Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/222399-ecf0-4360-ad34-2bf874a671e8/1/X_aocwvpR9i0SQMGTRlRAqTxpqk.roa
File: X_aocwvpR9i0SQMGTRlRAqTxpqk.roa (raw, json)
Hash identifier: WdFz0kCglLPOJ82xEBfEp24zQTAABUJgbzJljOW374Q=
Subject key identifier: 5F:F6:A8:73:0B:E9:47:D8:B4:49:03:06:4D:19:51:02:A4:F1:A6:A9
Certificate issuer: /CN=409bd71ccea37ed9a798d5a069b2169cf4d4e592
Certificate serial: 018D0E1B8404A074A08BD55957F967A6A5FE
Authority key identifier: 40:9B:D7:1C:CE:A3:7E:D9:A7:98:D5:A0:69:B2:16:9C:F4:D4:E5:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QJvXHM6jftmnmNWgabIWnPTU5ZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/222399-ecf0-4360-ad34-2bf874a671e8/1/X_aocwvpR9i0SQMGTRlRAqTxpqk.roa
Signing time: Mon 15 Jan 2024 17:11:40 +0000
ROA not before: Mon 15 Jan 2024 17:11:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211993
IP address blocks: 185.233.34.0/24 maxlen: 24
2a10:de80::/32 maxlen: 32
2a10:de80::/48 maxlen: 48
2a10:de80:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jan 2024 21:51:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0e:1b:84:04:a0:74:a0:8b:d5:59:57:f9:67:a6:a5:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=409bd71ccea37ed9a798d5a069b2169cf4d4e592
Validity
Not Before: Jan 15 17:11:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ff6a8730be947d8b44903064d195102a4f1a6a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e3:69:a0:07:39:0f:34:02:22:ef:84:76:91:
1a:61:a7:8f:f9:90:9c:56:29:8b:e3:4f:fa:e8:70:
c7:eb:62:4a:ac:81:87:ee:c3:f8:e6:71:66:a3:01:
ea:c3:5b:d6:52:0e:65:46:11:95:0c:c5:ad:46:e6:
66:23:4a:2e:f0:ec:98:e1:3d:7e:53:09:c6:47:9e:
26:e7:76:37:e9:3c:c9:b1:96:27:89:bc:a5:bd:49:
79:39:70:3d:56:9d:11:75:e9:00:a4:d6:b9:45:6e:
e6:50:6c:b3:3b:c4:75:ab:36:90:64:db:c0:ff:34:
57:41:f0:4a:c1:f1:40:3d:4b:98:7e:d4:36:59:2e:
65:4b:65:71:55:3e:ff:9b:cb:74:a8:ae:4c:94:ce:
37:c7:c7:e2:19:45:23:5d:34:98:7c:61:21:d6:99:
c4:d6:09:26:35:e9:bf:4e:86:4c:aa:2f:b2:40:f9:
ae:44:b8:87:55:43:58:66:62:f5:d4:48:8d:63:45:
19:b8:91:bb:97:8c:67:bb:f0:54:7f:79:bc:21:4b:
c3:70:9c:00:c6:f6:24:33:fa:ae:58:0f:45:7f:3f:
c5:32:5c:a0:44:ce:3a:85:6b:89:ab:87:23:33:e2:
66:06:b0:3c:fd:fa:7c:be:f3:16:73:05:20:8a:d7:
e2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F6:A8:73:0B:E9:47:D8:B4:49:03:06:4D:19:51:02:A4:F1:A6:A9
X509v3 Authority Key Identifier:
keyid:40:9B:D7:1C:CE:A3:7E:D9:A7:98:D5:A0:69:B2:16:9C:F4:D4:E5:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QJvXHM6jftmnmNWgabIWnPTU5ZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/222399-ecf0-4360-ad34-2bf874a671e8/1/X_aocwvpR9i0SQMGTRlRAqTxpqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/222399-ecf0-4360-ad34-2bf874a671e8/1/QJvXHM6jftmnmNWgabIWnPTU5ZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.34.0/24
IPv6:
2a10:de80::/32
Signature Algorithm: sha256WithRSAEncryption
0e:80:2f:58:b8:0a:65:9c:90:3f:59:21:26:c8:cb:80:5f:5e:
51:90:5c:f6:f7:3a:73:80:fe:60:00:7e:bd:e5:08:25:82:4d:
db:8c:de:c3:e2:0e:34:e9:e6:56:71:24:53:ba:11:ea:89:12:
c2:b4:76:78:60:3d:5d:84:13:0b:c3:fc:6f:54:81:dc:e4:1c:
60:1a:da:90:7a:66:23:ad:d9:65:4f:4a:6d:c6:4b:a2:7f:73:
a5:bb:f9:8e:54:6b:ce:6e:ca:4c:d9:ce:93:40:ab:2c:72:25:
60:78:bb:64:bd:df:ee:33:e2:19:90:87:dc:e2:b2:b1:0f:d0:
60:06:82:0f:d5:99:38:aa:b6:f7:96:97:9b:05:a2:72:14:99:
d0:42:38:f8:6e:49:91:36:18:66:e3:cc:a3:a1:7f:24:81:f9:
ce:52:df:e6:5c:d1:cc:80:28:8f:7e:d7:aa:55:b8:39:40:93:
9e:c8:a5:bc:e9:3f:cc:80:19:ee:ec:25:5e:0d:a9:ca:6a:31:
da:5e:e1:6c:94:2a:aa:40:25:9a:46:1c:68:9f:b0:63:ed:55:
56:12:3c:e6:72:a1:c9:02:bb:bc:0a:31:2f:a2:67:d7:eb:3f:
57:80:1b:66:75:35:fb:5d:a7:d0:68:71:aa:65:8c:92:e6:8d:
ce:2a:91:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY0OG4QEoHSgi9VZV/lnpqX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOWJkNzFjY2VhMzdlZDlhNzk4ZDVhMDY5YjIxNjljZjRk
NGU1OTIwHhcNMjQwMTE1MTcxMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY2YTg3MzBiZTk0N2Q4YjQ0OTAzMDY0ZDE5NTEwMmE0ZjFhNmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArONpoAc5DzQCIu+EdpEaYaeP+ZCc
VimL40/66HDH62JKrIGH7sP45nFmowHqw1vWUg5lRhGVDMWtRuZmI0ou8OyY4T1+
UwnGR54m53Y36TzJsZYnibylvUl5OXA9Vp0RdekApNa5RW7mUGyzO8R1qzaQZNvA
/zRXQfBKwfFAPUuYftQ2WS5lS2VxVT7/m8t0qK5MlM43x8fiGUUjXTSYfGEh1pnE
1gkmNem/ToZMqi+yQPmuRLiHVUNYZmL11EiNY0UZuJG7l4xnu/BUf3m8IUvDcJwA
xvYkM/quWA9Ffz/FMlygRM46hWuJq4cjM+JmBrA8/fp8vvMWcwUgitfiMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF/2qHML6UfYtEkDBk0ZUQKk8aapMB8GA1UdIwQY
MBaAFECb1xzOo37Zp5jVoGmyFpz01OWSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUp2WEhNNmpmdG1ubU5XZ2FiSVduUFRVNVpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yMjIzOTktZWNmMC00MzYwLWFkMzQt
MmJmODc0YTY3MWU4LzEvWF9hb2N3dnBSOWkwU1FNR1RSbFJBcVR4cHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yMjIzOTktZWNmMC00MzYwLWFkMzQtMmJmODc0YTY3MWU4
LzEvUUp2WEhNNmpmdG1ubU5XZ2FiSVduUFRVNVpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuekiMA0E
AgACMAcDBQAqEN6AMA0GCSqGSIb3DQEBCwUAA4IBAQAOgC9YuAplnJA/WSEmyMuA
X15RkFz29zpzgP5gAH695Qglgk3bjN7D4g406eZWcSRTuhHqiRLCtHZ4YD1dhBML
w/xvVIHc5BxgGtqQemYjrdllT0ptxkuif3Olu/mOVGvObspM2c6TQKssciVgeLtk
vd/uM+IZkIfc4rKxD9BgBoIP1Zk4qrb3lpebBaJyFJnQQjj4bkmRNhhm48yjoX8k
gfnOUt/mXNHMgCiPfteqVbg5QJOeyKW86T/MgBnu7CVeDanKajHaXuFslCqqQCWa
Rhxon7Bj7VVWEjzmcqHJAru8CjEvomfX6z9XgBtmdTX7XafQaHGqZYyS5o3OKpGI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org