Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/7a1Vd3xkWD9D8PsbRu35xzfjJB8.roa
File: 7a1Vd3xkWD9D8PsbRu35xzfjJB8.roa (raw, json)
Hash identifier: pPKppcxw+KrMvDvFyORwR/BFkXiwqpfo/d5wE82CtAw=
Subject key identifier: ED:AD:55:77:7C:64:58:3F:43:F0:FB:1B:46:ED:F9:C7:37:E3:24:1F
Certificate issuer: /CN=a316c7659af1d56bc718faf614f092758f5edc7f
Certificate serial: 01915D226BCA970C6C092F4196D1341BA852
Authority key identifier: A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/7a1Vd3xkWD9D8PsbRu35xzfjJB8.roa
Signing time: Fri 16 Aug 2024 21:40:22 +0000
ROA not before: Fri 16 Aug 2024 21:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.221.84.0/24 maxlen: 24
212.32.0.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 20:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5d:22:6b:ca:97:0c:6c:09:2f:41:96:d1:34:1b:a8:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a316c7659af1d56bc718faf614f092758f5edc7f
Validity
Not Before: Aug 16 21:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=edad55777c64583f43f0fb1b46edf9c737e3241f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:06:ee:a2:82:53:61:be:6f:c5:77:77:90:95:
19:9a:59:95:28:85:52:af:32:f1:e4:69:7f:e1:40:
e9:2c:bd:66:96:a1:29:78:0b:f2:7e:1c:e3:90:13:
46:32:4a:58:da:dd:1a:a7:3a:e1:16:dc:16:ea:61:
f6:6b:ff:f2:ff:72:f5:b8:73:91:5b:eb:04:11:de:
9c:9e:5b:90:bb:be:be:69:22:e5:56:63:b5:ea:5e:
68:01:a1:df:5b:dd:22:4d:28:9f:ae:20:03:ad:7a:
9d:d4:d3:1a:d0:7c:2b:e4:e7:c3:08:43:33:28:66:
bc:9b:8d:bd:3c:33:84:06:3a:6d:7d:9a:a5:d1:31:
bb:2f:78:4d:fa:fd:96:33:71:33:94:95:7c:8b:5f:
d5:fb:6e:81:c0:aa:0e:e0:43:3d:6d:5a:d7:44:00:
a2:ce:a1:4d:56:5d:d7:2c:2c:da:69:5e:5c:32:ad:
9d:05:df:85:80:ef:33:42:3e:73:08:0c:35:f7:08:
84:ff:57:ed:b8:28:ec:c1:f9:64:1d:1f:c2:9e:5b:
b0:f8:3e:f0:31:83:75:28:27:98:57:7b:6a:d3:5e:
ae:5d:21:f0:fe:2f:bb:ab:d1:e6:89:15:65:ca:da:
2d:dc:14:df:21:26:59:9b:a7:0e:8f:fc:2b:5d:6d:
cf:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:AD:55:77:7C:64:58:3F:43:F0:FB:1B:46:ED:F9:C7:37:E3:24:1F
X509v3 Authority Key Identifier:
keyid:A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/7a1Vd3xkWD9D8PsbRu35xzfjJB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.84.0/24
212.32.0.0/21
Signature Algorithm: sha256WithRSAEncryption
47:18:9b:35:a1:f8:40:c8:aa:84:da:0a:ff:18:5e:14:24:f6:
ce:ac:4d:c4:2f:c3:ec:27:12:84:6c:dd:9a:fd:88:7c:5f:7b:
79:2f:26:67:05:3b:a3:83:b3:70:b2:01:0c:c2:5a:d9:02:cc:
f1:1f:1b:66:0c:5b:92:eb:ad:53:93:56:d2:e1:56:30:58:f6:
c8:ac:88:a7:fb:f1:58:c5:79:d2:ae:9f:aa:a2:7a:ed:12:2d:
60:e1:df:cd:d9:b9:6b:69:c1:0d:c7:90:66:e2:19:48:ec:10:
b9:5d:b2:8f:f5:03:0c:d2:83:54:67:4c:4e:d3:d1:8a:c4:76:
ac:27:fd:3b:84:1a:5c:df:82:97:cf:8a:18:29:7d:81:18:a0:
0b:49:f8:10:4f:57:2b:f7:23:0c:e1:b2:46:50:a9:d1:55:fe:
20:94:c1:43:df:b1:a1:ad:3e:88:8f:c1:26:89:7f:ef:b1:d3:
b5:ab:8e:74:25:95:60:8e:bb:d9:f3:88:aa:2b:6a:c1:2f:d2:
86:b8:c9:d8:41:31:85:4b:15:61:52:3f:3e:ac:78:1d:56:ba:
cf:49:11:28:65:ef:3c:7c:56:26:5b:33:3a:57:5a:fe:8d:9c:
14:09:2e:26:7e:cf:a3:d6:e3:24:e5:d1:46:8e:39:bd:26:2d:
8c:63:b4:f7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFdImvKlwxsCS9BltE0G6hSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTZjNzY1OWFmMWQ1NmJjNzE4ZmFmNjE0ZjA5Mjc1OGY1
ZWRjN2YwHhcNMjQwODE2MjE0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGFkNTU3NzdjNjQ1ODNmNDNmMGZiMWI0NmVkZjljNzM3ZTMyNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQbuooJTYb5vxXd3kJUZmlmVKIVS
rzLx5Gl/4UDpLL1mlqEpeAvyfhzjkBNGMkpY2t0apzrhFtwW6mH2a//y/3L1uHOR
W+sEEd6cnluQu76+aSLlVmO16l5oAaHfW90iTSifriADrXqd1NMa0Hwr5OfDCEMz
KGa8m429PDOEBjptfZql0TG7L3hN+v2WM3EzlJV8i1/V+26BwKoO4EM9bVrXRACi
zqFNVl3XLCzaaV5cMq2dBd+FgO8zQj5zCAw19wiE/1ftuCjswflkHR/Cnluw+D7w
MYN1KCeYV3tq016uXSHw/i+7q9HmiRVlytot3BTfISZZm6cOj/wrXW3PRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO2tVXd8ZFg/Q/D7G0bt+cc34yQfMB8GA1UdIwQY
MBaAFKMWx2Wa8dVrxxj69hTwknWPXtx/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUt
MzY4N2M4MThlZGU1LzEvN2ExVmQzeGtXRDlEOFBzYlJ1MzV4emZqSkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUtMzY4N2M4MThlZGU1
LzEvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAud1UAwQD
1CAAMA0GCSqGSIb3DQEBCwUAA4IBAQBHGJs1ofhAyKqE2gr/GF4UJPbOrE3EL8Ps
JxKEbN2a/Yh8X3t5LyZnBTujg7NwsgEMwlrZAszxHxtmDFuS661Tk1bS4VYwWPbI
rIin+/FYxXnSrp+qonrtEi1g4d/N2blracENx5Bm4hlI7BC5XbKP9QMM0oNUZ0xO
09GKxHasJ/07hBpc34KXz4oYKX2BGKALSfgQT1cr9yMM4bJGUKnRVf4glMFD37Gh
rT6Ij8EmiX/vsdO1q450JZVgjrvZ84iqK2rBL9KGuMnYQTGFSxVhUj8+rHgdVrrP
SREoZe88fFYmWzM6V1r+jZwUCS4mfs+j1uMk5dFGjjm9Ji2MY7T3
-----END CERTIFICATE-----
Generated at Tue Aug 20 22:44:57 2024 by rpki-client on console-ams.rpki-client.org