Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/uOyD0k4Xjb0ymC81wVOyPO4rk90.roa
File: uOyD0k4Xjb0ymC81wVOyPO4rk90.roa (raw, json)
Hash identifier: Py0MOH3VIIhdAHdHee4tSaAzSp+QlHjSYP5Pl1ZRtak=
Subject key identifier: B8:EC:83:D2:4E:17:8D:BD:32:98:2F:35:C1:53:B2:3C:EE:2B:93:DD
Certificate issuer: /CN=3eb1788fe220e46434692d1cc437072d792d7888
Certificate serial: 01856CCACBACF4E4668758671E088B8110BD
Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/uOyD0k4Xjb0ymC81wVOyPO4rk90.roa
Signing time: Sun 01 Jan 2023 10:05:07 +0000
ROA not before: Sun 01 Jan 2023 10:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213068
IP address blocks: 185.237.152.0/24 maxlen: 24
185.237.155.0/24 maxlen: 24
185.237.153.0/24 maxlen: 24
185.237.154.0/24 maxlen: 24
2001:678:da8::/48 maxlen: 48
2001:678:da0::/48 maxlen: 48
2001:678:dac::/48 maxlen: 48
2001:678:da4::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:cb:ac:f4:e4:66:87:58:67:1e:08:8b:81:10:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888
Validity
Not Before: Jan 1 10:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8ec83d24e178dbd32982f35c153b23cee2b93dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:17:a5:a7:16:37:32:6a:aa:aa:31:6b:24:03:
a3:2c:6e:ce:a5:a9:23:bb:61:d0:4a:b0:7f:ef:75:
25:ea:03:cc:73:e2:04:a0:f3:92:41:f3:a3:c1:68:
bc:e0:36:d3:49:3a:c0:79:6e:56:af:87:a9:47:fb:
55:66:41:15:7c:5b:6a:e5:a5:db:9c:70:5b:33:0a:
ac:fc:1c:b1:b5:f0:dd:ce:f3:8b:e1:06:ae:53:72:
87:22:e0:3a:e4:d7:e8:f4:26:ad:24:17:df:26:2d:
3c:a7:41:0b:63:a5:b8:9b:a9:55:96:b9:d2:14:f8:
a2:64:36:3b:37:67:83:5d:c8:38:53:34:94:9d:cb:
0c:a9:b3:92:55:e9:bd:38:fe:9f:d7:13:3b:a5:d7:
a2:44:61:49:f9:a6:00:e2:3c:ad:1f:48:2e:6e:d7:
64:fb:59:d1:5b:e6:38:8e:74:8e:a3:97:6f:6f:41:
57:ae:d3:2f:7e:7d:0c:73:80:f9:b2:9e:52:cf:a1:
03:8d:a1:fa:23:b5:3d:18:66:e7:f1:93:60:00:79:
c4:08:dc:55:10:34:24:48:ed:fc:06:dd:5d:4b:b1:
ff:b8:b6:8b:e1:82:26:b1:da:9b:d4:2c:2d:93:c7:
8e:eb:49:35:5b:8f:43:2f:3d:46:4e:a5:91:b5:09:
04:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:EC:83:D2:4E:17:8D:BD:32:98:2F:35:C1:53:B2:3C:EE:2B:93:DD
X509v3 Authority Key Identifier:
keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/uOyD0k4Xjb0ymC81wVOyPO4rk90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.152.0/22
IPv6:
2001:678:da0::/48
2001:678:da4::/48
2001:678:da8::/48
2001:678:dac::/48
Signature Algorithm: sha256WithRSAEncryption
75:f9:4d:b2:2f:8c:4a:bf:05:99:58:cd:7c:63:39:e2:b8:af:
3d:cf:87:f9:99:bd:21:ed:3d:8d:e0:10:d8:a9:e4:93:92:ce:
bb:98:fd:6f:d6:81:8d:64:a5:d1:86:29:f8:04:8e:3a:c6:c5:
58:be:21:47:02:9e:1a:67:da:11:54:02:91:78:22:2e:6a:7f:
cc:23:78:80:1d:21:42:6a:9c:46:eb:70:0a:cd:45:47:69:63:
73:b8:1e:af:71:d7:8e:a4:09:ef:b5:8a:c0:36:bb:bd:4c:8c:
d5:ee:06:10:23:45:d2:5a:aa:96:98:10:29:d9:f6:ee:bd:73:
2d:2d:a7:d4:1c:2e:ab:54:59:f0:b6:6e:d6:45:9d:0d:cb:c4:
2c:27:8c:fa:2d:07:68:6b:10:30:80:cf:b8:59:1c:16:71:94:
b7:16:40:d2:c6:ad:b4:cf:06:fb:77:bf:a8:5b:45:86:3a:db:
93:5f:a1:8d:0c:6c:16:06:42:c4:2e:98:1e:77:b0:46:0b:8c:
51:23:b9:06:cc:f0:e6:9b:00:e8:e2:43:fb:42:a7:10:89:63:
d4:9d:c0:71:37:7e:f3:9e:ec:2c:99:01:0d:b8:2c:c9:8f:3d:
af:5b:48:4e:10:c3:f3:d7:a6:80:72:2d:0e:56:fd:73:c0:48:
67:27:e9:1b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVsysus9ORmh1hnHgiLgRC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjE3ODhmZTIyMGU0NjQzNDY5MmQxY2M0MzcwNzJkNzky
ZDc4ODgwHhcNMjMwMTAxMTAwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGVjODNkMjRlMTc4ZGJkMzI5ODJmMzVjMTUzYjIzY2VlMmI5M2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRelpxY3MmqqqjFrJAOjLG7Opakj
u2HQSrB/73Ul6gPMc+IEoPOSQfOjwWi84DbTSTrAeW5Wr4epR/tVZkEVfFtq5aXb
nHBbMwqs/ByxtfDdzvOL4QauU3KHIuA65Nfo9CatJBffJi08p0ELY6W4m6lVlrnS
FPiiZDY7N2eDXcg4UzSUncsMqbOSVem9OP6f1xM7pdeiRGFJ+aYA4jytH0gubtdk
+1nRW+Y4jnSOo5dvb0FXrtMvfn0Mc4D5sp5Sz6EDjaH6I7U9GGbn8ZNgAHnECNxV
EDQkSO38Bt1dS7H/uLaL4YImsdqb1Cwtk8eO60k1W49DLz1GTqWRtQkEEQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLjsg9JOF429MpgvNcFTsjzuK5PdMB8GA1UdIwQY
MBaAFD6xeI/iIORkNGktHMQ3By15LXiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAt
ZDk1MDk0NzMwNzJjLzEvdU95RDBrNFhqYjB5bUM4MXdWT3lQTzRyazkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAtZDk1MDk0NzMwNzJj
LzEvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQCue2YMCoE
AgACMCQDBwAgAQZ4DaADBwAgAQZ4DaQDBwAgAQZ4DagDBwAgAQZ4DawwDQYJKoZI
hvcNAQELBQADggEBAHX5TbIvjEq/BZlYzXxjOeK4rz3Ph/mZvSHtPY3gENip5JOS
zruY/W/WgY1kpdGGKfgEjjrGxVi+IUcCnhpn2hFUApF4Ii5qf8wjeIAdIUJqnEbr
cArNRUdpY3O4Hq9x146kCe+1isA2u71MjNXuBhAjRdJaqpaYECnZ9u69cy0tp9Qc
LqtUWfC2btZFnQ3LxCwnjPotB2hrEDCAz7hZHBZxlLcWQNLGrbTPBvt3v6hbRYY6
25NfoY0MbBYGQsQumB53sEYLjFEjuQbM8OabAOjiQ/tCpxCJY9SdwHE3fvOe7CyZ
AQ24LMmPPa9bSE4Qw/PXpoByLQ5W/XPASGcn6Rs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:53 2024 by rpki-client on console-fra.rpki-client.org