Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/Ho4RuYk_DoqxnWX4XDh0YxoQX74.roa
File: Ho4RuYk_DoqxnWX4XDh0YxoQX74.roa (raw, json)
Hash identifier: c4Cv56tv48eVzloZFrL59yq7sS853rKengLyM0sA2ms=
Subject key identifier: 1E:8E:11:B9:89:3F:0E:8A:B1:9D:65:F8:5C:38:74:63:1A:10:5F:BE
Certificate issuer: /CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Certificate serial: 018CC64B38545F0B0FADD52D3D35923BB45F
Authority key identifier: 6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/Ho4RuYk_DoqxnWX4XDh0YxoQX74.roa
Signing time: Mon 01 Jan 2024 18:31:07 +0000
ROA not before: Mon 01 Jan 2024 18:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210570
IP address blocks: 185.20.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 15:16:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:38:54:5f:0b:0f:ad:d5:2d:3d:35:92:3b:b4:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Validity
Not Before: Jan 1 18:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e8e11b9893f0e8ab19d65f85c3874631a105fbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:76:a8:71:c4:72:6b:4a:d2:e8:d6:c3:0c:37:
02:da:b3:b0:e2:31:b2:ae:0e:ae:d9:45:75:8b:6d:
14:a0:05:09:e3:70:dc:0d:2e:97:bb:c6:23:a1:64:
15:61:cb:a7:4d:27:07:04:c3:af:8d:da:cc:65:88:
f8:74:7d:ea:18:a8:bf:bd:14:81:ff:82:cb:b3:14:
a6:15:e2:c2:b8:42:3e:f5:a3:b4:c2:2e:18:4e:b0:
a7:2c:b0:59:ff:af:2f:77:5f:d2:a9:fa:59:3a:8c:
62:66:c7:53:52:56:03:78:7e:57:06:40:09:fd:3d:
c1:8d:72:e4:c2:6e:a1:82:eb:5a:29:c8:eb:2d:ff:
db:17:e9:8c:03:d6:cd:6c:36:b7:38:7d:8f:5f:bd:
ad:15:89:20:6d:88:47:9f:ed:c9:25:a0:24:66:65:
d4:29:30:20:f3:dd:54:6d:25:39:66:35:f1:bd:7b:
12:11:e9:32:e4:40:44:a1:82:36:ec:e7:1e:69:b1:
7e:5c:69:dd:05:42:4d:7c:8a:5b:af:c0:ee:29:50:
42:be:8b:3f:d1:9e:67:89:73:19:b0:79:3c:53:40:
d8:2c:cc:33:f6:4c:aa:72:92:df:41:97:19:8f:4b:
99:c7:14:6b:05:22:f2:14:8c:3d:3b:8b:36:3f:d1:
cc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:8E:11:B9:89:3F:0E:8A:B1:9D:65:F8:5C:38:74:63:1A:10:5F:BE
X509v3 Authority Key Identifier:
keyid:6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/Ho4RuYk_DoqxnWX4XDh0YxoQX74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.7.0/24
Signature Algorithm: sha256WithRSAEncryption
02:60:36:00:5a:b1:47:4b:d2:40:a3:f9:dc:cb:28:61:bd:56:
67:b7:e5:55:7b:04:04:72:fd:9f:16:44:8c:e7:d9:c4:19:02:
bf:8a:f0:6b:31:37:19:fe:74:50:c0:b6:7c:87:60:c2:89:6e:
5b:74:9a:7c:87:eb:24:5e:ff:de:2a:20:8b:d4:27:38:ae:2d:
58:c4:75:14:ee:92:51:a3:aa:31:0e:ba:4e:ac:dd:17:0b:84:
3f:f6:9e:4c:f7:c2:d1:9c:cc:a2:9e:de:47:ea:44:0b:ed:75:
e8:0b:7e:d9:0a:d6:bf:9f:57:6a:5a:1b:1a:29:6e:6a:52:1e:
eb:af:af:04:09:83:d4:bd:be:84:13:6b:1c:a6:a1:23:15:02:
b3:bb:da:cf:f8:2f:2e:8b:c0:48:e7:55:67:e5:e8:ab:7b:1b:
ba:b9:f4:cb:c8:03:b7:49:36:37:f4:9a:32:ea:40:e7:df:8c:
a3:b8:2a:02:3d:e6:d1:14:92:e2:e1:34:d6:fb:44:5e:66:02:
f7:e8:0a:0e:86:63:0f:bd:bb:67:61:6f:08:29:76:73:61:2e:
20:75:52:11:c2:db:f0:b9:11:57:2c:f5:fd:36:a9:b2:fd:47:
92:1d:59:57:88:b6:cc:76:bc:e4:30:7c:3d:2b:e2:29:a5:1e:
9c:dd:0b:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSzhUXwsPrdUtPTWSO7RfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzY5YzNkNzAzMGNlYzE5ZjhmYjY2ZTU0M2JkZTY1NTk1
NzA4YTIwHhcNMjQwMTAxMTgzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZThlMTFiOTg5M2YwZThhYjE5ZDY1Zjg1YzM4NzQ2MzFhMTA1ZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnaoccRya0rS6NbDDDcC2rOw4jGy
rg6u2UV1i20UoAUJ43DcDS6Xu8YjoWQVYcunTScHBMOvjdrMZYj4dH3qGKi/vRSB
/4LLsxSmFeLCuEI+9aO0wi4YTrCnLLBZ/68vd1/SqfpZOoxiZsdTUlYDeH5XBkAJ
/T3BjXLkwm6hgutaKcjrLf/bF+mMA9bNbDa3OH2PX72tFYkgbYhHn+3JJaAkZmXU
KTAg891UbSU5ZjXxvXsSEeky5EBEoYI27OceabF+XGndBUJNfIpbr8DuKVBCvos/
0Z5niXMZsHk8U0DYLMwz9kyqcpLfQZcZj0uZxxRrBSLyFIw9O4s2P9HM9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6OEbmJPw6KsZ1l+Fw4dGMaEF++MB8GA1UdIwQY
MBaAFGzGnD1wMM7Bn4+2blQ73mVZVwiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEt
MWFlYjZhNGU0NWFkLzEvSG80UnVZa19Eb3F4bldYNFhEaDBZeG9RWDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEtMWFlYjZhNGU0NWFk
LzEvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRQHMA0G
CSqGSIb3DQEBCwUAA4IBAQACYDYAWrFHS9JAo/ncyyhhvVZnt+VVewQEcv2fFkSM
59nEGQK/ivBrMTcZ/nRQwLZ8h2DCiW5bdJp8h+skXv/eKiCL1Cc4ri1YxHUU7pJR
o6oxDrpOrN0XC4Q/9p5M98LRnMyint5H6kQL7XXoC37ZCta/n1dqWhsaKW5qUh7r
r68ECYPUvb6EE2scpqEjFQKzu9rP+C8ui8BI51Vn5eirexu6ufTLyAO3STY39Joy
6kDn34yjuCoCPebRFJLi4TTW+0ReZgL36AoOhmMPvbtnYW8IKXZzYS4gdVIRwtvw
uRFXLPX9Nqmy/UeSHVlXiLbMdrzkMHw9K+IppR6c3Qt1
-----END CERTIFICATE-----
Generated at Tue Jan 9 19:43:19 2024 by rpki-client on console-ams.rpki-client.org