Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/8-YUew8ayG65-KmYTQBLZVgZbfE.roa
File: 8-YUew8ayG65-KmYTQBLZVgZbfE.roa (raw, json)
Hash identifier: tdOdHptWh+PUQo27jx8jyutNoz0hAo7geaNZ/5ql3o0=
Subject key identifier: F3:E6:14:7B:0F:1A:C8:6E:B9:F8:A9:98:4D:00:4B:65:58:19:6D:F1
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A5FDE15E17126AD6BA592A93BEBC8E4F4
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/8-YUew8ayG65-KmYTQBLZVgZbfE.roa
Signing time: Mon 04 Sep 2023 11:05:04 +0000
ROA not before: Mon 04 Sep 2023 11:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 185.221.22.0/23 maxlen: 23
185.209.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Sep 2023 18:16:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:de:15:e1:71:26:ad:6b:a5:92:a9:3b:eb:c8:e4:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 4 11:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3e6147b0f1ac86eb9f8a9984d004b6558196df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:07:2a:03:8c:60:3e:34:00:a7:e1:03:27:c0:
2a:fd:97:a0:47:a7:ab:71:b5:8a:99:b5:95:46:75:
32:1e:42:2b:23:9c:7e:87:c7:70:6d:40:40:0f:83:
ee:b1:42:a8:60:46:64:37:87:40:bb:db:66:63:2b:
d7:ea:e4:fe:5e:29:2d:eb:2c:21:33:f5:de:66:7c:
4b:a8:58:8f:a9:76:37:b7:52:7e:7b:cf:a2:1b:ff:
df:95:3a:b9:1b:6c:20:0e:44:9c:e4:f7:1e:a2:60:
2d:2c:a3:58:24:33:90:60:93:35:8b:d6:ab:38:7d:
31:fc:55:73:5b:7a:65:00:54:ec:ff:8f:70:62:2f:
d5:bf:5b:03:6c:75:9f:88:de:05:f7:f0:05:fe:01:
62:04:7e:f8:72:c6:7d:18:0f:6c:91:dc:32:62:6a:
e8:86:f8:00:ad:d0:ad:77:1a:22:3e:91:f0:99:80:
d8:e1:86:04:f0:ac:4b:ec:69:84:65:c9:a0:be:ed:
65:7c:37:34:87:e8:06:bd:90:cf:3e:34:71:43:44:
32:59:95:e6:01:4a:4d:55:8f:3f:ce:83:68:fb:c2:
1f:dc:6b:34:a8:64:27:2a:d0:80:00:7c:4e:fa:70:
a8:95:ca:45:3f:ed:f5:9c:ca:4c:bb:a2:88:cf:2c:
06:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E6:14:7B:0F:1A:C8:6E:B9:F8:A9:98:4D:00:4B:65:58:19:6D:F1
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/8-YUew8ayG65-KmYTQBLZVgZbfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.73.0/24
185.221.22.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:42:6f:53:e9:e0:4b:ed:0b:73:fc:27:44:15:97:4b:81:68:
81:ac:b0:cb:37:70:52:48:02:09:3f:2b:e0:fd:a2:ae:1e:4c:
45:d7:16:86:91:7f:2a:2d:62:bf:ec:e8:c6:cc:5c:cc:b7:e5:
a3:bd:96:aa:57:bc:0d:f5:df:ab:17:55:5c:f0:ed:e8:1d:d4:
53:7a:81:d1:c2:53:2b:c8:2f:51:66:25:c3:df:64:08:cc:12:
52:c2:84:2f:3b:59:9f:c3:26:0f:a3:a6:e0:a9:53:dc:6c:ff:
4a:d6:5e:61:82:94:34:a5:07:2e:0f:83:31:52:a8:b4:60:f8:
23:26:9f:43:8a:a5:23:b7:e9:6d:bf:2b:35:e6:e9:79:5e:a1:
25:fa:25:c8:64:8e:6e:31:0b:de:44:3b:15:26:fe:64:4f:29:
d0:e9:ab:de:78:79:67:74:14:af:14:2c:52:7f:3f:1d:7b:7f:
a0:92:7c:35:e6:a6:5f:9a:19:6c:3a:c6:5a:55:a3:a5:97:cb:
c6:61:97:69:12:5a:8a:9a:9b:11:d9:78:00:24:9b:ed:96:8f:
ad:62:d4:90:d7:4c:79:e1:f8:4f:e5:68:7b:e0:ae:a2:89:53:
56:b6:05:55:58:b2:3b:be:13:2a:6e:57:d0:1e:88:cf:9e:30:
83:a1:1f:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpf3hXhcSata6WSqTvryOT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTA0MTEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2U2MTQ3YjBmMWFjODZlYjlmOGE5OTg0ZDAwNGI2NTU4MTk2ZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwcqA4xgPjQAp+EDJ8Aq/ZegR6er
cbWKmbWVRnUyHkIrI5x+h8dwbUBAD4PusUKoYEZkN4dAu9tmYyvX6uT+Xikt6ywh
M/XeZnxLqFiPqXY3t1J+e8+iG//flTq5G2wgDkSc5PceomAtLKNYJDOQYJM1i9ar
OH0x/FVzW3plAFTs/49wYi/Vv1sDbHWfiN4F9/AF/gFiBH74csZ9GA9skdwyYmro
hvgArdCtdxoiPpHwmYDY4YYE8KxL7GmEZcmgvu1lfDc0h+gGvZDPPjRxQ0QyWZXm
AUpNVY8/zoNo+8If3Gs0qGQnKtCAAHxO+nColcpFP+31nMpMu6KIzywGZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPPmFHsPGshuufipmE0AS2VYGW3xMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvOC1ZVWV3OGF5RzY1LUttWVRRQkxaVmdaYmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudFJAwQB
ud0WMA0GCSqGSIb3DQEBCwUAA4IBAQBOQm9T6eBL7Qtz/CdEFZdLgWiBrLDLN3BS
SAIJPyvg/aKuHkxF1xaGkX8qLWK/7OjGzFzMt+WjvZaqV7wN9d+rF1Vc8O3oHdRT
eoHRwlMryC9RZiXD32QIzBJSwoQvO1mfwyYPo6bgqVPcbP9K1l5hgpQ0pQcuD4Mx
Uqi0YPgjJp9DiqUjt+ltvys15ul5XqEl+iXIZI5uMQveRDsVJv5kTynQ6aveeHln
dBSvFCxSfz8de3+gknw15qZfmhlsOsZaVaOll8vGYZdpElqKmpsR2XgAJJvtlo+t
YtSQ10x54fhP5Wh74K6iiVNWtgVVWLI7vhMqblfQHojPnjCDoR/p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org