Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7e-MfeS6hRcc35sylEtjaw77xUk.roa
File: 7e-MfeS6hRcc35sylEtjaw77xUk.roa (raw, json)
Hash identifier: EBNX25BmQWxrKxMJN2njZ6JRQZgzkwBohksYR5PHbRQ=
Subject key identifier: ED:EF:8C:7D:E4:BA:85:17:1C:DF:9B:32:94:4B:63:6B:0E:FB:C5:49
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018BDF96C3F4A3B363E3FF51DE27EAB79434
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7e-MfeS6hRcc35sylEtjaw77xUk.roa
Signing time: Fri 17 Nov 2023 23:21:21 +0000
ROA not before: Fri 17 Nov 2023 23:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 185.222.29.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
193.58.146.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.194.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Nov 2023 10:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:df:96:c3:f4:a3:b3:63:e3:ff:51:de:27:ea:b7:94:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 17 23:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edef8c7de4ba85171cdf9b32944b636b0efbc549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:14:34:00:01:35:b1:b5:a3:88:e5:c3:98:c6:
d4:66:ac:f8:95:cd:88:4d:0f:f4:46:37:3f:e1:50:
d5:aa:70:d5:d9:83:0c:eb:bd:f4:37:0c:d5:3d:9d:
41:f6:f5:5d:59:a0:bf:59:08:2c:53:d5:3f:42:e5:
28:0a:c6:e1:b5:ac:c7:7b:4e:f1:0a:3e:a5:79:b4:
f6:6e:63:71:ce:d4:63:eb:8e:06:b0:02:e8:2d:ce:
ce:c5:00:4e:67:c6:1e:f4:05:9f:0a:1e:46:40:84:
9b:f1:3e:c0:bc:6b:ab:4b:be:92:15:a2:aa:70:4c:
1a:01:a9:e1:66:c5:56:f4:25:8d:ce:c6:52:9f:da:
d7:e0:c2:29:bb:8e:27:a9:64:fe:8f:39:17:39:c7:
67:d1:f1:dc:a6:13:8a:aa:4b:d0:9f:60:5b:72:14:
cc:cf:df:b8:0a:f6:da:23:e3:5b:36:02:80:c7:3e:
3e:9b:06:ac:7f:0d:d6:60:0b:a2:77:df:b9:23:c4:
4e:e2:1c:4b:d7:ab:f6:47:ca:b7:40:a0:7a:da:d0:
fc:23:74:eb:f1:5a:db:04:a2:4b:94:93:56:d7:0b:
8d:d8:9c:45:6d:da:d7:12:d1:5b:7b:ae:10:cd:da:
47:ba:8f:0f:58:a8:80:b7:37:4e:98:ac:59:91:24:
eb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:EF:8C:7D:E4:BA:85:17:1C:DF:9B:32:94:4B:63:6B:0E:FB:C5:49
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7e-MfeS6hRcc35sylEtjaw77xUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.177.0/24
185.209.73.0/24
185.218.101.0/24
185.222.29.0/24
185.223.82.0/24
185.246.112.0/24
193.58.146.0/24
Signature Algorithm: sha256WithRSAEncryption
90:ce:fe:85:77:aa:bb:23:27:9f:42:31:b7:5c:1f:e2:55:c8:
9c:c0:3f:fa:43:c2:17:02:ac:0a:5f:be:97:46:2f:34:bd:64:
dc:db:5f:bc:68:6f:2b:cf:a6:37:3f:31:c0:b5:0e:d6:9e:62:
b0:7c:21:ba:f1:81:20:51:25:69:72:8e:74:a9:e0:7d:04:0e:
21:e4:18:26:08:52:df:ec:b8:ff:68:e2:12:ad:a7:68:6b:e3:
94:ad:b5:00:d0:35:d0:70:81:10:fb:61:e3:a3:a1:3f:ae:9c:
82:a0:e4:36:68:e1:98:2c:8c:e2:6a:12:fd:0a:20:cf:5a:86:
d8:95:5b:26:a1:50:e3:6f:cf:b0:dd:c9:88:5b:c4:e2:51:b6:
28:8d:23:42:a7:0e:6d:a7:4d:e4:71:7b:14:e0:d4:4a:93:18:
c5:0b:ca:e6:a2:8e:c9:40:cc:30:32:b4:df:fd:23:1e:d6:fc:
2f:54:8b:c5:69:ee:b5:45:95:e1:dd:ac:e9:60:1b:c2:27:bc:
81:4a:1d:cb:8b:c9:58:58:91:06:2a:3b:d9:11:68:5b:d6:1b:
9a:3a:ac:cd:c5:51:37:9f:d0:ac:bc:4c:6e:8f:d4:b1:0f:ff:
4b:49:ee:20:c4:b7:37:26:69:be:4d:e9:ae:53:b0:af:28:a3:
c3:12:11:0e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYvflsP0o7Nj4/9R3ifqt5Q0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTE3MjMyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGVmOGM3ZGU0YmE4NTE3MWNkZjliMzI5NDRiNjM2YjBlZmJjNTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhQ0AAE1sbWjiOXDmMbUZqz4lc2I
TQ/0Rjc/4VDVqnDV2YMM6730NwzVPZ1B9vVdWaC/WQgsU9U/QuUoCsbhtazHe07x
Cj6lebT2bmNxztRj644GsALoLc7OxQBOZ8Ye9AWfCh5GQISb8T7AvGurS76SFaKq
cEwaAanhZsVW9CWNzsZSn9rX4MIpu44nqWT+jzkXOcdn0fHcphOKqkvQn2BbchTM
z9+4CvbaI+NbNgKAxz4+mwasfw3WYAuid9+5I8RO4hxL16v2R8q3QKB62tD8I3Tr
8VrbBKJLlJNW1wuN2JxFbdrXEtFbe64QzdpHuo8PWKiAtzdOmKxZkSTr7QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFO3vjH3kuoUXHN+bMpRLY2sO+8VJMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvN2UtTWZlUzZoUmNjMzVzeWxFdGphdzc3eFVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAucKxAwQA
udFJAwQAudplAwQAud4dAwQAud9SAwQAufZwAwQAwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQCQzv6Fd6q7IyefQjG3XB/iVcicwD/6Q8IXAqwKX76XRi80vWTc21+8aG8r
z6Y3PzHAtQ7WnmKwfCG68YEgUSVpco50qeB9BA4h5BgmCFLf7Lj/aOISradoa+OU
rbUA0DXQcIEQ+2Hjo6E/rpyCoOQ2aOGYLIziahL9CiDPWobYlVsmoVDjb8+w3cmI
W8TiUbYojSNCpw5tp03kcXsU4NRKkxjFC8rmoo7JQMwwMrTf/SMe1vwvVIvFae61
RZXh3azpYBvCJ7yBSh3Li8lYWJEGKjvZEWhb1huaOqzNxVE3n9CsvExuj9SxD/9L
Se4gxLc3Jmm+TemuU7CvKKPDEhEO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org