Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/858454-a18d-4040-ab3c-ca8fba595d4f/1/D4Yc8CGZymK0ujkdFyQ6zHLkgUQ.roa
File: D4Yc8CGZymK0ujkdFyQ6zHLkgUQ.roa (raw, json)
Hash identifier: 9yqDZfEan64K3E3aoVEJRgDweSeIore3uAeRHR95qEI=
Subject key identifier: 0F:86:1C:F0:21:99:CA:62:B4:BA:39:1D:17:24:3A:CC:72:E4:81:44
Certificate issuer: /CN=46649b57b817ec143ddcb7d7712c22bb1f28ac75
Certificate serial: 01856F4B7765F1F47D7480F383F47C2C8064
Authority key identifier: 46:64:9B:57:B8:17:EC:14:3D:DC:B7:D7:71:2C:22:BB:1F:28:AC:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RmSbV7gX7BQ93LfXcSwiux8orHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/858454-a18d-4040-ab3c-ca8fba595d4f/1/D4Yc8CGZymK0ujkdFyQ6zHLkgUQ.roa
Signing time: Sun 01 Jan 2023 21:44:54 +0000
ROA not before: Sun 01 Jan 2023 21:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207187
IP address blocks: 185.214.116.0/22 maxlen: 22
2a0b:99c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:77:65:f1:f4:7d:74:80:f3:83:f4:7c:2c:80:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46649b57b817ec143ddcb7d7712c22bb1f28ac75
Validity
Not Before: Jan 1 21:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f861cf02199ca62b4ba391d17243acc72e48144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:09:17:13:d3:31:49:95:3f:db:09:80:87:74:
e2:37:c6:80:60:4f:a8:25:fa:ae:72:fa:1f:2c:1d:
64:f1:db:f9:f9:aa:81:08:fe:4e:db:1c:90:d7:52:
b6:07:9d:c1:f3:b6:65:24:4a:dd:f5:49:3d:b0:6b:
ca:48:6a:70:30:ab:18:90:81:97:7c:e8:b7:c2:92:
20:ac:e2:72:58:f3:e1:a7:44:78:df:35:38:18:99:
f3:ad:c2:e5:88:22:2e:7f:5a:fd:6e:07:6d:8a:df:
b3:0f:05:e4:62:78:81:5c:8b:32:60:23:ae:5f:96:
ed:0e:59:1b:9c:d8:da:94:e3:2f:50:58:fb:dc:c9:
9f:96:6c:d7:71:03:6b:33:97:47:0d:fb:49:42:6c:
25:ac:93:7b:eb:55:6c:97:b5:25:84:5f:83:3e:01:
e8:be:df:b8:b6:cf:84:bb:02:46:2f:21:02:ec:be:
0f:44:ce:65:ff:0d:30:60:05:e7:ab:7c:b0:03:07:
cc:6b:07:3e:6b:fc:a3:18:bb:6f:56:25:bd:0d:9c:
7f:eb:71:2a:d2:c4:50:f8:2d:3b:34:2d:b0:20:31:
0e:9a:97:ae:7f:0f:2a:2a:88:fd:14:88:9d:4d:3d:
44:ce:8b:92:25:9c:5e:ce:f9:3d:4c:a6:36:9f:a2:
01:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:86:1C:F0:21:99:CA:62:B4:BA:39:1D:17:24:3A:CC:72:E4:81:44
X509v3 Authority Key Identifier:
keyid:46:64:9B:57:B8:17:EC:14:3D:DC:B7:D7:71:2C:22:BB:1F:28:AC:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RmSbV7gX7BQ93LfXcSwiux8orHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/858454-a18d-4040-ab3c-ca8fba595d4f/1/D4Yc8CGZymK0ujkdFyQ6zHLkgUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/858454-a18d-4040-ab3c-ca8fba595d4f/1/RmSbV7gX7BQ93LfXcSwiux8orHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.116.0/22
IPv6:
2a0b:99c0::/29
Signature Algorithm: sha256WithRSAEncryption
1c:f6:c6:74:d6:11:89:ed:2a:d1:e2:79:1c:00:06:7c:67:15:
0b:e5:cc:36:f5:dc:a6:8a:37:75:a9:10:2c:dd:4c:bb:c3:58:
00:70:5c:d9:fc:09:42:a4:c5:80:94:d8:a6:f1:6a:b3:c1:64:
11:36:39:7d:38:9e:14:1d:26:76:10:13:38:7c:ab:1e:c2:c4:
31:4b:aa:d6:01:6d:6f:17:a6:47:8d:06:5a:50:a1:eb:da:2a:
0e:3d:79:3b:fc:f0:4c:1b:54:e2:e1:2b:1f:f0:6c:58:5a:e2:
e5:00:61:88:70:99:27:a0:b1:a3:6c:65:74:32:bd:cc:ad:96:
3f:9c:e9:3d:63:f9:44:75:27:a9:85:7b:76:c9:8d:8b:7c:8f:
0b:f2:62:30:f2:d4:c8:cb:55:c0:f7:c2:8d:5c:99:29:13:47:
e4:15:7a:9b:f8:6e:f3:df:d6:73:c2:4a:98:8f:ea:1e:a2:de:
a8:30:7d:f5:46:14:d3:72:d5:42:a6:7c:4d:d6:dd:9d:26:87:
b1:53:09:7e:a1:0b:3d:3e:cd:8e:22:e1:8c:c2:6f:d3:96:00:
e9:7f:fe:31:89:bf:b6:32:53:f5:ea:ca:75:54:e6:e0:75:75:
3a:80:4a:cc:32:00:80:68:88:b6:9c:04:eb:05:62:eb:83:c2:
f2:ab:bc:5a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvS3dl8fR9dIDzg/R8LIBkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NjQ5YjU3YjgxN2VjMTQzZGRjYjdkNzcxMmMyMmJiMWYy
OGFjNzUwHhcNMjMwMTAxMjE0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjg2MWNmMDIxOTljYTYyYjRiYTM5MWQxNzI0M2FjYzcyZTQ4MTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAkXE9MxSZU/2wmAh3TiN8aAYE+o
JfqucvofLB1k8dv5+aqBCP5O2xyQ11K2B53B87ZlJErd9Uk9sGvKSGpwMKsYkIGX
fOi3wpIgrOJyWPPhp0R43zU4GJnzrcLliCIuf1r9bgdtit+zDwXkYniBXIsyYCOu
X5btDlkbnNjalOMvUFj73MmflmzXcQNrM5dHDftJQmwlrJN761Vsl7UlhF+DPgHo
vt+4ts+EuwJGLyEC7L4PRM5l/w0wYAXnq3ywAwfMawc+a/yjGLtvViW9DZx/63Eq
0sRQ+C07NC2wIDEOmpeufw8qKoj9FIidTT1EzouSJZxezvk9TKY2n6IBLwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA+GHPAhmcpitLo5HRckOsxy5IFEMB8GA1UdIwQY
MBaAFEZkm1e4F+wUPdy313EsIrsfKKx1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm1TYlY3Z1g3QlE5M0xmWGNTd2l1eDhvckhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy84NTg0NTQtYTE4ZC00MDQwLWFiM2Mt
Y2E4ZmJhNTk1ZDRmLzEvRDRZYzhDR1p5bUswdWprZEZ5UTZ6SExrZ1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy84NTg0NTQtYTE4ZC00MDQwLWFiM2MtY2E4ZmJhNTk1ZDRm
LzEvUm1TYlY3Z1g3QlE5M0xmWGNTd2l1eDhvckhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudZ0MA0E
AgACMAcDBQMqC5nAMA0GCSqGSIb3DQEBCwUAA4IBAQAc9sZ01hGJ7SrR4nkcAAZ8
ZxUL5cw29dymijd1qRAs3Uy7w1gAcFzZ/AlCpMWAlNim8WqzwWQRNjl9OJ4UHSZ2
EBM4fKsewsQxS6rWAW1vF6ZHjQZaUKHr2ioOPXk7/PBMG1Ti4Ssf8GxYWuLlAGGI
cJknoLGjbGV0Mr3MrZY/nOk9Y/lEdSephXt2yY2LfI8L8mIw8tTIy1XA98KNXJkp
E0fkFXqb+G7z39ZzwkqYj+oeot6oMH31RhTTctVCpnxN1t2dJoexUwl+oQs9Ps2O
IuGMwm/TlgDpf/4xib+2MlP16sp1VObgdXU6gErMMgCAaIi2nATrBWLrg8Lyq7xa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:32 2024 by rpki-client on console-ams.rpki-client.org