Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/S7GEmChgh-w5bvxSyydJCINsFos.roa
File: S7GEmChgh-w5bvxSyydJCINsFos.roa (raw, json)
Hash identifier: CAi72ekDjGSB/QVynV900wdDQxxgcEm53ua+yMFfaI0=
Subject key identifier: 4B:B1:84:98:28:60:87:EC:39:6E:FC:52:CB:27:49:08:83:6C:16:8B
Certificate issuer: /CN=dfc0b1df0e7bd00045ebe10302c320ffbdba0716
Certificate serial: 0185710C0D0920EEC4DF1CBEAEB3A2552580
Authority key identifier: DF:C0:B1:DF:0E:7B:D0:00:45:EB:E1:03:02:C3:20:FF:BD:BA:07:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/S7GEmChgh-w5bvxSyydJCINsFos.roa
Signing time: Mon 02 Jan 2023 05:54:53 +0000
ROA not before: Mon 02 Jan 2023 05:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200043
IP address blocks: 185.173.212.0/22 maxlen: 22
185.173.212.0/23 maxlen: 23
185.173.214.0/23 maxlen: 23
185.24.118.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:0d:09:20:ee:c4:df:1c:be:ae:b3:a2:55:25:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfc0b1df0e7bd00045ebe10302c320ffbdba0716
Validity
Not Before: Jan 2 05:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bb18498286087ec396efc52cb274908836c168b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e9:a5:9c:4e:ee:45:83:51:2a:96:ec:93:81:
16:f2:6c:f8:2c:f7:70:d7:92:b1:6d:6d:b2:7d:9a:
e9:67:ad:b5:0a:5f:36:ee:90:a2:04:a9:bf:b5:f4:
73:57:74:01:3f:71:69:00:f3:62:d7:ed:38:54:14:
ff:0d:e6:c4:21:8b:0e:24:80:22:7b:b3:1f:fb:67:
74:25:0d:07:95:cc:da:54:6a:13:0c:c2:c9:37:d3:
1d:87:25:ca:c2:ff:38:1e:2a:28:05:5b:c3:59:2c:
8b:43:50:34:de:9a:29:65:95:e6:29:45:b7:78:32:
a7:f6:88:8d:31:16:cf:9b:5f:cf:4e:da:e1:33:46:
96:3c:7d:ce:86:33:eb:b0:e6:5c:13:3b:3b:3a:1d:
51:8d:a2:d9:86:68:19:49:69:b8:1c:17:e0:1a:9c:
dc:be:03:32:53:d6:a5:45:58:fd:02:ed:c6:18:a7:
ed:84:f2:a0:18:7e:24:2a:aa:0d:0f:6d:6b:f5:16:
fc:a2:4d:af:16:bf:67:0c:9d:1f:ad:48:58:ce:da:
f4:cf:98:b7:cc:8a:21:06:c5:06:87:12:34:e7:1a:
5c:42:a8:53:a1:e6:d9:b2:e9:ac:65:b1:3d:40:d1:
b0:e1:c8:f3:b4:09:b7:59:d0:08:14:e5:6f:9a:83:
7f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B1:84:98:28:60:87:EC:39:6E:FC:52:CB:27:49:08:83:6C:16:8B
X509v3 Authority Key Identifier:
keyid:DF:C0:B1:DF:0E:7B:D0:00:45:EB:E1:03:02:C3:20:FF:BD:BA:07:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/S7GEmChgh-w5bvxSyydJCINsFos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/38Cx3w570ABF6-EDAsMg_726BxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.118.0/23
185.173.212.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:dd:5a:eb:10:a2:dd:32:81:28:4a:a8:f5:5e:b6:56:28:28:
21:d2:f0:24:a2:0f:b7:88:82:cb:e3:f7:cc:91:76:46:12:7b:
dc:03:55:0d:75:dd:6a:02:06:7b:68:d7:90:bd:e7:3c:a7:d5:
1d:b2:43:ef:e1:ea:7e:c1:ae:58:a2:d3:de:a4:fb:94:85:40:
81:2c:2f:0f:21:1d:5f:11:a1:a1:b3:d2:22:a0:3c:15:7f:34:
cf:e5:aa:74:fc:f6:e9:e4:e2:9c:8e:64:34:35:69:14:e5:42:
01:d0:05:71:72:77:3d:3f:cd:62:74:47:32:32:c5:1d:5a:41:
e7:d6:df:72:fd:9b:20:ed:75:b1:65:f8:f5:a3:00:84:0d:5e:
a8:2f:2f:f3:7e:c6:ba:c5:2b:ce:cb:53:4b:2b:99:6a:e8:98:
ef:25:c4:6b:3c:b1:ca:54:a2:4b:36:f1:ba:31:2a:c4:d0:e7:
2c:d9:e2:69:b3:f3:51:e6:d8:93:05:7d:eb:af:d1:3e:99:9a:
d0:60:fa:66:07:71:e8:1d:7c:50:2e:29:a3:41:e1:c7:fd:6b:
e3:d5:95:ee:c5:83:c1:a4:fe:d8:f7:a7:55:4c:e6:d6:72:8b:
91:0e:5a:4f:81:b2:a3:71:f0:5b:34:27:07:6c:44:bb:22:46:
ff:ac:0c:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxDA0JIO7E3xy+rrOiVSWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYzBiMWRmMGU3YmQwMDA0NWViZTEwMzAyYzMyMGZmYmRi
YTA3MTYwHhcNMjMwMTAyMDU1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmIxODQ5ODI4NjA4N2VjMzk2ZWZjNTJjYjI3NDkwODgzNmMxNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhumlnE7uRYNRKpbsk4EW8mz4LPdw
15KxbW2yfZrpZ621Cl827pCiBKm/tfRzV3QBP3FpAPNi1+04VBT/DebEIYsOJIAi
e7Mf+2d0JQ0HlczaVGoTDMLJN9MdhyXKwv84HiooBVvDWSyLQ1A03popZZXmKUW3
eDKn9oiNMRbPm1/PTtrhM0aWPH3OhjPrsOZcEzs7Oh1RjaLZhmgZSWm4HBfgGpzc
vgMyU9alRVj9Au3GGKfthPKgGH4kKqoND21r9Rb8ok2vFr9nDJ0frUhYztr0z5i3
zIohBsUGhxI05xpcQqhToebZsumsZbE9QNGw4cjztAm3WdAIFOVvmoN/CwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEuxhJgoYIfsOW78UssnSQiDbBaLMB8GA1UdIwQY
MBaAFN/Asd8Oe9AARevhAwLDIP+9ugcWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzhDeDN3NTcwQUJGNi1FREFzTWdfNzI2QnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hM2M3NzUtMzljNS00YmJiLWIzM2Ut
ZDkyOWUyYjc2ZDY4LzEvUzdHRW1DaGdoLXc1YnZ4U3l5ZEpDSU5zRm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hM2M3NzUtMzljNS00YmJiLWIzM2UtZDkyOWUyYjc2ZDY4
LzEvMzhDeDN3NTcwQUJGNi1FREFzTWdfNzI2QnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuRh2AwQC
ua3UMA0GCSqGSIb3DQEBCwUAA4IBAQA+3VrrEKLdMoEoSqj1XrZWKCgh0vAkog+3
iILL4/fMkXZGEnvcA1UNdd1qAgZ7aNeQvec8p9UdskPv4ep+wa5YotPepPuUhUCB
LC8PIR1fEaGhs9IioDwVfzTP5ap0/Pbp5OKcjmQ0NWkU5UIB0AVxcnc9P81idEcy
MsUdWkHn1t9y/Zsg7XWxZfj1owCEDV6oLy/zfsa6xSvOy1NLK5lq6JjvJcRrPLHK
VKJLNvG6MSrE0Ocs2eJps/NR5tiTBX3rr9E+mZrQYPpmB3HoHXxQLimjQeHH/Wvj
1ZXuxYPBpP7Y96dVTObWcouRDlpPgbKjcfBbNCcHbES7Ikb/rAwa
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:40 2024 by rpki-client on console-ams.rpki-client.org