Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/b739e9-16a8-42df-820c-18a768b60fcd/1/DThZXhqs5tovezrOXG_0AlWR2-k.roa
File: DThZXhqs5tovezrOXG_0AlWR2-k.roa (raw, json)
Hash identifier: 9SV8Rmea0iFSpNF9CN3pE35oUyKj6dRvjxFqZnZY8Fk=
Subject key identifier: 0D:38:59:5E:1A:AC:E6:DA:2F:7B:3A:CE:5C:6F:F4:02:55:91:DB:E9
Certificate issuer: /CN=abc3a3091c3b1a8c9e82a09d374090f6d7300b20
Certificate serial: 018570FBD9CE9277B997244A4F1543A3E8D4
Authority key identifier: AB:C3:A3:09:1C:3B:1A:8C:9E:82:A0:9D:37:40:90:F6:D7:30:0B:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8OjCRw7GoyegqCdN0CQ9tcwCyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/b739e9-16a8-42df-820c-18a768b60fcd/1/DThZXhqs5tovezrOXG_0AlWR2-k.roa
Signing time: Mon 02 Jan 2023 05:37:11 +0000
ROA not before: Mon 02 Jan 2023 05:37:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44531
IP address blocks: 185.150.111.0/24 maxlen: 24
185.150.108.0/24 maxlen: 24
185.150.109.0/24 maxlen: 24
185.150.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:d9:ce:92:77:b9:97:24:4a:4f:15:43:a3:e8:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc3a3091c3b1a8c9e82a09d374090f6d7300b20
Validity
Not Before: Jan 2 05:37:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d38595e1aace6da2f7b3ace5c6ff4025591dbe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f8:41:b0:aa:fb:91:a8:0c:19:74:73:eb:20:
5c:08:90:f2:6b:7f:ea:24:32:75:7d:9f:b4:2f:8c:
2e:79:d1:4b:c5:e1:e2:89:9e:4e:ff:f0:52:94:6f:
5c:2e:17:ad:55:f1:21:bc:58:ee:9d:1c:20:27:18:
92:94:0c:09:d2:01:29:74:9a:f2:c6:2f:66:fd:8f:
cb:4f:c7:cc:e2:95:2a:6a:16:d6:15:56:c1:fb:d6:
77:cb:be:b4:f2:bd:f2:b1:1b:e6:15:30:23:8c:fd:
54:08:91:51:0d:d5:ad:88:bc:f3:5d:12:46:cf:2a:
92:10:03:74:c8:62:2a:ce:06:3b:0d:0e:9e:5d:0f:
29:4b:33:cd:22:57:3e:7d:ac:ee:de:a2:e0:81:c4:
0b:ce:1d:c6:a3:32:82:49:1f:b1:f1:42:4a:cb:90:
c6:4b:5e:e9:0b:f8:94:a9:e5:c4:b7:54:19:5f:c5:
0d:af:d2:f1:32:39:68:09:93:c4:36:9a:3c:3c:f8:
42:e7:da:76:d9:06:a7:84:de:2c:85:2b:8a:db:58:
76:3d:20:20:dc:67:e6:89:2c:72:55:e2:4d:5e:22:
8b:01:45:fb:d8:53:67:0d:41:72:d8:54:b9:e9:51:
35:18:04:7f:3e:f2:f8:cf:f0:40:e3:9e:c3:6e:9e:
c0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:38:59:5E:1A:AC:E6:DA:2F:7B:3A:CE:5C:6F:F4:02:55:91:DB:E9
X509v3 Authority Key Identifier:
keyid:AB:C3:A3:09:1C:3B:1A:8C:9E:82:A0:9D:37:40:90:F6:D7:30:0B:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8OjCRw7GoyegqCdN0CQ9tcwCyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b739e9-16a8-42df-820c-18a768b60fcd/1/DThZXhqs5tovezrOXG_0AlWR2-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b739e9-16a8-42df-820c-18a768b60fcd/1/q8OjCRw7GoyegqCdN0CQ9tcwCyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.108.0/22
Signature Algorithm: sha256WithRSAEncryption
65:87:1d:fa:11:aa:1e:dc:9c:e2:f8:58:6c:b1:b0:36:35:4c:
92:cc:5d:f2:cc:e1:52:c1:47:6b:db:e8:26:88:b7:e6:c8:c9:
62:b7:2d:2c:d7:66:25:6b:ac:25:4b:39:c0:0b:71:06:3c:a6:
68:19:90:74:ca:52:c2:75:30:ec:55:e9:29:71:1a:8c:2d:ba:
4e:2d:d4:5a:ef:64:e0:89:2f:64:5a:b2:a4:b8:66:a3:55:04:
a5:14:ee:c2:46:5a:32:db:ab:43:cd:37:d5:d9:24:39:29:a3:
cc:8b:c3:aa:d1:f4:b3:2a:8d:f9:e8:2e:07:de:01:09:8f:1f:
54:b0:bc:dd:f3:b7:6f:b0:ad:fe:87:07:7a:c1:58:62:85:76:
36:65:3b:4c:ba:e5:26:96:e0:5e:9e:fd:7e:c7:11:5a:b6:99:
40:d4:95:f4:c7:c6:b5:a1:10:74:0a:3c:48:9b:6c:3f:42:b3:
e6:0a:ad:a1:da:d9:cf:83:82:69:8f:57:8f:4c:61:e1:9f:ab:
27:dc:d8:2d:86:5e:bc:58:91:b5:42:d4:14:07:87:52:e5:d0:
6d:29:f7:07:d1:5f:a0:a8:f3:ee:1a:4c:21:15:dc:60:a0:28:
ac:ac:d6:80:6f:b8:13:2c:e2:88:1b:fa:2e:9a:ee:9b:e0:57:
93:fb:f2:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+9nOkne5lyRKTxVDo+jUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzNhMzA5MWMzYjFhOGM5ZTgyYTA5ZDM3NDA5MGY2ZDcz
MDBiMjAwHhcNMjMwMTAyMDUzNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDM4NTk1ZTFhYWNlNmRhMmY3YjNhY2U1YzZmZjQwMjU1OTFkYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/hBsKr7kagMGXRz6yBcCJDya3/q
JDJ1fZ+0L4wuedFLxeHiiZ5O//BSlG9cLhetVfEhvFjunRwgJxiSlAwJ0gEpdJry
xi9m/Y/LT8fM4pUqahbWFVbB+9Z3y7608r3ysRvmFTAjjP1UCJFRDdWtiLzzXRJG
zyqSEAN0yGIqzgY7DQ6eXQ8pSzPNIlc+fazu3qLggcQLzh3GozKCSR+x8UJKy5DG
S17pC/iUqeXEt1QZX8UNr9LxMjloCZPENpo8PPhC59p22QanhN4shSuK21h2PSAg
3GfmiSxyVeJNXiKLAUX72FNnDUFy2FS56VE1GAR/PvL4z/BA457Dbp7AbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA04WV4arObaL3s6zlxv9AJVkdvpMB8GA1UdIwQY
MBaAFKvDowkcOxqMnoKgnTdAkPbXMAsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThPakNSdzdHb3llZ3FDZE4wQ1E5dGN3Q3lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iNzM5ZTktMTZhOC00MmRmLTgyMGMt
MThhNzY4YjYwZmNkLzEvRFRoWlhocXM1dG92ZXpyT1hHXzBBbFdSMi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iNzM5ZTktMTZhOC00MmRmLTgyMGMtMThhNzY4YjYwZmNk
LzEvcThPakNSdzdHb3llZ3FDZE4wQ1E5dGN3Q3lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZZsMA0G
CSqGSIb3DQEBCwUAA4IBAQBlhx36Eaoe3Jzi+FhssbA2NUySzF3yzOFSwUdr2+gm
iLfmyMlity0s12Yla6wlSznAC3EGPKZoGZB0ylLCdTDsVekpcRqMLbpOLdRa72Tg
iS9kWrKkuGajVQSlFO7CRloy26tDzTfV2SQ5KaPMi8Oq0fSzKo356C4H3gEJjx9U
sLzd87dvsK3+hwd6wVhihXY2ZTtMuuUmluBenv1+xxFatplA1JX0x8a1oRB0CjxI
m2w/QrPmCq2h2tnPg4Jpj1ePTGHhn6sn3Ngthl68WJG1QtQUB4dS5dBtKfcH0V+g
qPPuGkwhFdxgoCisrNaAb7gTLOKIG/oumu6b4FeT+/K4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:24 2024 by rpki-client on console-ams.rpki-client.org