Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/614b05-7445-4046-9fb1-2fde80435f4d/1/_7RfMiNalM_xbTSUh5ixevmeNVc.roa
File: _7RfMiNalM_xbTSUh5ixevmeNVc.roa (raw, json)
Hash identifier: 7v0O/aznIMhz8J60flZK8bbBP/aEzDfcKdmdZACac1Y=
Subject key identifier: FF:B4:5F:32:23:5A:94:CF:F1:6D:34:94:87:98:B1:7A:F9:9E:35:57
Certificate issuer: /CN=6dbd5cb29940ac2a8553b6ec0a8cec7c209f7ce7
Certificate serial: 01856DCB025E4D085AA4E5813B8857D8AEDE
Authority key identifier: 6D:BD:5C:B2:99:40:AC:2A:85:53:B6:EC:0A:8C:EC:7C:20:9F:7C:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bb1csplArCqFU7bsCozsfCCffOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/614b05-7445-4046-9fb1-2fde80435f4d/1/_7RfMiNalM_xbTSUh5ixevmeNVc.roa
Signing time: Sun 01 Jan 2023 14:44:59 +0000
ROA not before: Sun 01 Jan 2023 14:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43791
IP address blocks: 185.212.221.0/24 maxlen: 24
185.212.220.0/24 maxlen: 24
185.212.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Mar 2023 08:38:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:cb:02:5e:4d:08:5a:a4:e5:81:3b:88:57:d8:ae:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dbd5cb29940ac2a8553b6ec0a8cec7c209f7ce7
Validity
Not Before: Jan 1 14:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffb45f32235a94cff16d34948798b17af99e3557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:12:9d:0f:b6:9f:2b:f7:cc:a0:7e:58:43:30:
ba:17:d9:d9:7c:1f:5c:50:09:9d:b8:dc:6c:81:c0:
31:d4:37:43:5a:ed:ef:a4:a4:22:f1:11:a0:95:36:
88:5f:17:aa:e8:55:f0:dc:5b:01:0e:b7:0e:65:9d:
cc:25:fa:1e:9b:c9:33:f3:9b:b8:1f:68:fc:e6:a3:
04:94:20:18:2d:f6:59:82:d6:97:db:e0:1f:bf:b3:
14:dd:df:53:81:77:1f:d4:63:db:0d:44:99:eb:bf:
38:ee:2b:3d:8e:ef:08:a9:84:21:57:30:78:bf:67:
b6:ab:97:5c:be:68:32:b3:58:45:a1:9a:cc:41:e9:
91:09:46:d8:71:57:19:bf:da:ce:58:05:f6:d6:41:
9b:5d:2d:e4:63:35:bb:1b:d2:17:66:22:35:93:78:
00:e8:29:5c:12:48:5e:81:fa:22:f7:2d:0b:89:1d:
8f:d5:5b:6b:85:3a:31:1a:3e:75:b0:f6:8a:0a:42:
cc:76:5a:43:29:b8:d6:77:58:f1:9b:4f:2f:cc:a9:
15:86:37:6a:69:dd:0c:83:c3:08:d7:54:30:72:b9:
04:41:ce:94:b6:4d:ba:a2:bf:3d:50:ba:bd:14:c9:
2a:20:94:e6:79:4b:a2:5e:ff:0c:ad:f5:2c:87:37:
a3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B4:5F:32:23:5A:94:CF:F1:6D:34:94:87:98:B1:7A:F9:9E:35:57
X509v3 Authority Key Identifier:
keyid:6D:BD:5C:B2:99:40:AC:2A:85:53:B6:EC:0A:8C:EC:7C:20:9F:7C:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb1csplArCqFU7bsCozsfCCffOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/614b05-7445-4046-9fb1-2fde80435f4d/1/_7RfMiNalM_xbTSUh5ixevmeNVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/614b05-7445-4046-9fb1-2fde80435f4d/1/bb1csplArCqFU7bsCozsfCCffOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.220.0-185.212.222.255
Signature Algorithm: sha256WithRSAEncryption
51:bd:d3:a7:55:9b:4f:d2:28:64:b3:54:a5:d2:a6:99:f8:e4:
58:53:54:dc:9e:11:bd:3f:4c:d0:0d:54:7a:d5:74:5f:5a:d4:
3e:c7:74:80:1b:56:6c:16:2c:61:c8:fd:b7:e4:2b:2e:8a:13:
e9:6f:11:ad:c8:04:2f:f1:69:52:91:ab:6f:f5:35:bb:4b:5d:
62:8b:25:aa:b1:0d:35:84:8c:9e:cb:c2:c3:7d:e5:85:00:da:
e8:3a:1e:93:b5:9a:ef:b5:f1:cd:ef:f1:3b:a9:0c:09:17:ba:
83:66:ea:4a:1b:5d:d7:7a:0e:e4:a4:41:a8:91:2f:7d:f4:6d:
cc:c6:5c:ad:95:c5:87:74:35:d0:88:14:07:68:cc:8e:7d:22:
ec:b3:b0:86:93:e6:fb:99:3d:a9:c8:15:27:89:2e:39:d5:d3:
04:5d:2e:24:0b:6b:bb:c2:a3:44:c6:26:f1:f1:73:73:c3:9e:
c3:2e:40:87:4b:89:05:c5:9c:d2:cc:05:9d:30:dd:b9:f2:e7:
76:a2:cb:cc:2d:d1:e2:06:de:08:0b:9d:4a:0c:2c:d8:c4:be:
5e:13:1a:5f:99:1a:d5:fd:a3:5c:51:10:1b:f6:b9:a0:06:86:
70:9a:b3:e8:17:2a:08:bf:28:6a:1e:6c:74:a3:f2:20:21:ff:
e1:5c:da:aa
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtywJeTQhapOWBO4hX2K7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYmQ1Y2IyOTk0MGFjMmE4NTUzYjZlYzBhOGNlYzdjMjA5
ZjdjZTcwHhcNMjMwMTAxMTQ0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmI0NWYzMjIzNWE5NGNmZjE2ZDM0OTQ4Nzk4YjE3YWY5OWUzNTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBKdD7afK/fMoH5YQzC6F9nZfB9c
UAmduNxsgcAx1DdDWu3vpKQi8RGglTaIXxeq6FXw3FsBDrcOZZ3MJfoem8kz85u4
H2j85qMElCAYLfZZgtaX2+Afv7MU3d9TgXcf1GPbDUSZ67847is9ju8IqYQhVzB4
v2e2q5dcvmgys1hFoZrMQemRCUbYcVcZv9rOWAX21kGbXS3kYzW7G9IXZiI1k3gA
6ClcEkhegfoi9y0LiR2P1VtrhToxGj51sPaKCkLMdlpDKbjWd1jxm08vzKkVhjdq
ad0Mg8MI11QwcrkEQc6Utk26or89ULq9FMkqIJTmeUuiXv8MrfUshzejewIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFP+0XzIjWpTP8W00lIeYsXr5njVXMB8GA1UdIwQY
MBaAFG29XLKZQKwqhVO27AqM7Hwgn3znMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmIxY3NwbEFyQ3FGVTdic0NvenNmQ0NmZk9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC82MTRiMDUtNzQ0NS00MDQ2LTlmYjEt
MmZkZTgwNDM1ZjRkLzEvXzdSZk1pTmFsTV94YlRTVWg1aXhldm1lTlZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC82MTRiMDUtNzQ0NS00MDQ2LTlmYjEtMmZkZTgwNDM1ZjRk
LzEvYmIxY3NwbEFyQ3FGVTdic0NvenNmQ0NmZk9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK51NwD
BAC51N4wDQYJKoZIhvcNAQELBQADggEBAFG906dVm0/SKGSzVKXSppn45FhTVNye
Eb0/TNANVHrVdF9a1D7HdIAbVmwWLGHI/bfkKy6KE+lvEa3IBC/xaVKRq2/1NbtL
XWKLJaqxDTWEjJ7LwsN95YUA2ug6HpO1mu+18c3v8TupDAkXuoNm6kobXdd6DuSk
QaiRL330bczGXK2VxYd0NdCIFAdozI59IuyzsIaT5vuZPanIFSeJLjnV0wRdLiQL
a7vCo0TGJvHxc3PDnsMuQIdLiQXFnNLMBZ0w3bny53aiy8wt0eIG3ggLnUoMLNjE
vl4TGl+ZGtX9o1xREBv2uaAGhnCas+gXKgi/KGoebHSj8iAh/+Fc2qo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:56 2024 by rpki-client on console-ams.rpki-client.org