Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/96fa68-f2b1-4aaf-b50f-91e27b9cfba6/1/sehgwHLXGuQc9tIEd612gCKG0Tw.roa
File: sehgwHLXGuQc9tIEd612gCKG0Tw.roa (raw, json)
Hash identifier: R7IXRWbCwosY7/zLwu7+dp18ir8I5EwfE4Rx5mwfHeU=
Subject key identifier: B1:E8:60:C0:72:D7:1A:E4:1C:F6:D2:04:77:AD:76:80:22:86:D1:3C
Certificate issuer: /CN=f12465bd246f22311ce9b05eeb49f7b7914b2a0a
Certificate serial: 01856FF01815667C9FF7C105C764383C8CE6
Authority key identifier: F1:24:65:BD:24:6F:22:31:1C:E9:B0:5E:EB:49:F7:B7:91:4B:2A:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8SRlvSRvIjEc6bBe60n3t5FLKgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/96fa68-f2b1-4aaf-b50f-91e27b9cfba6/1/sehgwHLXGuQc9tIEd612gCKG0Tw.roa
Signing time: Mon 02 Jan 2023 00:44:43 +0000
ROA not before: Mon 02 Jan 2023 00:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204056
IP address blocks: 185.141.217.0/24 maxlen: 24
185.141.216.0/24 maxlen: 24
185.141.219.0/24 maxlen: 24
185.141.218.0/24 maxlen: 24
2a07:2700::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:18:15:66:7c:9f:f7:c1:05:c7:64:38:3c:8c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f12465bd246f22311ce9b05eeb49f7b7914b2a0a
Validity
Not Before: Jan 2 00:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1e860c072d71ae41cf6d20477ad76802286d13c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:43:95:bc:5f:53:a8:ed:53:39:27:7d:33:25:
a0:85:4f:03:2c:c9:4c:ff:c0:1f:f4:b3:56:b6:ae:
e4:41:8b:8a:4d:5b:68:d3:f5:a2:2e:34:a3:96:86:
57:55:1c:67:5e:c4:11:69:a9:ec:d7:53:75:d1:4a:
28:f7:b3:c0:ce:57:bb:4a:8c:af:15:3e:38:0a:58:
4c:8d:50:62:18:15:c8:af:f8:6f:49:15:51:60:8f:
9b:77:e4:56:84:8b:4b:68:9e:ad:6a:01:3e:c2:03:
52:b5:8f:56:13:2e:33:f9:cb:f8:51:f4:5a:67:85:
89:0f:38:b7:69:1b:fe:c7:88:43:70:81:84:e1:47:
dc:1b:5d:56:e6:ed:9a:ad:ed:1d:aa:e6:42:69:dc:
b4:68:31:ac:53:f4:1c:91:47:a8:0c:a4:b2:02:aa:
9d:dd:3b:8d:f2:5e:90:60:fd:5c:81:4a:7a:53:af:
36:24:de:b6:5f:88:81:3c:a6:da:83:c8:12:31:f9:
de:94:6e:23:e1:46:5a:42:3d:ef:c0:6f:02:86:fc:
d1:ae:df:75:43:ba:82:20:3a:08:60:c7:7a:64:9d:
58:78:2d:42:c8:ac:77:36:f6:da:ef:30:20:19:42:
e7:f9:2e:ed:b8:d5:48:a3:e3:71:38:ad:d9:70:f4:
c1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E8:60:C0:72:D7:1A:E4:1C:F6:D2:04:77:AD:76:80:22:86:D1:3C
X509v3 Authority Key Identifier:
keyid:F1:24:65:BD:24:6F:22:31:1C:E9:B0:5E:EB:49:F7:B7:91:4B:2A:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8SRlvSRvIjEc6bBe60n3t5FLKgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/96fa68-f2b1-4aaf-b50f-91e27b9cfba6/1/sehgwHLXGuQc9tIEd612gCKG0Tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/96fa68-f2b1-4aaf-b50f-91e27b9cfba6/1/8SRlvSRvIjEc6bBe60n3t5FLKgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.216.0/22
IPv6:
2a07:2700::/29
Signature Algorithm: sha256WithRSAEncryption
29:31:61:d4:7b:f9:3a:58:a9:90:a5:7a:47:8b:e5:6f:ee:bc:
cb:dd:89:17:f6:84:77:02:2a:a8:79:41:fd:9c:87:4f:d0:06:
d4:4c:e3:dc:d4:7b:76:81:3e:c7:76:59:0e:34:5c:de:9e:52:
50:0f:69:b0:23:62:22:2d:f2:ec:91:f5:7c:8e:37:5b:43:ce:
12:1f:75:e7:8c:ee:86:30:2b:b2:c6:a8:7c:f2:27:d9:01:73:
3b:c5:c2:55:18:ea:0f:74:0d:2a:28:bb:88:be:ad:fa:3f:a0:
4f:44:e5:92:61:89:fd:5d:7f:9e:b3:bb:de:48:1b:33:6a:d2:
50:4c:b2:a6:f6:35:67:e3:87:72:84:c4:98:23:da:99:1d:28:
99:0a:2f:36:bd:ff:fd:eb:58:6e:a7:4d:5d:17:b5:ec:55:fb:
6b:b3:27:c1:ca:2c:a9:3c:e1:6b:a3:23:8b:d7:62:5e:31:f2:
2b:34:53:71:e3:1c:ec:33:75:28:dc:c8:f5:47:5a:0c:78:33:
a7:eb:8e:de:ac:af:dd:d0:d6:90:f9:bd:9d:ef:4c:a8:c4:f4:
1a:6f:d9:20:01:a6:bf:5f:36:03:c2:ee:28:9e:36:70:bc:9e:
0f:26:68:90:45:08:17:32:9b:b6:91:9b:9a:1f:6f:cb:4b:85:
7b:c6:43:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv8BgVZnyf98EFx2Q4PIzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMjQ2NWJkMjQ2ZjIyMzExY2U5YjA1ZWViNDlmN2I3OTE0
YjJhMGEwHhcNMjMwMTAyMDA0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWU4NjBjMDcyZDcxYWU0MWNmNmQyMDQ3N2FkNzY4MDIyODZkMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUOVvF9TqO1TOSd9MyWghU8DLMlM
/8Af9LNWtq7kQYuKTVto0/WiLjSjloZXVRxnXsQRaans11N10Uoo97PAzle7Soyv
FT44ClhMjVBiGBXIr/hvSRVRYI+bd+RWhItLaJ6tagE+wgNStY9WEy4z+cv4UfRa
Z4WJDzi3aRv+x4hDcIGE4UfcG11W5u2are0dquZCady0aDGsU/QckUeoDKSyAqqd
3TuN8l6QYP1cgUp6U682JN62X4iBPKbag8gSMfnelG4j4UZaQj3vwG8ChvzRrt91
Q7qCIDoIYMd6ZJ1YeC1CyKx3Nvba7zAgGULn+S7tuNVIo+NxOK3ZcPTBfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLHoYMBy1xrkHPbSBHetdoAihtE8MB8GA1UdIwQY
MBaAFPEkZb0kbyIxHOmwXutJ97eRSyoKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFNSbHZTUnZJakVjNmJCZTYwbjN0NUZMS2dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85NmZhNjgtZjJiMS00YWFmLWI1MGYt
OTFlMjdiOWNmYmE2LzEvc2VoZ3dITFhHdVFjOXRJRWQ2MTJnQ0tHMFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85NmZhNjgtZjJiMS00YWFmLWI1MGYtOTFlMjdiOWNmYmE2
LzEvOFNSbHZTUnZJakVjNmJCZTYwbjN0NUZMS2dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY3YMA0E
AgACMAcDBQMqBycAMA0GCSqGSIb3DQEBCwUAA4IBAQApMWHUe/k6WKmQpXpHi+Vv
7rzL3YkX9oR3AiqoeUH9nIdP0AbUTOPc1Ht2gT7HdlkONFzenlJQD2mwI2IiLfLs
kfV8jjdbQ84SH3XnjO6GMCuyxqh88ifZAXM7xcJVGOoPdA0qKLuIvq36P6BPROWS
YYn9XX+es7veSBszatJQTLKm9jVn44dyhMSYI9qZHSiZCi82vf/961hup01dF7Xs
VftrsyfByiypPOFroyOL12JeMfIrNFNx4xzsM3Uo3Mj1R1oMeDOn647erK/d0NaQ
+b2d70yoxPQab9kgAaa/XzYDwu4onjZwvJ4PJmiQRQgXMpu2kZuaH2/LS4V7xkOs
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:41 2024 by rpki-client on console-fra.rpki-client.org