Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/3A2bQkSsc1pSfVfNEB0aBSyAh0o.roa
File: 3A2bQkSsc1pSfVfNEB0aBSyAh0o.roa (raw, json)
Hash identifier: rLgGmYXI+QYPZ20XQU8U7+FzifZPmYI7o/+KvjoRvLQ=
Subject key identifier: DC:0D:9B:42:44:AC:73:5A:52:7D:57:CD:10:1D:1A:05:2C:80:87:4A
Certificate issuer: /CN=2559e9be1fbd1e6909a0be9a90b380f824fab1a5
Certificate serial: 01856F5479FB43F6258A17A1F904E0B58C9C
Authority key identifier: 25:59:E9:BE:1F:BD:1E:69:09:A0:BE:9A:90:B3:80:F8:24:FA:B1:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVnpvh-9HmkJoL6akLOA-CT6saU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/3A2bQkSsc1pSfVfNEB0aBSyAh0o.roa
Signing time: Sun 01 Jan 2023 21:54:45 +0000
ROA not before: Sun 01 Jan 2023 21:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202837
IP address blocks: 185.198.4.0/24 maxlen: 24
185.198.7.0/24 maxlen: 24
185.198.6.0/24 maxlen: 24
185.198.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:79:fb:43:f6:25:8a:17:a1:f9:04:e0:b5:8c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2559e9be1fbd1e6909a0be9a90b380f824fab1a5
Validity
Not Before: Jan 1 21:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc0d9b4244ac735a527d57cd101d1a052c80874a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:44:74:36:4a:fb:a5:d3:4d:f5:70:fb:98:26:
2b:ba:fb:0c:79:0d:c1:36:d8:db:89:13:72:4d:e2:
65:0e:21:af:6e:31:01:37:05:95:9e:09:4c:82:3f:
06:af:31:7a:75:bc:de:32:bf:78:e5:99:d0:1c:44:
16:0d:7d:2e:0b:2a:f4:c6:6e:83:65:f6:e4:f8:8c:
b5:dc:d4:db:7c:46:ab:c0:50:a4:3e:26:1f:fc:86:
07:7c:43:21:3f:93:95:86:c8:f8:c6:90:79:9f:87:
eb:27:59:4c:16:cf:bb:eb:83:15:be:9a:dd:d5:6c:
79:fc:b7:f9:36:a7:f2:e1:3b:a4:e4:61:79:22:8d:
c0:65:74:f9:1e:64:25:9c:7a:84:d7:88:56:55:1f:
d2:46:53:3f:e2:6d:b1:52:51:b7:95:a5:2d:f6:f8:
72:19:38:32:5d:00:49:fe:69:8e:58:9c:f3:f1:a2:
fd:07:8d:f1:16:0a:70:a7:a9:9f:13:ec:bb:a0:3e:
fc:bd:14:ef:c1:7b:a3:65:59:05:5a:92:5c:0a:5c:
fe:eb:69:a2:13:5d:9c:31:24:85:90:52:a0:d8:84:
e3:d9:26:7e:46:cb:9b:80:fa:60:6a:1f:c5:21:3a:
7e:2f:dd:58:f8:4b:0a:8d:59:e8:7e:1b:5c:ec:52:
9f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:0D:9B:42:44:AC:73:5A:52:7D:57:CD:10:1D:1A:05:2C:80:87:4A
X509v3 Authority Key Identifier:
keyid:25:59:E9:BE:1F:BD:1E:69:09:A0:BE:9A:90:B3:80:F8:24:FA:B1:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVnpvh-9HmkJoL6akLOA-CT6saU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/3A2bQkSsc1pSfVfNEB0aBSyAh0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/JVnpvh-9HmkJoL6akLOA-CT6saU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.4.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:fb:f8:c9:b3:57:39:11:6b:70:6f:62:13:f8:f6:d1:fc:f0:
c2:f2:b1:56:d0:56:b6:6b:16:ad:0d:5c:fe:83:0f:e4:f9:4c:
d6:6d:29:41:a8:c9:3e:d4:43:96:40:a4:dc:a5:22:54:fc:ad:
79:26:6e:25:a3:83:24:37:9d:93:9c:1c:77:6c:bf:d0:4d:44:
d7:82:d6:d4:bb:63:1f:c4:63:ce:6e:9f:36:27:06:52:2a:8c:
01:f9:6c:6f:00:7e:8a:40:cb:68:34:6c:d8:f3:53:20:b1:c5:
9c:8a:9b:8d:7f:a2:e1:6f:cc:18:7a:08:37:67:91:cf:25:5f:
f2:3e:21:20:4e:d8:a6:da:38:a0:34:9a:65:45:94:a5:72:d2:
03:3a:d0:cd:c3:b9:17:d7:ee:ac:60:8c:29:20:24:c3:da:69:
02:e6:18:77:7d:13:15:82:6c:2c:60:c1:5b:d3:71:f6:a2:77:
83:be:de:20:61:4b:2e:ae:16:65:85:6d:7d:15:3b:07:4f:d9:
a6:81:d1:17:3b:f6:dc:10:df:7d:22:5e:f9:be:df:00:17:b0:
bf:63:66:4f:0f:ba:33:05:6e:ca:ce:d4:9f:06:d1:15:e5:d6:
0c:0d:0f:0d:f9:c0:95:5a:90:0d:1e:5f:7a:40:48:d2:0d:e5:
b3:b7:56:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVHn7Q/Yliheh+QTgtYycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NTllOWJlMWZiZDFlNjkwOWEwYmU5YTkwYjM4MGY4MjRm
YWIxYTUwHhcNMjMwMTAxMjE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzBkOWI0MjQ0YWM3MzVhNTI3ZDU3Y2QxMDFkMWEwNTJjODA4NzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhER0Nkr7pdNN9XD7mCYruvsMeQ3B
NtjbiRNyTeJlDiGvbjEBNwWVnglMgj8GrzF6dbzeMr945ZnQHEQWDX0uCyr0xm6D
Zfbk+Iy13NTbfEarwFCkPiYf/IYHfEMhP5OVhsj4xpB5n4frJ1lMFs+764MVvprd
1Wx5/Lf5Nqfy4Tuk5GF5Io3AZXT5HmQlnHqE14hWVR/SRlM/4m2xUlG3laUt9vhy
GTgyXQBJ/mmOWJzz8aL9B43xFgpwp6mfE+y7oD78vRTvwXujZVkFWpJcClz+62mi
E12cMSSFkFKg2ITj2SZ+RsubgPpgah/FITp+L91Y+EsKjVnofhtc7FKfUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNwNm0JErHNaUn1XzRAdGgUsgIdKMB8GA1UdIwQY
MBaAFCVZ6b4fvR5pCaC+mpCzgPgk+rGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlZucHZoLTlIbWtKb0w2YWtMT0EtQ1Q2c2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy81ZWRkNmYtMmM2NS00NDdkLWJjYWQt
NGFhYWRhNjVkNzFjLzEvM0EyYlFrU3NjMXBTZlZmTkVCMGFCU3lBaDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy81ZWRkNmYtMmM2NS00NDdkLWJjYWQtNGFhYWRhNjVkNzFj
LzEvSlZucHZoLTlIbWtKb0w2YWtMT0EtQ1Q2c2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucYEMA0G
CSqGSIb3DQEBCwUAA4IBAQC9+/jJs1c5EWtwb2IT+PbR/PDC8rFW0Fa2axatDVz+
gw/k+UzWbSlBqMk+1EOWQKTcpSJU/K15Jm4lo4MkN52TnBx3bL/QTUTXgtbUu2Mf
xGPObp82JwZSKowB+WxvAH6KQMtoNGzY81MgscWcipuNf6Lhb8wYegg3Z5HPJV/y
PiEgTtim2jigNJplRZSlctIDOtDNw7kX1+6sYIwpICTD2mkC5hh3fRMVgmwsYMFb
03H2oneDvt4gYUsurhZlhW19FTsHT9mmgdEXO/bcEN99Il75vt8AF7C/Y2ZPD7oz
BW7KztSfBtEV5dYMDQ8N+cCVWpANHl96QEjSDeWzt1ZU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:04 2024 by rpki-client on console-ams.rpki-client.org