Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7d5480-60a7-4193-bf34-bd849b04d10a/1/FO4q8C24BeIqv5yiDK1YT_m9-Xo.roa
File: FO4q8C24BeIqv5yiDK1YT_m9-Xo.roa (raw, json)
Hash identifier: hmiDrGujW4t2WQkrRXYUNYIdVcLhhb2NJReTT7WPVyE=
Subject key identifier: 14:EE:2A:F0:2D:B8:05:E2:2A:BF:9C:A2:0C:AD:58:4F:F9:BD:F9:7A
Certificate issuer: /CN=59bff5f16ecb268b1597da1b3ad30af40fce7717
Certificate serial: 0185730CC77684F14EFBD74EC9862AD315D0
Authority key identifier: 59:BF:F5:F1:6E:CB:26:8B:15:97:DA:1B:3A:D3:0A:F4:0F:CE:77:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wb_18W7LJosVl9obOtMK9A_Odxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/7d5480-60a7-4193-bf34-bd849b04d10a/1/FO4q8C24BeIqv5yiDK1YT_m9-Xo.roa
Signing time: Mon 02 Jan 2023 15:14:55 +0000
ROA not before: Mon 02 Jan 2023 15:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54113
IP address blocks: 185.199.109.0/24 maxlen: 24
185.199.108.0/22 maxlen: 22
185.199.110.0/24 maxlen: 24
185.199.111.0/24 maxlen: 24
185.199.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:c7:76:84:f1:4e:fb:d7:4e:c9:86:2a:d3:15:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59bff5f16ecb268b1597da1b3ad30af40fce7717
Validity
Not Before: Jan 2 15:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14ee2af02db805e22abf9ca20cad584ff9bdf97a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:98:fc:51:2d:fc:f6:06:c8:b8:f8:f3:dd:5d:
9b:8a:d4:f3:7f:5d:5c:f5:c9:bb:7e:b3:8a:5e:63:
0d:3c:d3:2e:94:a2:b1:59:fe:26:03:f6:18:54:8e:
f1:7b:63:fd:ff:a2:4e:e0:ff:aa:ad:10:59:f9:f1:
31:cb:d0:ec:a9:a1:ab:ce:2b:02:80:84:3f:8e:0e:
ff:ef:d0:c8:a3:23:95:84:75:bc:f9:e7:a0:68:ce:
e6:47:2b:26:5f:ce:3c:dc:f6:33:ca:e0:95:f4:4d:
52:03:97:40:68:ba:75:2e:ed:5e:ae:98:7d:78:0b:
4e:03:39:52:96:52:73:99:95:8b:93:4e:84:44:ce:
55:0a:71:8e:01:48:4c:aa:d9:2c:38:03:89:3f:c8:
4a:26:48:ec:58:e5:8b:47:5e:2f:cd:2f:92:ec:e7:
db:44:0f:17:cd:bc:38:87:21:47:c2:b3:5f:21:ec:
40:c5:79:2a:fe:45:89:e1:dc:d6:45:38:31:26:49:
f3:49:25:64:c1:97:d8:1b:53:d2:21:f1:36:37:4b:
d5:66:4f:6b:77:c4:02:94:fe:e8:98:a5:b8:0b:95:
10:68:da:19:be:5b:50:41:f0:72:0f:13:94:80:c5:
0c:59:16:5d:b5:c0:0b:2c:ff:de:ac:7e:4c:3f:b3:
2c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:EE:2A:F0:2D:B8:05:E2:2A:BF:9C:A2:0C:AD:58:4F:F9:BD:F9:7A
X509v3 Authority Key Identifier:
keyid:59:BF:F5:F1:6E:CB:26:8B:15:97:DA:1B:3A:D3:0A:F4:0F:CE:77:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wb_18W7LJosVl9obOtMK9A_Odxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d5480-60a7-4193-bf34-bd849b04d10a/1/FO4q8C24BeIqv5yiDK1YT_m9-Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d5480-60a7-4193-bf34-bd849b04d10a/1/Wb_18W7LJosVl9obOtMK9A_Odxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.108.0/22
Signature Algorithm: sha256WithRSAEncryption
20:7c:68:c1:1f:d9:e1:aa:db:eb:7d:6f:bc:c5:93:12:68:ab:
5e:18:5d:13:52:70:bf:21:9d:00:c4:08:ff:67:7f:f4:d2:c2:
9f:b7:57:0c:ec:39:2c:fa:53:33:16:d0:72:17:52:04:97:43:
ac:d7:5d:b6:e0:82:31:36:f9:aa:8a:e7:09:c1:1b:4d:bd:d4:
c6:e6:3d:05:83:da:00:91:67:a6:a8:2f:23:be:b8:18:f4:9a:
0b:7d:a9:8c:16:c8:50:c2:6f:56:06:c0:1b:32:8d:33:4c:96:
08:45:61:d3:87:b9:c6:5a:e2:b9:68:1f:d0:a1:58:bc:8d:15:
3a:85:a7:5b:50:b0:30:83:b0:cb:f1:39:9f:1d:f9:c0:25:69:
c3:87:ff:bb:da:a8:a9:15:53:15:b2:e1:09:a5:36:5f:61:7f:
be:70:78:47:b6:73:01:fc:89:b6:00:c6:7e:c8:ca:dc:72:01:
16:18:2b:1c:bd:1d:b6:bc:80:c0:4f:d0:40:6e:af:85:b5:c2:
23:59:a6:26:51:18:8c:29:37:75:ae:a1:52:64:1e:b1:f2:5a:
43:3f:0d:63:96:cb:9f:22:de:4d:f2:9a:12:93:6d:42:07:fd:
92:b8:39:33:69:85:ce:5c:78:55:22:fe:aa:b1:4a:61:f9:10:
f9:c8:1b:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDMd2hPFO+9dOyYYq0xXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YmZmNWYxNmVjYjI2OGIxNTk3ZGExYjNhZDMwYWY0MGZj
ZTc3MTcwHhcNMjMwMTAyMTUxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGVlMmFmMDJkYjgwNWUyMmFiZjljYTIwY2FkNTg0ZmY5YmRmOTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5j8US389gbIuPjz3V2bitTzf11c
9cm7frOKXmMNPNMulKKxWf4mA/YYVI7xe2P9/6JO4P+qrRBZ+fExy9DsqaGrzisC
gIQ/jg7/79DIoyOVhHW8+eegaM7mRysmX8483PYzyuCV9E1SA5dAaLp1Lu1erph9
eAtOAzlSllJzmZWLk06ERM5VCnGOAUhMqtksOAOJP8hKJkjsWOWLR14vzS+S7Ofb
RA8Xzbw4hyFHwrNfIexAxXkq/kWJ4dzWRTgxJknzSSVkwZfYG1PSIfE2N0vVZk9r
d8QClP7omKW4C5UQaNoZvltQQfByDxOUgMUMWRZdtcALLP/erH5MP7MsnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBTuKvAtuAXiKr+cogytWE/5vfl6MB8GA1UdIwQY
MBaAFFm/9fFuyyaLFZfaGzrTCvQPzncXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2JfMThXN0xKb3NWbDlvYk90TUs5QV9PZHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83ZDU0ODAtNjBhNy00MTkzLWJmMzQt
YmQ4NDliMDRkMTBhLzEvRk80cThDMjRCZUlxdjV5aURLMVlUX205LVhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83ZDU0ODAtNjBhNy00MTkzLWJmMzQtYmQ4NDliMDRkMTBh
LzEvV2JfMThXN0xKb3NWbDlvYk90TUs5QV9PZHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucdsMA0G
CSqGSIb3DQEBCwUAA4IBAQAgfGjBH9nhqtvrfW+8xZMSaKteGF0TUnC/IZ0AxAj/
Z3/00sKft1cM7Dks+lMzFtByF1IEl0Os11224IIxNvmqiucJwRtNvdTG5j0Fg9oA
kWemqC8jvrgY9JoLfamMFshQwm9WBsAbMo0zTJYIRWHTh7nGWuK5aB/QoVi8jRU6
hadbULAwg7DL8TmfHfnAJWnDh/+72qipFVMVsuEJpTZfYX++cHhHtnMB/Im2AMZ+
yMrccgEWGCscvR22vIDAT9BAbq+FtcIjWaYmURiMKTd1rqFSZB6x8lpDPw1jlsuf
It5N8poSk21CB/2SuDkzaYXOXHhVIv6qsUph+RD5yBvL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:00 2024 by rpki-client on console-ams.rpki-client.org