Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/59bc0c-14f4-4bc4-80e4-b630853e9493/1/erLYayXqRncY5PzFuijprL4iiTU.roa
File: erLYayXqRncY5PzFuijprL4iiTU.roa (raw, json)
Hash identifier: TQcbEvc5fgWQpLGiXL0SGfk8CSOFnuqrKIetrjAEFGM=
Subject key identifier: 7A:B2:D8:6B:25:EA:46:77:18:E4:FC:C5:BA:28:E9:AC:BE:22:89:35
Certificate issuer: /CN=4d2f4d108ac184bd1b532ff88fc6644ade16da75
Certificate serial: 018747997EE8B18B90AA304FDC5855E72011
Authority key identifier: 4D:2F:4D:10:8A:C1:84:BD:1B:53:2F:F8:8F:C6:64:4A:DE:16:DA:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TS9NEIrBhL0bUy_4j8ZkSt4W2nU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/59bc0c-14f4-4bc4-80e4-b630853e9493/1/erLYayXqRncY5PzFuijprL4iiTU.roa
Signing time: Mon 03 Apr 2023 14:50:54 +0000
ROA not before: Mon 03 Apr 2023 14:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209529
IP address blocks: 185.228.220.0/24 maxlen: 24
185.228.221.0/24 maxlen: 24
185.228.222.0/24 maxlen: 24
185.228.220.0/22 maxlen: 22
185.228.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:99:7e:e8:b1:8b:90:aa:30:4f:dc:58:55:e7:20:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d2f4d108ac184bd1b532ff88fc6644ade16da75
Validity
Not Before: Apr 3 14:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ab2d86b25ea467718e4fcc5ba28e9acbe228935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7a:2d:b6:1c:04:db:c0:f7:22:24:2a:fc:b2:
ab:60:4f:f6:7e:d6:d9:7d:b0:bd:3e:82:13:8f:3e:
3e:63:71:fb:7f:1c:3b:19:c6:c3:fe:48:82:85:c4:
82:7e:28:af:19:11:d5:d4:71:c7:47:f5:9b:a2:ad:
62:14:0a:c8:f4:93:98:2e:24:79:55:48:25:3e:71:
90:eb:c1:33:75:ec:c8:ba:4e:3f:1e:41:b4:82:99:
aa:6d:98:3b:3d:cd:6c:05:6b:55:c5:42:69:b7:d2:
f4:fa:dc:bb:9c:4f:84:cc:b2:3c:d4:50:41:4f:df:
bb:dc:0e:3e:d5:fa:23:90:68:0d:c9:62:e7:86:aa:
81:c8:ca:b1:fc:5f:bc:19:08:bb:6a:b7:b8:5b:e4:
cb:95:01:0c:54:84:21:68:1d:55:0d:ec:0b:98:6c:
6a:01:65:62:c1:e1:7e:87:d1:cd:f4:7e:cb:16:a9:
d8:39:29:02:7a:c5:12:b1:82:d6:2c:49:1d:f0:a3:
f5:b3:53:ee:62:63:01:20:05:86:9e:96:2e:fd:3a:
3a:e1:a8:09:b0:03:0f:6b:05:28:b7:70:b4:73:0b:
b3:69:5a:d3:24:71:ab:ed:fd:eb:60:d8:a6:03:f4:
51:96:26:66:14:f6:cd:66:b8:2e:c0:9e:73:d5:56:
1f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B2:D8:6B:25:EA:46:77:18:E4:FC:C5:BA:28:E9:AC:BE:22:89:35
X509v3 Authority Key Identifier:
keyid:4D:2F:4D:10:8A:C1:84:BD:1B:53:2F:F8:8F:C6:64:4A:DE:16:DA:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TS9NEIrBhL0bUy_4j8ZkSt4W2nU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/59bc0c-14f4-4bc4-80e4-b630853e9493/1/erLYayXqRncY5PzFuijprL4iiTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/59bc0c-14f4-4bc4-80e4-b630853e9493/1/TS9NEIrBhL0bUy_4j8ZkSt4W2nU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.220.0/22
Signature Algorithm: sha256WithRSAEncryption
50:cf:2b:12:10:67:35:df:f5:45:03:c3:74:f0:64:c8:ee:f8:
b7:71:73:b9:a6:82:47:06:8c:47:7f:7b:87:f5:c8:17:95:fe:
52:97:cd:18:1c:5f:3c:3b:fd:c0:b0:7a:17:53:9d:67:41:90:
4a:92:1e:6b:f2:3f:31:d7:15:e1:75:cb:d3:b8:85:6c:83:f9:
9b:dc:05:94:bb:3d:38:1e:68:62:0e:1b:2a:1a:17:20:18:53:
85:a3:7b:d4:6b:15:47:80:76:05:c9:89:b0:92:f9:19:36:b4:
ec:52:f5:a6:ce:87:7f:35:c6:b0:2e:c9:a9:94:b9:95:7b:21:
04:40:ae:c9:fb:88:83:df:04:af:d6:8d:6f:78:86:ed:26:0d:
97:b8:cf:60:93:ef:e6:27:5d:42:9e:8c:33:42:1b:09:b8:7d:
a5:9b:f8:ba:0b:b3:4b:58:b7:27:32:1c:06:a8:97:84:2a:6c:
e0:df:fb:9c:94:2a:a5:44:75:0b:53:7f:36:be:be:6d:9b:e5:
93:83:27:be:b9:e7:84:0a:c9:54:32:11:b4:be:44:be:bd:d8:
5f:86:b3:13:86:15:3e:0b:b2:9a:be:a3:56:ff:f1:83:38:32:
ef:f9:a2:15:fc:ad:cf:ff:a7:0b:5d:ba:64:4a:76:f0:a1:31:
20:a1:f4:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdHmX7osYuQqjBP3FhV5yARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMmY0ZDEwOGFjMTg0YmQxYjUzMmZmODhmYzY2NDRhZGUx
NmRhNzUwHhcNMjMwNDAzMTQ1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWIyZDg2YjI1ZWE0Njc3MThlNGZjYzViYTI4ZTlhY2JlMjI4OTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3otthwE28D3IiQq/LKrYE/2ftbZ
fbC9PoITjz4+Y3H7fxw7GcbD/kiChcSCfiivGRHV1HHHR/Wboq1iFArI9JOYLiR5
VUglPnGQ68EzdezIuk4/HkG0gpmqbZg7Pc1sBWtVxUJpt9L0+ty7nE+EzLI81FBB
T9+73A4+1fojkGgNyWLnhqqByMqx/F+8GQi7are4W+TLlQEMVIQhaB1VDewLmGxq
AWViweF+h9HN9H7LFqnYOSkCesUSsYLWLEkd8KP1s1PuYmMBIAWGnpYu/To64agJ
sAMPawUot3C0cwuzaVrTJHGr7f3rYNimA/RRliZmFPbNZrguwJ5z1VYfmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHqy2Gsl6kZ3GOT8xboo6ay+Iok1MB8GA1UdIwQY
MBaAFE0vTRCKwYS9G1Mv+I/GZEreFtp1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFM5TkVJckJoTDBiVXlfNGo4WmtTdDRXMm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS81OWJjMGMtMTRmNC00YmM0LTgwZTQt
YjYzMDg1M2U5NDkzLzEvZXJMWWF5WHFSbmNZNVB6RnVpanByTDRpaVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS81OWJjMGMtMTRmNC00YmM0LTgwZTQtYjYzMDg1M2U5NDkz
LzEvVFM5TkVJckJoTDBiVXlfNGo4WmtTdDRXMm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueTcMA0G
CSqGSIb3DQEBCwUAA4IBAQBQzysSEGc13/VFA8N08GTI7vi3cXO5poJHBoxHf3uH
9cgXlf5Sl80YHF88O/3AsHoXU51nQZBKkh5r8j8x1xXhdcvTuIVsg/mb3AWUuz04
HmhiDhsqGhcgGFOFo3vUaxVHgHYFyYmwkvkZNrTsUvWmzod/NcawLsmplLmVeyEE
QK7J+4iD3wSv1o1veIbtJg2XuM9gk+/mJ11CnowzQhsJuH2lm/i6C7NLWLcnMhwG
qJeEKmzg3/uclCqlRHULU382vr5tm+WTgye+ueeECslUMhG0vkS+vdhfhrMThhU+
C7KavqNW//GDODLv+aIV/K3P/6cLXbpkSnbwoTEgofSM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:59 2024 by rpki-client on console-ams.rpki-client.org