Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/bF7DWInwtuOzmD21sDSQvPbCPns.roa
File: bF7DWInwtuOzmD21sDSQvPbCPns.roa (raw, json)
Hash identifier: YuIAPrYmQsExVRYV6YU/QAvFEwCEq4TP9KyQsMoZkC0=
Subject key identifier: 6C:5E:C3:58:89:F0:B6:E3:B3:98:3D:B5:B0:34:90:BC:F6:C2:3E:7B
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 018940173C7B872C6529A21F533584D54847
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/bF7DWInwtuOzmD21sDSQvPbCPns.roa
Signing time: Mon 10 Jul 2023 13:56:51 +0000
ROA not before: Mon 10 Jul 2023 13:56:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62455
IP address blocks: 185.182.72.0/22 maxlen: 24
185.233.176.0/22 maxlen: 24
185.205.229.0/24 maxlen: 24
185.205.228.0/22 maxlen: 24
185.205.228.0/24 maxlen: 24
185.205.230.0/24 maxlen: 24
2a0b:bc0::/29 maxlen: 30
2a0a:e780::/29 maxlen: 30
Validation: Failed, certificate revoked on Wed 09 Aug 2023 11:08:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:40:17:3c:7b:87:2c:65:29:a2:1f:53:35:84:d5:48:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jul 10 13:56:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c5ec35889f0b6e3b3983db5b03490bcf6c23e7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b2:60:cb:4d:9d:db:47:32:9e:88:d8:c5:cb:
d4:7e:45:cc:f7:13:72:a7:a4:de:58:18:bb:fe:9c:
73:89:e7:b2:fc:c5:60:7e:8e:b4:85:0b:2c:30:93:
9d:73:6c:72:aa:00:5e:be:5f:c4:76:d8:da:cd:3f:
f9:35:1d:10:ec:63:bd:a8:d8:79:fb:e4:63:6f:37:
24:06:90:42:a0:0d:63:d1:d9:fe:92:53:8a:8e:39:
b8:8b:a3:ee:e1:fc:84:5d:ba:41:f8:c8:0d:b2:0e:
69:52:3b:48:82:65:2c:91:b0:a6:05:e5:95:29:f1:
9d:81:8f:b0:c6:fa:f8:ea:fa:6b:e1:d4:dd:a1:dc:
5c:f2:d2:16:6c:92:05:80:74:08:fa:fa:e3:22:58:
71:25:b2:d8:d0:48:06:06:2f:3b:19:78:29:bc:04:
d0:93:42:43:25:cf:c5:c8:0d:dc:c1:d6:70:af:1d:
ac:5e:2f:cc:a4:c0:0f:14:c9:3c:51:1e:0a:43:ac:
d6:de:c4:c8:01:4e:65:85:b8:f8:39:0b:0d:09:99:
bb:4d:38:7e:9f:dc:3f:e0:e9:a8:cc:b5:14:b6:a2:
ad:ec:0f:66:b9:c6:0e:1e:fe:35:13:4a:83:7c:ff:
0e:94:92:c9:32:74:ea:bd:38:bc:c1:28:b1:9e:f3:
84:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:5E:C3:58:89:F0:B6:E3:B3:98:3D:B5:B0:34:90:BC:F6:C2:3E:7B
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/bF7DWInwtuOzmD21sDSQvPbCPns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.72.0/22
185.205.228.0/22
185.233.176.0/22
IPv6:
2a0a:e780::/29
2a0b:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
cd:38:68:95:e2:50:28:bf:fc:43:de:67:94:e3:29:af:9c:31:
63:63:ff:3f:da:0f:f7:df:57:d7:76:b7:5f:2d:7c:20:eb:37:
df:2e:45:f2:c4:b9:a1:a7:4c:58:70:68:90:09:30:01:d4:95:
dc:e3:66:9d:61:b5:ad:ac:82:6f:1f:e6:fa:22:e5:0a:53:06:
e6:34:a9:0f:cc:0c:e6:6b:d1:1a:e3:55:48:f5:3e:30:b3:2a:
25:fd:d1:89:5e:1d:31:6b:07:fb:f5:3c:89:f0:84:51:fe:54:
fb:33:48:53:aa:cc:80:ff:c6:a5:ce:bc:fb:3f:24:95:e1:16:
65:8a:3d:46:a6:19:6b:9b:67:cc:28:c1:88:af:77:6a:af:6e:
8d:c4:99:06:16:93:62:18:5e:a7:8e:ab:4b:ee:20:95:f5:ad:
68:25:13:63:ab:c7:78:47:92:4b:a4:a7:77:d5:a6:6d:68:53:
b8:9f:2f:04:de:20:b2:b3:c2:64:60:5b:45:bd:17:17:cf:c4:
61:4b:28:f4:4e:ed:c3:30:b3:cf:e2:47:0f:c8:a1:a3:3c:c9:
ba:2a:98:b4:f1:cd:d1:ab:0d:7b:90:17:39:81:44:03:a6:ac:
f8:1c:16:57:75:54:73:a6:01:e8:3e:9a:44:1f:bf:b2:6e:35:
60:5f:65:cf
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYlAFzx7hyxlKaIfUzWE1UhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjMwNzEwMTM1NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzVlYzM1ODg5ZjBiNmUzYjM5ODNkYjViMDM0OTBiY2Y2YzIzZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLJgy02d20cynojYxcvUfkXM9xNy
p6TeWBi7/pxzieey/MVgfo60hQssMJOdc2xyqgBevl/EdtjazT/5NR0Q7GO9qNh5
++RjbzckBpBCoA1j0dn+klOKjjm4i6Pu4fyEXbpB+MgNsg5pUjtIgmUskbCmBeWV
KfGdgY+wxvr46vpr4dTdodxc8tIWbJIFgHQI+vrjIlhxJbLY0EgGBi87GXgpvATQ
k0JDJc/FyA3cwdZwrx2sXi/MpMAPFMk8UR4KQ6zW3sTIAU5lhbj4OQsNCZm7TTh+
n9w/4OmozLUUtqKt7A9mucYOHv41E0qDfP8OlJLJMnTqvTi8wSixnvOExQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGxew1iJ8Lbjs5g9tbA0kLz2wj57MB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvYkY3RFdJbnd0dU96bUQyMXNEU1F2UGJDUG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCubZIAwQC
uc3kAwQCuemwMBQEAgACMA4DBQMqCueAAwUDKgsLwDANBgkqhkiG9w0BAQsFAAOC
AQEAzTholeJQKL/8Q95nlOMpr5wxY2P/P9oP999X13a3Xy18IOs33y5F8sS5oadM
WHBokAkwAdSV3ONmnWG1rayCbx/m+iLlClMG5jSpD8wM5mvRGuNVSPU+MLMqJf3R
iV4dMWsH+/U8ifCEUf5U+zNIU6rMgP/Gpc68+z8kleEWZYo9RqYZa5tnzCjBiK93
aq9ujcSZBhaTYhhep46rS+4glfWtaCUTY6vHeEeSS6Snd9WmbWhTuJ8vBN4gsrPC
ZGBbRb0XF8/EYUso9E7twzCzz+JHD8ihozzJuiqYtPHN0asNe5AXOYFEA6as+BwW
V3VUc6YB6D6aRB+/sm41YF9lzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:46 2024 by rpki-client on console-fra.rpki-client.org