Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/iixqDvur4By3itAHRe3MLM-lDYg.roa
File: iixqDvur4By3itAHRe3MLM-lDYg.roa (raw, json)
Hash identifier: Hrn7gYlrZvmqd+g8mMjWCplishsmwgb7W3p2FdnDM5M=
Subject key identifier: 8A:2C:6A:0E:FB:AB:E0:1C:B7:8A:D0:07:45:ED:CC:2C:CF:A5:0D:88
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 018A75AF877DAC40979A4CE297CC5065DF2F
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/iixqDvur4By3itAHRe3MLM-lDYg.roa
Signing time: Fri 08 Sep 2023 16:45:52 +0000
ROA not before: Fri 08 Sep 2023 16:45:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 185.204.17.0/24 maxlen: 24
185.204.19.0/24 maxlen: 24
185.204.18.0/24 maxlen: 24
193.9.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:75:af:87:7d:ac:40:97:9a:4c:e2:97:cc:50:65:df:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Sep 8 16:45:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a2c6a0efbabe01cb78ad00745edcc2ccfa50d88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:09:27:2f:c2:54:ec:6a:4d:64:37:4b:bc:be:
64:a5:72:12:72:84:50:c7:17:1c:db:fe:c8:c2:c9:
78:9b:00:62:fb:39:60:12:b5:55:0a:03:38:73:df:
43:95:51:18:b9:cb:94:a0:b5:5f:9b:bd:51:01:57:
8b:3e:58:7f:25:81:f3:21:51:be:4f:6d:d6:6f:1e:
d7:7e:8d:79:85:5e:a7:2e:c0:96:d0:f3:5c:0f:7b:
5a:59:74:c3:59:dc:78:d9:da:ba:8d:38:88:8a:48:
7e:36:2c:1e:4f:d6:71:e0:54:95:05:70:54:f7:9d:
2c:a8:5b:53:8c:a4:bd:84:5b:ea:da:1c:10:0c:0a:
38:70:d4:65:87:f9:05:5d:30:54:37:5f:a3:7b:77:
6f:b9:94:4f:24:8e:b3:03:27:9d:b8:2d:a4:7b:8c:
27:8e:c6:7b:1f:e4:ec:b1:a3:74:9d:88:07:2f:b4:
b2:99:82:05:d1:29:be:05:53:4c:72:1f:0d:42:dc:
c9:e6:cf:20:53:a6:a4:6c:df:3e:5a:2c:4c:2d:08:
f6:39:33:d6:c6:9e:84:6c:95:f4:0a:b3:6a:73:0f:
a5:5a:17:c6:9d:fe:0a:5c:cf:57:d6:c5:21:b6:48:
43:b8:5a:ff:63:21:7b:e0:52:59:86:6d:9d:fd:9d:
f9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:2C:6A:0E:FB:AB:E0:1C:B7:8A:D0:07:45:ED:CC:2C:CF:A5:0D:88
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/iixqDvur4By3itAHRe3MLM-lDYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.17.0-185.204.19.255
193.9.40.0/22
Signature Algorithm: sha256WithRSAEncryption
97:f1:3d:67:6a:96:56:aa:b3:16:10:2e:f0:ae:fe:b3:49:5b:
0d:67:ec:0a:fb:f4:a3:58:ef:f6:6a:71:80:38:94:4a:5a:12:
ec:67:e7:57:96:7b:32:c0:05:b7:8f:cf:13:98:70:d0:44:e0:
f4:e3:b3:cf:40:69:76:bd:46:14:96:bc:65:d2:12:23:f5:b7:
fa:ad:dc:ef:cd:e2:29:93:2f:da:e6:02:ad:10:77:31:6a:4c:
38:34:c9:01:00:d9:72:74:bc:ec:2c:a9:ef:cc:75:9f:67:ac:
87:88:08:5e:11:9b:7c:23:c6:3c:4d:1e:7a:89:5d:ef:eb:7d:
0c:8e:d0:ee:08:f7:64:33:c5:98:53:ca:c8:6f:b3:8c:1d:5c:
bd:99:66:f8:22:48:f9:a5:9c:77:bc:a6:3a:e7:27:2a:4d:17:
d8:63:e7:b2:c9:37:68:a4:1b:4e:89:49:aa:7f:21:4e:26:a2:
8e:29:32:2a:76:38:d4:0c:45:6f:e0:b7:25:b5:d5:98:65:73:
5e:a3:b7:33:b7:57:55:fa:f2:68:32:fa:f3:9b:34:26:f3:1e:
ca:5c:8d:2f:5e:e0:c4:3d:49:84:32:3b:72:ff:e2:de:4c:83:
9b:76:5b:c9:59:d1:a9:5c:a8:0c:4b:65:b3:e8:cc:93:95:1a:
f6:60:f1:04
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYp1r4d9rECXmkzil8xQZd8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjMwOTA4MTY0NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTJjNmEwZWZiYWJlMDFjYjc4YWQwMDc0NWVkY2MyY2NmYTUwZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwknL8JU7GpNZDdLvL5kpXIScoRQ
xxcc2/7Iwsl4mwBi+zlgErVVCgM4c99DlVEYucuUoLVfm71RAVeLPlh/JYHzIVG+
T23Wbx7Xfo15hV6nLsCW0PNcD3taWXTDWdx42dq6jTiIikh+NiweT9Zx4FSVBXBU
950sqFtTjKS9hFvq2hwQDAo4cNRlh/kFXTBUN1+je3dvuZRPJI6zAyeduC2ke4wn
jsZ7H+TssaN0nYgHL7SymYIF0Sm+BVNMch8NQtzJ5s8gU6akbN8+WixMLQj2OTPW
xp6EbJX0CrNqcw+lWhfGnf4KXM9X1sUhtkhDuFr/YyF74FJZhm2d/Z35bwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIosag77q+Act4rQB0XtzCzPpQ2IMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvaWl4cUR2dXI0QnkzaXRBSFJlM01MTS1sRFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC5zBED
BAK5zBADBALBCSgwDQYJKoZIhvcNAQELBQADggEBAJfxPWdqllaqsxYQLvCu/rNJ
Ww1n7Ar79KNY7/ZqcYA4lEpaEuxn51eWezLABbePzxOYcNBE4PTjs89AaXa9RhSW
vGXSEiP1t/qt3O/N4imTL9rmAq0QdzFqTDg0yQEA2XJ0vOwsqe/MdZ9nrIeICF4R
m3wjxjxNHnqJXe/rfQyO0O4I92QzxZhTyshvs4wdXL2ZZvgiSPmlnHe8pjrnJypN
F9hj57LJN2ikG06JSap/IU4moo4pMip2ONQMRW/gtyW11Zhlc16jtzO3V1X68mgy
+vObNCbzHspcjS9e4MQ9SYQyO3L/4t5Mg5t2W8lZ0alcqAxLZbPozJOVGvZg8QQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:34 2024 by rpki-client on console-ams.rpki-client.org