Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/n7EubpGf8IDMUi2N7e1w4fkiFEI.roa
File: n7EubpGf8IDMUi2N7e1w4fkiFEI.roa (raw, json)
Hash identifier: DI/OMuKNzNwt/AhY5TGvNu7Y5nEaJAfmxJhv8lOFAdQ=
Subject key identifier: 9F:B1:2E:6E:91:9F:F0:80:CC:52:2D:8D:ED:ED:70:E1:F9:22:14:42
Certificate issuer: /CN=0908204d7cf5bc4aab38ffa39da3a681ed217bd4
Certificate serial: 01856ECB8C2EC089E58BDE8BA6D810668F65
Authority key identifier: 09:08:20:4D:7C:F5:BC:4A:AB:38:FF:A3:9D:A3:A6:81:ED:21:7B:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/n7EubpGf8IDMUi2N7e1w4fkiFEI.roa
Signing time: Sun 01 Jan 2023 19:25:11 +0000
ROA not before: Sun 01 Jan 2023 19:25:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201643
IP address blocks: 185.68.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:8c:2e:c0:89:e5:8b:de:8b:a6:d8:10:66:8f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0908204d7cf5bc4aab38ffa39da3a681ed217bd4
Validity
Not Before: Jan 1 19:25:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fb12e6e919ff080cc522d8deded70e1f9221442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7e:d2:e8:a6:a8:3c:28:4b:b5:7b:bf:be:aa:
5d:a3:88:0b:35:76:0f:c9:e9:fd:98:e7:ab:35:48:
ca:3b:a7:a7:a2:9d:d6:a4:0f:86:c7:be:0f:f4:f6:
6d:ab:31:90:3c:ba:d2:6d:b5:65:6e:3e:e5:29:a6:
5c:c0:b3:57:a0:53:97:b9:5b:f4:6b:4d:99:4f:e8:
f4:71:ff:48:2a:27:fb:86:84:2d:57:8d:b5:7a:48:
bc:d6:5e:7d:d9:34:8f:c1:09:a2:3c:b4:a3:9d:53:
65:a2:00:af:82:45:e0:61:a4:84:d4:0f:da:93:98:
cc:e3:2c:bb:67:2b:48:cc:71:9a:2a:52:84:2e:77:
97:50:da:30:68:36:fa:bd:f9:cf:1f:43:94:1d:06:
67:7a:f3:c2:74:c4:02:9a:85:7c:ae:b3:3c:e6:ec:
70:c8:3d:6b:58:f6:30:9e:3f:ce:99:ef:72:1e:cc:
e7:04:41:ed:49:22:63:e8:21:93:be:24:07:41:e0:
18:ad:64:a9:c6:11:38:2b:bf:3d:25:30:45:5c:98:
12:3e:13:05:a4:3e:5b:32:b2:a9:bc:b0:ff:2f:a4:
02:63:97:5b:c7:d6:7a:a8:e3:85:eb:f1:81:75:03:
52:81:bd:f8:67:85:25:63:76:7e:be:5e:43:d8:09:
b1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B1:2E:6E:91:9F:F0:80:CC:52:2D:8D:ED:ED:70:E1:F9:22:14:42
X509v3 Authority Key Identifier:
keyid:09:08:20:4D:7C:F5:BC:4A:AB:38:FF:A3:9D:A3:A6:81:ED:21:7B:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/n7EubpGf8IDMUi2N7e1w4fkiFEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.100.0/22
Signature Algorithm: sha256WithRSAEncryption
18:35:a5:15:44:09:8e:b0:cf:ea:0f:c8:05:1b:11:b7:63:60:
fc:3c:15:b4:41:4f:a2:27:2d:c8:4b:68:2d:90:f8:75:c6:2e:
a7:a5:4f:d6:1d:cb:7e:59:32:11:72:85:c7:d1:e4:0d:3d:ed:
dc:50:ca:5f:b6:96:17:fb:c3:c2:79:f8:0c:67:92:d3:37:5a:
4c:91:f1:50:6e:38:cd:af:d7:d0:3d:10:78:b8:76:28:21:37:
8e:89:8b:e4:b6:c0:b0:9a:c7:64:85:f8:10:db:b8:1e:90:9a:
e7:fd:bb:37:b8:54:72:d8:a0:ab:ea:15:41:f5:ce:37:eb:5a:
01:60:9c:8b:e5:ba:e0:e6:89:4a:a9:7c:60:32:44:ca:16:5d:
e1:80:ab:d9:e8:a8:0d:99:3f:bd:91:95:0d:22:e6:f2:68:0d:
4e:6b:89:d7:cc:a3:9e:14:a0:0c:9b:28:bb:b9:7a:8e:3a:69:
5a:ef:52:33:42:ff:d7:49:06:03:80:99:e6:73:3a:f1:04:97:
d2:c9:80:4b:db:7b:90:7c:e8:d6:68:78:71:d8:07:4f:c5:86:
44:8f:2c:6e:1d:86:86:9d:af:e9:69:d1:98:34:49:2d:80:d5:
f5:7d:b9:90:e5:9f:42:ac:dd:d3:b3:9c:39:9b:f5:11:93:85:
52:b1:70:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy4wuwInli96LptgQZo9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDgyMDRkN2NmNWJjNGFhYjM4ZmZhMzlkYTNhNjgxZWQy
MTdiZDQwHhcNMjMwMTAxMTkyNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmIxMmU2ZTkxOWZmMDgwY2M1MjJkOGRlZGVkNzBlMWY5MjIxNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX7S6KaoPChLtXu/vqpdo4gLNXYP
yen9mOerNUjKO6enop3WpA+Gx74P9PZtqzGQPLrSbbVlbj7lKaZcwLNXoFOXuVv0
a02ZT+j0cf9IKif7hoQtV421eki81l592TSPwQmiPLSjnVNlogCvgkXgYaSE1A/a
k5jM4yy7ZytIzHGaKlKELneXUNowaDb6vfnPH0OUHQZnevPCdMQCmoV8rrM85uxw
yD1rWPYwnj/Ome9yHsznBEHtSSJj6CGTviQHQeAYrWSpxhE4K789JTBFXJgSPhMF
pD5bMrKpvLD/L6QCY5dbx9Z6qOOF6/GBdQNSgb34Z4UlY3Z+vl5D2AmxgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+xLm6Rn/CAzFItje3tcOH5IhRCMB8GA1UdIwQY
MBaAFAkIIE189bxKqzj/o52jpoHtIXvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kYjllNTgtZWU0Mi00YTEwLTgyMjIt
ODgyM2YxMTFkZjA3LzEvbjdFdWJwR2Y4SURNVWkyTjdlMXc0ZmtpRkVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kYjllNTgtZWU0Mi00YTEwLTgyMjItODgyM2YxMTFkZjA3
LzEvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuURkMA0G
CSqGSIb3DQEBCwUAA4IBAQAYNaUVRAmOsM/qD8gFGxG3Y2D8PBW0QU+iJy3IS2gt
kPh1xi6npU/WHct+WTIRcoXH0eQNPe3cUMpftpYX+8PCefgMZ5LTN1pMkfFQbjjN
r9fQPRB4uHYoITeOiYvktsCwmsdkhfgQ27gekJrn/bs3uFRy2KCr6hVB9c4361oB
YJyL5brg5olKqXxgMkTKFl3hgKvZ6KgNmT+9kZUNIubyaA1Oa4nXzKOeFKAMmyi7
uXqOOmla71IzQv/XSQYDgJnmczrxBJfSyYBL23uQfOjWaHhx2AdPxYZEjyxuHYaG
na/padGYNEktgNX1fbmQ5Z9CrN3Ts5w5m/URk4VSsXBP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:53 2024 by rpki-client on console-ams.rpki-client.org