Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/F1X7T-rzYbLKLoFqzYDjRHFzU0A.roa
File: F1X7T-rzYbLKLoFqzYDjRHFzU0A.roa (raw, json)
Hash identifier: euAgcr0s35csHMqa31nT1Dbk7j+I0ImE+K8c7ce5NsM=
Subject key identifier: 17:55:FB:4F:EA:F3:61:B2:CA:2E:81:6A:CD:80:E3:44:71:73:53:40
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 018CC3494C45DDCA967F977CCE41590F258E
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/F1X7T-rzYbLKLoFqzYDjRHFzU0A.roa
Signing time: Mon 01 Jan 2024 04:30:09 +0000
ROA not before: Mon 01 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 185.231.108.0/24 maxlen: 24
185.231.109.0/24 maxlen: 24
2a0f:aac0:3::/48 maxlen: 48
2a0f:aac0:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jan 2024 13:23:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4c:45:dd:ca:96:7f:97:7c:ce:41:59:0f:25:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Jan 1 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1755fb4feaf361b2ca2e816acd80e34471735340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ff:88:78:98:ac:a8:8e:9d:0c:59:b7:74:92:
d2:86:54:8a:04:74:3c:b2:43:4f:1b:4a:37:31:9b:
fe:84:24:be:97:8d:d2:51:1f:e3:38:0d:fe:cb:b2:
9f:df:b8:0f:6a:9f:c4:f6:7f:6e:65:4e:26:99:a7:
97:e1:62:89:a5:78:f9:48:e4:36:5d:07:c9:34:69:
55:4b:a9:ec:31:c0:3b:84:d5:c9:81:62:3f:4a:13:
ca:c7:7e:c7:ae:3d:99:b2:8c:b4:ed:f9:fc:c4:c9:
3f:c7:e0:3a:c9:b8:de:d2:c9:1f:40:19:d3:3b:bb:
87:47:3d:24:d7:cc:61:46:1f:2e:a3:79:a9:cf:26:
6d:78:2b:fb:04:dc:d3:ef:57:46:5b:36:57:a0:b8:
51:42:bc:d1:17:eb:4a:77:0b:eb:6f:5c:f5:27:43:
92:4b:79:95:30:8e:55:99:96:3b:06:73:43:70:a2:
1a:3a:9e:69:fd:ce:66:d8:83:e4:30:67:36:cb:5a:
1c:ff:ce:c6:2f:a5:22:96:ba:22:5c:8a:5b:c9:be:
6c:d1:0b:b6:c4:15:06:cb:aa:9b:08:37:f2:27:5c:
ca:11:23:2f:3e:d1:e8:49:5f:f8:22:8b:ec:8f:70:
2f:6b:f5:42:33:29:86:6c:6e:5f:ae:fa:95:f3:81:
c4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:55:FB:4F:EA:F3:61:B2:CA:2E:81:6A:CD:80:E3:44:71:73:53:40
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/F1X7T-rzYbLKLoFqzYDjRHFzU0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.108.0/23
IPv6:
2a0f:aac0:3::-2a0f:aac0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
bd:47:48:b5:bc:e5:c4:6c:46:34:a3:a2:94:c0:8f:fd:cd:04:
dd:86:03:93:dd:e9:3a:9f:23:41:7f:d1:c7:69:ec:a7:3d:73:
95:5b:d5:99:77:87:ba:e4:d8:69:3f:2a:03:d7:f5:6f:b3:e5:
3c:ac:bd:08:c1:69:be:ff:e4:ff:24:cd:7b:7c:54:f9:e1:d7:
05:bc:0d:a3:1d:21:ac:ec:da:1c:3e:ab:6f:dc:31:a0:57:21:
23:36:a9:19:2a:3f:db:ce:3a:5a:8c:12:0d:3c:e5:30:23:9a:
a5:73:36:9d:8b:f2:c3:84:36:d3:e4:06:43:28:ee:bf:a6:8d:
fa:92:bc:46:5b:0a:4c:e4:9d:66:ec:54:51:df:de:fc:48:03:
c0:e9:9e:32:4a:ff:7d:24:ec:3f:07:12:5e:9e:b6:98:73:d1:
18:9d:39:a3:f6:6f:06:80:5c:35:59:91:8c:fe:19:73:90:e0:
c8:cd:e1:52:bc:c4:b6:2a:c6:55:7b:cb:97:e0:4f:ad:da:47:
53:f7:95:b6:0b:48:b2:0a:50:9f:c5:2a:ab:00:80:04:22:d0:
2b:98:a0:ab:67:86:21:6f:43:a3:bb:4f:65:6d:02:b3:d6:78:
bd:51:9c:7a:90:f3:a1:87:b2:c7:8d:64:10:25:07:45:27:c3:
2e:88:36:3c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzDSUxF3cqWf5d8zkFZDyWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjQwMTAxMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzU1ZmI0ZmVhZjM2MWIyY2EyZTgxNmFjZDgwZTM0NDcxNzM1MzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/+IeJisqI6dDFm3dJLShlSKBHQ8
skNPG0o3MZv+hCS+l43SUR/jOA3+y7Kf37gPap/E9n9uZU4mmaeX4WKJpXj5SOQ2
XQfJNGlVS6nsMcA7hNXJgWI/ShPKx37Hrj2Zsoy07fn8xMk/x+A6ybje0skfQBnT
O7uHRz0k18xhRh8uo3mpzyZteCv7BNzT71dGWzZXoLhRQrzRF+tKdwvrb1z1J0OS
S3mVMI5VmZY7BnNDcKIaOp5p/c5m2IPkMGc2y1oc/87GL6UilroiXIpbyb5s0Qu2
xBUGy6qbCDfyJ1zKESMvPtHoSV/4Iovsj3Ava/VCMymGbG5frvqV84HEowIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBdV+0/q82Gyyi6Bas2A40Rxc1NAMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvRjFYN1QtcnpZYkxLTG9GcXpZRGpSSEZ6VTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQBuedsMBoE
AgACMBQwEgMHACoPqsAAAwMHACoPqsAABDANBgkqhkiG9w0BAQsFAAOCAQEAvUdI
tbzlxGxGNKOilMCP/c0E3YYDk93pOp8jQX/Rx2nspz1zlVvVmXeHuuTYaT8qA9f1
b7PlPKy9CMFpvv/k/yTNe3xU+eHXBbwNox0hrOzaHD6rb9wxoFchIzapGSo/2846
WowSDTzlMCOapXM2nYvyw4Q20+QGQyjuv6aN+pK8RlsKTOSdZuxUUd/e/EgDwOme
Mkr/fSTsPwcSXp62mHPRGJ05o/ZvBoBcNVmRjP4Zc5DgyM3hUrzEtirGVXvLl+BP
rdpHU/eVtgtIsgpQn8UqqwCABCLQK5igq2eGIW9Do7tPZW0Cs9Z4vVGcepDzoYey
x41kECUHRSfDLog2PA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org