Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/ekygWIB94NqT_7JOxADrUaP-vts.roa
File: ekygWIB94NqT_7JOxADrUaP-vts.roa (raw, json)
Hash identifier: iQNbE5vBZX4Vli5xv/n1EY+amo/T0EddNOqTaTaMcn0=
Subject key identifier: 7A:4C:A0:58:80:7D:E0:DA:93:FF:B2:4E:C4:00:EB:51:A3:FE:BE:DB
Certificate issuer: /CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Certificate serial: 0186F0746C2571D34BA648F4B1C4798AC9A2
Authority key identifier: DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/ekygWIB94NqT_7JOxADrUaP-vts.roa
Signing time: Fri 17 Mar 2023 16:43:27 +0000
ROA not before: Fri 17 Mar 2023 16:43:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42845
IP address blocks: 185.232.224.0/22 maxlen: 22
185.40.224.0/22 maxlen: 22
2a00:7200::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f0:74:6c:25:71:d3:4b:a6:48:f4:b1:c4:79:8a:c9:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Validity
Not Before: Mar 17 16:43:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a4ca058807de0da93ffb24ec400eb51a3febedb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:74:b1:ae:6a:d1:5e:62:b9:5e:0a:68:b8:a8:
18:a6:67:38:6d:99:b8:8c:be:5f:4d:f0:e0:e7:d6:
44:12:bb:4c:8a:00:03:ec:1f:88:95:f3:2c:33:7b:
79:78:33:14:65:62:cc:92:9e:df:a6:b2:a1:b6:24:
e3:aa:70:24:f9:5a:69:b1:39:f5:35:af:02:98:a7:
b5:ac:e1:71:46:bf:53:90:23:68:85:0f:be:08:84:
56:ed:3e:dd:73:19:5d:6b:1d:12:9a:7e:12:f3:e0:
67:8b:f2:5b:62:26:57:47:03:f4:bc:f4:b4:a3:40:
1b:37:9a:63:2e:b0:36:42:43:4a:01:18:ca:a7:ee:
31:6f:3f:77:e9:3d:5c:9b:91:b6:ea:1d:9f:04:91:
e2:c4:76:0d:b5:27:38:a3:3a:0b:40:3b:48:08:02:
fa:bd:c5:1a:96:9d:1a:e2:65:14:2a:33:22:bd:25:
c6:b6:d1:1b:02:67:95:1e:23:27:4a:c6:71:07:00:
41:51:28:05:92:df:71:1b:35:30:f1:ec:28:1e:16:
75:69:64:7a:b9:fd:ef:a9:21:0b:3d:69:2e:3c:49:
79:46:5c:4b:e5:a1:29:b6:40:f3:05:84:99:f8:70:
41:79:71:8d:95:b8:64:11:80:91:d1:78:1b:6f:28:
3a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4C:A0:58:80:7D:E0:DA:93:FF:B2:4E:C4:00:EB:51:A3:FE:BE:DB
X509v3 Authority Key Identifier:
keyid:DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/ekygWIB94NqT_7JOxADrUaP-vts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.224.0/22
185.232.224.0/22
IPv6:
2a00:7200::/32
Signature Algorithm: sha256WithRSAEncryption
69:7e:ff:97:1a:38:c7:fc:f9:ee:6d:da:b2:be:41:72:f7:d0:
ea:81:19:6c:fb:b6:ce:9d:97:87:7d:eb:0f:72:cd:4f:fa:5d:
c9:a4:00:22:f4:34:fb:78:c4:f4:90:2c:6a:f2:1e:94:2b:4e:
17:5a:ba:ad:f3:14:77:e4:41:e5:02:df:51:05:e4:cb:23:ea:
1a:d9:70:e4:d5:74:fd:37:ed:ee:04:41:96:64:db:12:f6:be:
e1:c3:95:6e:42:f7:3f:b5:06:53:99:8a:87:2e:3f:29:b5:48:
ef:98:22:13:5a:c7:32:d1:6f:6b:62:c4:ac:54:99:31:36:36:
67:b6:a3:ec:b8:84:6f:03:86:06:be:9e:d8:c3:28:b0:2f:8d:
d2:60:89:bc:e4:47:d4:88:6a:95:ee:8d:f1:be:2d:10:88:9a:
72:57:fc:60:b7:1f:2d:25:84:b7:56:fc:f4:b6:db:4c:d9:52:
99:2f:f8:8e:5e:dd:69:1d:9d:bd:a8:1c:5a:28:8c:1c:85:33:
f8:23:f0:7c:bd:1a:e6:51:05:b4:fd:c5:6a:d3:d4:67:13:81:
a8:73:4d:c6:2a:f2:a8:15:a5:98:cf:cb:fa:47:ad:ba:11:34:
54:64:9b:03:e1:f3:32:74:51:e3:4e:01:58:e5:88:43:4d:29:
3b:54:93:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbwdGwlcdNLpkj0scR5ismiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZWFkOTE5Yjg1YTEzMDUxZDAyMDhiN2UyOGRkY2NiMzk4
YjE0ZDYwHhcNMjMwMzE3MTY0MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTRjYTA1ODgwN2RlMGRhOTNmZmIyNGVjNDAwZWI1MWEzZmViZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnSxrmrRXmK5XgpouKgYpmc4bZm4
jL5fTfDg59ZEErtMigAD7B+IlfMsM3t5eDMUZWLMkp7fprKhtiTjqnAk+VppsTn1
Na8CmKe1rOFxRr9TkCNohQ++CIRW7T7dcxldax0Smn4S8+Bni/JbYiZXRwP0vPS0
o0AbN5pjLrA2QkNKARjKp+4xbz936T1cm5G26h2fBJHixHYNtSc4ozoLQDtICAL6
vcUalp0a4mUUKjMivSXGttEbAmeVHiMnSsZxBwBBUSgFkt9xGzUw8ewoHhZ1aWR6
uf3vqSELPWkuPEl5RlxL5aEptkDzBYSZ+HBBeXGNlbhkEYCR0Xgbbyg6PQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHpMoFiAfeDak/+yTsQA61Gj/r7bMB8GA1UdIwQY
MBaAFN3q2Rm4WhMFHQIIt+KN3Ms5ixTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQt
NDhiOGI1YTliNDExLzEvZWt5Z1dJQjk0TnFUXzdKT3hBRHJVYVAtdnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQtNDhiOGI1YTliNDEx
LzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSjgAwQC
uejgMA0EAgACMAcDBQAqAHIAMA0GCSqGSIb3DQEBCwUAA4IBAQBpfv+XGjjH/Pnu
bdqyvkFy99DqgRls+7bOnZeHfesPcs1P+l3JpAAi9DT7eMT0kCxq8h6UK04XWrqt
8xR35EHlAt9RBeTLI+oa2XDk1XT9N+3uBEGWZNsS9r7hw5VuQvc/tQZTmYqHLj8p
tUjvmCITWscy0W9rYsSsVJkxNjZntqPsuIRvA4YGvp7YwyiwL43SYIm85EfUiGqV
7o3xvi0QiJpyV/xgtx8tJYS3Vvz0tttM2VKZL/iOXt1pHZ29qBxaKIwchTP4I/B8
vRrmUQW0/cVq09RnE4Goc03GKvKoFaWYz8v6R626ETRUZJsD4fMydFHjTgFY5YhD
TSk7VJPj
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:50 2023 by rpki-client on console-ams.rpki-client.org