Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2gDSqQWkHX6rm40O0vGHprPPDf8.roa
File: 2gDSqQWkHX6rm40O0vGHprPPDf8.roa (raw, json)
Hash identifier: zcp1F1mqjwtNpkEM3qa23Kwa5gEDcWWFeqFNwhj9/f0=
Subject key identifier: DA:00:D2:A9:05:A4:1D:7E:AB:9B:8D:0E:D2:F1:87:A6:B3:CF:0D:FF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E0FF72ED1193AB6459387869A390D50BB
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2gDSqQWkHX6rm40O0vGHprPPDf8.roa
Signing time: Tue 05 Mar 2024 18:54:01 +0000
ROA not before: Tue 05 Mar 2024 18:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208949
IP address blocks: 185.194.29.0/24 maxlen: 24
185.246.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 11:06:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0f:f7:2e:d1:19:3a:b6:45:93:87:86:9a:39:0d:50:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 5 18:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da00d2a905a41d7eab9b8d0ed2f187a6b3cf0dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a9:ac:14:d3:05:2f:4b:af:c2:6d:63:32:dd:
65:5d:36:20:59:e1:e7:67:05:1e:2f:09:d8:65:28:
72:fd:36:14:1a:3e:99:33:c0:18:ba:a2:44:2a:32:
98:1a:05:ce:78:d1:cd:1d:03:17:d5:dc:b7:77:5c:
57:86:85:f7:6b:f2:b4:f4:c3:29:c5:b9:90:02:85:
e6:f3:e6:fe:f5:e7:96:47:04:67:b4:2b:5b:73:3e:
65:75:a6:31:5a:9c:d1:8d:bf:c5:7b:c6:3b:f7:dc:
5f:58:90:bb:db:ea:16:de:8b:7e:72:6a:d9:fa:db:
fa:3f:e2:1e:e5:07:b2:fe:74:0b:8f:91:88:2d:7b:
72:0d:8c:56:5f:47:ee:e1:c7:9e:f7:b2:ef:c7:cc:
bd:6c:dd:f2:0d:f2:a8:a4:41:bc:72:16:2e:9a:47:
41:3c:b3:b7:c4:f1:24:eb:76:29:26:45:82:31:4c:
a0:1b:da:1d:f8:3e:7d:5b:ce:eb:b4:14:62:a1:84:
49:66:53:83:0b:0a:c9:ad:d5:52:88:22:87:b3:b3:
25:29:b8:56:63:9f:b7:84:81:41:f0:95:69:ef:34:
de:53:e5:15:98:89:21:00:a6:ab:a3:f3:e1:af:f5:
ca:6e:0d:74:e2:7c:75:55:a2:6e:1b:13:cd:e1:a6:
d6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:00:D2:A9:05:A4:1D:7E:AB:9B:8D:0E:D2:F1:87:A6:B3:CF:0D:FF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2gDSqQWkHX6rm40O0vGHprPPDf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.29.0/24
185.246.113.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:f0:c9:0b:bb:94:56:0e:16:4d:f4:f3:ce:6e:61:45:cc:00:
e9:83:ef:80:0b:8a:93:13:32:9e:0f:99:37:ca:e4:39:f0:8e:
6e:fc:f3:a6:71:c5:ed:f4:ea:69:67:af:1a:5c:34:0d:b2:ae:
8d:01:03:a8:04:55:92:3f:0d:0b:ad:1c:b0:35:8f:46:ad:92:
d3:1c:71:9c:c1:e5:55:fd:ed:52:8e:e5:66:a9:bc:81:53:6d:
76:af:b4:a7:b6:ec:42:8f:a6:d7:94:bf:97:0f:55:a9:f2:5a:
7f:f0:cf:b7:47:fd:11:bf:de:55:df:93:5e:28:e1:ee:3c:d0:
4d:94:7c:b7:be:89:68:34:c3:e3:bd:bf:db:a7:84:67:1b:08:
18:1e:3c:d0:0c:1b:34:43:57:c9:b3:b0:dc:4b:f2:8e:67:00:
76:c5:34:d5:0a:b8:90:c7:14:bc:05:98:81:b6:25:c6:62:a3:
5b:47:3d:7a:3f:97:a7:c8:66:91:54:59:d5:ed:c8:f1:60:f8:
90:e4:9a:10:15:5c:fa:95:45:9e:dc:bf:da:2d:41:83:60:e5:
55:b3:a4:71:dc:e4:c1:1c:00:20:3a:af:69:a3:83:ef:cf:56:
ef:2a:0e:07:0d:85:37:cb:ed:c2:51:4c:b8:4c:6e:1b:cf:7e:
ee:82:7e:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4P9y7RGTq2RZOHhpo5DVC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzA1MTg1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTAwZDJhOTA1YTQxZDdlYWI5YjhkMGVkMmYxODdhNmIzY2YwZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqmsFNMFL0uvwm1jMt1lXTYgWeHn
ZwUeLwnYZShy/TYUGj6ZM8AYuqJEKjKYGgXOeNHNHQMX1dy3d1xXhoX3a/K09MMp
xbmQAoXm8+b+9eeWRwRntCtbcz5ldaYxWpzRjb/Fe8Y799xfWJC72+oW3ot+cmrZ
+tv6P+Ie5Qey/nQLj5GILXtyDYxWX0fu4cee97Lvx8y9bN3yDfKopEG8chYumkdB
PLO3xPEk63YpJkWCMUygG9od+D59W87rtBRioYRJZlODCwrJrdVSiCKHs7MlKbhW
Y5+3hIFB8JVp7zTeU+UVmIkhAKaro/Phr/XKbg104nx1VaJuGxPN4abWhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNoA0qkFpB1+q5uNDtLxh6azzw3/MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMmdEU3FRV2tIWDZybTQwTzB2R0hwclBQRGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucIdAwQA
ufZxMA0GCSqGSIb3DQEBCwUAA4IBAQCs8MkLu5RWDhZN9PPObmFFzADpg++AC4qT
EzKeD5k3yuQ58I5u/POmccXt9OppZ68aXDQNsq6NAQOoBFWSPw0LrRywNY9GrZLT
HHGcweVV/e1SjuVmqbyBU212r7SntuxCj6bXlL+XD1Wp8lp/8M+3R/0Rv95V35Ne
KOHuPNBNlHy3voloNMPjvb/bp4RnGwgYHjzQDBs0Q1fJs7DcS/KOZwB2xTTVCriQ
xxS8BZiBtiXGYqNbRz16P5enyGaRVFnV7cjxYPiQ5JoQFVz6lUWe3L/aLUGDYOVV
s6Rx3OTBHAAgOq9po4Pvz1bvKg4HDYU3y+3CUUy4TG4bz37ugn79
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org