Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/ds9ihzvldhNwBEeWHtAaZ3kl3d8.roa
File: ds9ihzvldhNwBEeWHtAaZ3kl3d8.roa (raw, json)
Hash identifier: EE7QcV3os9jZJrqVyAdrzU5V+gpg9TbIsAW25iIrDOg=
Subject key identifier: 76:CF:62:87:3B:E5:76:13:70:04:47:96:1E:D0:1A:67:79:25:DD:DF
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 0185723A36E4D7128E1EA2D66D4AE9D9E8E4
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/ds9ihzvldhNwBEeWHtAaZ3kl3d8.roa
Signing time: Mon 02 Jan 2023 11:24:55 +0000
ROA not before: Mon 02 Jan 2023 11:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197727
IP address blocks: 194.151.12.0/24 maxlen: 24
185.15.165.0/24 maxlen: 24
185.15.164.0/22 maxlen: 22
185.15.167.0/24 maxlen: 24
194.151.85.0/24 maxlen: 24
194.151.86.0/24 maxlen: 24
2001:67c:21ac::/48 maxlen: 48
2a03:ca40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:36:e4:d7:12:8e:1e:a2:d6:6d:4a:e9:d9:e8:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 11:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76cf62873be57613700447961ed01a677925dddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:6e:59:f3:8f:09:ca:72:89:f0:7b:0a:8a:76:
d2:d0:c8:cb:ef:53:c7:9b:43:a8:a3:5c:8f:7c:d8:
47:be:66:b1:c7:19:a1:59:5e:bd:04:f1:00:86:b3:
a6:68:e2:99:0e:91:59:6a:f0:96:fa:98:e5:62:d2:
e4:5d:77:da:2a:53:65:c1:65:35:49:94:fd:dd:27:
93:2f:cf:d1:48:36:89:1e:b3:a7:cd:d9:67:c0:8d:
be:c3:ea:0d:ae:8a:7a:1b:72:22:e1:6b:24:ee:9a:
5a:66:fa:07:5f:e1:67:ad:6b:3d:72:ac:be:af:6f:
b7:57:f6:7d:c0:37:c2:d2:ba:77:c9:e8:b7:c7:21:
e2:c2:31:40:3e:84:3b:5a:2b:6d:36:55:95:d4:5f:
42:b0:dd:f3:59:37:29:59:d9:e1:b8:de:cc:b9:4f:
92:d1:c6:a3:ed:52:57:3a:86:b3:e4:e6:a5:af:1c:
c4:81:fc:7b:4f:44:85:a8:6a:96:29:f1:2d:2f:41:
d9:c0:ca:45:a3:fd:0f:8a:50:89:32:12:57:3d:de:
49:cf:74:16:fb:ac:05:93:cb:30:8f:4e:af:5b:dc:
9e:6f:17:96:da:24:db:15:95:3c:42:32:16:79:ea:
8a:ac:f8:68:5a:36:b8:51:80:7a:7b:aa:d6:f7:6d:
7f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:CF:62:87:3B:E5:76:13:70:04:47:96:1E:D0:1A:67:79:25:DD:DF
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/ds9ihzvldhNwBEeWHtAaZ3kl3d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.164.0/22
194.151.12.0/24
194.151.85.0-194.151.86.255
IPv6:
2001:67c:21ac::/48
2a03:ca40::/32
Signature Algorithm: sha256WithRSAEncryption
6b:0b:f5:1e:65:0e:ab:32:88:cd:87:ab:ad:34:e4:d3:81:0d:
76:2d:ca:72:1f:29:a4:f3:1c:d1:0b:8e:5b:58:3f:e9:6f:79:
fd:13:4f:53:c2:1e:c6:b0:f3:b5:c9:e1:86:c4:ea:68:14:50:
fa:28:c7:9b:ff:82:c8:dc:d9:19:9f:ee:29:75:5c:74:f9:50:
1e:b4:41:be:9e:9e:9b:92:49:66:90:dc:56:77:fb:9c:6e:30:
41:dc:19:17:d1:06:c4:d8:a2:7b:b2:0c:07:84:6e:d8:9b:2a:
8a:05:d9:40:4f:b4:b8:d7:9c:6b:7b:43:01:c8:f1:98:bf:92:
7b:90:36:28:ba:ec:53:4d:8f:3b:67:88:b9:34:2b:a7:b8:89:
da:f3:0f:44:d4:41:9e:8e:bc:0a:d1:b6:c7:f7:75:ef:2e:12:
e8:de:f4:b6:a1:bc:f3:3f:f7:aa:20:a2:b6:9f:13:f8:d0:9c:
91:f9:51:1c:54:16:5e:ec:31:26:7c:76:dc:7f:69:08:23:4f:
8f:e1:03:b0:31:de:ff:32:80:0e:7b:08:75:dc:72:2d:e8:83:
98:b5:47:a4:7d:9f:24:c4:8e:a6:bb:fc:94:4b:a5:0f:8c:fd:
56:c5:11:5e:80:68:88:d0:be:67:a2:e8:32:05:36:22:be:d5:
f4:7a:71:ef
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVyOjbk1xKOHqLWbUrp2ejkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjMwMTAyMTEyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmNmNjI4NzNiZTU3NjEzNzAwNDQ3OTYxZWQwMWE2Nzc5MjVkZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4W5Z848JynKJ8HsKinbS0MjL71PH
m0Ooo1yPfNhHvmaxxxmhWV69BPEAhrOmaOKZDpFZavCW+pjlYtLkXXfaKlNlwWU1
SZT93SeTL8/RSDaJHrOnzdlnwI2+w+oNrop6G3Ii4Wsk7ppaZvoHX+FnrWs9cqy+
r2+3V/Z9wDfC0rp3yei3xyHiwjFAPoQ7WittNlWV1F9CsN3zWTcpWdnhuN7MuU+S
0caj7VJXOoaz5OalrxzEgfx7T0SFqGqWKfEtL0HZwMpFo/0PilCJMhJXPd5Jz3QW
+6wFk8swj06vW9yebxeW2iTbFZU8QjIWeeqKrPhoWja4UYB6e6rW921/uwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHbPYoc75XYTcARHlh7QGmd5Jd3fMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvZHM5aWh6dmxkaE53QkVlV0h0QWFaM2tsM2Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAgBAIAATAaAwQCuQ+kAwQA
wpcMMAwDBADCl1UDBADCl1YwFgQCAAIwEAMHACABBnwhrAMFACoDykAwDQYJKoZI
hvcNAQELBQADggEBAGsL9R5lDqsyiM2Hq6005NOBDXYtynIfKaTzHNELjltYP+lv
ef0TT1PCHsaw87XJ4YbE6mgUUPoox5v/gsjc2Rmf7il1XHT5UB60Qb6enpuSSWaQ
3FZ3+5xuMEHcGRfRBsTYonuyDAeEbtibKooF2UBPtLjXnGt7QwHI8Zi/knuQNii6
7FNNjztniLk0K6e4idrzD0TUQZ6OvArRtsf3de8uEuje9LahvPM/96ogorafE/jQ
nJH5URxUFl7sMSZ8dtx/aQgjT4/hA7Ax3v8ygA57CHXcci3og5i1R6R9nyTEjqa7
/JRLpQ+M/VbFEV6AaIjQvmei6DIFNiK+1fR6ce8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org