Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/01504c-c1c6-4564-a402-4e67be4e432e/1/tVCif88l4irw3zu4ivNEnTVuKrc.roa
File: tVCif88l4irw3zu4ivNEnTVuKrc.roa (raw, json)
Hash identifier: rj7oVmbJ7ZtUNYVHUgZVN1MrvLXzlJMAzm8cYMQEC6M=
Subject key identifier: B5:50:A2:7F:CF:25:E2:2A:F0:DF:3B:B8:8A:F3:44:9D:35:6E:2A:B7
Certificate issuer: /CN=6cdec7b2e9f866eac36bc31ca4c4ff62d53dd166
Certificate serial: 01856F9DB42DB29150FBF5E10B1DB2F12ABD
Authority key identifier: 6C:DE:C7:B2:E9:F8:66:EA:C3:6B:C3:1C:A4:C4:FF:62:D5:3D:D1:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bN7Hsun4ZurDa8McpMT_YtU90WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/01504c-c1c6-4564-a402-4e67be4e432e/1/tVCif88l4irw3zu4ivNEnTVuKrc.roa
Signing time: Sun 01 Jan 2023 23:14:44 +0000
ROA not before: Sun 01 Jan 2023 23:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205813
IP address blocks: 185.204.192.0/22 maxlen: 22
185.204.192.0/24 maxlen: 24
185.204.193.0/24 maxlen: 24
185.204.195.0/24 maxlen: 24
185.204.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:b4:2d:b2:91:50:fb:f5:e1:0b:1d:b2:f1:2a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cdec7b2e9f866eac36bc31ca4c4ff62d53dd166
Validity
Not Before: Jan 1 23:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b550a27fcf25e22af0df3bb88af3449d356e2ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:df:c3:fe:fb:88:48:b3:9b:65:90:d0:6c:8f:
44:2b:c6:a7:fb:00:7b:36:a4:ae:09:4d:48:46:a2:
6c:ce:ed:1a:6f:38:cd:23:bd:3f:90:78:be:e5:75:
63:4a:d2:eb:fa:7b:94:d9:0f:2a:69:67:63:b7:8e:
c2:bc:b4:ac:cb:c1:52:e5:a6:bb:e3:77:65:6d:a6:
7b:25:2b:7a:84:d0:3b:b3:55:8b:84:4f:7f:e2:f7:
9e:70:69:18:98:a7:12:3c:af:75:47:39:89:71:31:
b4:e6:97:9f:d7:b9:78:de:0c:14:2b:b3:1c:90:e8:
c8:5a:51:8a:ca:e8:bb:14:be:ce:e6:3e:b3:52:b6:
f4:00:3d:5d:8a:ba:63:c9:0c:60:cf:2a:13:31:18:
75:7d:1e:38:62:4e:29:07:4e:65:0c:75:88:c5:96:
cb:db:6f:23:71:b9:b1:5e:6e:c9:bd:b5:e8:58:ee:
7a:b5:b5:23:76:29:27:30:12:7f:fd:60:c1:3d:e4:
77:06:62:a5:cd:75:02:66:cb:2f:08:3f:f8:02:22:
3a:68:d4:29:13:5c:95:65:ae:f1:e8:7a:78:03:f4:
f9:6c:45:74:71:b4:b8:75:b4:9c:10:3b:a5:dd:d2:
fa:88:7b:c0:95:9f:3f:5f:52:84:b3:0e:e3:e6:cb:
a1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:50:A2:7F:CF:25:E2:2A:F0:DF:3B:B8:8A:F3:44:9D:35:6E:2A:B7
X509v3 Authority Key Identifier:
keyid:6C:DE:C7:B2:E9:F8:66:EA:C3:6B:C3:1C:A4:C4:FF:62:D5:3D:D1:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bN7Hsun4ZurDa8McpMT_YtU90WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01504c-c1c6-4564-a402-4e67be4e432e/1/tVCif88l4irw3zu4ivNEnTVuKrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01504c-c1c6-4564-a402-4e67be4e432e/1/bN7Hsun4ZurDa8McpMT_YtU90WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.192.0/22
Signature Algorithm: sha256WithRSAEncryption
66:16:b6:cb:93:f5:bd:23:dd:cf:f7:1c:03:92:35:c3:9e:d7:
b9:98:9c:fa:60:80:61:44:dc:8a:8c:bb:4c:1a:a9:98:dc:bc:
d8:ba:48:cf:8c:2a:89:21:d1:0c:39:8f:f3:33:ed:fb:52:fe:
36:ff:ae:1c:75:62:3a:b2:88:34:18:20:fc:a8:7a:e0:4d:b7:
51:85:08:18:3e:4e:c5:ca:1c:83:0b:b6:d7:d5:0d:d6:93:75:
6c:0d:a8:53:bb:0d:90:7f:66:0b:d5:63:4a:d9:02:4d:31:f3:
bb:81:fa:93:89:6b:c1:8a:96:62:c5:11:1f:a8:a5:ab:8a:ee:
36:58:dd:56:7c:cf:62:ed:ca:99:ac:98:c6:33:d1:08:c5:3a:
13:ba:5c:52:2d:18:15:39:23:cb:7d:60:94:88:cb:00:2c:89:
9a:2d:e1:5b:ab:5e:05:4f:67:8b:c0:7e:4b:6d:e7:93:11:f0:
11:76:11:6a:7a:8c:d7:44:cc:bd:79:88:5d:ae:d5:8b:21:30:
8c:c7:b3:d6:9c:1f:b2:1a:6b:62:c9:30:10:ef:b1:96:d2:6c:
f6:ee:c1:10:ea:fc:f6:78:c9:97:cf:d3:13:fc:b0:24:37:43:
7c:81:23:2f:6e:d3:a1:4a:20:9a:42:4d:a1:1b:c9:2b:70:8e:
43:b2:b8:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnbQtspFQ+/XhCx2y8Sq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZGVjN2IyZTlmODY2ZWFjMzZiYzMxY2E0YzRmZjYyZDUz
ZGQxNjYwHhcNMjMwMTAxMjMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTUwYTI3ZmNmMjVlMjJhZjBkZjNiYjg4YWYzNDQ5ZDM1NmUyYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN/D/vuISLObZZDQbI9EK8an+wB7
NqSuCU1IRqJszu0abzjNI70/kHi+5XVjStLr+nuU2Q8qaWdjt47CvLSsy8FS5aa7
43dlbaZ7JSt6hNA7s1WLhE9/4veecGkYmKcSPK91RzmJcTG05pef17l43gwUK7Mc
kOjIWlGKyui7FL7O5j6zUrb0AD1dirpjyQxgzyoTMRh1fR44Yk4pB05lDHWIxZbL
228jcbmxXm7JvbXoWO56tbUjdiknMBJ//WDBPeR3BmKlzXUCZssvCD/4AiI6aNQp
E1yVZa7x6Hp4A/T5bEV0cbS4dbScEDul3dL6iHvAlZ8/X1KEsw7j5suhUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVQon/PJeIq8N87uIrzRJ01biq3MB8GA1UdIwQY
MBaAFGzex7Lp+Gbqw2vDHKTE/2LVPdFmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk43SHN1bjRadXJEYThNY3BNVF9ZdFU5MFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wMTUwNGMtYzFjNi00NTY0LWE0MDIt
NGU2N2JlNGU0MzJlLzEvdFZDaWY4OGw0aXJ3M3p1NGl2TkVuVFZ1S3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wMTUwNGMtYzFjNi00NTY0LWE0MDItNGU2N2JlNGU0MzJl
LzEvYk43SHN1bjRadXJEYThNY3BNVF9ZdFU5MFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuczAMA0G
CSqGSIb3DQEBCwUAA4IBAQBmFrbLk/W9I93P9xwDkjXDnte5mJz6YIBhRNyKjLtM
GqmY3LzYukjPjCqJIdEMOY/zM+37Uv42/64cdWI6sog0GCD8qHrgTbdRhQgYPk7F
yhyDC7bX1Q3Wk3VsDahTuw2Qf2YL1WNK2QJNMfO7gfqTiWvBipZixREfqKWriu42
WN1WfM9i7cqZrJjGM9EIxToTulxSLRgVOSPLfWCUiMsALImaLeFbq14FT2eLwH5L
beeTEfARdhFqeozXRMy9eYhdrtWLITCMx7PWnB+yGmtiyTAQ77GW0mz27sEQ6vz2
eMmXz9MT/LAkN0N8gSMvbtOhSiCaQk2hG8krcI5DsriM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:48 2024 by rpki-client on console-fra.rpki-client.org