Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/DfmtA4tT3wQR6y9_t03ySr3yVSY.roa
File: DfmtA4tT3wQR6y9_t03ySr3yVSY.roa (raw, json)
Hash identifier: 2+xA46Gnar4diaB62DuBIGncK7IEJ8sLo0YEJvxf2bc=
Subject key identifier: 0D:F9:AD:03:8B:53:DF:04:11:EB:2F:7F:B7:4D:F2:4A:BD:F2:55:26
Certificate issuer: /CN=ca900f1e11e2d25d0b2316ad6e012684839ac81e
Certificate serial: 0185704BC4872A29301D06BA851BF9E427E6
Authority key identifier: CA:90:0F:1E:11:E2:D2:5D:0B:23:16:AD:6E:01:26:84:83:9A:C8:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/DfmtA4tT3wQR6y9_t03ySr3yVSY.roa
Signing time: Mon 02 Jan 2023 02:24:51 +0000
ROA not before: Mon 02 Jan 2023 02:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203177
IP address blocks: 185.135.210.0/24 maxlen: 24
185.135.208.0/22 maxlen: 22
185.135.211.0/24 maxlen: 24
91.244.117.0/24 maxlen: 24
185.135.208.0/24 maxlen: 24
185.135.209.0/24 maxlen: 24
2a0a:6600::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:c4:87:2a:29:30:1d:06:ba:85:1b:f9:e4:27:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca900f1e11e2d25d0b2316ad6e012684839ac81e
Validity
Not Before: Jan 2 02:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0df9ad038b53df0411eb2f7fb74df24abdf25526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0f:2d:27:77:c4:c0:68:47:31:28:bc:bd:98:
c3:65:70:f6:97:a4:af:15:60:bf:37:f4:c1:b0:4d:
0d:17:6a:85:27:ec:f3:78:3e:15:a6:52:98:68:85:
85:fe:ff:9c:2d:51:4d:c4:77:71:09:0f:8c:f8:01:
21:08:fa:73:bd:a8:b0:33:5e:3b:3a:25:fc:8a:20:
55:a0:a4:3c:64:77:da:73:d6:33:70:ef:96:39:d3:
20:7a:d9:86:70:e2:83:31:51:4d:57:81:e9:45:ab:
9f:19:16:66:0c:11:9a:8e:ad:fb:57:68:5a:60:1d:
9f:f7:b2:66:23:dd:76:7f:4a:53:bf:8d:bc:d3:fd:
ab:58:39:ec:a8:a8:12:55:df:88:1f:5e:a1:25:69:
a8:44:2d:ca:c8:0c:71:58:dd:13:4c:59:1c:5a:6f:
4b:6a:d2:c9:a3:42:c8:ac:0b:77:97:ee:7b:b3:a3:
6c:4e:f4:27:f5:57:a9:fb:cf:50:06:62:06:79:d4:
cc:50:4c:31:6f:40:10:15:59:2b:1b:0d:b4:db:ae:
34:c3:43:84:f1:ef:df:fc:47:81:7e:ec:74:07:9d:
e6:d4:ba:a4:e6:00:a0:01:07:47:f1:95:19:58:98:
7c:03:e6:7a:0f:9d:61:66:14:37:f1:54:96:28:f4:
37:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F9:AD:03:8B:53:DF:04:11:EB:2F:7F:B7:4D:F2:4A:BD:F2:55:26
X509v3 Authority Key Identifier:
keyid:CA:90:0F:1E:11:E2:D2:5D:0B:23:16:AD:6E:01:26:84:83:9A:C8:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/DfmtA4tT3wQR6y9_t03ySr3yVSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.244.117.0/24
185.135.208.0/22
IPv6:
2a0a:6600::/29
Signature Algorithm: sha256WithRSAEncryption
9e:3f:17:20:84:ec:1d:ee:b9:04:87:93:20:4e:3d:d0:2f:ad:
bf:ab:de:0b:65:27:8a:07:24:ba:1d:07:31:f9:34:e3:6c:b9:
53:5d:02:c5:96:a7:29:d1:e5:ba:62:51:ab:88:5c:a5:38:ed:
ec:d9:a4:96:59:fc:c4:07:fd:0a:ce:a1:5f:72:74:77:01:36:
b5:20:4d:c4:ce:94:06:d4:0e:e4:48:06:02:e7:f3:b7:85:24:
88:74:87:ba:10:b1:a1:0a:0a:e9:82:12:c2:95:02:c4:ed:39:
61:17:34:31:a1:09:bd:5e:0c:fb:c4:c9:5a:6b:7d:90:77:4c:
58:11:ab:9e:94:6e:b1:16:50:67:59:4a:91:ac:4a:d1:b5:ee:
c0:cc:76:c9:12:35:fa:b9:da:36:44:66:59:88:7a:71:5f:2d:
35:3b:bd:e7:9d:19:59:37:a2:1b:ea:4f:21:6e:2e:0b:06:40:
99:7d:d8:8d:1b:d9:ab:d1:a2:55:1d:11:9a:9e:b7:11:bf:36:
2d:f6:9a:0a:f2:9f:d2:a1:26:46:86:16:0a:f1:94:3a:71:27:
33:76:7a:7c:57:27:cf:ee:9d:27:09:d8:6a:3a:9f:10:37:21:
81:2b:bc:12:14:ea:9a:14:94:22:41:47:e0:5e:98:af:f7:38:
1b:8c:fb:7c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwS8SHKikwHQa6hRv55CfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTAwZjFlMTFlMmQyNWQwYjIzMTZhZDZlMDEyNjg0ODM5
YWM4MWUwHhcNMjMwMTAyMDIyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGY5YWQwMzhiNTNkZjA0MTFlYjJmN2ZiNzRkZjI0YWJkZjI1NTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjA8tJ3fEwGhHMSi8vZjDZXD2l6Sv
FWC/N/TBsE0NF2qFJ+zzeD4VplKYaIWF/v+cLVFNxHdxCQ+M+AEhCPpzvaiwM147
OiX8iiBVoKQ8ZHfac9YzcO+WOdMgetmGcOKDMVFNV4HpRaufGRZmDBGajq37V2ha
YB2f97JmI912f0pTv4280/2rWDnsqKgSVd+IH16hJWmoRC3KyAxxWN0TTFkcWm9L
atLJo0LIrAt3l+57s6NsTvQn9Vep+89QBmIGedTMUEwxb0AQFVkrGw202640w0OE
8e/f/EeBfux0B53m1Lqk5gCgAQdH8ZUZWJh8A+Z6D51hZhQ38VSWKPQ3nQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA35rQOLU98EEesvf7dN8kq98lUmMB8GA1UdIwQY
MBaAFMqQDx4R4tJdCyMWrW4BJoSDmsgeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9mNjk2OWMtM2E2ZS00YmVjLTk3NDIt
ZWNlODdjNmEwMzE4LzEvRGZtdEE0dFQzd1FSNnk5X3QwM3lTcjN5VlNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9mNjk2OWMtM2E2ZS00YmVjLTk3NDItZWNlODdjNmEwMzE4
LzEveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW/R1AwQC
uYfQMA0EAgACMAcDBQMqCmYAMA0GCSqGSIb3DQEBCwUAA4IBAQCePxcghOwd7rkE
h5MgTj3QL62/q94LZSeKByS6HQcx+TTjbLlTXQLFlqcp0eW6YlGriFylOO3s2aSW
WfzEB/0KzqFfcnR3ATa1IE3EzpQG1A7kSAYC5/O3hSSIdIe6ELGhCgrpghLClQLE
7TlhFzQxoQm9Xgz7xMlaa32Qd0xYEauelG6xFlBnWUqRrErRte7AzHbJEjX6udo2
RGZZiHpxXy01O73nnRlZN6Ib6k8hbi4LBkCZfdiNG9mr0aJVHRGanrcRvzYt9poK
8p/SoSZGhhYK8ZQ6cSczdnp8VyfP7p0nCdhqOp8QNyGBK7wSFOqaFJQiQUfgXpiv
9zgbjPt8
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:42 2024 by rpki-client on console-fra.rpki-client.org