Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/gPIyN673s-BydwWpcPRQk7gnQQw.roa
File: gPIyN673s-BydwWpcPRQk7gnQQw.roa (raw, json)
Hash identifier: yEM2t7tzwt/Kx8i10S54js4FQawEvafh+iejKSAirgI=
Subject key identifier: 80:F2:32:37:AE:F7:B3:E0:72:77:05:A9:70:F4:50:93:B8:27:41:0C
Certificate issuer: /CN=faf814df8575986dd904a98687583c138768a114
Certificate serial: 01897317E7E3E5559367E5039F94D589F4CF
Authority key identifier: FA:F8:14:DF:85:75:98:6D:D9:04:A9:86:87:58:3C:13:87:68:A1:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-vgU34V1mG3ZBKmGh1g8E4dooRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/gPIyN673s-BydwWpcPRQk7gnQQw.roa
Signing time: Thu 20 Jul 2023 11:38:13 +0000
ROA not before: Thu 20 Jul 2023 11:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21217
IP address blocks: 185.254.152.0/22 maxlen: 22
185.254.152.0/24 maxlen: 24
185.247.8.0/22 maxlen: 22
185.254.154.0/24 maxlen: 24
185.254.155.0/24 maxlen: 24
185.254.153.0/24 maxlen: 24
185.169.92.0/22 maxlen: 22
2001:40c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jul 2023 14:02:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:73:17:e7:e3:e5:55:93:67:e5:03:9f:94:d5:89:f4:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faf814df8575986dd904a98687583c138768a114
Validity
Not Before: Jul 20 11:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80f23237aef7b3e0727705a970f45093b827410c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:52:e3:9d:e6:ee:6a:e7:29:a0:95:1a:d1:ac:
6c:0a:1a:d8:99:ed:21:9f:7a:07:01:5d:da:24:ad:
3f:3b:41:ea:3a:6a:84:0c:4f:ec:f1:b0:6f:5c:3c:
bb:dc:a1:e6:e6:73:e4:91:57:e9:ea:ad:55:ef:d3:
4b:3d:26:03:da:17:df:42:44:97:55:3f:78:d1:fc:
2d:c4:cf:14:45:70:ff:49:fc:47:5d:99:ff:76:46:
7e:ec:8a:d3:97:e7:d0:dd:72:d4:13:a6:f1:45:fa:
ca:d1:fe:82:c4:4f:1e:7d:3e:2b:ff:70:c7:ca:fe:
d1:95:ba:e7:34:54:7b:0c:83:14:c6:7d:51:c8:d0:
d2:8f:ae:16:ce:36:62:e1:d9:0a:7f:da:b5:ce:59:
f7:3d:54:b7:54:9f:b7:6a:9c:02:58:b9:d8:4b:65:
7c:b5:f0:c8:f4:0f:22:55:ca:1d:77:f9:93:57:75:
1b:e3:33:44:0a:0a:79:42:fe:19:81:49:0d:f6:de:
4e:46:23:32:69:cc:49:b4:e6:ea:41:8b:59:18:c2:
6d:6a:86:25:8f:86:ae:29:2a:ac:6e:84:51:36:66:
48:f8:0d:88:2a:a3:a0:dd:8d:76:4a:15:c1:30:ad:
ee:19:e8:5b:37:fb:f5:56:c9:48:00:b5:3e:c8:35:
e1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:F2:32:37:AE:F7:B3:E0:72:77:05:A9:70:F4:50:93:B8:27:41:0C
X509v3 Authority Key Identifier:
keyid:FA:F8:14:DF:85:75:98:6D:D9:04:A9:86:87:58:3C:13:87:68:A1:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-vgU34V1mG3ZBKmGh1g8E4dooRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/gPIyN673s-BydwWpcPRQk7gnQQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/1-vgU34V1mG3ZBKmGh1g8E4dooRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.92.0/22
185.247.8.0/22
185.254.152.0/22
IPv6:
2001:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
30:aa:94:58:b3:7c:54:81:7b:e5:1e:59:b7:78:62:f9:61:61:
83:d7:44:6f:c7:7f:a2:0a:c4:9a:b5:13:5c:2d:b3:2a:4f:00:
ef:0a:a7:a0:23:9f:8e:b2:1e:e8:4f:b2:8f:9b:ac:e3:a2:19:
ff:1e:ff:0f:79:93:bb:8d:f8:6d:9c:18:ea:ec:99:b9:9c:bc:
69:62:cc:e9:a4:e4:c3:4d:1a:ba:af:17:84:1c:0c:05:04:d5:
71:85:52:50:4d:60:13:f2:43:d2:0f:11:49:07:48:70:65:ba:
9e:b9:95:07:41:84:24:9a:09:19:7b:9a:a1:9e:00:04:1c:2a:
58:52:92:f9:f5:69:8c:f7:57:e7:a5:69:0d:af:a8:ae:6b:c5:
72:a0:41:b9:55:cb:e8:44:51:30:77:61:49:04:59:8f:aa:71:
fb:d1:83:5a:99:ee:68:35:9b:6e:bb:57:59:62:b0:b7:8b:6f:
85:36:59:de:6a:4a:43:a8:b3:ae:a4:8e:76:28:fd:e5:81:fb:
31:5b:12:c5:fb:33:55:3c:28:27:74:03:ee:b2:cd:8f:6a:2a:
a9:04:56:a8:bf:fa:64:bd:f6:26:72:e0:94:9d:19:ae:a3:3a:
44:e4:c9:b3:ad:4a:e2:9f:d5:07:8f:f2:7b:7d:98:52:81:7d:
2c:bd:8f:3e
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYlzF+fj5VWTZ+UDn5TVifTPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZjgxNGRmODU3NTk4NmRkOTA0YTk4Njg3NTgzYzEzODc2
OGExMTQwHhcNMjMwNzIwMTEzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGYyMzIzN2FlZjdiM2UwNzI3NzA1YTk3MGY0NTA5M2I4Mjc0MTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlLjnebuaucpoJUa0axsChrYme0h
n3oHAV3aJK0/O0HqOmqEDE/s8bBvXDy73KHm5nPkkVfp6q1V79NLPSYD2hffQkSX
VT940fwtxM8URXD/SfxHXZn/dkZ+7IrTl+fQ3XLUE6bxRfrK0f6CxE8efT4r/3DH
yv7RlbrnNFR7DIMUxn1RyNDSj64WzjZi4dkKf9q1zln3PVS3VJ+3apwCWLnYS2V8
tfDI9A8iVcodd/mTV3Ub4zNECgp5Qv4ZgUkN9t5ORiMyacxJtObqQYtZGMJtaoYl
j4auKSqsboRRNmZI+A2IKqOg3Y12ShXBMK3uGehbN/v1VslIALU+yDXhlwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFIDyMjeu97PgcncFqXD0UJO4J0EMMB8GA1UdIwQY
MBaAFPr4FN+FdZht2QSphodYPBOHaKEUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS12Z1UzNFYxbUczWkJLbUdoMWc4RTRkb29SUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEvNmZiYmVkLTg3MWYtNDg1Yi1hZDFh
LTQ2MjY5ZDE3ZTlmMS8xL2dQSXlONjczcy1CeWR3V3BjUFJRazdnblFRdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWEvNmZiYmVkLTg3MWYtNDg1Yi1hZDFhLTQ2MjY5ZDE3ZTlm
MS8xLzEtdmdVMzRWMW1HM1pCS21HaDFnOEU0ZG9vUlEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPAYIKwYBBQUHAQcBAf8ELTArMBgEAgABMBIDBAK5qVwD
BAK59wgDBAK5/pgwDwQCAAIwCQMHACABQMAAADANBgkqhkiG9w0BAQsFAAOCAQEA
MKqUWLN8VIF75R5Zt3hi+WFhg9dEb8d/ogrEmrUTXC2zKk8A7wqnoCOfjrIe6E+y
j5us46IZ/x7/D3mTu434bZwY6uyZuZy8aWLM6aTkw00auq8XhBwMBQTVcYVSUE1g
E/JD0g8RSQdIcGW6nrmVB0GEJJoJGXuaoZ4ABBwqWFKS+fVpjPdX56VpDa+ormvF
cqBBuVXL6ERRMHdhSQRZj6px+9GDWpnuaDWbbrtXWWKwt4tvhTZZ3mpKQ6izrqSO
dij95YH7MVsSxfszVTwoJ3QD7rLNj2oqqQRWqL/6ZL32JnLglJ0ZrqM6ROTJs61K
4p/VB4/ye32YUoF9LL2PPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:39 2024 by rpki-client on console-ams.rpki-client.org