Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/OB0dLByk8IhzBLe8Tephh5TTcxw.roa
File: OB0dLByk8IhzBLe8Tephh5TTcxw.roa (raw, json)
Hash identifier: QGl8fHdwiP6EPxvR7IqZo5ZnfkrDyfPnWp2KY6/WUK8=
Subject key identifier: 38:1D:1D:2C:1C:A4:F0:88:73:04:B7:BC:4D:EA:61:87:94:D3:73:1C
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 01876ED4A542AF404584494B0AE6E07DCB6A
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/OB0dLByk8IhzBLe8Tephh5TTcxw.roa
Signing time: Tue 11 Apr 2023 05:40:42 +0000
ROA not before: Tue 11 Apr 2023 05:40:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59613
IP address blocks: 185.158.208.0/24 maxlen: 24
185.158.211.0/24 maxlen: 24
185.158.210.0/24 maxlen: 24
185.158.209.0/24 maxlen: 24
2a02:2278:fffd::/48 maxlen: 48
2a02:2278:fffe::/48 maxlen: 48
2a02:2278:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6e:d4:a5:42:af:40:45:84:49:4b:0a:e6:e0:7d:cb:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Apr 11 05:40:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=381d1d2c1ca4f0887304b7bc4dea618794d3731c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:73:0e:cd:c6:a1:f9:bd:dd:7c:fd:2c:53:11:
c8:1e:4b:12:c1:58:ee:e1:44:c0:00:66:61:2a:6e:
a0:8a:12:6f:6b:34:ff:5d:fe:7a:7f:a2:fb:65:e2:
15:19:b7:71:59:a7:aa:5c:45:93:d8:08:78:7f:73:
d8:35:b9:d1:1c:90:14:61:dc:e1:0e:e3:06:6f:4b:
06:8a:93:af:3f:b3:e5:24:cd:e4:ff:32:5f:89:78:
ec:f5:ab:59:3f:48:42:2f:18:e7:c9:7d:94:ef:54:
9e:ef:8b:7e:a1:4c:3c:8f:3a:9f:92:77:35:b9:6f:
a3:b5:84:97:c5:7e:68:ff:ce:c8:7b:5e:31:b3:59:
1c:a6:35:c9:ba:35:9f:2d:e0:5d:f8:9e:6d:5a:31:
71:8e:e6:cf:e8:81:1f:15:ff:fb:0b:5b:eb:19:a0:
fa:08:db:a0:e7:77:2c:92:79:15:63:69:0b:b8:ab:
2d:bd:62:6a:22:89:c6:24:3f:4d:73:b3:38:35:e2:
a3:47:97:4d:3b:ea:c7:62:6c:5f:3f:74:d4:5a:a1:
61:f1:a7:b5:c7:a3:ed:a7:04:41:aa:73:d7:4c:b1:
56:05:98:77:38:91:ae:e0:e8:31:9a:06:8f:7a:7a:
19:c6:3a:4b:b1:0e:6c:3c:b8:91:74:88:2a:55:49:
69:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1D:1D:2C:1C:A4:F0:88:73:04:B7:BC:4D:EA:61:87:94:D3:73:1C
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/OB0dLByk8IhzBLe8Tephh5TTcxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.208.0/22
IPv6:
2a02:2278:fffd::-2a02:2278:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
bc:14:93:18:c8:96:d6:f0:df:b9:79:0d:f7:7a:11:4d:78:7d:
ba:cb:7d:ed:77:e6:f0:47:be:34:c5:d1:14:0a:b3:19:fa:25:
19:ea:95:53:0a:51:c1:65:ab:6f:7e:08:92:f4:30:52:84:2e:
69:e3:62:bb:2c:f5:c2:25:c6:4a:3d:c6:0e:6c:ba:12:2c:9a:
7e:f0:d5:6e:ec:61:fc:cb:12:07:05:f9:c7:74:a4:a9:f6:e9:
90:8d:ee:e1:90:99:5a:6f:47:45:3f:15:2e:e0:95:d7:24:84:
67:03:d2:ff:e6:29:d3:21:56:79:53:44:f5:b5:2e:a8:6b:45:
1b:56:7b:b3:52:1f:7f:2a:65:5f:28:38:4b:7f:c5:90:24:ea:
13:0e:b7:1f:a1:93:dc:a0:6c:81:9c:ec:e5:2d:01:3e:60:2a:
2a:d7:03:f5:28:59:27:60:17:96:04:73:dc:d2:08:13:25:32:
c2:11:a6:3f:34:37:96:83:30:2f:a7:50:f9:e4:89:f0:e6:dd:
e2:7d:44:13:99:c4:79:dd:d3:7a:d1:2b:34:8b:cb:02:93:0d:
b2:1c:43:3d:73:7c:05:b5:54:a7:9f:0c:30:75:3f:ad:18:5d:
6e:c1:f2:43:1a:3c:5d:ae:fb:ee:fa:08:95:cb:d6:be:1a:09:
49:38:02:6f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYdu1KVCr0BFhElLCubgfctqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjMwNDExMDU0MDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODFkMWQyYzFjYTRmMDg4NzMwNGI3YmM0ZGVhNjE4Nzk0ZDM3MzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnMOzcah+b3dfP0sUxHIHksSwVju
4UTAAGZhKm6gihJvazT/Xf56f6L7ZeIVGbdxWaeqXEWT2Ah4f3PYNbnRHJAUYdzh
DuMGb0sGipOvP7PlJM3k/zJfiXjs9atZP0hCLxjnyX2U71Se74t+oUw8jzqfknc1
uW+jtYSXxX5o/87Ie14xs1kcpjXJujWfLeBd+J5tWjFxjubP6IEfFf/7C1vrGaD6
CNug53csknkVY2kLuKstvWJqIonGJD9Nc7M4NeKjR5dNO+rHYmxfP3TUWqFh8ae1
x6PtpwRBqnPXTLFWBZh3OJGu4OgxmgaPenoZxjpLsQ5sPLiRdIgqVUlpswIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDgdHSwcpPCIcwS3vE3qYYeU03McMB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvT0IwZExCeWs4SWh6QkxlOFRlcGhoNVRUY3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuZ7QMBgE
AgACMBIwEAMHACoCInj//QMFACoCIngwDQYJKoZIhvcNAQELBQADggEBALwUkxjI
ltbw37l5Dfd6EU14fbrLfe135vBHvjTF0RQKsxn6JRnqlVMKUcFlq29+CJL0MFKE
LmnjYrss9cIlxko9xg5suhIsmn7w1W7sYfzLEgcF+cd0pKn26ZCN7uGQmVpvR0U/
FS7gldckhGcD0v/mKdMhVnlTRPW1LqhrRRtWe7NSH38qZV8oOEt/xZAk6hMOtx+h
k9ygbIGc7OUtAT5gKirXA/UoWSdgF5YEc9zSCBMlMsIRpj80N5aDMC+nUPnkifDm
3eJ9RBOZxHnd03rRKzSLywKTDbIcQz1zfAW1VKefDDB1P60YXW7B8kMaPF2u++76
CJXL1r4aCUk4Am8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:35 2023 by rpki-client on console-ams.rpki-client.org