Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7mvYYfcGFWAmAkG0ooL716lCVrw.roa
File: 7mvYYfcGFWAmAkG0ooL716lCVrw.roa (raw, json)
Hash identifier: WrGM+7Zb8ThjwbiVg+FTCNSR5QAYv11zwlmlkiaGa2E=
Subject key identifier: EE:6B:D8:61:F7:06:15:60:26:02:41:B4:A2:82:FB:D7:A9:42:56:BC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018571B6498A32408E83AA2BD93D40C90DAB
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7mvYYfcGFWAmAkG0ooL716lCVrw.roa
Signing time: Mon 02 Jan 2023 09:00:49 +0000
ROA not before: Mon 02 Jan 2023 09:00:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 185.206.250.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Apr 2023 10:45:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b6:49:8a:32:40:8e:83:aa:2b:d9:3d:40:c9:0d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 09:00:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee6bd861f7061560260241b4a282fbd7a94256bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2c:cf:5e:2c:2c:37:5a:92:42:36:3d:89:03:
e7:1f:a7:01:12:44:7d:56:57:c0:1c:08:3f:0e:6a:
d6:0a:7f:a9:7f:8c:07:59:06:82:ad:23:8d:4e:a6:
28:80:bb:fa:b9:dc:0c:0e:f6:3f:46:de:ae:8b:92:
81:24:82:f1:6e:31:f0:c8:a1:4d:44:71:48:95:5b:
04:ea:7a:49:b7:57:53:53:51:a7:e8:53:be:3e:b4:
84:36:fb:12:4a:cf:53:2f:57:6e:6c:71:a2:15:34:
73:26:ff:85:e7:a9:fa:b5:94:9e:91:c3:2f:1e:9e:
d1:d4:a2:97:7f:f0:de:93:7f:d7:ac:f5:37:85:1f:
9b:49:31:76:c0:85:93:1f:d1:77:f8:02:47:2d:e4:
7f:73:9f:27:e0:22:6a:40:40:3a:38:31:15:ad:37:
b1:f0:8b:85:aa:da:2d:ce:06:f6:e0:73:83:55:20:
8f:d5:50:76:3b:55:11:f3:ad:46:b4:0b:23:15:a5:
1a:f0:a4:f3:c0:71:70:2f:3b:52:58:cb:70:92:b5:
99:18:7e:3d:e8:0f:f8:61:cb:db:2a:33:49:99:8d:
63:5d:01:7f:fa:9f:08:7b:8d:ac:ab:4e:5c:3a:db:
91:33:16:91:07:90:7b:f4:f0:62:40:20:ec:cf:31:
95:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:6B:D8:61:F7:06:15:60:26:02:41:B4:A2:82:FB:D7:A9:42:56:BC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7mvYYfcGFWAmAkG0ooL716lCVrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.159.0/24
185.206.250.0/24
185.223.155.0/24
Signature Algorithm: sha256WithRSAEncryption
05:78:c3:43:97:e2:42:c3:1d:30:91:ec:f8:d9:d6:42:43:6c:
4b:84:34:04:42:ab:1a:7a:81:6a:e7:da:6d:f2:f7:21:79:ee:
76:bf:c1:68:f3:f9:04:75:78:46:89:1c:db:02:f5:9f:73:6e:
81:00:f7:b4:83:57:94:fd:12:c3:0c:de:d8:8c:75:2a:ce:5c:
c0:ce:9e:5c:06:10:67:3e:63:47:10:d5:2f:e9:59:88:66:f2:
07:26:63:b5:a2:9b:a1:97:6c:50:a9:33:6e:f6:4c:05:d2:c0:
22:e1:26:61:e8:f6:59:89:cc:76:62:60:1e:16:81:c7:99:58:
18:71:40:54:a7:be:68:03:52:e3:25:15:7d:fa:c4:10:3d:34:
42:71:c3:c2:4d:dc:6c:67:2a:5c:d8:9d:9f:0e:5d:58:23:90:
a8:a2:72:9e:ac:40:f9:2c:18:30:e0:4b:d8:fd:53:cf:54:f1:
a6:cb:ae:52:6b:7d:6d:ea:19:04:ad:b8:00:a5:35:24:44:64:
af:4b:a9:51:0c:8f:f3:d5:89:f2:d5:27:8d:15:56:7f:59:dd:
c1:a9:32:68:65:03:02:15:7c:35:be:47:a5:33:3d:26:4d:16:
6a:68:cf:98:fe:b1:37:b0:b4:72:3c:d8:86:5f:5e:01:2f:f8:
2c:7c:bb:c9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxtkmKMkCOg6or2T1AyQ2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTZiZDg2MWY3MDYxNTYwMjYwMjQxYjRhMjgyZmJkN2E5NDI1NmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSzPXiwsN1qSQjY9iQPnH6cBEkR9
VlfAHAg/DmrWCn+pf4wHWQaCrSONTqYogLv6udwMDvY/Rt6ui5KBJILxbjHwyKFN
RHFIlVsE6npJt1dTU1Gn6FO+PrSENvsSSs9TL1dubHGiFTRzJv+F56n6tZSekcMv
Hp7R1KKXf/Dek3/XrPU3hR+bSTF2wIWTH9F3+AJHLeR/c58n4CJqQEA6ODEVrTex
8IuFqtotzgb24HODVSCP1VB2O1UR861GtAsjFaUa8KTzwHFwLztSWMtwkrWZGH49
6A/4YcvbKjNJmY1jXQF/+p8Ie42sq05cOtuRMxaRB5B79PBiQCDszzGVUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO5r2GH3BhVgJgJBtKKC+9epQla8MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvN212WVlmY0dGV0FtQWtHMG9vTDcxNmxDVnJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAucefAwQA
uc76AwQAud+bMA0GCSqGSIb3DQEBCwUAA4IBAQAFeMNDl+JCwx0wkez42dZCQ2xL
hDQEQqsaeoFq59pt8vchee52v8Fo8/kEdXhGiRzbAvWfc26BAPe0g1eU/RLDDN7Y
jHUqzlzAzp5cBhBnPmNHENUv6VmIZvIHJmO1opuhl2xQqTNu9kwF0sAi4SZh6PZZ
icx2YmAeFoHHmVgYcUBUp75oA1LjJRV9+sQQPTRCccPCTdxsZypc2J2fDl1YI5Co
onKerED5LBgw4EvY/VPPVPGmy65Sa31t6hkErbgApTUkRGSvS6lRDI/z1Yny1SeN
FVZ/Wd3BqTJoZQMCFXw1vkelMz0mTRZqaM+Y/rE3sLRyPNiGX14BL/gsfLvJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org