Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/DZ7h2PhA6SF4jSxtphgAhbbXEJk.roa
File: DZ7h2PhA6SF4jSxtphgAhbbXEJk.roa (raw, json)
Hash identifier: dVqVPMrQz0i8CNuUC2kxwD8Wl9A9wQNcj2jDypvkpl8=
Subject key identifier: 0D:9E:E1:D8:F8:40:E9:21:78:8D:2C:6D:A6:18:00:85:B6:D7:10:99
Certificate issuer: /CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Certificate serial: 018DE4A4489ABE9C197A558B459D5031192A
Authority key identifier: 36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/DZ7h2PhA6SF4jSxtphgAhbbXEJk.roa
Signing time: Mon 26 Feb 2024 08:59:48 +0000
ROA not before: Mon 26 Feb 2024 08:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 185.113.66.0/23 maxlen: 24
185.194.204.0/23 maxlen: 24
185.194.206.0/23 maxlen: 24
185.194.206.0/24 maxlen: 24
185.194.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 08:20:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:a4:48:9a:be:9c:19:7a:55:8b:45:9d:50:31:19:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Validity
Not Before: Feb 26 08:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d9ee1d8f840e921788d2c6da6180085b6d71099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:24:09:d6:0b:b3:c1:bc:d4:2f:c2:91:f2:1e:
45:64:1b:5b:1e:65:ee:f6:58:66:99:98:46:c4:92:
c4:45:9e:33:4b:de:a6:90:94:38:16:69:03:b5:9d:
7e:f8:02:21:40:bb:2c:dd:9c:fc:94:7c:7a:b0:44:
90:6f:c7:0e:7f:02:b6:46:26:04:cd:7a:5c:e3:4b:
d4:1d:a5:dc:4f:1b:ee:04:7c:59:56:7e:ff:4e:0e:
b2:bf:ee:ca:d6:44:b8:7c:f5:c5:ce:02:fa:3c:e6:
c9:8a:ce:be:7c:14:05:b3:a7:e2:53:57:52:9c:4e:
b8:39:b2:31:60:02:69:79:a6:dd:72:e6:03:18:5c:
ae:e4:c8:b3:45:78:2f:94:e5:c6:a4:bf:fb:37:fa:
8a:e1:70:28:2a:50:4d:c7:23:80:26:4c:05:38:d6:
a9:ff:2a:0e:d4:73:85:91:5d:c6:49:c3:d3:29:95:
68:f3:b4:92:47:af:32:17:d4:42:3c:84:61:bb:a4:
4d:dd:5f:80:fa:41:00:66:c2:9b:42:11:c2:f8:70:
93:b8:c4:03:fb:2d:1f:cb:87:ad:42:00:c5:21:e6:
65:63:39:0b:b7:ef:f4:3f:0a:f6:4c:98:85:23:d1:
1b:4e:9f:7c:af:c6:28:61:2f:9f:e6:40:c8:c4:f7:
23:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:9E:E1:D8:F8:40:E9:21:78:8D:2C:6D:A6:18:00:85:B6:D7:10:99
X509v3 Authority Key Identifier:
keyid:36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/DZ7h2PhA6SF4jSxtphgAhbbXEJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/NpT8xr9qh0D6eBRkH9nW7I2GLl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.66.0/23
185.194.204.0/22
Signature Algorithm: sha256WithRSAEncryption
11:3e:12:3b:47:a8:55:0b:9d:90:7c:0e:5c:f1:5b:f5:d8:2e:
2e:26:0a:30:27:72:7c:b2:99:f8:4f:86:c5:04:a9:4b:ec:75:
23:16:78:7b:e9:14:f2:cf:b3:9e:51:88:a1:0d:d9:5c:29:22:
bd:37:59:fa:e9:a0:a7:78:71:13:8b:63:bf:81:c0:9a:fd:69:
7f:ef:ae:1b:d2:1c:56:07:72:79:fd:8d:a3:19:0c:ad:e3:45:
cd:22:8c:ba:57:64:3f:95:4f:db:69:4f:8c:4d:13:3c:b2:42:
4f:cb:bc:12:b4:c0:75:62:4b:43:f2:6c:56:c0:0b:44:bc:6d:
42:95:0c:4f:aa:49:6d:be:81:78:4f:3c:65:2e:b0:65:9a:41:
39:c6:34:41:d8:83:8b:89:f9:fa:cd:10:39:8d:02:a2:6f:a0:
52:de:6a:9f:68:51:36:d4:54:9a:4e:55:e5:c2:41:5c:6a:50:
90:9a:30:39:e6:a1:19:55:03:88:e5:f4:44:95:0b:3c:70:77:
e6:20:d3:1e:8c:24:1f:f1:66:fe:ef:4a:53:42:2a:c4:a3:8c:
40:15:45:50:01:b8:e1:ac:3d:cc:6f:e9:f3:55:da:d9:30:54:
f2:e0:c3:db:ac:0c:b3:ab:0b:b8:11:fa:aa:4c:4d:3e:c5:e2:
1f:57:f9:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3kpEiavpwZelWLRZ1QMRkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTRmY2M2YmY2YTg3NDBmYTc4MTQ2NDFmZDlkNmVjOGQ4
NjJlNWYwHhcNMjQwMjI2MDg1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDllZTFkOGY4NDBlOTIxNzg4ZDJjNmRhNjE4MDA4NWI2ZDcxMDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyQJ1guzwbzUL8KR8h5FZBtbHmXu
9lhmmZhGxJLERZ4zS96mkJQ4FmkDtZ1++AIhQLss3Zz8lHx6sESQb8cOfwK2RiYE
zXpc40vUHaXcTxvuBHxZVn7/Tg6yv+7K1kS4fPXFzgL6PObJis6+fBQFs6fiU1dS
nE64ObIxYAJpeabdcuYDGFyu5MizRXgvlOXGpL/7N/qK4XAoKlBNxyOAJkwFONap
/yoO1HOFkV3GScPTKZVo87SSR68yF9RCPIRhu6RN3V+A+kEAZsKbQhHC+HCTuMQD
+y0fy4etQgDFIeZlYzkLt+/0Pwr2TJiFI9EbTp98r8YoYS+f5kDIxPcjlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA2e4dj4QOkheI0sbaYYAIW21xCZMB8GA1UdIwQY
MBaAFDaU/Ma/aodA+ngUZB/Z1uyNhi5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUt
MGQzZmNlNDI5YmRlLzEvRFo3aDJQaEE2U0Y0alN4dHBoZ0FoYmJYRUprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUtMGQzZmNlNDI5YmRl
LzEvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuXFCAwQC
ucLMMA0GCSqGSIb3DQEBCwUAA4IBAQARPhI7R6hVC52QfA5c8Vv12C4uJgowJ3J8
spn4T4bFBKlL7HUjFnh76RTyz7OeUYihDdlcKSK9N1n66aCneHETi2O/gcCa/Wl/
764b0hxWB3J5/Y2jGQyt40XNIoy6V2Q/lU/baU+MTRM8skJPy7wStMB1YktD8mxW
wAtEvG1ClQxPqkltvoF4TzxlLrBlmkE5xjRB2IOLifn6zRA5jQKib6BS3mqfaFE2
1FSaTlXlwkFcalCQmjA55qEZVQOI5fRElQs8cHfmINMejCQf8Wb+70pTQirEo4xA
FUVQAbjhrD3Mb+nzVdrZMFTy4MPbrAyzqwu4EfqqTE0+xeIfV/mj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:16 2024 by rpki-client on console-ams.rpki-client.org