f:87:1d:88:12:66:1e:ef:be:67:a4:77:fb:
d1:47:89:1a:63:09:07:e0:ca:e0:d7:63:ee:e9:6a:
46:41:80:98:8c:b2:d1:0d:2d:48:e7:21:de:e2:e6:
23:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:3C:93:58:EC:D9:49:1B:2B:27:C3:51:00:08:EB:32:44:4A:AC:FD
X509v3 Authority Key Identifier:
keyid:E7:73:9D:B9:0C:1C:E9:84:31:DF:34:8A:13:76:E5:3A:C6:E0:52:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/53OduQwc6YQx3zSKE3blOsbgUjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/aDyTWOzZSRsrJ8NRAAjrMkRKrP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/53OduQwc6YQx3zSKE3blOsbgUjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.192.0/22
Signature Algorithm: sha256WithRSAEncryption
25:ad:ff:21:7c:69:aa:61:20:03:ab:af:33:d5:6e:0a:5a:49:
c5:f0:66:f4:19:93:0a:6f:22:cd:4b:e5:ba:70:37:d9:25:d7:
54:4d:85:5c:7b:dc:f1:d5:3e:37:a4:80:8d:32:d5:fe:dc:b2:
4c:ae:23:76:11:63:f4:e1:c7:6f:c8:a9:d6:55:a0:40:94:d7:
86:f4:d6:42:19:18:92:49:74:24:03:db:4f:a7:eb:01:21:dc:
db:75:58:e1:f2:36:dd:bf:6e:18:a5:2b:5b:c3:8f:c8:b0:df:
2c:7b:c8:10:84:8b:32:81:12:ee:e7:cd:b2:b3:b0:41:cc:1c:
5e:91:2e:60:a0:04:cd:c5:7e:ea:5d:29:ee:3c:10:6a:39:d1:
db:cc:dc:7d:98:0b:be:7d:c2:37:1e:5d:cc:6d:48:d4:d9:23:
17:60:d4:1f:c5:c5:41:41:12:25:39:97:f8:ae:2e:0f:5d:14:
39:83:cc:c8:5d:2b:dd:50:c1:06:c9:22:dc:59:0f:e8:96:95:
22:52:4a:a4:fa:d6:3d:6f:b9:18:09:65:f8:f5:d3:81:ca:66:
b5:19:19:30:61:6f:69:82:c0:3d:ef:f0:32:64:29:4e:2e:51:
de:e4:4a:54:0b:c5:b3:58:8b:22:82:2e:67:36:23:8a:d4:7c:
e2:19:0f:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzLQHXYZ9TDbBGMw6SQ2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NzM5ZGI5MGMxY2U5ODQzMWRmMzQ4YTEzNzZlNTNhYzZl
MDUyM2MwHhcNMjMwMTAyMTQwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODNjOTM1OGVjZDk0OTFiMmIyN2MzNTEwMDA4ZWIzMjQ0NGFhY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZUibi/5mi6eH4SLiydSWQ3ccsbR
fhGIlpZY6QRi2ADhOBtZfIJtH06RVoMCw+jcDf6qGfB9c3cLlQm0j1leItnbOq6G
WwI+k8YZsVqd/884Gu4GuzUqoqVv1hv1vL1uH9d9jun202X9720jhRrvCwpZv8Yu
t8y0wut0NwvSkn/Cvrnwiq2WiBBJHMnPXUle9Jfsg/iinTqyjMCbuPBBN7b8l2ma
EbYfZU5//MG6NFLhv+78GchdEKHo9bUEk/HUMkav72V11LXaHmRYDp/+1XejUG+H
HYgSZh7vvmekd/vRR4kaYwkH4Mrg12Pu6WpGQYCYjLLRDS1I5yHe4uYj6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGg8k1js2UkbKyfDUQAI6zJESqz9MB8GA1UdIwQY
MBaAFOdznbkMHOmEMd80ihN25TrG4FI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTNPZHVRd2M2WVF4M3pTS0UzYmxPc2JnVWp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC81NDcwMzQtMzk1Yy00M2YwLWEzNGMt
MTk0MjhmOTJjMWNjLzEvYUR5VFdPelpTUnNySjhOUkFBanJNa1JLclAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC81NDcwMzQtMzk1Yy00M2YwLWEzNGMtMTk0MjhmOTJjMWNj
LzEvNTNPZHVRd2M2WVF4M3pTS0UzYmxPc2JnVWp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYzAMA0G
CSqGSIb3DQEBCwUAA4IBAQAlrf8hfGmqYSADq68z1W4KWknF8Gb0GZMKbyLNS+W6
cDfZJddUTYVce9zx1T43pICNMtX+3LJMriN2EWP04cdvyKnWVaBAlNeG9NZCGRiS
SXQkA9tPp+sBIdzbdVjh8jbdv24YpStbw4/IsN8se8gQhIsygRLu582ys7BBzBxe
kS5goATNxX7qXSnuPBBqOdHbzNx9mAu+fcI3Hl3MbUjU2SMXYNQfxcVBQRIlOZf4
ri4PXRQ5g8zIXSvdUMEGySLcWQ/olpUiUkqk+tY9b7kYCWX49dOByma1GRkwYW9p
gsA97/AyZClOLlHe5EpUC8WzWIsigi5nNiOK1HziGQ8T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:22 2024 by rpki-client on console-fra.rpki-client.org