Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/drT80OMMP7PyZ6b60MF7v_xQjws.roa
File: drT80OMMP7PyZ6b60MF7v_xQjws.roa (raw, json)
Hash identifier: eB7XR5zh3XBSQ3uvS489fH6e/Aro53lItDqYJe9suc0=
Subject key identifier: 76:B4:FC:D0:E3:0C:3F:B3:F2:67:A6:FA:D0:C1:7B:BF:FC:50:8F:0B
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 018693CEBF8E9F49B66DF20E962F5D68F864
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/drT80OMMP7PyZ6b60MF7v_xQjws.roa
Signing time: Mon 27 Feb 2023 16:57:25 +0000
ROA not before: Mon 27 Feb 2023 16:57:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207241
IP address blocks: 185.203.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:ce:bf:8e:9f:49:b6:6d:f2:0e:96:2f:5d:68:f8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Feb 27 16:57:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76b4fcd0e30c3fb3f267a6fad0c17bbffc508f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fe:ab:1d:63:66:2a:30:70:f4:39:d3:e6:74:
5e:4a:c5:5e:7a:fa:c2:aa:f5:11:15:9a:7a:f3:7a:
a1:a9:50:84:a0:74:55:84:30:ad:db:1d:48:35:28:
e8:8a:dc:73:a9:4e:57:77:85:07:f3:5a:d8:57:27:
58:00:00:59:14:a7:8f:de:1e:d5:d4:9d:e6:b4:57:
59:d3:5f:d4:a8:1a:6e:a2:77:d8:bf:28:3d:07:c6:
ea:ca:49:cb:e0:0e:0b:6e:77:f6:5c:a8:56:10:38:
59:f3:8a:7d:22:5d:66:09:fa:2a:ba:9a:f5:e8:34:
ad:e6:d2:14:9e:74:10:94:dd:91:f9:fb:e8:0f:ed:
3c:4c:b7:9b:a5:68:16:79:44:5d:3e:ad:eb:67:08:
32:2c:80:9e:de:93:22:ae:ed:86:81:29:fe:ff:62:
58:3a:de:93:bb:b0:ec:2f:89:d9:c3:f7:c4:f1:bc:
8d:da:20:7e:e4:9a:a0:4f:20:ca:42:84:ac:42:25:
01:41:d1:fb:93:14:99:98:9b:7e:fe:41:47:a2:76:
4d:c5:54:ba:31:c9:09:2c:11:e3:3c:74:7f:d3:7e:
47:cd:6d:23:91:48:4b:27:98:12:5e:41:1b:38:3e:
37:c7:74:20:cf:0b:85:f8:70:f9:d7:9c:be:32:7f:
f8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B4:FC:D0:E3:0C:3F:B3:F2:67:A6:FA:D0:C1:7B:BF:FC:50:8F:0B
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/drT80OMMP7PyZ6b60MF7v_xQjws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.199.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:d4:e5:b2:ad:af:69:2a:64:cc:8d:e2:aa:79:8d:bd:91:26:
3a:bf:8f:6b:7f:f1:cc:10:91:5d:0d:bf:e6:a5:a2:66:a2:5c:
89:bb:3c:1f:30:83:e3:c6:96:db:c8:a7:25:81:06:36:28:84:
9e:94:7d:a3:b8:da:80:bc:f9:2f:3e:22:e8:03:06:6d:3b:d5:
09:72:9a:c5:85:56:5b:11:d1:4f:df:85:41:38:ac:96:2b:92:
56:c2:a6:ac:d0:d6:ab:eb:2a:14:e5:1a:e2:54:42:9e:09:ae:
67:89:ec:b8:19:be:9e:22:3d:fd:2d:60:5b:13:2f:b9:48:e3:
7b:64:92:37:b1:c4:82:ea:a4:11:9f:cb:75:48:2e:50:4b:3e:
6f:45:89:37:3e:d4:bc:50:97:fa:4b:71:be:62:f1:ca:31:a6:
fc:f2:b9:24:d5:f5:03:d8:9c:42:4b:76:c1:59:ec:e0:4c:aa:
be:ee:b3:09:1b:48:6b:25:82:d5:fd:0c:6f:14:fe:10:3b:6c:
8e:67:64:d6:d3:d9:d6:8f:35:3a:d5:62:fe:9c:07:d0:9d:99:
10:5b:80:c6:2c:5f:64:c5:ae:d0:89:14:1e:b4:e6:f4:21:80:
45:3c:ac:3c:48:58:cb:b6:db:b7:59:97:e1:ad:53:b0:c4:12:
66:c6:ff:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaTzr+On0m2bfIOli9daPhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjMwMjI3MTY1NzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmI0ZmNkMGUzMGMzZmIzZjI2N2E2ZmFkMGMxN2JiZmZjNTA4ZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/6rHWNmKjBw9DnT5nReSsVeevrC
qvURFZp683qhqVCEoHRVhDCt2x1INSjoitxzqU5Xd4UH81rYVydYAABZFKeP3h7V
1J3mtFdZ01/UqBpuonfYvyg9B8bqyknL4A4Lbnf2XKhWEDhZ84p9Il1mCfoqupr1
6DSt5tIUnnQQlN2R+fvoD+08TLebpWgWeURdPq3rZwgyLICe3pMiru2GgSn+/2JY
Ot6Tu7DsL4nZw/fE8byN2iB+5JqgTyDKQoSsQiUBQdH7kxSZmJt+/kFHonZNxVS6
MckJLBHjPHR/035HzW0jkUhLJ5gSXkEbOD43x3QgzwuF+HD515y+Mn/4/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHa0/NDjDD+z8mem+tDBe7/8UI8LMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvZHJUODBPTU1QN1B5WjZiNjBNRjd2X3hRandzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucvHMA0G
CSqGSIb3DQEBCwUAA4IBAQAr1OWyra9pKmTMjeKqeY29kSY6v49rf/HMEJFdDb/m
paJmolyJuzwfMIPjxpbbyKclgQY2KISelH2juNqAvPkvPiLoAwZtO9UJcprFhVZb
EdFP34VBOKyWK5JWwqas0Nar6yoU5RriVEKeCa5niey4Gb6eIj39LWBbEy+5SON7
ZJI3scSC6qQRn8t1SC5QSz5vRYk3PtS8UJf6S3G+YvHKMab88rkk1fUD2JxCS3bB
WezgTKq+7rMJG0hrJYLV/QxvFP4QO2yOZ2TW09nWjzU61WL+nAfQnZkQW4DGLF9k
xa7QiRQetOb0IYBFPKw8SFjLttu3WZfhrVOwxBJmxv8m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:53 2024 by rpki-client on console-ams.rpki-client.org