Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/oaBsdShhvUb0DntRMdMKU3rMVWQ.roa
File: oaBsdShhvUb0DntRMdMKU3rMVWQ.roa (raw, json)
Hash identifier: soTFDADg8BOq1xpRcqzFyuf3jsFZcK8sf+rm8U2RDaQ=
Subject key identifier: A1:A0:6C:75:28:61:BD:46:F4:0E:7B:51:31:D3:0A:53:7A:CC:55:64
Certificate issuer: /CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Certificate serial: 01856F392BA56ECCB4BFDCCFDD1D0175FFA7
Authority key identifier: BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/oaBsdShhvUb0DntRMdMKU3rMVWQ.roa
Signing time: Sun 01 Jan 2023 21:24:55 +0000
ROA not before: Sun 01 Jan 2023 21:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58224
IP address blocks: 185.66.228.0/24 maxlen: 24
185.66.231.0/24 maxlen: 24
185.66.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:2b:a5:6e:cc:b4:bf:dc:cf:dd:1d:01:75:ff:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Validity
Not Before: Jan 1 21:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1a06c752861bd46f40e7b5131d30a537acc5564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:41:00:80:ea:08:83:28:58:dc:51:a6:35:6a:
a7:f6:d4:24:5d:e9:ff:30:3c:87:c8:d5:48:6a:69:
e0:e8:ad:d6:0a:cd:cf:06:d8:18:6a:e9:25:5b:a1:
99:3a:45:80:4e:20:aa:6e:ba:b6:0c:49:d1:19:31:
35:19:e7:e3:09:fb:43:5b:25:0f:2f:b9:22:39:7f:
76:7c:ce:4e:6a:a4:6d:c8:5d:08:01:67:38:20:6a:
7b:36:c3:40:f2:fb:48:c9:fa:2f:2c:50:16:b4:02:
87:5d:d0:da:cc:27:af:d0:3d:68:74:c6:21:4e:e4:
88:7b:e8:cf:c6:75:29:a3:a1:13:74:fb:59:31:7a:
f9:2b:db:d9:9d:9f:08:5d:3a:32:dc:64:0c:15:f1:
32:96:16:03:3a:00:89:de:0e:51:e8:62:da:ed:55:
00:d5:86:1a:b5:1e:e1:b4:b5:c1:18:1a:68:a9:72:
d2:e1:b3:8b:7b:5a:3e:1c:a8:1a:96:f5:b4:74:b6:
7c:38:69:b9:78:b7:15:f8:8d:45:49:f6:bd:7a:4e:
4f:1f:db:55:48:a5:bb:8a:6a:37:35:e8:ed:fc:da:
c8:54:42:9c:55:9d:48:ac:1a:64:ba:30:81:86:48:
42:a9:63:6d:83:e2:07:ae:d9:f3:fa:d7:8a:f4:0c:
48:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A0:6C:75:28:61:BD:46:F4:0E:7B:51:31:D3:0A:53:7A:CC:55:64
X509v3 Authority Key Identifier:
keyid:BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/oaBsdShhvUb0DntRMdMKU3rMVWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.228.0/23
185.66.231.0/24
Signature Algorithm: sha256WithRSAEncryption
55:ba:06:dd:2f:95:63:79:aa:24:ff:4c:e2:dd:78:51:22:30:
99:21:78:dd:f8:3a:4e:78:55:fe:4d:e8:cb:b6:28:c8:2f:be:
e5:19:e9:69:be:2a:ed:05:b6:67:29:d2:bb:03:ba:a4:bd:9a:
0d:3d:d1:4e:ff:9d:69:c5:40:fd:b1:b4:55:a9:10:3f:90:3e:
f0:4d:7d:1d:97:71:da:24:21:03:73:4d:6e:72:b6:38:40:47:
ee:b7:6c:ea:66:d5:a8:d5:ea:74:b5:78:c9:00:84:20:70:3a:
14:a7:b6:42:3d:56:c4:34:2f:c0:97:bd:4d:fc:6f:03:a3:67:
8e:1d:22:b2:f8:16:f6:ea:f5:79:61:ec:2c:54:33:d6:9d:0c:
c4:d8:8b:a0:50:0f:d4:89:d2:3f:c8:cb:a6:40:f1:de:23:b1:
18:fd:19:61:d7:0f:cb:58:85:19:d8:63:a7:e4:b2:e8:43:c4:
cc:83:cb:b6:35:3d:34:ae:45:7e:ab:fd:62:1e:61:5b:61:ef:
55:e1:0f:2f:54:87:74:78:17:97:75:65:27:d9:7d:3e:97:42:
ef:94:26:92:89:14:0b:77:3d:91:14:26:51:43:5b:40:d2:93:
be:31:06:00:9f:5d:20:13:65:63:9a:90:1a:cd:cf:0f:9f:de:
1b:4b:cf:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvOSulbsy0v9zP3R0Bdf+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNWRiODExYjVkNWQwNWJlYzM3ZWU5ZDA5YTRlYzUyZWVl
ZDFhZDUwHhcNMjMwMTAxMjEyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWEwNmM3NTI4NjFiZDQ2ZjQwZTdiNTEzMWQzMGE1MzdhY2M1NTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEEAgOoIgyhY3FGmNWqn9tQkXen/
MDyHyNVIamng6K3WCs3PBtgYauklW6GZOkWATiCqbrq2DEnRGTE1GefjCftDWyUP
L7kiOX92fM5OaqRtyF0IAWc4IGp7NsNA8vtIyfovLFAWtAKHXdDazCev0D1odMYh
TuSIe+jPxnUpo6ETdPtZMXr5K9vZnZ8IXToy3GQMFfEylhYDOgCJ3g5R6GLa7VUA
1YYatR7htLXBGBpoqXLS4bOLe1o+HKgalvW0dLZ8OGm5eLcV+I1FSfa9ek5PH9tV
SKW7imo3Nejt/NrIVEKcVZ1IrBpkujCBhkhCqWNtg+IHrtnz+teK9AxIZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKGgbHUoYb1G9A57UTHTClN6zFVkMB8GA1UdIwQY
MBaAFL9duBG11dBb7DfunQmk7FLu7RrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2Mt
NzE1ZjA5ODE3MzQxLzEvb2FCc2RTaGh2VWIwRG50Uk1kTUtVM3JNVldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2MtNzE1ZjA5ODE3MzQx
LzEvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuULkAwQA
uULnMA0GCSqGSIb3DQEBCwUAA4IBAQBVugbdL5Vjeaok/0zi3XhRIjCZIXjd+DpO
eFX+TejLtijIL77lGelpvirtBbZnKdK7A7qkvZoNPdFO/51pxUD9sbRVqRA/kD7w
TX0dl3HaJCEDc01ucrY4QEfut2zqZtWo1ep0tXjJAIQgcDoUp7ZCPVbENC/Al71N
/G8Do2eOHSKy+Bb26vV5YewsVDPWnQzE2IugUA/UidI/yMumQPHeI7EY/Rlh1w/L
WIUZ2GOn5LLoQ8TMg8u2NT00rkV+q/1iHmFbYe9V4Q8vVId0eBeXdWUn2X0+l0Lv
lCaSiRQLdz2RFCZRQ1tA0pO+MQYAn10gE2VjmpAazc8Pn94bS88L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:31 2024 by rpki-client on console-fra.rpki-client.org