Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/nAWv2ZAFjduuxvCD7Uw43TuXJvY.roa
File: nAWv2ZAFjduuxvCD7Uw43TuXJvY.roa (raw, json)
Hash identifier: /ZhujDge13sKXOflt5cGGIKSqqrM7syS9JCdB+0DEbs=
Subject key identifier: 9C:05:AF:D9:90:05:8D:DB:AE:C6:F0:83:ED:4C:38:DD:3B:97:26:F6
Certificate issuer: /CN=845d042f65e1b1303a44e43e0e02748a75837b44
Certificate serial: 018B949AD1D08B1E75CB87C5EF5B13A0B023
Authority key identifier: 84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/nAWv2ZAFjduuxvCD7Uw43TuXJvY.roa
Signing time: Fri 03 Nov 2023 09:54:16 +0000
ROA not before: Fri 03 Nov 2023 09:54:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207604
IP address blocks: 185.241.212.0/24 maxlen: 24
185.119.90.0/24 maxlen: 24
185.119.91.0/24 maxlen: 24
185.119.88.0/24 maxlen: 24
185.119.89.0/24 maxlen: 24
2a0c:bf80:5a::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:9a:d1:d0:8b:1e:75:cb:87:c5:ef:5b:13:a0:b0:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845d042f65e1b1303a44e43e0e02748a75837b44
Validity
Not Before: Nov 3 09:54:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c05afd990058ddbaec6f083ed4c38dd3b9726f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fa:6a:e7:dd:01:6d:aa:61:c1:1d:70:ad:a7:
ba:e4:49:5c:45:98:ff:c4:57:83:e2:1c:9b:34:c5:
0d:2c:06:a9:6c:77:07:19:be:60:b8:00:71:cd:65:
f4:31:fa:c9:42:c1:6c:0f:fb:2d:ae:1c:09:0d:34:
3f:a9:66:eb:3a:84:e9:9e:5b:8f:53:eb:36:7f:91:
0a:38:d7:83:96:9e:a6:67:e8:b5:90:7d:30:f4:57:
15:35:98:f0:00:15:8b:e0:12:22:e8:86:fd:5c:34:
78:39:f7:7e:d8:11:cf:ff:5d:70:24:6c:58:45:92:
22:d6:df:fe:c6:d7:6b:1e:82:a2:03:4d:c5:40:57:
54:5c:51:b6:98:da:7f:f7:98:fc:e9:04:b5:ac:f5:
be:ae:89:46:cc:c6:07:3d:b2:df:49:82:f3:31:f3:
3d:43:c8:a4:b2:b1:35:c0:c3:4d:35:9a:23:9a:43:
ad:bd:23:1e:44:68:ae:51:88:65:d7:8d:07:ed:2d:
8e:4a:43:4c:81:2e:18:f0:cb:1c:72:9e:e9:83:08:
76:43:dd:bb:0a:b1:cf:c8:a5:27:f9:92:3a:3e:85:
2f:4d:45:0d:bf:30:2a:40:40:04:93:ba:b0:1e:5e:
9e:18:e7:a0:76:de:9f:94:9d:00:dc:38:98:af:cf:
5c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:05:AF:D9:90:05:8D:DB:AE:C6:F0:83:ED:4C:38:DD:3B:97:26:F6
X509v3 Authority Key Identifier:
keyid:84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/nAWv2ZAFjduuxvCD7Uw43TuXJvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.88.0/22
185.241.212.0/24
IPv6:
2a0c:bf80:5a::/48
Signature Algorithm: sha256WithRSAEncryption
19:14:25:a5:24:75:26:52:b5:37:e1:52:cb:d2:28:64:ef:fe:
80:da:88:47:ba:f2:22:aa:02:6a:d4:61:7f:17:79:8c:6e:5b:
26:b2:3d:4c:ca:01:ce:2a:bb:43:3e:ec:92:3b:de:41:b8:07:
03:cf:50:30:3c:b2:44:b6:45:3c:3c:4b:15:1f:1f:37:d3:17:
c1:d7:1a:c1:f3:e4:a4:d3:d2:05:90:bb:80:8e:ab:89:ca:42:
9e:31:1f:d6:a3:7c:fd:4f:83:2d:4e:01:e0:43:67:8c:8d:cc:
1d:36:9b:01:52:7a:5c:75:02:a4:7e:a6:64:1c:e2:c0:3a:f8:
04:07:93:99:08:04:24:79:d4:9c:4b:c3:86:a1:38:2d:0d:b8:
08:8a:33:2e:7d:88:80:d8:a5:7b:99:cf:06:25:58:ad:4f:f2:
94:2e:f2:b5:fd:d4:c2:15:72:83:20:5c:8f:f8:12:dc:12:e1:
70:2a:00:01:20:15:57:d7:14:5f:ab:71:1d:25:0f:73:19:0e:
87:90:dc:c2:b2:73:b2:a8:e9:06:51:b4:79:97:96:ba:24:b7:
90:c3:27:ef:75:07:6d:81:0d:76:9d:13:82:fb:35:f9:93:9e:
82:69:df:01:48:c5:41:1d:3f:43:3d:f1:e5:ef:20:a5:b0:e8:
a7:cd:50:6f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYuUmtHQix51y4fF71sToLAjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWQwNDJmNjVlMWIxMzAzYTQ0ZTQzZTBlMDI3NDhhNzU4
MzdiNDQwHhcNMjMxMTAzMDk1NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzA1YWZkOTkwMDU4ZGRiYWVjNmYwODNlZDRjMzhkZDNiOTcyNmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfpq590BbaphwR1wrae65ElcRZj/
xFeD4hybNMUNLAapbHcHGb5guABxzWX0MfrJQsFsD/strhwJDTQ/qWbrOoTpnluP
U+s2f5EKONeDlp6mZ+i1kH0w9FcVNZjwABWL4BIi6Ib9XDR4Ofd+2BHP/11wJGxY
RZIi1t/+xtdrHoKiA03FQFdUXFG2mNp/95j86QS1rPW+rolGzMYHPbLfSYLzMfM9
Q8iksrE1wMNNNZojmkOtvSMeRGiuUYhl140H7S2OSkNMgS4Y8Msccp7pgwh2Q927
CrHPyKUn+ZI6PoUvTUUNvzAqQEAEk7qwHl6eGOegdt6flJ0A3DiYr89cywIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJwFr9mQBY3brsbwg+1MON07lyb2MB8GA1UdIwQY
MBaAFIRdBC9l4bEwOkTkPg4CdIp1g3tEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgt
ZDhjMzUxZDkzZWM2LzEvbkFXdjJaQUZqZHV1eHZDRDdVdzQzVHVYSnZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgtZDhjMzUxZDkzZWM2
LzEvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuXdYAwQA
ufHUMA8EAgACMAkDBwAqDL+AAFowDQYJKoZIhvcNAQELBQADggEBABkUJaUkdSZS
tTfhUsvSKGTv/oDaiEe68iKqAmrUYX8XeYxuWyayPUzKAc4qu0M+7JI73kG4BwPP
UDA8skS2RTw8SxUfHzfTF8HXGsHz5KTT0gWQu4COq4nKQp4xH9ajfP1Pgy1OAeBD
Z4yNzB02mwFSelx1AqR+pmQc4sA6+AQHk5kIBCR51JxLw4ahOC0NuAiKMy59iIDY
pXuZzwYlWK1P8pQu8rX91MIVcoMgXI/4EtwS4XAqAAEgFVfXFF+rcR0lD3MZDoeQ
3MKyc7Ko6QZRtHmXlrokt5DDJ+91B22BDXadE4L7NfmTnoJp3wFIxUEdP0M98eXv
IKWw6KfNUG8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:57 2024 by rpki-client on console-fra.rpki-client.org