Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/dfb03e-cb87-4ba4-8836-2f13abdd205f/1/wDYKYvOOUfkYube4CGO6fKjqBgA.roa
File: wDYKYvOOUfkYube4CGO6fKjqBgA.roa (raw, json)
Hash identifier: ROJiC38t5HrQmT97YVKnqUEk+w/8j4ZrYCCvhI+q3TE=
Subject key identifier: C0:36:0A:62:F3:8E:51:F9:18:B9:B7:B8:08:63:BA:7C:A8:EA:06:00
Certificate issuer: /CN=77d01100407f553f0fb131be72b32e4981237efc
Certificate serial: 01856F42B907FD20AC4A034298D82AFDE21E
Authority key identifier: 77:D0:11:00:40:7F:55:3F:0F:B1:31:BE:72:B3:2E:49:81:23:7E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9ARAEB_VT8PsTG-crMuSYEjfvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/dfb03e-cb87-4ba4-8836-2f13abdd205f/1/wDYKYvOOUfkYube4CGO6fKjqBgA.roa
Signing time: Sun 01 Jan 2023 21:35:21 +0000
ROA not before: Sun 01 Jan 2023 21:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48655
IP address blocks: 185.226.208.0/22 maxlen: 22
185.224.208.0/22 maxlen: 22
185.226.156.0/22 maxlen: 22
2a0c:6200::/29 maxlen: 29
2a0c:6200::/34 maxlen: 34
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:b9:07:fd:20:ac:4a:03:42:98:d8:2a:fd:e2:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77d01100407f553f0fb131be72b32e4981237efc
Validity
Not Before: Jan 1 21:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0360a62f38e51f918b9b7b80863ba7ca8ea0600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e8:9d:63:8d:5a:81:8a:89:e7:c7:69:7c:09:
6a:ad:62:20:57:70:8c:07:23:4f:06:94:1c:74:01:
44:dc:fc:36:f2:b1:53:d9:ef:0a:b3:96:eb:e4:c4:
3e:e2:1b:84:95:c1:a2:fc:6b:15:ee:7c:9f:e6:64:
94:70:3c:27:41:52:1c:42:3f:36:4e:53:a0:a3:dc:
27:33:52:6c:9f:e4:9e:72:f0:7f:86:90:6c:b6:e4:
96:ef:2a:dd:c1:7c:87:67:9e:ac:8a:5d:ec:d5:16:
a2:ad:02:98:cf:f0:bd:51:90:5a:eb:06:d8:76:5b:
28:38:5f:01:5a:c8:7a:b6:c7:5c:d5:bb:1d:a9:52:
30:e2:83:77:06:56:fd:54:40:8d:f0:e3:58:95:57:
33:2a:98:c4:e3:9a:ad:2b:a6:62:05:9a:90:d6:c9:
9e:13:0a:b8:f5:07:c5:78:7e:00:20:3a:06:12:fe:
ac:9b:7b:c0:bd:81:7b:f3:d9:48:d8:c6:fe:09:3f:
38:80:2a:ff:41:1d:99:9b:23:72:d6:b2:04:db:82:
03:28:ed:53:1c:80:94:f6:c4:7d:a4:34:e9:35:82:
62:3d:3a:00:e3:e3:0e:c7:4a:0e:f7:ea:6e:87:4d:
1d:fd:e8:26:77:b5:9c:52:aa:64:65:66:56:37:0f:
89:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:36:0A:62:F3:8E:51:F9:18:B9:B7:B8:08:63:BA:7C:A8:EA:06:00
X509v3 Authority Key Identifier:
keyid:77:D0:11:00:40:7F:55:3F:0F:B1:31:BE:72:B3:2E:49:81:23:7E:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9ARAEB_VT8PsTG-crMuSYEjfvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dfb03e-cb87-4ba4-8836-2f13abdd205f/1/wDYKYvOOUfkYube4CGO6fKjqBgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dfb03e-cb87-4ba4-8836-2f13abdd205f/1/d9ARAEB_VT8PsTG-crMuSYEjfvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.208.0/22
185.226.156.0/22
185.226.208.0/22
IPv6:
2a0c:6200::/29
Signature Algorithm: sha256WithRSAEncryption
1e:4c:b2:1d:e1:e7:6e:00:f8:18:14:f7:c4:dd:33:85:39:db:
35:b5:fe:f7:59:26:28:dd:cc:a1:c2:9f:bd:c9:3b:0d:d9:04:
5c:f7:be:9c:21:0e:cf:95:95:81:15:8f:c3:66:ff:3f:c9:0d:
ab:e0:06:49:d8:42:06:1a:91:d1:27:dd:ac:06:21:95:4a:a4:
18:f7:1d:dc:e9:44:0c:66:f7:8c:74:c8:9a:d5:e0:7c:c5:cc:
ae:20:61:6b:75:ec:47:39:3c:a7:3f:22:09:75:15:23:eb:15:
cc:b8:85:57:4f:9b:65:c6:0a:22:6e:32:3e:40:6b:64:fe:61:
f2:60:c0:0b:d3:25:dd:ee:3e:0e:18:f7:90:fb:fd:1f:c5:7e:
8f:7d:b4:0c:55:e2:8c:24:75:99:c6:2c:6c:8f:65:21:90:c0:
87:9c:6c:63:1c:9a:48:1a:26:bf:9b:99:11:36:91:5e:79:7b:
21:be:40:ce:14:f7:c5:df:41:a5:6a:7e:74:9c:b5:8a:c1:c1:
35:2b:95:ac:d5:64:45:ae:93:d2:0e:cd:a1:4b:4c:d0:53:21:
e5:d8:06:54:c9:3a:89:4b:ab:23:a6:eb:7f:db:5d:d7:5d:fa:
87:bc:37:57:74:ff:19:66:c6:1c:a2:ca:79:cf:79:41:bf:21:
b7:2e:6e:6a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvQrkH/SCsSgNCmNgq/eIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZDAxMTAwNDA3ZjU1M2YwZmIxMzFiZTcyYjMyZTQ5ODEy
MzdlZmMwHhcNMjMwMTAxMjEzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDM2MGE2MmYzOGU1MWY5MThiOWI3YjgwODYzYmE3Y2E4ZWEwNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+idY41agYqJ58dpfAlqrWIgV3CM
ByNPBpQcdAFE3Pw28rFT2e8Ks5br5MQ+4huElcGi/GsV7nyf5mSUcDwnQVIcQj82
TlOgo9wnM1Jsn+SecvB/hpBstuSW7yrdwXyHZ56sil3s1RairQKYz/C9UZBa6wbY
dlsoOF8BWsh6tsdc1bsdqVIw4oN3Blb9VECN8ONYlVczKpjE45qtK6ZiBZqQ1sme
Ewq49QfFeH4AIDoGEv6sm3vAvYF789lI2Mb+CT84gCr/QR2ZmyNy1rIE24IDKO1T
HICU9sR9pDTpNYJiPToA4+MOx0oO9+puh00d/egmd7WcUqpkZWZWNw+JVwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMA2CmLzjlH5GLm3uAhjunyo6gYAMB8GA1UdIwQY
MBaAFHfQEQBAf1U/D7ExvnKzLkmBI378MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDlBUkFFQl9WVDhQc1RHLWNyTXVTWUVqZnZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kZmIwM2UtY2I4Ny00YmE0LTg4MzYt
MmYxM2FiZGQyMDVmLzEvd0RZS1l2T09VZmtZdWJlNENHTzZmS2pxQmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9kZmIwM2UtY2I4Ny00YmE0LTg4MzYtMmYxM2FiZGQyMDVm
LzEvZDlBUkFFQl9WVDhQc1RHLWNyTXVTWUVqZnZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCueDQAwQC
ueKcAwQCueLQMA0EAgACMAcDBQMqDGIAMA0GCSqGSIb3DQEBCwUAA4IBAQAeTLId
4eduAPgYFPfE3TOFOds1tf73WSYo3cyhwp+9yTsN2QRc976cIQ7PlZWBFY/DZv8/
yQ2r4AZJ2EIGGpHRJ92sBiGVSqQY9x3c6UQMZveMdMia1eB8xcyuIGFrdexHOTyn
PyIJdRUj6xXMuIVXT5tlxgoibjI+QGtk/mHyYMAL0yXd7j4OGPeQ+/0fxX6PfbQM
VeKMJHWZxixsj2UhkMCHnGxjHJpIGia/m5kRNpFeeXshvkDOFPfF30Glan50nLWK
wcE1K5Ws1WRFrpPSDs2hS0zQUyHl2AZUyTqJS6sjput/213XXfqHvDdXdP8ZZsYc
osp5z3lBvyG3Lm5q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:23 2024 by rpki-client on console-fra.rpki-client.org