Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/659f2c-c289-4699-87d7-21d6100383e0/1/daHOAKB9naneFuoyO8nCQyKvsTc.roa
File: daHOAKB9naneFuoyO8nCQyKvsTc.roa (raw, json)
Hash identifier: BBnmOnA4XgNHmIAb1W2CNjXmHnHZ7ZiK3AMkcRGag8E=
Subject key identifier: 75:A1:CE:00:A0:7D:9D:A9:DE:16:EA:32:3B:C9:C2:43:22:AF:B1:37
Certificate issuer: /CN=be07895736ed92860f3135008a85813f98bbd7c1
Certificate serial: 01856EAFC156C289F6C508706ABAEEDCB723
Authority key identifier: BE:07:89:57:36:ED:92:86:0F:31:35:00:8A:85:81:3F:98:BB:D7:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vgeJVzbtkoYPMTUAioWBP5i718E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/659f2c-c289-4699-87d7-21d6100383e0/1/daHOAKB9naneFuoyO8nCQyKvsTc.roa
Signing time: Sun 01 Jan 2023 18:54:50 +0000
ROA not before: Sun 01 Jan 2023 18:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205250
IP address blocks: 185.224.74.0/23 maxlen: 23
185.224.72.0/23 maxlen: 23
2a0c:fc00::/32 maxlen: 32
2a0c:fc01::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:c1:56:c2:89:f6:c5:08:70:6a:ba:ee:dc:b7:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be07895736ed92860f3135008a85813f98bbd7c1
Validity
Not Before: Jan 1 18:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75a1ce00a07d9da9de16ea323bc9c24322afb137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4a:c4:fd:28:d3:60:7c:70:d2:5f:04:9f:db:
74:5c:17:80:a9:e5:2f:13:22:f7:6a:07:5c:ce:fb:
49:5b:45:fb:92:66:bd:02:71:b2:b2:dd:4d:76:19:
81:5d:01:68:ab:f5:40:1c:01:e9:e0:7e:e5:53:32:
c1:81:54:e6:33:f8:9e:4a:fa:7a:3b:b7:22:d7:2d:
9d:ed:dc:eb:82:c5:1c:70:bc:b7:75:e6:1b:44:40:
fa:5e:a6:95:e0:7e:ae:e7:ff:4f:9a:74:99:7f:85:
d2:e4:88:a4:e0:07:98:cc:96:b5:05:a9:65:39:29:
0f:50:83:8d:f1:85:9c:05:2d:1b:61:3d:2f:6f:19:
19:09:ba:01:3b:b5:cf:ff:2a:b1:95:6e:fe:4c:d2:
64:9e:f9:c8:74:3e:88:11:07:df:11:d4:6c:37:5b:
c4:90:eb:a2:bf:b6:34:29:c0:aa:4a:1b:c7:99:47:
e7:ca:a8:04:ad:64:4e:06:64:f1:8f:c7:08:6f:32:
75:d6:dd:9f:44:dd:54:3f:c8:6c:eb:0d:7b:83:2f:
4a:04:dc:1f:66:88:6c:3a:dc:6a:77:65:de:aa:09:
92:f0:76:e6:d4:16:ac:26:96:ea:78:b7:f4:28:49:
c1:b6:a5:63:23:cd:06:3d:46:68:fc:8a:05:c9:0b:
51:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A1:CE:00:A0:7D:9D:A9:DE:16:EA:32:3B:C9:C2:43:22:AF:B1:37
X509v3 Authority Key Identifier:
keyid:BE:07:89:57:36:ED:92:86:0F:31:35:00:8A:85:81:3F:98:BB:D7:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgeJVzbtkoYPMTUAioWBP5i718E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/659f2c-c289-4699-87d7-21d6100383e0/1/daHOAKB9naneFuoyO8nCQyKvsTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/659f2c-c289-4699-87d7-21d6100383e0/1/vgeJVzbtkoYPMTUAioWBP5i718E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.72.0/22
IPv6:
2a0c:fc00::/31
Signature Algorithm: sha256WithRSAEncryption
20:c7:c7:27:a8:92:5c:f2:d9:ab:6b:c4:8f:b6:6a:28:85:87:
60:02:02:21:9c:3d:01:55:2c:12:00:b4:e3:93:8c:38:7a:1b:
49:3f:0e:bd:fc:e5:c6:b3:d6:71:a7:3c:33:14:cf:43:0b:ea:
f9:28:a0:1b:ab:15:f5:eb:1e:4d:6d:c4:2c:2d:95:2b:33:f3:
a3:91:65:13:ce:8e:f9:8b:3c:73:8a:a1:14:00:10:a4:4b:8a:
47:56:0f:c5:3e:5e:28:8f:ab:de:7f:21:59:c6:18:9e:8f:02:
d7:2b:ab:51:6f:ee:8c:d6:1d:e2:1b:6c:bb:4d:d9:ee:de:86:
90:77:48:df:74:25:a1:4f:fd:14:c7:d2:fe:6e:2a:ef:f7:92:
2c:74:36:70:61:d6:55:ba:ce:cb:ef:a1:d5:8b:77:86:7c:1c:
79:0b:86:c1:20:21:9b:9b:0f:bc:6a:e8:83:86:53:76:cd:0e:
4c:8d:45:b0:28:c6:f5:6f:22:92:52:b7:ab:a6:1e:d2:53:a3:
df:eb:0c:80:cc:bf:94:af:34:9f:9a:6b:02:fc:28:0a:db:93:
d4:46:85:b2:42:fb:aa:9c:fc:b1:21:94:91:db:6d:4d:b7:4b:
b9:99:89:20:ac:c7:b3:98:12:0d:c8:c9:1f:a5:33:8b:80:b5:
e0:72:26:42
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVur8FWwon2xQhwarru3LcjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMDc4OTU3MzZlZDkyODYwZjMxMzUwMDhhODU4MTNmOThi
YmQ3YzEwHhcNMjMwMTAxMTg1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWExY2UwMGEwN2Q5ZGE5ZGUxNmVhMzIzYmM5YzI0MzIyYWZiMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUrE/SjTYHxw0l8En9t0XBeAqeUv
EyL3agdczvtJW0X7kma9AnGyst1NdhmBXQFoq/VAHAHp4H7lUzLBgVTmM/ieSvp6
O7ci1y2d7dzrgsUccLy3deYbRED6XqaV4H6u5/9PmnSZf4XS5Iik4AeYzJa1Ball
OSkPUION8YWcBS0bYT0vbxkZCboBO7XP/yqxlW7+TNJknvnIdD6IEQffEdRsN1vE
kOuiv7Y0KcCqShvHmUfnyqgErWROBmTxj8cIbzJ11t2fRN1UP8hs6w17gy9KBNwf
ZohsOtxqd2XeqgmS8Hbm1BasJpbqeLf0KEnBtqVjI80GPUZo/IoFyQtRbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHWhzgCgfZ2p3hbqMjvJwkMir7E3MB8GA1UdIwQY
MBaAFL4HiVc27ZKGDzE1AIqFgT+Yu9fBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmdlSlZ6YnRrb1lQTVRVQWlvV0JQNWk3MThFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi82NTlmMmMtYzI4OS00Njk5LTg3ZDct
MjFkNjEwMDM4M2UwLzEvZGFIT0FLQjluYW5lRnVveU84bkNReUt2c1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi82NTlmMmMtYzI4OS00Njk5LTg3ZDctMjFkNjEwMDM4M2Uw
LzEvdmdlSlZ6YnRrb1lQTVRVQWlvV0JQNWk3MThFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueBIMA0E
AgACMAcDBQEqDPwAMA0GCSqGSIb3DQEBCwUAA4IBAQAgx8cnqJJc8tmra8SPtmoo
hYdgAgIhnD0BVSwSALTjk4w4ehtJPw69/OXGs9ZxpzwzFM9DC+r5KKAbqxX16x5N
bcQsLZUrM/OjkWUTzo75izxziqEUABCkS4pHVg/FPl4oj6vefyFZxhiejwLXK6tR
b+6M1h3iG2y7Tdnu3oaQd0jfdCWhT/0Ux9L+birv95IsdDZwYdZVus7L76HVi3eG
fBx5C4bBICGbmw+8auiDhlN2zQ5MjUWwKMb1byKSUrerph7SU6Pf6wyAzL+UrzSf
mmsC/CgK25PURoWyQvuqnPyxIZSR221Nt0u5mYkgrMezmBINyMkfpTOLgLXgciZC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:07 2024 by rpki-client on console-ams.rpki-client.org