Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/1-dflBxymU4TaQeEj9Lo-9iGOzkc.roa
File: 1-dflBxymU4TaQeEj9Lo-9iGOzkc.roa (raw, json)
Hash identifier: 2ykJmAmlQwzQJ6EGnDKN4sW4nGUgJAOTjAh1biEH7HM=
Subject key identifier: F9:D7:E5:07:1C:A6:53:84:DA:41:E1:23:F4:BA:3E:F6:21:8E:CE:47
Certificate issuer: /CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Certificate serial: 01856DD40B28CD8B1315D03FF9267ADCC878
Authority key identifier: 0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/1-dflBxymU4TaQeEj9Lo-9iGOzkc.roa
Signing time: Sun 01 Jan 2023 14:54:51 +0000
ROA not before: Sun 01 Jan 2023 14:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209284
IP address blocks: 185.58.189.0/24 maxlen: 24
185.58.190.0/24 maxlen: 24
185.58.191.0/24 maxlen: 24
185.58.188.0/22 maxlen: 22
185.16.104.0/24 maxlen: 24
185.16.104.0/22 maxlen: 22
185.16.106.0/24 maxlen: 24
185.16.107.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:0b:28:cd:8b:13:15:d0:3f:f9:26:7a:dc:c8:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Validity
Not Before: Jan 1 14:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9d7e5071ca65384da41e123f4ba3ef6218ece47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:70:12:48:ae:07:3a:8e:dc:da:a7:62:15:fc:
d3:b6:53:f7:ee:65:44:50:20:98:94:98:c0:6f:0c:
b7:03:68:c1:53:2f:65:19:b1:fe:2f:ff:f7:cd:56:
23:08:69:39:66:86:57:f7:00:d2:74:51:8b:1e:ef:
4c:8a:d1:b6:f5:dc:b0:b6:fa:20:b8:04:64:dd:e3:
0b:b3:91:ab:4f:53:2e:85:06:9d:85:c7:e3:73:5b:
3a:d8:23:46:5c:d5:d4:3e:45:53:49:c4:0e:15:5d:
32:8f:54:8c:05:1f:9f:87:43:c7:ac:14:b7:9c:02:
ae:7d:64:91:51:b2:84:d4:50:a6:7e:a4:98:7f:10:
db:4b:2b:6a:79:32:e6:c0:3e:71:01:89:71:aa:38:
59:d5:4a:31:72:ba:74:96:42:3c:d1:f1:88:69:99:
0e:c9:f6:b0:16:0c:72:bc:cb:86:6d:a5:a5:df:85:
30:4e:5c:19:d7:e3:fd:ef:fc:5a:95:57:f1:14:f6:
32:ef:c5:21:21:9a:ea:64:66:dc:2b:6d:54:f1:d9:
7d:a9:cc:15:29:ab:27:ce:61:49:33:04:0c:b2:d8:
5b:59:1c:0f:37:fd:6d:77:06:d1:40:b5:47:a1:b3:
be:da:83:1f:49:bd:20:f7:2f:1f:5f:6e:cf:5e:af:
14:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D7:E5:07:1C:A6:53:84:DA:41:E1:23:F4:BA:3E:F6:21:8E:CE:47
X509v3 Authority Key Identifier:
keyid:0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/1-dflBxymU4TaQeEj9Lo-9iGOzkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.104.0/22
185.58.188.0/22
Signature Algorithm: sha256WithRSAEncryption
62:1c:6b:4f:0d:5c:78:7a:d2:3f:94:2e:91:1c:a2:c8:14:72:
27:6d:96:0e:57:35:ac:b1:dc:c3:20:36:d1:5e:a7:ab:1f:78:
50:06:f7:9d:7f:9a:d7:28:c6:0a:01:07:e8:13:85:e8:a4:a8:
1a:cd:d3:46:94:06:42:cc:42:ef:17:23:d0:c8:45:b2:e9:00:
95:14:01:66:ce:d1:3d:87:67:cf:d7:d0:35:0c:eb:28:03:93:
1c:36:1c:04:a7:09:42:34:52:74:69:fc:bd:91:25:92:c4:9f:
a5:91:80:43:b4:13:38:e8:46:01:64:51:a0:b7:b2:d4:b8:2b:
db:00:44:ce:1b:68:25:ef:f9:fe:24:e9:e1:a1:2b:f0:9f:b0:
09:a5:30:39:09:1d:46:57:bf:6b:ea:d8:e3:b7:f8:47:db:9d:
df:04:8c:48:ec:f9:b6:b9:78:46:65:0c:38:87:96:88:46:ef:
d5:0c:51:7b:ee:99:0a:56:19:02:54:f4:5a:e9:ef:64:d0:ae:
24:76:8b:2a:7a:53:53:b5:4b:67:35:52:f6:6f:c6:23:46:23:
e7:87:f5:90:c3:e8:97:8d:a7:e0:d0:3f:87:4e:35:e4:44:d2:
a9:36:65:cd:a3:64:c8:17:b0:06:b9:27:be:b5:d2:c3:50:cd:
f2:85:5e:c6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVt1AsozYsTFdA/+SZ63Mh4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjgxZDllODllMmM0NzEzMjFkOTY3ZjcwOTIwOTRkYWRm
ZTJhYTgwHhcNMjMwMTAxMTQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWQ3ZTUwNzFjYTY1Mzg0ZGE0MWUxMjNmNGJhM2VmNjIxOGVjZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnASSK4HOo7c2qdiFfzTtlP37mVE
UCCYlJjAbwy3A2jBUy9lGbH+L//3zVYjCGk5ZoZX9wDSdFGLHu9MitG29dywtvog
uARk3eMLs5GrT1MuhQadhcfjc1s62CNGXNXUPkVTScQOFV0yj1SMBR+fh0PHrBS3
nAKufWSRUbKE1FCmfqSYfxDbSytqeTLmwD5xAYlxqjhZ1Uoxcrp0lkI80fGIaZkO
yfawFgxyvMuGbaWl34UwTlwZ1+P97/xalVfxFPYy78UhIZrqZGbcK21U8dl9qcwV
KasnzmFJMwQMsthbWRwPN/1tdwbRQLVHobO+2oMfSb0g9y8fX27PXq8UawIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPnX5QccplOE2kHhI/S6PvYhjs5HMB8GA1UdIwQY
MBaAFA74HZ6J4sRxMh2Wf3CSCU2t/iqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUt
MDc1ZjI0ZTRiZTcxLzEvMS1kZmxCeHltVTRUYVFlRWo5TG8tOWlHT3prYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTEvNWQxNWE4LTIyYTctNDAxYi04YzVlLTA3NWYyNGU0YmU3
MS8xL0R2Z2Rub25peEhFeUhaWl9jSklKVGEzLUtxZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkQaAME
Ark6vDANBgkqhkiG9w0BAQsFAAOCAQEAYhxrTw1ceHrSP5QukRyiyBRyJ22WDlc1
rLHcwyA20V6nqx94UAb3nX+a1yjGCgEH6BOF6KSoGs3TRpQGQsxC7xcj0MhFsukA
lRQBZs7RPYdnz9fQNQzrKAOTHDYcBKcJQjRSdGn8vZElksSfpZGAQ7QTOOhGAWRR
oLey1Lgr2wBEzhtoJe/5/iTp4aEr8J+wCaUwOQkdRle/a+rY47f4R9ud3wSMSOz5
trl4RmUMOIeWiEbv1QxRe+6ZClYZAlT0WunvZNCuJHaLKnpTU7VLZzVS9m/GI0Yj
54f1kMPol42n4NA/h0415ETSqTZlzaNkyBewBrknvrXSw1DN8oVexg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:10 2024 by rpki-client on console-fra.rpki-client.org