Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-8rw5bW7Pib-MGei5LHLM_DDQeg.roa
File: 1-8rw5bW7Pib-MGei5LHLM_DDQeg.roa (raw, json)
Hash identifier: xM5ODX+ioVgbV5S5YKcruCvQV/aHblZPsKRWYAa/f0o=
Subject key identifier: FB:CA:F0:E5:B5:BB:3E:26:FE:30:67:A2:E4:B1:CB:33:F0:C3:41:E8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E424985FB26955B825AF46AC397BF4AD2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-8rw5bW7Pib-MGei5LHLM_DDQeg.roa
Signing time: Fri 15 Mar 2024 13:24:58 +0000
ROA not before: Fri 15 Mar 2024 13:24:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 185.251.230.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Apr 2024 19:10:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:49:85:fb:26:95:5b:82:5a:f4:6a:c3:97:bf:4a:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 15 13:24:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbcaf0e5b5bb3e26fe3067a2e4b1cb33f0c341e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3d:e5:2b:f8:31:a7:28:c4:d9:a5:f7:25:74:
f3:24:30:67:6a:04:16:f7:4c:08:df:c9:be:60:72:
1f:1b:f8:91:61:41:d7:d3:e6:93:6b:9e:fa:66:5f:
77:74:38:52:37:b8:dc:2a:d1:d5:0f:21:ea:0c:ab:
69:67:1f:c9:5e:af:5c:4b:fd:38:ce:9c:3b:b7:c3:
0d:7f:3d:4e:36:ba:77:d7:fe:00:bc:da:7a:8c:c5:
70:b2:4c:db:9f:a8:95:c2:14:fa:74:db:9d:ad:89:
ee:9c:a2:40:26:a8:ba:a7:df:12:14:ac:1f:de:2d:
68:8e:11:c3:be:c7:26:54:8e:ea:15:01:64:cc:3a:
fc:cd:c5:6f:5f:0d:31:10:aa:cb:72:e4:29:2f:b4:
b2:84:29:1e:22:ee:70:0c:c0:b3:b6:ff:14:c0:9b:
7e:a5:63:47:4e:a2:be:56:25:2d:02:8c:0f:4a:fd:
85:84:ab:6f:6f:0e:cf:f7:b9:3f:53:5e:54:77:4a:
97:74:31:45:b6:fe:70:48:69:97:5b:0b:be:3c:c8:
2f:2f:16:ee:0b:85:56:fe:46:37:8f:cd:45:89:68:
19:ca:4b:21:8c:13:20:04:aa:9a:96:f8:9b:bb:2f:
43:a2:e7:ec:bc:fc:85:7d:a3:7e:aa:c4:1b:46:be:
21:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:CA:F0:E5:B5:BB:3E:26:FE:30:67:A2:E4:B1:CB:33:F0:C3:41:E8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-8rw5bW7Pib-MGei5LHLM_DDQeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.230.0/24
193.8.112.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:81:ad:95:51:c5:e9:b4:86:cd:f0:24:21:35:b2:ef:ef:3d:
3a:a1:1c:9d:67:10:22:8d:27:a4:c3:2a:7e:76:9b:5c:f2:41:
3e:d7:78:9e:4b:b4:24:f1:f0:01:3c:65:df:df:99:0b:6c:29:
0d:67:e0:ee:a6:96:dd:d2:5d:1b:f9:2b:bb:00:98:35:bc:78:
91:fb:69:8a:1b:a6:e9:f4:52:8a:b0:92:cf:13:ed:40:8a:95:
13:e5:e9:e8:df:73:c2:ff:dd:49:50:2a:72:ff:f9:f6:2f:db:
ee:0b:fb:4b:b4:ad:0e:1b:b7:d4:ea:ce:1f:6d:c9:57:26:73:
c7:32:fa:c7:a7:55:4a:c5:d7:7c:60:0a:77:e5:a9:30:48:32:
dc:7b:1f:8b:16:72:b1:51:68:33:67:23:95:f1:c8:7f:3c:ea:
2e:d6:7a:50:12:4e:ca:4f:ab:b1:66:91:60:9a:8f:0a:af:73:
97:ae:3d:47:ff:4f:13:ee:53:16:9a:c1:59:1a:d3:1f:a0:d2:
23:4a:39:94:b2:c5:bb:85:ba:0e:0d:b5:f5:4d:3c:87:c5:16:
36:85:36:8d:02:7b:ff:ca:ce:52:37:84:fc:56:b8:f3:9c:ce:
13:2c:30:14:a4:b4:01:42:c2:92:a9:d3:f4:d0:53:a9:1d:09:
ee:cd:da:c3
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAY5CSYX7JpVbglr0asOXv0rSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzE1MTMyNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmNhZjBlNWI1YmIzZTI2ZmUzMDY3YTJlNGIxY2IzM2YwYzM0MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAij3lK/gxpyjE2aX3JXTzJDBnagQW
90wI38m+YHIfG/iRYUHX0+aTa576Zl93dDhSN7jcKtHVDyHqDKtpZx/JXq9cS/04
zpw7t8MNfz1ONrp31/4AvNp6jMVwskzbn6iVwhT6dNudrYnunKJAJqi6p98SFKwf
3i1ojhHDvscmVI7qFQFkzDr8zcVvXw0xEKrLcuQpL7SyhCkeIu5wDMCztv8UwJt+
pWNHTqK+ViUtAowPSv2FhKtvbw7P97k/U15Ud0qXdDFFtv5wSGmXWwu+PMgvLxbu
C4VW/kY3j81FiWgZykshjBMgBKqalvibuy9DoufsvPyFfaN+qsQbRr4howIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPvK8OW1uz4m/jBnouSxyzPww0HoMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMS04cnc1Ylc3UGliLU1HZWk1TEhMTV9ERFFlZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFi
Yy8xL1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALn75gME
AcEIcDANBgkqhkiG9w0BAQsFAAOCAQEAqoGtlVHF6bSGzfAkITWy7+89OqEcnWcQ
Io0npMMqfnabXPJBPtd4nku0JPHwATxl39+ZC2wpDWfg7qaW3dJdG/kruwCYNbx4
kftpihum6fRSirCSzxPtQIqVE+Xp6N9zwv/dSVAqcv/59i/b7gv7S7StDhu31OrO
H23JVyZzxzL6x6dVSsXXfGAKd+WpMEgy3HsfixZysVFoM2cjlfHIfzzqLtZ6UBJO
yk+rsWaRYJqPCq9zl649R/9PE+5TFprBWRrTH6DSI0o5lLLFu4W6Dg219U08h8UW
NoU2jQJ7/8rOUjeE/Fa485zOEywwFKS0AULCkqnT9NBTqR0J7s3aww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:19 2024 by rpki-client on console-ams.rpki-client.org