Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/oXz2YdR2SzV80KVHVYhmP3Fo6qM.roa
File: oXz2YdR2SzV80KVHVYhmP3Fo6qM.roa (raw, json)
Hash identifier: gEZ0dlir6USVLjX2dSMsgSYSAXXfjOYrVPBv5jIxF24=
Subject key identifier: A1:7C:F6:61:D4:76:4B:35:7C:D0:A5:47:55:88:66:3F:71:68:EA:A3
Certificate issuer: /CN=543c54067385a765b1d5617c43331956fb208e89
Certificate serial: 0186FED6AD6293DF9D317544B3829D12663C
Authority key identifier: 54:3C:54:06:73:85:A7:65:B1:D5:61:7C:43:33:19:56:FB:20:8E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VDxUBnOFp2Wx1WF8QzMZVvsgjok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/oXz2YdR2SzV80KVHVYhmP3Fo6qM.roa
Signing time: Mon 20 Mar 2023 11:45:27 +0000
ROA not before: Mon 20 Mar 2023 11:45:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198595
IP address blocks: 185.202.124.0/24 maxlen: 24
185.202.126.0/24 maxlen: 24
185.202.127.0/24 maxlen: 24
2001:67c:104::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 20 Mar 2023 13:34:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:d6:ad:62:93:df:9d:31:75:44:b3:82:9d:12:66:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543c54067385a765b1d5617c43331956fb208e89
Validity
Not Before: Mar 20 11:45:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a17cf661d4764b357cd0a5475588663f7168eaa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b9:68:39:69:ca:58:71:36:2e:99:03:11:7b:
67:82:36:47:04:b1:1d:ef:72:e4:fe:b7:3f:7a:9d:
d1:4b:9b:04:ef:0a:95:1a:4a:71:73:8f:47:b7:6f:
92:8c:3a:e6:25:f4:66:f0:4b:3a:79:c9:2c:c2:5d:
05:90:3a:e4:94:0e:07:57:65:b0:e1:d7:5d:c8:78:
fd:38:1a:4d:91:f0:83:c7:7d:aa:2d:21:10:96:2e:
e1:a0:a9:9d:6f:9f:e2:77:66:d2:66:0a:95:85:ac:
7c:b4:4a:4d:f3:56:db:9f:69:97:fb:72:ef:98:ef:
f6:f1:05:f0:fa:44:c9:65:30:78:52:6d:73:3a:7e:
61:29:6a:09:83:d3:a2:9b:47:b0:57:9c:66:7c:b0:
d3:55:6b:b8:e4:f0:90:2e:d7:17:8f:d4:64:fa:0d:
06:f2:80:6c:30:3d:b7:bd:a0:77:66:02:f6:97:69:
28:d0:9c:7e:89:07:c1:12:2d:5e:82:64:74:ad:6d:
ef:22:13:3b:13:e8:b0:7a:0e:86:0f:7a:e7:27:02:
62:83:fd:e4:9f:e2:4c:d0:a5:cf:70:88:e6:14:95:
ef:98:39:d6:16:8c:7d:a3:92:9a:1e:4d:24:33:88:
69:c3:54:c1:49:98:e8:46:74:21:73:16:ee:e0:e9:
15:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7C:F6:61:D4:76:4B:35:7C:D0:A5:47:55:88:66:3F:71:68:EA:A3
X509v3 Authority Key Identifier:
keyid:54:3C:54:06:73:85:A7:65:B1:D5:61:7C:43:33:19:56:FB:20:8E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VDxUBnOFp2Wx1WF8QzMZVvsgjok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/oXz2YdR2SzV80KVHVYhmP3Fo6qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/VDxUBnOFp2Wx1WF8QzMZVvsgjok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.124.0/24
185.202.126.0/23
IPv6:
2001:67c:104::/48
Signature Algorithm: sha256WithRSAEncryption
5c:b6:d4:aa:b5:54:12:65:72:8e:39:c7:10:7f:7f:3b:1a:d0:
7a:6f:3d:0a:4b:86:39:ce:ae:3e:bd:1f:0e:82:34:3a:10:a9:
76:47:56:52:9e:58:ab:7b:ad:41:68:70:53:91:87:55:61:1a:
fb:49:96:48:9f:98:fd:fe:89:ef:bc:51:b8:aa:80:11:6a:3a:
83:62:28:50:15:7a:cf:e7:59:3e:bb:0a:b8:4f:23:83:93:39:
9a:15:13:5e:45:4e:6d:55:26:18:b2:3e:c9:6e:2f:9a:47:36:
fb:b2:00:b1:d3:e7:a6:ad:07:c1:f8:7c:f7:ff:fa:4e:a2:f0:
1d:7a:c2:d9:79:d5:b3:65:8f:4b:4a:0b:64:3d:43:a5:d8:53:
9c:ec:b2:4e:f4:8a:09:d3:43:12:0b:e2:59:70:16:fa:5f:91:
70:a2:6a:9b:66:48:87:3f:71:01:78:78:34:46:91:c4:d9:36:
30:0d:a2:7f:eb:0b:3e:60:34:9a:05:1e:94:56:37:0e:18:49:
68:a5:5a:05:03:3b:d8:ef:80:83:31:ba:db:d9:1c:a6:03:0e:
c7:15:f9:4f:9d:b9:b6:20:b9:a1:95:bf:73:bd:98:0a:ce:3a:
b1:31:b0:70:b4:30:c8:c3:76:1d:35:41:a4:33:47:e0:68:e9:
82:8b:6a:eb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYb+1q1ik9+dMXVEs4KdEmY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2M1NDA2NzM4NWE3NjViMWQ1NjE3YzQzMzMxOTU2ZmIy
MDhlODkwHhcNMjMwMzIwMTE0NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTdjZjY2MWQ0NzY0YjM1N2NkMGE1NDc1NTg4NjYzZjcxNjhlYWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrloOWnKWHE2LpkDEXtngjZHBLEd
73Lk/rc/ep3RS5sE7wqVGkpxc49Ht2+SjDrmJfRm8Es6eckswl0FkDrklA4HV2Ww
4dddyHj9OBpNkfCDx32qLSEQli7hoKmdb5/id2bSZgqVhax8tEpN81bbn2mX+3Lv
mO/28QXw+kTJZTB4Um1zOn5hKWoJg9Oim0ewV5xmfLDTVWu45PCQLtcXj9Rk+g0G
8oBsMD23vaB3ZgL2l2ko0Jx+iQfBEi1egmR0rW3vIhM7E+iweg6GD3rnJwJig/3k
n+JM0KXPcIjmFJXvmDnWFox9o5KaHk0kM4hpw1TBSZjoRnQhcxbu4OkVwQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKF89mHUdks1fNClR1WIZj9xaOqjMB8GA1UdIwQY
MBaAFFQ8VAZzhadlsdVhfEMzGVb7II6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkR4VUJuT0ZwMld4MVdGOFF6TVpWdnNnam9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82M2ZiZjgtNWNmZi00OTkxLThmMjct
YTQxYTQ4MzRlY2FhLzEvb1h6MllkUjJTelY4MEtWSFZZaG1QM0ZvNnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82M2ZiZjgtNWNmZi00OTkxLThmMjctYTQxYTQ4MzRlY2Fh
LzEvVkR4VUJuT0ZwMld4MVdGOFF6TVpWdnNnam9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAucp8AwQB
ucp+MA8EAgACMAkDBwAgAQZ8AQQwDQYJKoZIhvcNAQELBQADggEBAFy21Kq1VBJl
co45xxB/fzsa0HpvPQpLhjnOrj69Hw6CNDoQqXZHVlKeWKt7rUFocFORh1VhGvtJ
lkifmP3+ie+8UbiqgBFqOoNiKFAVes/nWT67CrhPI4OTOZoVE15FTm1VJhiyPslu
L5pHNvuyALHT56atB8H4fPf/+k6i8B16wtl51bNlj0tKC2Q9Q6XYU5zssk70ignT
QxIL4llwFvpfkXCiaptmSIc/cQF4eDRGkcTZNjANon/rCz5gNJoFHpRWNw4YSWil
WgUDO9jvgIMxutvZHKYDDscV+U+dubYguaGVv3O9mArOOrExsHC0MMjDdh01QaQz
R+Bo6YKLaus=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org