Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/sO412qjk9mh18ERcpvHqqMVQ3io.roa
File: sO412qjk9mh18ERcpvHqqMVQ3io.roa (raw, json)
Hash identifier: b1VmQCs1LLG3NYX7iQGfn3xME3EqdMQmE8AK3k9Pxew=
Subject key identifier: B0:EE:35:DA:A8:E4:F6:68:75:F0:44:5C:A6:F1:EA:A8:C5:50:DE:2A
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 01862BB0C5C053DBA61017B2D4CCE9D4FCA2
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/sO412qjk9mh18ERcpvHqqMVQ3io.roa
Signing time: Tue 07 Feb 2023 11:44:10 +0000
ROA not before: Tue 07 Feb 2023 11:44:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60672
IP address blocks: 185.182.69.0/24 maxlen: 24
185.182.68.0/24 maxlen: 24
185.182.68.0/23 maxlen: 24
185.182.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2b:b0:c5:c0:53:db:a6:10:17:b2:d4:cc:e9:d4:fc:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Feb 7 11:44:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0ee35daa8e4f66875f0445ca6f1eaa8c550de2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0d:a6:ce:39:53:b9:16:8f:73:64:1b:c6:65:
5e:ee:cf:09:a6:05:f7:b2:8c:f9:e6:c6:99:ab:02:
1c:e1:96:70:d2:e2:a9:91:63:0e:01:d4:a4:27:74:
cc:ca:cc:7e:92:38:00:0a:bd:3f:ef:e5:4a:4e:3f:
3b:57:73:4f:e7:96:eb:09:b0:f1:43:61:b4:7e:76:
25:45:22:5a:0c:d7:af:51:53:99:12:40:4a:d0:4f:
1b:6d:96:a6:e0:47:8c:21:fd:81:dc:20:53:4b:aa:
05:6c:14:72:d0:0a:56:0c:e7:1b:fe:4f:5e:26:0d:
05:fb:2d:54:f1:99:f5:25:b5:62:c1:b5:6f:c0:ad:
5f:74:db:49:1d:4e:1a:80:1b:02:b4:f4:12:70:5b:
c3:87:00:ba:65:83:98:cf:56:7b:b0:16:f4:94:46:
c3:e4:cf:d4:6b:0d:ca:ab:cd:58:71:8c:c3:d5:fd:
60:62:13:ce:38:01:cc:60:23:cf:49:1d:7f:9a:8a:
1f:04:b2:b5:af:d4:a1:87:ee:66:60:4f:92:62:90:
b4:ca:55:77:d5:be:b9:55:18:5e:ac:c1:a1:8d:dd:
80:73:dd:48:88:8d:71:cc:81:52:df:c1:17:f7:bf:
10:d9:90:3b:93:dd:95:4f:7b:68:47:ca:09:06:2f:
3c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:EE:35:DA:A8:E4:F6:68:75:F0:44:5C:A6:F1:EA:A8:C5:50:DE:2A
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/sO412qjk9mh18ERcpvHqqMVQ3io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.68.0-185.182.70.255
Signature Algorithm: sha256WithRSAEncryption
ca:5f:1d:d5:63:1c:0f:65:63:ce:3b:55:e5:c6:09:bb:68:a4:
68:db:a3:39:76:a5:b5:3e:a8:ad:63:62:e5:5f:d5:09:4d:02:
12:e2:14:e2:d8:8c:f4:87:b2:26:30:10:89:25:7f:c1:65:2c:
32:b6:08:3f:0c:b9:a4:ad:ff:e5:22:03:d8:7b:73:ae:f7:27:
81:7e:a0:63:67:6b:a7:36:05:67:9a:ca:a0:70:d9:cf:55:a4:
66:3f:11:ac:c6:ae:98:fe:f2:49:1e:82:64:6a:78:57:3c:d9:
54:49:39:ba:2f:43:3a:00:e6:1a:12:23:98:44:d0:84:56:39:
9f:4c:31:0d:21:e3:d8:14:a2:9a:5a:69:42:75:cd:f1:41:54:
e8:c6:3b:e5:0e:7b:11:be:83:36:50:87:ce:f3:f4:1a:21:76:
e7:90:df:3c:1b:d5:da:b3:6f:92:bd:a5:c7:59:9d:84:c3:3d:
1c:84:3b:3b:d2:3e:92:cb:eb:ed:f3:66:59:5a:03:e5:1c:e2:
31:c1:81:9c:c7:18:26:48:c0:33:11:93:af:75:b1:12:26:da:
02:58:97:94:d6:93:75:d5:06:0c:bd:ca:04:de:cb:2e:32:0c:
3b:0c:bd:1a:2a:ac:7e:26:02:44:81:4e:39:4e:05:d2:cd:ee:
e6:78:87:1e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYYrsMXAU9umEBey1Mzp1PyiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjMwMjA3MTE0NDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGVlMzVkYWE4ZTRmNjY4NzVmMDQ0NWNhNmYxZWFhOGM1NTBkZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgg2mzjlTuRaPc2QbxmVe7s8JpgX3
soz55saZqwIc4ZZw0uKpkWMOAdSkJ3TMysx+kjgACr0/7+VKTj87V3NP55brCbDx
Q2G0fnYlRSJaDNevUVOZEkBK0E8bbZam4EeMIf2B3CBTS6oFbBRy0ApWDOcb/k9e
Jg0F+y1U8Zn1JbViwbVvwK1fdNtJHU4agBsCtPQScFvDhwC6ZYOYz1Z7sBb0lEbD
5M/Uaw3Kq81YcYzD1f1gYhPOOAHMYCPPSR1/moofBLK1r9Shh+5mYE+SYpC0ylV3
1b65VRherMGhjd2Ac91IiI1xzIFS38EX978Q2ZA7k92VT3toR8oJBi88EQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLDuNdqo5PZodfBEXKbx6qjFUN4qMB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvc080MTJxams5bWgxOEVSY3B2SHFxTVZRM2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5tkQD
BAC5tkYwDQYJKoZIhvcNAQELBQADggEBAMpfHdVjHA9lY847VeXGCbtopGjbozl2
pbU+qK1jYuVf1QlNAhLiFOLYjPSHsiYwEIklf8FlLDK2CD8MuaSt/+UiA9h7c673
J4F+oGNna6c2BWeayqBw2c9VpGY/EazGrpj+8kkegmRqeFc82VRJObovQzoA5hoS
I5hE0IRWOZ9MMQ0h49gUoppaaUJ1zfFBVOjGO+UOexG+gzZQh87z9BohdueQ3zwb
1dqzb5K9pcdZnYTDPRyEOzvSPpLL6+3zZllaA+Uc4jHBgZzHGCZIwDMRk691sRIm
2gJYl5TWk3XVBgy9ygTeyy4yDDsMvRoqrH4mAkSBTjlOBdLN7uZ4hx4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:37 2024 by rpki-client on console-ams.rpki-client.org