Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/v441td9tr3io-jk9WkyLEAWiXk0.roa
File: v441td9tr3io-jk9WkyLEAWiXk0.roa (raw, json)
Hash identifier: CZoK+BWvLTEtKtfztinhrb2ZrnhSVMZ1/Fuz1huWZPw=
Subject key identifier: BF:8E:35:B5:DF:6D:AF:78:A8:FA:39:3D:5A:4C:8B:10:05:A2:5E:4D
Certificate issuer: /CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Certificate serial: 018AA339D23429A1A9BFF6918F9607860719
Authority key identifier: 29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/v441td9tr3io-jk9WkyLEAWiXk0.roa
Signing time: Sun 17 Sep 2023 12:59:50 +0000
ROA not before: Sun 17 Sep 2023 12:59:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205371
IP address blocks: 185.220.112.0/24 maxlen: 24
185.220.115.0/24 maxlen: 24
185.220.113.0/24 maxlen: 24
185.220.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a3:39:d2:34:29:a1:a9:bf:f6:91:8f:96:07:86:07:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=295b6a34a2109ba7c4d97f76c74466f14c3333e0
Validity
Not Before: Sep 17 12:59:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf8e35b5df6daf78a8fa393d5a4c8b1005a25e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7a:e4:a1:de:4f:9b:43:48:90:9a:db:4a:a2:
cb:13:f9:a3:bb:bf:bf:fc:cd:70:8f:e9:42:ec:dd:
59:72:cc:ec:0c:69:8d:51:82:a6:62:ad:19:04:77:
18:36:dd:2b:c8:72:27:34:dc:04:32:f2:a8:4c:fd:
ca:6e:fe:e7:df:22:73:a6:23:6c:77:91:f7:5e:96:
b1:b5:ed:32:1a:8b:49:da:4b:79:ba:33:83:77:d4:
ed:be:57:2e:aa:b0:de:33:c7:1a:83:2d:51:dc:7f:
35:92:c3:4e:ff:89:05:63:93:33:34:4d:ee:0a:e8:
e1:5a:7d:9c:88:75:a4:73:28:07:fa:98:1e:13:26:
a2:e5:73:7c:52:2b:08:cc:ea:69:91:42:61:4a:d5:
4c:0c:ef:4f:d7:5b:27:60:1b:5e:fb:2d:6e:c8:2e:
f5:40:9f:d4:04:17:52:4c:1e:4f:28:c2:d3:32:6d:
7d:64:af:09:b5:81:01:7b:fa:41:a0:fb:ab:99:32:
bf:6d:5c:2f:63:63:c7:8f:95:eb:4a:09:fd:22:53:
24:03:01:35:1c:ad:1b:e5:c4:e1:cb:4e:04:b0:41:
50:4c:b6:9b:da:61:5a:47:61:bf:b7:98:f9:93:8d:
31:53:61:17:1a:11:90:05:a5:90:4a:6b:85:a3:5b:
b2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8E:35:B5:DF:6D:AF:78:A8:FA:39:3D:5A:4C:8B:10:05:A2:5E:4D
X509v3 Authority Key Identifier:
keyid:29:5B:6A:34:A2:10:9B:A7:C4:D9:7F:76:C7:44:66:F1:4C:33:33:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVtqNKIQm6fE2X92x0Rm8UwzM-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/v441td9tr3io-jk9WkyLEAWiXk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e9b173-92b6-4210-a8e0-b797a4406f30/1/KVtqNKIQm6fE2X92x0Rm8UwzM-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.112.0/22
Signature Algorithm: sha256WithRSAEncryption
62:71:5b:b3:62:ed:ea:db:bb:c1:d7:80:d8:d7:d9:0f:ff:92:
32:09:84:8b:d0:cf:8b:55:32:e3:0e:2b:7c:86:e9:34:db:55:
54:ca:a4:e3:7f:12:be:18:80:19:9d:4a:fb:b3:66:df:dc:95:
7a:03:5b:fa:a6:21:f7:29:41:4b:5c:6a:ef:76:92:e6:75:de:
79:7f:5e:fb:92:b4:3e:14:58:e7:8e:b9:af:5d:f6:64:9f:03:
b2:61:72:e5:78:11:1e:60:a1:d6:67:b7:5c:cc:ba:80:4c:9a:
36:9d:fa:0d:f9:8d:2e:29:1d:f2:e1:dd:1a:2a:29:e1:4b:e9:
f6:4e:0f:94:db:5f:c2:bc:5a:fa:08:30:1a:9b:50:27:2f:01:
71:95:88:ab:4f:48:34:8c:d7:a7:e9:18:01:f2:0b:7d:e1:2e:
7d:c3:4c:cb:f9:04:b9:bb:d5:19:bb:f6:fb:76:08:48:9a:b4:
9c:ed:45:ba:e8:8f:9e:ee:18:92:2d:3f:12:6a:94:f9:56:cc:
3d:b9:c6:b8:46:4b:9c:3e:b4:65:c2:05:a3:8a:80:ec:e2:34:
b0:7a:4b:b6:da:9a:47:85:84:ea:b6:14:84:37:61:66:b0:bb:
84:13:ff:2d:d6:75:36:62:d3:40:ae:2f:f7:d4:62:16:ad:27:
da:3c:66:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqjOdI0KaGpv/aRj5YHhgcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NWI2YTM0YTIxMDliYTdjNGQ5N2Y3NmM3NDQ2NmYxNGMz
MzMzZTAwHhcNMjMwOTE3MTI1OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjhlMzViNWRmNmRhZjc4YThmYTM5M2Q1YTRjOGIxMDA1YTI1ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnrkod5Pm0NIkJrbSqLLE/mju7+/
/M1wj+lC7N1ZcszsDGmNUYKmYq0ZBHcYNt0ryHInNNwEMvKoTP3Kbv7n3yJzpiNs
d5H3Xpaxte0yGotJ2kt5ujODd9TtvlcuqrDeM8cagy1R3H81ksNO/4kFY5MzNE3u
CujhWn2ciHWkcygH+pgeEyai5XN8UisIzOppkUJhStVMDO9P11snYBte+y1uyC71
QJ/UBBdSTB5PKMLTMm19ZK8JtYEBe/pBoPurmTK/bVwvY2PHj5XrSgn9IlMkAwE1
HK0b5cThy04EsEFQTLab2mFaR2G/t5j5k40xU2EXGhGQBaWQSmuFo1uy3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL+ONbXfba94qPo5PVpMixAFol5NMB8GA1UdIwQY
MBaAFClbajSiEJunxNl/dsdEZvFMMzPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Z0cU5LSVFtNmZFMlg5MngwUm04VXd6TS1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lOWIxNzMtOTJiNi00MjEwLWE4ZTAt
Yjc5N2E0NDA2ZjMwLzEvdjQ0MXRkOXRyM2lvLWprOVdreUxFQVdpWGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lOWIxNzMtOTJiNi00MjEwLWE4ZTAtYjc5N2E0NDA2ZjMw
LzEvS1Z0cU5LSVFtNmZFMlg5MngwUm04VXd6TS1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudxwMA0G
CSqGSIb3DQEBCwUAA4IBAQBicVuzYu3q27vB14DY19kP/5IyCYSL0M+LVTLjDit8
huk021VUyqTjfxK+GIAZnUr7s2bf3JV6A1v6piH3KUFLXGrvdpLmdd55f177krQ+
FFjnjrmvXfZknwOyYXLleBEeYKHWZ7dczLqATJo2nfoN+Y0uKR3y4d0aKinhS+n2
Tg+U21/CvFr6CDAam1AnLwFxlYirT0g0jNen6RgB8gt94S59w0zL+QS5u9UZu/b7
dghImrSc7UW66I+e7hiSLT8SapT5Vsw9uca4RkucPrRlwgWjioDs4jSweku22ppH
hYTqthSEN2FmsLuEE/8t1nU2YtNAri/31GIWrSfaPGYq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:57 2024 by rpki-client on console-fra.rpki-client.org