Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/gC9dsnVtJvNMhknrCM9U6Qjs82k.roa
File: gC9dsnVtJvNMhknrCM9U6Qjs82k.roa (raw, json)
Hash identifier: ZOH4dgJN9nuxRiGVuM32xC0E4mImsQzcOr+dTPhIA28=
Subject key identifier: 80:2F:5D:B2:75:6D:26:F3:4C:86:49:EB:08:CF:54:E9:08:EC:F3:69
Certificate issuer: /CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Certificate serial: 01856F392C1ED46C33426E28824BB0F3B08E
Authority key identifier: BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/gC9dsnVtJvNMhknrCM9U6Qjs82k.roa
Signing time: Sun 01 Jan 2023 21:24:55 +0000
ROA not before: Sun 01 Jan 2023 21:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201689
IP address blocks: 185.66.228.0/22 maxlen: 22
185.66.229.0/24 maxlen: 24
185.66.230.0/24 maxlen: 24
185.66.231.0/24 maxlen: 24
185.66.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:2c:1e:d4:6c:33:42:6e:28:82:4b:b0:f3:b0:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Validity
Not Before: Jan 1 21:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=802f5db2756d26f34c8649eb08cf54e908ecf369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a0:75:91:6d:20:54:30:41:b0:3c:96:de:09:
89:22:b9:8a:5a:d1:b6:b8:41:55:6c:2c:bb:bf:b4:
60:c9:19:25:62:04:38:6f:7b:fa:63:7a:fa:64:3b:
84:e0:c5:9b:06:89:3b:16:92:11:fa:00:88:82:37:
e9:c3:74:7c:8a:33:4f:c7:8a:d3:3a:b4:43:65:44:
7f:7d:97:f6:e9:45:2c:72:67:8a:ce:e2:f3:57:40:
7e:04:2e:c4:c0:30:ea:15:74:63:49:90:94:f7:32:
0d:ff:ae:ea:f0:c8:0c:12:ba:59:25:68:e8:46:9d:
32:46:f1:11:d4:df:7b:20:6f:a2:24:8c:fa:2b:a0:
74:2b:ff:02:8c:8a:20:75:1d:ff:6c:90:c3:ee:ed:
fe:8e:6f:c6:85:e1:12:6e:41:77:22:bb:00:e0:38:
df:92:96:eb:a7:70:be:22:76:d2:e2:2e:75:54:02:
3a:48:bb:c8:db:12:a4:eb:3a:90:f7:66:a6:ac:9e:
c4:9c:ea:14:ac:ba:1c:c9:41:62:ae:94:6c:19:a9:
aa:39:39:72:bb:8b:ee:3f:0c:dd:3c:41:2d:f8:b6:
c2:60:6c:92:1f:bf:36:72:5d:2e:5f:c2:c7:a7:d1:
9c:d4:6b:a8:7f:82:0d:76:34:b4:29:fe:04:a9:6a:
c3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2F:5D:B2:75:6D:26:F3:4C:86:49:EB:08:CF:54:E9:08:EC:F3:69
X509v3 Authority Key Identifier:
keyid:BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/gC9dsnVtJvNMhknrCM9U6Qjs82k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.228.0/22
Signature Algorithm: sha256WithRSAEncryption
83:64:39:cc:00:99:7f:9b:35:88:dc:c8:9b:cc:6c:cc:c2:0c:
32:78:78:94:2c:81:0b:e0:e6:9d:70:eb:a2:05:7a:c0:18:97:
05:e1:79:67:ff:49:2d:35:01:75:ab:5a:6c:64:6f:0d:b5:61:
c2:21:73:27:93:cb:79:6d:15:1f:a5:17:2b:d4:18:bb:8f:b9:
62:4f:3d:74:b9:3d:21:e1:92:f9:de:73:3f:0e:24:eb:35:cd:
41:e8:a6:b4:08:1c:63:21:40:6c:16:dd:0d:c2:b2:e8:a8:c2:
f9:f4:bd:a0:ec:c1:f7:a3:5a:3a:97:aa:aa:6c:59:e5:82:c2:
25:c7:4c:f9:be:89:aa:24:da:97:c3:79:69:f8:aa:83:20:d9:
8f:85:16:90:44:35:ac:da:42:fe:e2:87:7c:cf:e2:45:1a:30:
94:22:0d:7f:dc:be:8d:74:0c:98:65:61:d7:73:8f:ea:e6:88:
d7:d9:4d:ad:4e:58:5e:93:64:c7:f7:a9:f5:d8:98:9f:ab:01:
ee:ee:65:4f:f5:4f:6f:e2:9c:6c:ca:75:b6:7b:ec:d9:16:53:
10:a2:bc:b6:aa:19:d1:9f:b0:60:8c:88:39:6e:49:8f:ed:0c:
af:1b:dd:87:10:58:3a:d7:3c:e0:c7:b8:6c:0b:56:e8:b7:1a:
d6:0f:25:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOSwe1GwzQm4ogkuw87COMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNWRiODExYjVkNWQwNWJlYzM3ZWU5ZDA5YTRlYzUyZWVl
ZDFhZDUwHhcNMjMwMTAxMjEyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDJmNWRiMjc1NmQyNmYzNGM4NjQ5ZWIwOGNmNTRlOTA4ZWNmMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6B1kW0gVDBBsDyW3gmJIrmKWtG2
uEFVbCy7v7RgyRklYgQ4b3v6Y3r6ZDuE4MWbBok7FpIR+gCIgjfpw3R8ijNPx4rT
OrRDZUR/fZf26UUscmeKzuLzV0B+BC7EwDDqFXRjSZCU9zIN/67q8MgMErpZJWjo
Rp0yRvER1N97IG+iJIz6K6B0K/8CjIogdR3/bJDD7u3+jm/GheESbkF3IrsA4Djf
kpbrp3C+InbS4i51VAI6SLvI2xKk6zqQ92amrJ7EnOoUrLocyUFirpRsGamqOTly
u4vuPwzdPEEt+LbCYGySH782cl0uX8LHp9Gc1Guof4INdjS0Kf4EqWrDWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAvXbJ1bSbzTIZJ6wjPVOkI7PNpMB8GA1UdIwQY
MBaAFL9duBG11dBb7DfunQmk7FLu7RrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2Mt
NzE1ZjA5ODE3MzQxLzEvZ0M5ZHNuVnRKdk5NaGtuckNNOVU2UWpzODJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2MtNzE1ZjA5ODE3MzQx
LzEvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuULkMA0G
CSqGSIb3DQEBCwUAA4IBAQCDZDnMAJl/mzWI3MibzGzMwgwyeHiULIEL4OadcOui
BXrAGJcF4Xln/0ktNQF1q1psZG8NtWHCIXMnk8t5bRUfpRcr1Bi7j7liTz10uT0h
4ZL53nM/DiTrNc1B6Ka0CBxjIUBsFt0NwrLoqML59L2g7MH3o1o6l6qqbFnlgsIl
x0z5vomqJNqXw3lp+KqDINmPhRaQRDWs2kL+4od8z+JFGjCUIg1/3L6NdAyYZWHX
c4/q5ojX2U2tTlhek2TH96n12JifqwHu7mVP9U9v4pxsynW2e+zZFlMQory2qhnR
n7BgjIg5bkmP7QyvG92HEFg61zzgx7hsC1botxrWDyW3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:43 2024 by rpki-client on console-ams.rpki-client.org