Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/V-dc50oYQRGQpLWnZwpbXSR9Rf8.roa
File: V-dc50oYQRGQpLWnZwpbXSR9Rf8.roa (raw, json)
Hash identifier: kbtFzfEGFDkFP5lclyD651Lu1J+me7NlxQaGbrGeEFQ=
Subject key identifier: 57:E7:5C:E7:4A:18:41:11:90:A4:B5:A7:67:0A:5B:5D:24:7D:45:FF
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 01856FCB912DCE8B9D19BB29FB8745A71C49
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/V-dc50oYQRGQpLWnZwpbXSR9Rf8.roa
Signing time: Mon 02 Jan 2023 00:04:49 +0000
ROA not before: Mon 02 Jan 2023 00:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10557
IP address blocks: 185.191.230.0/24 maxlen: 24
185.215.149.0/24 maxlen: 24
85.209.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:91:2d:ce:8b:9d:19:bb:29:fb:87:45:a7:1c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jan 2 00:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57e75ce74a18411190a4b5a7670a5b5d247d45ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:91:46:ae:76:9e:93:c1:c6:05:a1:f3:38:51:
07:b0:2c:9f:55:50:20:05:91:51:ea:a0:2d:ec:d8:
61:03:03:47:12:60:c8:b5:15:8d:89:20:05:2b:ca:
96:a1:25:62:20:e4:88:5d:49:33:a2:a0:46:5f:a8:
a9:d5:8f:d0:38:ac:8a:4c:3b:ae:b4:5d:8b:a8:f0:
dd:2c:94:fc:d3:bc:f2:03:21:ff:5b:c6:85:b1:a8:
a8:2c:dc:26:92:b5:bf:47:55:8b:29:86:90:ab:cd:
c6:6c:ba:c1:d1:cd:02:c4:ee:82:7f:ba:b9:31:7e:
83:2d:06:ca:6a:8b:86:56:41:3d:5e:e1:70:fd:8c:
9e:c0:38:d2:fe:bb:5a:9d:a6:49:a4:a9:4a:ad:5a:
8c:40:45:e1:d2:87:e8:dc:88:3f:d4:a2:3a:f2:72:
f6:9d:9c:45:ff:e3:9d:9c:4f:b0:09:f9:9f:83:05:
7f:84:df:8b:ad:1a:12:79:e4:29:b0:2b:fb:c1:35:
a9:0c:61:c5:35:ec:07:e5:7a:23:03:ba:27:c0:11:
c2:21:eb:57:74:77:d0:93:47:fc:79:b7:94:bc:4c:
8e:03:e9:36:08:8c:e4:ee:71:dc:85:f4:1c:f0:21:
a4:d9:a3:40:a5:a6:e9:8c:ed:aa:20:56:2e:c6:ce:
23:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:E7:5C:E7:4A:18:41:11:90:A4:B5:A7:67:0A:5B:5D:24:7D:45:FF
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/V-dc50oYQRGQpLWnZwpbXSR9Rf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.86.0/24
185.191.230.0/24
185.215.149.0/24
Signature Algorithm: sha256WithRSAEncryption
43:f4:5b:67:5e:a3:b5:d4:3b:f2:83:78:97:bc:af:b8:9a:e1:
b2:20:40:7c:b1:ea:36:4c:17:e7:d0:95:43:f6:f4:c0:58:12:
72:70:f1:47:d3:7a:1f:d8:61:2e:25:a1:ba:01:65:b5:10:54:
88:b2:6d:6b:c5:0c:73:99:47:7c:01:e2:de:ce:4a:ae:02:52:
f5:65:6e:51:00:f9:79:5b:d1:77:b6:81:e7:43:b6:24:95:d0:
46:a9:fc:ac:29:23:07:ac:2d:fc:d4:ca:95:47:88:17:5a:86:
11:6e:01:9e:d0:9f:ea:d3:d3:a6:1d:ab:05:ba:28:5f:79:ef:
cb:a8:92:d3:83:e6:2e:29:30:5b:0b:6a:85:cf:bc:8d:5f:a9:
93:dc:c3:7f:48:9b:1c:c8:44:d2:5e:c8:35:2d:10:64:f4:95:
80:a8:82:8b:01:c0:fa:dc:95:49:9f:4d:7c:b7:47:42:c7:81:
26:64:38:f7:eb:6d:00:cc:d8:56:f3:8f:34:a3:91:f4:2b:cc:
88:67:08:0c:ff:cc:69:37:66:35:c5:66:93:95:fe:28:f6:1e:
3f:41:32:08:ec:0f:44:6c:21:3f:88:c4:31:0c:6d:60:2a:df:
c7:20:5f:4b:8b:c7:b6:1d:08:c0:45:e2:f3:8d:13:45:40:4c:
30:26:3b:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvy5EtzoudGbsp+4dFpxxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMwMTAyMDAwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2U3NWNlNzRhMTg0MTExOTBhNGI1YTc2NzBhNWI1ZDI0N2Q0NWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpFGrnaek8HGBaHzOFEHsCyfVVAg
BZFR6qAt7NhhAwNHEmDItRWNiSAFK8qWoSViIOSIXUkzoqBGX6ip1Y/QOKyKTDuu
tF2LqPDdLJT807zyAyH/W8aFsaioLNwmkrW/R1WLKYaQq83GbLrB0c0CxO6Cf7q5
MX6DLQbKaouGVkE9XuFw/YyewDjS/rtanaZJpKlKrVqMQEXh0ofo3Ig/1KI68nL2
nZxF/+OdnE+wCfmfgwV/hN+LrRoSeeQpsCv7wTWpDGHFNewH5XojA7onwBHCIetX
dHfQk0f8ebeUvEyOA+k2CIzk7nHchfQc8CGk2aNApabpjO2qIFYuxs4jRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFfnXOdKGEERkKS1p2cKW10kfUX/MB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvVi1kYzUwb1lRUkdRcExXblp3cGJYU1I5UmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVdFWAwQA
ub/mAwQAudeVMA0GCSqGSIb3DQEBCwUAA4IBAQBD9FtnXqO11Dvyg3iXvK+4muGy
IEB8seo2TBfn0JVD9vTAWBJycPFH03of2GEuJaG6AWW1EFSIsm1rxQxzmUd8AeLe
zkquAlL1ZW5RAPl5W9F3toHnQ7YkldBGqfysKSMHrC381MqVR4gXWoYRbgGe0J/q
09OmHasFuihfee/LqJLTg+YuKTBbC2qFz7yNX6mT3MN/SJscyETSXsg1LRBk9JWA
qIKLAcD63JVJn018t0dCx4EmZDj3620AzNhW8480o5H0K8yIZwgM/8xpN2Y1xWaT
lf4o9h4/QTII7A9EbCE/iMQxDG1gKt/HIF9Li8e2HQjAReLzjRNFQEwwJjsp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org