Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/f3rOs6_GW-Qi9CAe6DE3xzdgsJw.roa
File: f3rOs6_GW-Qi9CAe6DE3xzdgsJw.roa (raw, json)
Hash identifier: 6GoTkvpCjoeWINrRDeNgVZzcUO+EhgCs/n1mCqsPuYQ=
Subject key identifier: 7F:7A:CE:B3:AF:C6:5B:E4:22:F4:20:1E:E8:31:37:C7:37:60:B0:9C
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 018CC348E878A4232F0830158E98393B52A7
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/f3rOs6_GW-Qi9CAe6DE3xzdgsJw.roa
Signing time: Mon 01 Jan 2024 04:29:44 +0000
ROA not before: Mon 01 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 185.154.192.0/24 maxlen: 24
185.154.194.0/24 maxlen: 24
185.154.195.0/24 maxlen: 24
185.154.193.0/24 maxlen: 24
85.234.106.0/24 maxlen: 24
85.234.107.0/24 maxlen: 24
85.234.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 12:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e8:78:a4:23:2f:08:30:15:8e:98:39:3b:52:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Jan 1 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f7aceb3afc65be422f4201ee83137c73760b09c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5b:0e:9c:25:35:7e:59:a1:2f:99:95:a5:ad:
e1:bf:40:bc:69:43:9f:b6:da:43:de:e5:4d:4c:bb:
6e:90:9d:6b:d0:9e:2d:6c:e7:ef:8b:1b:e6:33:88:
91:6f:e8:51:61:87:c8:e9:10:0f:28:ec:a9:d1:42:
4c:b6:0f:9e:17:dd:17:d7:a4:7e:03:24:d7:82:83:
9b:e3:13:db:a4:6f:62:03:68:18:df:eb:39:68:47:
22:7e:e3:91:6c:70:ce:d5:7a:d1:ce:9a:60:36:88:
79:fc:14:c8:51:0e:73:a9:b2:ae:e0:5d:87:e1:c6:
ba:3e:6e:3d:94:c9:8e:48:38:82:73:9f:31:87:99:
0d:c7:58:b5:64:c8:e3:a0:19:22:89:3d:71:00:e9:
c9:90:e3:68:92:ee:ce:47:b5:5d:07:f8:07:c3:08:
4a:e8:90:48:ba:ff:36:48:bc:14:f9:2b:49:3c:d9:
43:c7:54:8e:16:ca:5a:62:f8:22:f1:71:c7:0c:fe:
5f:d3:40:56:3c:f4:7e:55:f3:cd:a6:01:74:b2:08:
aa:3f:26:0a:8e:df:cc:78:81:09:55:e4:88:0f:f6:
d2:9a:01:c3:c3:60:03:72:5f:5e:c9:cc:30:f3:be:
2d:78:5d:78:0c:a3:87:a6:66:15:79:a5:cf:ef:34:
a8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:7A:CE:B3:AF:C6:5B:E4:22:F4:20:1E:E8:31:37:C7:37:60:B0:9C
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/f3rOs6_GW-Qi9CAe6DE3xzdgsJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.106.0/23
85.234.110.0/24
185.154.192.0/22
Signature Algorithm: sha256WithRSAEncryption
51:b2:c9:89:53:56:cf:a4:f5:80:31:42:bf:3b:44:cb:be:5f:
c3:69:ea:f0:78:a4:b8:cc:aa:7c:4d:17:67:ad:b6:96:d5:07:
01:3c:cc:cf:04:8a:85:f7:3a:78:a7:6e:e0:f1:0c:a4:de:3c:
78:56:f5:99:12:09:be:11:ad:11:6b:c8:e7:da:fa:49:83:36:
fd:cc:d3:00:92:5f:76:5d:02:f9:ff:3b:c6:34:eb:dc:9e:59:
48:4d:d0:f4:0c:16:78:6c:30:d5:a8:f7:4c:72:65:d6:91:4d:
9f:ef:d7:f6:13:b8:a6:b4:e7:aa:ce:05:7d:9d:58:1b:0a:ac:
ea:07:a1:e5:5b:a8:52:b1:6f:e4:d0:d2:75:49:ad:47:be:13:
62:e5:98:0b:06:a9:1b:6b:70:c8:b8:9d:42:a7:9f:29:6d:94:
7c:54:cf:98:bf:86:41:69:b2:22:6a:3b:03:52:29:d9:b7:0a:
64:7f:9a:ca:3f:34:2f:f1:de:e9:d5:69:64:34:0b:6a:9f:cd:
b7:be:cd:c8:b3:55:60:a1:6f:71:cd:ff:9b:cb:8e:1b:cc:cc:
30:0e:f8:2e:f1:36:d4:fc:f6:a5:b3:fa:4c:6e:c2:b5:a8:84:
dd:5d:32:a0:0a:eb:ed:d4:e8:c9:c0:2e:c4:f9:18:f1:b9:24:
07:5d:65:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSOh4pCMvCDAVjpg5O1KnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjQwMTAxMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjdhY2ViM2FmYzY1YmU0MjJmNDIwMWVlODMxMzdjNzM3NjBiMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1sOnCU1flmhL5mVpa3hv0C8aUOf
ttpD3uVNTLtukJ1r0J4tbOfvixvmM4iRb+hRYYfI6RAPKOyp0UJMtg+eF90X16R+
AyTXgoOb4xPbpG9iA2gY3+s5aEcifuORbHDO1XrRzppgNoh5/BTIUQ5zqbKu4F2H
4ca6Pm49lMmOSDiCc58xh5kNx1i1ZMjjoBkiiT1xAOnJkONoku7OR7VdB/gHwwhK
6JBIuv82SLwU+StJPNlDx1SOFspaYvgi8XHHDP5f00BWPPR+VfPNpgF0sgiqPyYK
jt/MeIEJVeSID/bSmgHDw2ADcl9eycww874teF14DKOHpmYVeaXP7zSoNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH96zrOvxlvkIvQgHugxN8c3YLCcMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvZjNyT3M2X0dXLVFpOUNBZTZERTN4emRnc0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVepqAwQA
VepuAwQCuZrAMA0GCSqGSIb3DQEBCwUAA4IBAQBRssmJU1bPpPWAMUK/O0TLvl/D
aerweKS4zKp8TRdnrbaW1QcBPMzPBIqF9zp4p27g8Qyk3jx4VvWZEgm+Ea0Ra8jn
2vpJgzb9zNMAkl92XQL5/zvGNOvcnllITdD0DBZ4bDDVqPdMcmXWkU2f79f2E7im
tOeqzgV9nVgbCqzqB6HlW6hSsW/k0NJ1Sa1HvhNi5ZgLBqkba3DIuJ1Cp58pbZR8
VM+Yv4ZBabIiajsDUinZtwpkf5rKPzQv8d7p1WlkNAtqn823vs3Is1VgoW9xzf+b
y44bzMwwDvgu8TbU/Pals/pMbsK1qITdXTKgCuvt1OjJwC7E+RjxuSQHXWU/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org