Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/iOYbtJf5gcwZK4gXYru9sknzjVk.roa
File: iOYbtJf5gcwZK4gXYru9sknzjVk.roa (raw, json)
Hash identifier: cf8tdpo+pWR55JobhD5AArO9M9q91kzJ22yVm0BZ+Wg=
Subject key identifier: 88:E6:1B:B4:97:F9:81:CC:19:2B:88:17:62:BB:BD:B2:49:F3:8D:59
Certificate issuer: /CN=69042c1f27a7d7862475087023dc97c3330f73c6
Certificate serial: 01856E1D3CBED0807622C1227D054549A04F
Authority key identifier: 69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/iOYbtJf5gcwZK4gXYru9sknzjVk.roa
Signing time: Sun 01 Jan 2023 16:14:47 +0000
ROA not before: Sun 01 Jan 2023 16:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48847
IP address blocks: 185.104.68.144/28 maxlen: 28
185.104.71.32/28 maxlen: 28
185.104.71.176/29 maxlen: 29
185.104.68.240/29 maxlen: 29
185.104.70.220/30 maxlen: 30
185.104.68.0/26 maxlen: 26
185.104.68.64/26 maxlen: 26
185.104.71.0/24 maxlen: 24
185.104.70.0/24 maxlen: 24
185.104.68.0/22 maxlen: 22
185.104.68.0/24 maxlen: 24
185.104.71.16/30 maxlen: 30
185.104.71.20/30 maxlen: 30
2a06:3480::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 31 Jan 2023 15:23:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:3c:be:d0:80:76:22:c1:22:7d:05:45:49:a0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69042c1f27a7d7862475087023dc97c3330f73c6
Validity
Not Before: Jan 1 16:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88e61bb497f981cc192b881762bbbdb249f38d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a1:d5:2f:4e:0b:e6:a7:d7:d6:b0:d7:d3:37:
4e:3a:08:4f:38:d4:b5:b0:36:b4:5d:0b:96:46:87:
9f:c0:65:9c:c7:81:cb:2f:54:c5:10:6c:19:79:2e:
7e:b0:f6:74:e7:04:6c:aa:c8:a5:2f:a2:3b:c9:5f:
d9:66:54:3b:6e:91:21:fa:33:0f:3b:39:d2:3e:28:
03:f6:36:87:7a:b1:7a:e4:57:ac:41:74:3f:ed:61:
2f:31:96:c5:fc:2b:2a:dd:23:df:1f:50:b1:c9:1a:
f5:64:be:69:f7:eb:d7:8f:59:cd:17:5d:57:7b:ba:
e5:27:2b:04:82:fa:0b:16:0c:54:3a:b1:07:e3:3e:
33:24:f7:44:8b:56:ae:fd:ca:f3:b9:02:ad:17:c2:
cc:bd:92:d0:b5:46:0f:bb:aa:a1:21:4b:4c:54:f8:
f9:e2:81:21:04:cf:b8:e5:de:14:c5:a4:f7:71:22:
f4:63:d6:5e:7c:06:39:7a:1a:95:15:fa:7f:80:a5:
84:e1:8e:69:ed:e3:91:48:9f:76:03:1d:e0:ff:77:
ad:6d:51:fc:49:bc:1b:99:76:f0:cc:3b:28:a8:7d:
c7:46:aa:73:7a:60:0c:b2:38:ba:db:72:73:03:97:
bd:86:4e:4c:7e:4c:af:9f:10:22:4d:d9:ca:1b:82:
6b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E6:1B:B4:97:F9:81:CC:19:2B:88:17:62:BB:BD:B2:49:F3:8D:59
X509v3 Authority Key Identifier:
keyid:69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/iOYbtJf5gcwZK4gXYru9sknzjVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.68.0/22
IPv6:
2a06:3480::/29
Signature Algorithm: sha256WithRSAEncryption
b0:9e:a0:d9:97:43:25:ed:5c:e6:8c:03:5d:cc:f7:3a:91:87:
05:ca:80:05:86:62:12:8a:e0:9b:35:ab:4c:81:fa:84:29:c9:
ef:95:21:41:cb:1b:36:bf:db:97:fb:b1:78:e0:70:9b:44:ff:
3e:73:ff:b1:ed:41:7d:4b:e9:3b:8f:ad:a8:f6:b8:14:1b:a5:
d4:b8:60:83:da:29:58:2f:31:2a:ce:9f:63:43:70:a2:ee:26:
6d:f6:7a:5b:d1:fd:49:09:ca:98:45:1a:55:4c:11:13:44:26:
e0:f4:96:d7:2c:56:c7:53:d3:a1:d8:59:63:51:22:e7:b3:57:
d1:56:1a:99:77:e7:b6:21:4b:6b:24:c6:67:4c:63:42:64:86:
dd:3b:c6:12:98:9d:25:2e:5d:a6:f7:91:de:a0:c7:e4:b4:b5:
d4:1b:9e:4c:20:ee:24:b9:37:19:5f:99:81:e6:2d:32:cc:58:
cc:3a:27:ee:b4:8a:03:12:d1:7c:c0:1b:6d:73:8b:3f:0c:55:
a6:f3:c6:ba:44:41:8d:dd:5c:e2:b0:bc:1d:d3:b4:48:f5:c2:
33:8e:c5:e8:4d:c0:d9:74:34:32:fb:28:3b:7d:27:9d:54:d1:
28:ed:16:f4:ce:26:8b:ec:db:95:58:f6:2e:39:d9:09:fe:fe:
25:cf:ed:1f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuHTy+0IB2IsEifQVFSaBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDQyYzFmMjdhN2Q3ODYyNDc1MDg3MDIzZGM5N2MzMzMw
ZjczYzYwHhcNMjMwMTAxMTYxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGU2MWJiNDk3Zjk4MWNjMTkyYjg4MTc2MmJiYmRiMjQ5ZjM4ZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaHVL04L5qfX1rDX0zdOOghPONS1
sDa0XQuWRoefwGWcx4HLL1TFEGwZeS5+sPZ05wRsqsilL6I7yV/ZZlQ7bpEh+jMP
OznSPigD9jaHerF65FesQXQ/7WEvMZbF/Csq3SPfH1CxyRr1ZL5p9+vXj1nNF11X
e7rlJysEgvoLFgxUOrEH4z4zJPdEi1au/crzuQKtF8LMvZLQtUYPu6qhIUtMVPj5
4oEhBM+45d4UxaT3cSL0Y9ZefAY5ehqVFfp/gKWE4Y5p7eORSJ92Ax3g/3etbVH8
SbwbmXbwzDsoqH3HRqpzemAMsji623JzA5e9hk5MfkyvnxAiTdnKG4JrCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIjmG7SX+YHMGSuIF2K7vbJJ841ZMB8GA1UdIwQY
MBaAFGkELB8np9eGJHUIcCPcl8MzD3PGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgt
Y2JiM2Q2MzVkODJmLzEvaU9ZYnRKZjVnY3daSzRnWFlydTlza256alZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgtY2JiM2Q2MzVkODJm
LzEvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWhEMA0E
AgACMAcDBQMqBjSAMA0GCSqGSIb3DQEBCwUAA4IBAQCwnqDZl0Ml7VzmjANdzPc6
kYcFyoAFhmISiuCbNatMgfqEKcnvlSFByxs2v9uX+7F44HCbRP8+c/+x7UF9S+k7
j62o9rgUG6XUuGCD2ilYLzEqzp9jQ3Ci7iZt9npb0f1JCcqYRRpVTBETRCbg9JbX
LFbHU9Oh2FljUSLns1fRVhqZd+e2IUtrJMZnTGNCZIbdO8YSmJ0lLl2m95HeoMfk
tLXUG55MIO4kuTcZX5mB5i0yzFjMOifutIoDEtF8wBttc4s/DFWm88a6REGN3Vzi
sLwd07RI9cIzjsXoTcDZdDQy+yg7fSedVNEo7Rb0ziaL7NuVWPYuOdkJ/v4lz+0f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:27 2024 by rpki-client on console-fra.rpki-client.org