Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/41lOfHHpL9RtoFZfVMBvWLLnG_A.roa
File: 41lOfHHpL9RtoFZfVMBvWLLnG_A.roa (raw, json)
Hash identifier: Em/pSveFBfWvOJ02KWpeIP/eEhYGCahQyFPUqoabRW4=
Subject key identifier: E3:59:4E:7C:71:E9:2F:D4:6D:A0:56:5F:54:C0:6F:58:B2:E7:1B:F0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018C966BD4F1D753DE75BA2E3D422FB5DA77
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/41lOfHHpL9RtoFZfVMBvWLLnG_A.roa
Signing time: Sat 23 Dec 2023 11:24:58 +0000
ROA not before: Sat 23 Dec 2023 11:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202673
IP address blocks: 185.221.20.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:96:6b:d4:f1:d7:53:de:75:ba:2e:3d:42:2f:b5:da:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 23 11:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3594e7c71e92fd46da0565f54c06f58b2e71bf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ad:a5:bf:dd:72:22:83:66:6b:12:4c:1c:cf:
12:a0:3d:b3:30:7d:0c:ca:a8:3e:e3:93:55:aa:a9:
9c:3a:62:aa:b0:90:5e:f6:93:a0:52:e4:10:b7:e1:
0f:f8:a2:63:9a:34:4d:62:58:1d:71:c1:af:45:5c:
9f:cd:1e:c6:85:f0:db:dd:07:af:bc:86:15:87:4a:
77:7b:76:00:70:fc:2c:4f:cd:a3:71:54:fd:f7:d6:
ab:98:7a:f9:87:6b:42:17:54:9b:32:76:e6:75:80:
ff:aa:bc:48:82:9e:7e:0a:81:c1:21:1e:4c:fc:18:
46:dd:8f:1a:9d:e8:6f:41:61:d3:cb:61:93:1f:5f:
0c:dc:9a:12:9a:33:3f:1a:fe:77:37:ee:4c:d5:44:
cc:15:c8:7d:81:e9:72:bd:c3:df:6d:d6:b9:f7:10:
1d:4a:0b:6a:10:2d:ee:37:6a:22:8d:40:c4:0f:01:
86:1e:dd:8a:79:ec:10:3b:ce:64:72:1f:3c:08:bf:
1a:fd:ed:21:99:83:06:bc:37:ee:bd:24:5a:e2:a5:
a3:2d:01:19:2f:9c:ba:b0:08:67:cc:f0:5d:d1:33:
9a:e8:48:55:d5:b3:14:b6:21:2b:d6:cc:4a:15:cd:
78:bd:84:c5:1f:85:c7:e9:a2:51:8e:2c:34:63:84:
e6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:59:4E:7C:71:E9:2F:D4:6D:A0:56:5F:54:C0:6F:58:B2:E7:1B:F0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/41lOfHHpL9RtoFZfVMBvWLLnG_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.20.0/24
185.223.82.0/24
Signature Algorithm: sha256WithRSAEncryption
08:66:97:0e:31:81:44:18:ec:29:1a:be:26:c8:d5:d0:b3:82:
76:c4:98:21:9a:34:be:b3:c2:57:f4:e0:b7:09:ac:04:64:78:
1c:15:13:55:58:b5:bb:92:a1:5a:9a:6b:40:d6:b1:e5:f3:f8:
3a:77:f1:6d:a4:f5:4c:57:67:80:10:89:58:34:51:21:af:50:
33:c0:17:7d:30:b8:71:38:89:1c:01:b8:dc:78:ad:25:08:35:
37:71:ce:77:8d:4e:dc:44:bc:9a:df:0e:bf:04:aa:22:65:6f:
f3:af:ac:0e:e6:c7:aa:9b:07:ee:8f:33:52:e5:31:17:5f:e8:
74:b7:fc:6a:de:45:4d:e0:a3:e6:ce:86:cb:ef:15:bc:5f:9b:
2d:4a:99:4f:06:93:60:11:28:89:da:55:40:77:ca:dc:91:10:
d5:18:2f:23:ac:df:f9:10:0c:b7:f9:15:41:38:ef:e7:28:d6:
ce:f5:e4:ac:04:81:92:c7:48:fb:53:e8:63:ca:91:21:e4:cb:
b5:35:2e:67:90:e1:6b:dc:2e:21:6d:eb:78:92:a9:37:b2:3c:
6c:03:93:c6:09:69:97:6f:f8:2c:69:be:e6:61:c1:62:d4:8f:
31:09:61:c5:40:25:c1:8e:10:d9:1a:dc:4c:b4:71:ed:ce:72:
06:96:dc:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyWa9Tx11PedbouPUIvtdp3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjIzMTEyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzU5NGU3YzcxZTkyZmQ0NmRhMDU2NWY1NGMwNmY1OGIyZTcxYmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka2lv91yIoNmaxJMHM8SoD2zMH0M
yqg+45NVqqmcOmKqsJBe9pOgUuQQt+EP+KJjmjRNYlgdccGvRVyfzR7GhfDb3Qev
vIYVh0p3e3YAcPwsT82jcVT999armHr5h2tCF1SbMnbmdYD/qrxIgp5+CoHBIR5M
/BhG3Y8anehvQWHTy2GTH18M3JoSmjM/Gv53N+5M1UTMFch9gelyvcPfbda59xAd
SgtqEC3uN2oijUDEDwGGHt2KeewQO85kch88CL8a/e0hmYMGvDfuvSRa4qWjLQEZ
L5y6sAhnzPBd0TOa6EhV1bMUtiEr1sxKFc14vYTFH4XH6aJRjiw0Y4TmYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFONZTnxx6S/UbaBWX1TAb1iy5xvwMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNDFsT2ZISHBMOVJ0b0ZaZlZNQnZXTExuR19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAud0UAwQA
ud9SMA0GCSqGSIb3DQEBCwUAA4IBAQAIZpcOMYFEGOwpGr4myNXQs4J2xJghmjS+
s8JX9OC3CawEZHgcFRNVWLW7kqFammtA1rHl8/g6d/FtpPVMV2eAEIlYNFEhr1Az
wBd9MLhxOIkcAbjceK0lCDU3cc53jU7cRLya3w6/BKoiZW/zr6wO5seqmwfujzNS
5TEXX+h0t/xq3kVN4KPmzobL7xW8X5stSplPBpNgESiJ2lVAd8rckRDVGC8jrN/5
EAy3+RVBOO/nKNbO9eSsBIGSx0j7U+hjypEh5Mu1NS5nkOFr3C4hbet4kqk3sjxs
A5PGCWmXb/gsab7mYcFi1I8xCWHFQCXBjhDZGtxMtHHtznIGltwv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org