Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/6to8ePcd0O5OOt4lBlP-F_XEgHk.roa
File: 6to8ePcd0O5OOt4lBlP-F_XEgHk.roa (raw, json)
Hash identifier: svOeahEYPdxOeHJE9lJJeQ8jugE2W/i8sjz/Pyj8T7Y=
Subject key identifier: EA:DA:3C:78:F7:1D:D0:EE:4E:3A:DE:25:06:53:FE:17:F5:C4:80:79
Certificate issuer: /CN=247405e9cee39d71944d5e3149eb01b61f9adb1e
Certificate serial: 01879EF22382A43744F9FE3BA4FA3BF03E01
Authority key identifier: 24:74:05:E9:CE:E3:9D:71:94:4D:5E:31:49:EB:01:B6:1F:9A:DB:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JHQF6c7jnXGUTV4xSesBth-a2x4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/6to8ePcd0O5OOt4lBlP-F_XEgHk.roa
Signing time: Thu 20 Apr 2023 13:54:41 +0000
ROA not before: Thu 20 Apr 2023 13:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205958
IP address blocks: 185.30.170.0/23 maxlen: 23
185.215.132.0/23 maxlen: 23
185.30.168.0/23 maxlen: 23
185.215.134.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 10 Aug 2023 10:32:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9e:f2:23:82:a4:37:44:f9:fe:3b:a4:fa:3b:f0:3e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=247405e9cee39d71944d5e3149eb01b61f9adb1e
Validity
Not Before: Apr 20 13:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eada3c78f71dd0ee4e3ade250653fe17f5c48079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9b:a0:2e:7c:dc:46:b1:07:7d:6f:3a:c5:f2:
9b:64:0c:3d:b9:71:82:50:ef:09:b7:78:66:b3:a1:
22:88:65:61:e9:d2:98:c3:54:99:df:b3:73:6d:7f:
26:61:0d:be:f3:84:33:d2:45:2a:16:43:4b:10:fb:
94:70:0b:19:68:36:ce:fe:23:58:20:3b:d6:88:45:
93:b6:d2:fb:a7:40:08:c1:bb:31:ff:22:69:f5:5a:
f3:71:e1:5c:d5:f3:31:17:48:11:82:68:68:71:14:
c7:57:d7:a8:fd:70:65:14:0f:42:83:d8:ce:6e:23:
96:c6:fa:1f:2f:0f:4a:d1:2a:ac:25:8a:5b:a3:e1:
42:6a:30:8a:a4:ab:18:dc:23:d3:71:26:98:5d:66:
e6:77:8d:85:db:a9:f9:0c:b6:cc:93:f6:0e:e7:d2:
cd:7c:ad:46:cf:2e:83:c8:6b:c0:7b:45:2e:ce:86:
d5:86:2b:f8:4f:46:31:be:b3:f7:83:2c:58:87:57:
ad:24:43:53:fa:e5:c1:ba:be:e4:cf:63:76:da:97:
e4:e4:1a:cf:09:fb:c4:62:11:2e:97:a7:5d:f0:b5:
ac:6b:f5:bd:70:dd:73:8f:96:86:3b:35:a9:f4:cc:
be:07:0d:f5:72:1c:dc:8f:d4:ec:e4:4d:05:01:a0:
ab:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:DA:3C:78:F7:1D:D0:EE:4E:3A:DE:25:06:53:FE:17:F5:C4:80:79
X509v3 Authority Key Identifier:
keyid:24:74:05:E9:CE:E3:9D:71:94:4D:5E:31:49:EB:01:B6:1F:9A:DB:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JHQF6c7jnXGUTV4xSesBth-a2x4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/6to8ePcd0O5OOt4lBlP-F_XEgHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/JHQF6c7jnXGUTV4xSesBth-a2x4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.168.0/22
185.215.132.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:cd:5d:3d:55:7a:30:71:8b:63:dd:b5:50:ed:71:0f:1e:f9:
43:8b:bf:c5:ca:9e:ca:7e:b7:f8:04:ea:a5:a4:88:77:39:ec:
79:92:a1:26:29:87:ed:83:31:c0:cd:ba:c3:ce:9b:d7:8f:52:
74:67:8e:93:e1:da:26:f8:11:34:9e:7e:86:39:5f:bc:42:8b:
a6:e6:c7:5d:32:a7:f4:a1:e9:12:31:da:23:49:e4:b0:81:58:
5e:3e:40:e0:d3:5d:c9:b0:f6:4a:e3:1b:9f:a5:42:46:dc:c3:
05:21:da:a9:be:82:52:41:ab:b2:72:3b:57:6d:03:a7:a9:a7:
41:02:41:e7:01:c5:1e:92:f2:59:29:06:5a:da:ca:67:bf:e0:
6e:05:33:44:12:19:de:8b:3e:58:d0:22:4f:c6:43:36:b1:61:
ff:ae:6d:16:0f:0c:6f:8f:5f:97:68:1f:3f:8f:ae:da:43:07:
d6:44:c4:e4:08:9a:ee:3b:5e:7a:2f:b7:43:f0:57:1c:a1:65:
b6:b5:bb:c7:47:04:fa:81:37:2c:c5:0c:c0:37:43:f3:a5:65:
3d:40:bd:17:0b:3f:56:65:1e:e2:cc:11:0e:2b:d0:00:a9:b6:
eb:4b:cf:10:79:ea:c5:b5:e7:b4:61:63:fd:0e:c6:10:03:a7:
c9:54:da:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYee8iOCpDdE+f47pPo78D4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NzQwNWU5Y2VlMzlkNzE5NDRkNWUzMTQ5ZWIwMWI2MWY5
YWRiMWUwHhcNMjMwNDIwMTM1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWRhM2M3OGY3MWRkMGVlNGUzYWRlMjUwNjUzZmUxN2Y1YzQ4MDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZugLnzcRrEHfW86xfKbZAw9uXGC
UO8Jt3hms6EiiGVh6dKYw1SZ37NzbX8mYQ2+84Qz0kUqFkNLEPuUcAsZaDbO/iNY
IDvWiEWTttL7p0AIwbsx/yJp9VrzceFc1fMxF0gRgmhocRTHV9eo/XBlFA9Cg9jO
biOWxvofLw9K0SqsJYpbo+FCajCKpKsY3CPTcSaYXWbmd42F26n5DLbMk/YO59LN
fK1Gzy6DyGvAe0UuzobVhiv4T0YxvrP3gyxYh1etJENT+uXBur7kz2N22pfk5BrP
CfvEYhEul6dd8LWsa/W9cN1zj5aGOzWp9My+Bw31chzcj9Ts5E0FAaCr0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOraPHj3HdDuTjreJQZT/hf1xIB5MB8GA1UdIwQY
MBaAFCR0BenO451xlE1eMUnrAbYfmtseMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkhRRjZjN2puWEdVVFY0eFNlc0J0aC1hMng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC85YTNhOTgtZDY3MC00MzQzLTkyMDYt
NDdiYmFjYTA3OGZmLzEvNnRvOGVQY2QwTzVPT3Q0bEJsUC1GX1hFZ0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC85YTNhOTgtZDY3MC00MzQzLTkyMDYtNDdiYmFjYTA3OGZm
LzEvSkhRRjZjN2puWEdVVFY0eFNlc0J0aC1hMng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuR6oAwQC
udeEMA0GCSqGSIb3DQEBCwUAA4IBAQCdzV09VXowcYtj3bVQ7XEPHvlDi7/Fyp7K
frf4BOqlpIh3Oex5kqEmKYftgzHAzbrDzpvXj1J0Z46T4dom+BE0nn6GOV+8Qoum
5sddMqf0oekSMdojSeSwgVhePkDg013JsPZK4xufpUJG3MMFIdqpvoJSQauycjtX
bQOnqadBAkHnAcUekvJZKQZa2spnv+BuBTNEEhneiz5Y0CJPxkM2sWH/rm0WDwxv
j1+XaB8/j67aQwfWRMTkCJruO156L7dD8FccoWW2tbvHRwT6gTcsxQzAN0PzpWU9
QL0XCz9WZR7izBEOK9AAqbbrS88QeerFtee0YWP9DsYQA6fJVNr/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:16 2024 by rpki-client on console-ams.rpki-client.org