Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/2e0536-4ca2-4afe-83d6-336e874f3d87/1/fmFZa5F2kJoQ3FI204bSbJ07mYc.roa
File: fmFZa5F2kJoQ3FI204bSbJ07mYc.roa (raw, json)
Hash identifier: glTYI7QCxFIRuCnwFjLs711WqqkSplTVSXqzPnxWoco=
Subject key identifier: 7E:61:59:6B:91:76:90:9A:10:DC:52:36:D3:86:D2:6C:9D:3B:99:87
Certificate issuer: /CN=08818cbb0f9d1e573773d791138a0122f28bec56
Certificate serial: 01856EF4395CC5230ECF29F7AA4019F30212
Authority key identifier: 08:81:8C:BB:0F:9D:1E:57:37:73:D7:91:13:8A:01:22:F2:8B:EC:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIGMuw-dHlc3c9eRE4oBIvKL7FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/2e0536-4ca2-4afe-83d6-336e874f3d87/1/fmFZa5F2kJoQ3FI204bSbJ07mYc.roa
Signing time: Sun 01 Jan 2023 20:09:37 +0000
ROA not before: Sun 01 Jan 2023 20:09:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206772
IP address blocks: 185.158.124.0/23 maxlen: 23
185.158.124.0/24 maxlen: 24
185.158.124.0/22 maxlen: 22
185.158.125.0/24 maxlen: 24
185.158.127.0/24 maxlen: 24
2a07:ad40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:39:5c:c5:23:0e:cf:29:f7:aa:40:19:f3:02:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08818cbb0f9d1e573773d791138a0122f28bec56
Validity
Not Before: Jan 1 20:09:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e61596b9176909a10dc5236d386d26c9d3b9987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:50:ed:be:14:d9:3c:a5:d1:32:f1:3d:4b:7f:
f0:ee:21:ef:09:83:69:31:ff:a1:de:14:02:ae:f9:
76:e3:69:5f:e5:94:54:e6:f4:bf:67:6b:9d:20:03:
bd:3a:67:c5:0d:29:0f:4e:7e:65:86:3a:69:8e:9c:
e0:7e:41:2c:cf:a5:0c:c2:19:bf:30:a5:5f:bd:22:
71:d9:bb:19:04:13:40:e0:7e:9e:a9:cf:d6:f5:1f:
1a:83:2d:0f:cf:5f:46:2f:c3:09:80:0d:6b:b7:e3:
2d:8e:0c:f3:cb:df:46:e4:c6:b3:a0:cd:3e:6b:63:
7f:1f:cc:1d:00:3d:91:f1:b2:14:46:fe:e2:b6:3a:
83:d0:ff:36:23:e1:ba:f2:77:ed:53:e6:c3:8e:01:
3b:c8:77:b7:58:38:1c:91:9d:dc:35:ee:8b:bc:ba:
fd:7e:37:d4:86:12:f4:04:5a:cc:44:c1:7b:1b:d5:
90:f8:4a:9c:22:7f:b4:6e:55:e9:86:e6:d2:21:a8:
9e:18:b9:32:e8:e2:02:89:64:f7:45:18:b3:e6:1b:
fb:54:ff:7c:a7:1b:0d:b2:22:92:a8:f7:0b:76:7f:
0a:1d:9c:14:2d:32:6a:52:2f:87:ba:5c:33:dc:e2:
10:fc:a6:d5:ef:cb:f3:2a:d2:24:d7:25:3f:35:10:
20:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:61:59:6B:91:76:90:9A:10:DC:52:36:D3:86:D2:6C:9D:3B:99:87
X509v3 Authority Key Identifier:
keyid:08:81:8C:BB:0F:9D:1E:57:37:73:D7:91:13:8A:01:22:F2:8B:EC:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIGMuw-dHlc3c9eRE4oBIvKL7FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2e0536-4ca2-4afe-83d6-336e874f3d87/1/fmFZa5F2kJoQ3FI204bSbJ07mYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2e0536-4ca2-4afe-83d6-336e874f3d87/1/CIGMuw-dHlc3c9eRE4oBIvKL7FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.124.0/22
IPv6:
2a07:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
3c:85:50:9b:8b:db:69:7e:c2:4c:50:12:97:ff:b6:33:06:66:
97:c8:f3:f3:48:57:07:9e:6b:dc:69:a1:be:ef:a9:db:d0:c9:
a5:39:50:59:4f:c1:7b:ff:86:21:06:79:c0:7f:fa:34:05:17:
63:af:31:fa:e4:85:2a:53:e3:72:8d:8f:28:cc:29:3b:80:59:
3f:3f:7f:ee:85:23:19:4b:eb:80:40:5b:aa:02:89:f2:56:27:
63:c9:ea:89:2f:34:a9:f8:d3:d1:ce:90:28:e1:84:1b:f0:dd:
bb:76:cc:78:b2:ca:4f:73:d9:3a:3f:cc:6e:07:8f:c3:e5:16:
0f:b7:39:1f:68:ed:49:ff:eb:78:f0:1a:65:d1:a7:7a:8b:b1:
54:66:67:b5:a7:0c:50:5e:b0:eb:22:3b:77:2e:cc:9b:5d:8d:
8b:72:07:75:c9:33:77:cb:53:e6:ce:03:67:34:9d:69:91:69:
ab:d4:0b:19:6b:75:f0:d8:51:a5:79:67:18:07:24:30:0b:7a:
62:7f:48:4a:84:b6:3e:83:bd:a2:48:36:19:38:0c:d3:5a:2a:
12:76:5a:ea:7a:dd:ae:2d:13:df:58:48:dc:38:11:b8:5b:b0:
31:37:3c:9c:9e:56:ff:a0:d7:dd:83:e2:d5:fa:84:3c:f1:e9:
ab:32:f8:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu9DlcxSMOzyn3qkAZ8wISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODE4Y2JiMGY5ZDFlNTczNzczZDc5MTEzOGEwMTIyZjI4
YmVjNTYwHhcNMjMwMTAxMjAwOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTYxNTk2YjkxNzY5MDlhMTBkYzUyMzZkMzg2ZDI2YzlkM2I5OTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1DtvhTZPKXRMvE9S3/w7iHvCYNp
Mf+h3hQCrvl242lf5ZRU5vS/Z2udIAO9OmfFDSkPTn5lhjppjpzgfkEsz6UMwhm/
MKVfvSJx2bsZBBNA4H6eqc/W9R8agy0Pz19GL8MJgA1rt+Mtjgzzy99G5MazoM0+
a2N/H8wdAD2R8bIURv7itjqD0P82I+G68nftU+bDjgE7yHe3WDgckZ3cNe6LvLr9
fjfUhhL0BFrMRMF7G9WQ+EqcIn+0blXphubSIaieGLky6OICiWT3RRiz5hv7VP98
pxsNsiKSqPcLdn8KHZwULTJqUi+Hulwz3OIQ/KbV78vzKtIk1yU/NRAgTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH5hWWuRdpCaENxSNtOG0mydO5mHMB8GA1UdIwQY
MBaAFAiBjLsPnR5XN3PXkROKASLyi+xWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lHTXV3LWRIbGMzYzllUkU0b0JJdktMN0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yZTA1MzYtNGNhMi00YWZlLTgzZDYt
MzM2ZTg3NGYzZDg3LzEvZm1GWmE1RjJrSm9RM0ZJMjA0YlNiSjA3bVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8yZTA1MzYtNGNhMi00YWZlLTgzZDYtMzM2ZTg3NGYzZDg3
LzEvQ0lHTXV3LWRIbGMzYzllUkU0b0JJdktMN0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ58MA0E
AgACMAcDBQMqB61AMA0GCSqGSIb3DQEBCwUAA4IBAQA8hVCbi9tpfsJMUBKX/7Yz
BmaXyPPzSFcHnmvcaaG+76nb0MmlOVBZT8F7/4YhBnnAf/o0BRdjrzH65IUqU+Ny
jY8ozCk7gFk/P3/uhSMZS+uAQFuqAonyVidjyeqJLzSp+NPRzpAo4YQb8N27dsx4
sspPc9k6P8xuB4/D5RYPtzkfaO1J/+t48Bpl0ad6i7FUZme1pwxQXrDrIjt3Lsyb
XY2Lcgd1yTN3y1PmzgNnNJ1pkWmr1AsZa3Xw2FGleWcYByQwC3pif0hKhLY+g72i
SDYZOAzTWioSdlrqet2uLRPfWEjcOBG4W7AxNzycnlb/oNfdg+LV+oQ88emrMvgD
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:43 2024 by rpki-client on console-ams.rpki-client.org