Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/n8Vok4GraAXhSFCY8VMcEuk-sjU.roa
File: n8Vok4GraAXhSFCY8VMcEuk-sjU.roa (raw, json)
Hash identifier: Pczk1moRvq7CNtn6XyzmHpn4iTTeoD4Sf+rKPY9necc=
Subject key identifier: 9F:C5:68:93:81:AB:68:05:E1:48:50:98:F1:53:1C:12:E9:3E:B2:35
Certificate issuer: /CN=91e6d3242257b2965b6278ff8c17e16ff3f08b21
Certificate serial: 01856CB86681D8EA82CDB9F823DD85664A8D
Authority key identifier: 91:E6:D3:24:22:57:B2:96:5B:62:78:FF:8C:17:E1:6F:F3:F0:8B:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kebTJCJXspZbYnj_jBfhb_PwiyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/n8Vok4GraAXhSFCY8VMcEuk-sjU.roa
Signing time: Sun 01 Jan 2023 09:45:02 +0000
ROA not before: Sun 01 Jan 2023 09:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204732
IP address blocks: 185.242.70.0/24 maxlen: 24
185.242.70.0/23 maxlen: 23
185.242.68.0/23 maxlen: 23
185.242.68.0/24 maxlen: 24
185.242.68.0/22 maxlen: 22
185.242.71.0/24 maxlen: 24
185.242.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:66:81:d8:ea:82:cd:b9:f8:23:dd:85:66:4a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91e6d3242257b2965b6278ff8c17e16ff3f08b21
Validity
Not Before: Jan 1 09:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fc5689381ab6805e1485098f1531c12e93eb235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:71:f9:b1:37:c7:c3:a6:f8:97:2a:9e:95:90:
bf:be:b0:dc:ef:df:47:40:10:87:1d:de:ea:02:13:
41:9f:86:d3:ac:ca:69:45:98:6a:f2:d3:da:71:c1:
80:fa:4f:63:74:00:c2:0c:df:56:f4:8c:f1:57:f0:
39:c1:5d:72:e6:e8:ef:19:b2:6d:74:61:ec:4a:da:
b9:13:fa:70:3b:44:ec:b4:28:6c:d7:1d:6c:63:ec:
93:8a:9a:9d:08:ee:0f:42:63:df:f1:d8:b9:30:15:
a8:2b:34:5e:21:7a:c9:7c:5a:94:da:f0:12:b1:ff:
98:ba:33:ca:49:76:9a:5e:49:2b:36:8d:22:37:04:
de:b1:a2:25:14:11:4b:3d:18:60:30:33:ea:ee:81:
1b:fe:86:80:c6:5f:60:cf:29:ed:a6:90:27:4d:96:
83:4e:08:82:be:2b:21:c6:8e:ae:33:02:11:a2:62:
e1:e6:14:df:c5:c0:42:db:4f:75:08:e5:b4:e8:17:
c1:ca:69:31:64:cd:c0:10:a3:84:ce:8e:ae:1e:1a:
53:df:c4:30:a3:a2:e8:f7:ad:0c:36:f0:86:00:d6:
44:8e:2e:e1:d0:c6:88:5f:4f:1f:b8:08:6c:ea:cd:
d2:e2:aa:b4:b6:d9:7d:c1:1d:71:1b:52:67:54:cf:
df:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C5:68:93:81:AB:68:05:E1:48:50:98:F1:53:1C:12:E9:3E:B2:35
X509v3 Authority Key Identifier:
keyid:91:E6:D3:24:22:57:B2:96:5B:62:78:FF:8C:17:E1:6F:F3:F0:8B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kebTJCJXspZbYnj_jBfhb_PwiyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/n8Vok4GraAXhSFCY8VMcEuk-sjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/kebTJCJXspZbYnj_jBfhb_PwiyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.68.0/22
Signature Algorithm: sha256WithRSAEncryption
84:36:25:0b:cb:8d:8c:ce:4b:e3:93:69:6b:cd:b1:67:f8:a0:
ec:66:7c:63:3c:4a:ac:4f:1e:91:64:6a:df:85:bf:f9:5e:f7:
21:27:cc:24:07:1d:ed:d5:aa:d9:f4:2c:ee:ae:01:6a:0c:3b:
32:ad:f6:6c:b4:30:29:df:c2:27:f8:05:75:03:4c:54:0e:78:
59:b5:22:b5:3d:1f:75:01:81:d0:b8:42:8d:24:85:0e:a9:a3:
2a:fc:c3:34:39:79:cb:4e:1c:cd:35:8e:32:3e:e1:52:97:09:
34:a4:20:52:f9:da:28:84:91:a2:84:e1:a8:ab:04:3b:2a:27:
1d:60:75:fc:ef:10:12:db:63:89:aa:d7:e9:e0:45:eb:5b:e3:
86:92:62:a8:a7:27:c5:c7:5b:86:9a:b0:d8:c3:56:4e:06:9f:
61:a2:af:83:b0:14:2e:ec:58:9e:65:de:80:b0:52:45:95:67:
eb:c5:78:78:7e:28:9f:ad:3b:d0:e4:ed:ec:83:9c:6a:ef:89:
cb:29:d0:5d:a6:35:b4:21:c7:f5:9e:18:f0:10:c7:21:b6:d4:
fd:ea:18:f8:9f:32:3c:27:2f:2e:ea:c2:4c:a6:fd:b8:23:55:
b8:4f:7b:0f:37:b2:9f:1a:6d:f0:11:15:b4:8d:16:f2:74:31:
a2:a1:35:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuGaB2OqCzbn4I92FZkqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZTZkMzI0MjI1N2IyOTY1YjYyNzhmZjhjMTdlMTZmZjNm
MDhiMjEwHhcNMjMwMTAxMDk0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmM1Njg5MzgxYWI2ODA1ZTE0ODUwOThmMTUzMWMxMmU5M2ViMjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnH5sTfHw6b4lyqelZC/vrDc799H
QBCHHd7qAhNBn4bTrMppRZhq8tPaccGA+k9jdADCDN9W9IzxV/A5wV1y5ujvGbJt
dGHsStq5E/pwO0TstChs1x1sY+yTipqdCO4PQmPf8di5MBWoKzReIXrJfFqU2vAS
sf+YujPKSXaaXkkrNo0iNwTesaIlFBFLPRhgMDPq7oEb/oaAxl9gzyntppAnTZaD
TgiCvishxo6uMwIRomLh5hTfxcBC2091COW06BfBymkxZM3AEKOEzo6uHhpT38Qw
o6Lo960MNvCGANZEji7h0MaIX08fuAhs6s3S4qq0ttl9wR1xG1JnVM/fjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ/FaJOBq2gF4UhQmPFTHBLpPrI1MB8GA1UdIwQY
MBaAFJHm0yQiV7KWW2J4/4wX4W/z8IshMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2ViVEpDSlhzcFpiWW5qX2pCZmhiX1B3aXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wYzBmNjEtYjY5Yy00NjU3LTk4Njct
N2U3NGE2YTk4ZWNkLzEvbjhWb2s0R3JhQVhoU0ZDWThWTWNFdWstc2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wYzBmNjEtYjY5Yy00NjU3LTk4NjctN2U3NGE2YTk4ZWNk
LzEva2ViVEpDSlhzcFpiWW5qX2pCZmhiX1B3aXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufJEMA0G
CSqGSIb3DQEBCwUAA4IBAQCENiULy42Mzkvjk2lrzbFn+KDsZnxjPEqsTx6RZGrf
hb/5XvchJ8wkBx3t1arZ9CzurgFqDDsyrfZstDAp38In+AV1A0xUDnhZtSK1PR91
AYHQuEKNJIUOqaMq/MM0OXnLThzNNY4yPuFSlwk0pCBS+doohJGihOGoqwQ7Kicd
YHX87xAS22OJqtfp4EXrW+OGkmKopyfFx1uGmrDYw1ZOBp9hoq+DsBQu7FieZd6A
sFJFlWfrxXh4fiifrTvQ5O3sg5xq74nLKdBdpjW0Icf1nhjwEMchttT96hj4nzI8
Jy8u6sJMpv24I1W4T3sPN7KfGm3wERW0jRbydDGioTVK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:02 2024 by rpki-client on console-ams.rpki-client.org