Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/D3o8UyA5qQxg7zdXb3z-G9qp3qE.roa
File: D3o8UyA5qQxg7zdXb3z-G9qp3qE.roa (raw, json)
Hash identifier: eqNAIH5atZcN8HFxS80HLDSHSyKc/+ag2Xci2GKQI3I=
Subject key identifier: 0F:7A:3C:53:20:39:A9:0C:60:EF:37:57:6F:7C:FE:1B:DA:A9:DE:A1
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0189BAE68AF8E28ECC687A2792CE3E8B0F53
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/D3o8UyA5qQxg7zdXb3z-G9qp3qE.roa
Signing time: Thu 03 Aug 2023 10:16:58 +0000
ROA not before: Thu 03 Aug 2023 10:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13830
IP address blocks: 185.225.22.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Aug 2023 10:39:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:e6:8a:f8:e2:8e:cc:68:7a:27:92:ce:3e:8b:0f:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 3 10:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f7a3c532039a90c60ef37576f7cfe1bdaa9dea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b4:0c:ee:52:a8:6d:69:4b:91:ae:59:f5:9c:
60:9e:0b:06:15:be:28:ec:82:c7:4b:93:60:1f:df:
44:78:fe:5d:af:18:d7:b0:2d:9d:54:1a:56:b2:b5:
44:c7:d5:ad:fc:d0:2f:bf:e5:28:bf:21:38:ab:96:
f8:6a:99:43:a2:e4:d5:cc:a4:4f:ae:8a:0f:6f:b0:
69:03:ea:ce:1c:34:e9:dd:1b:20:a9:a0:34:8b:00:
63:2e:d9:92:ae:10:40:c3:9c:f5:e1:b3:9f:9d:ca:
74:be:39:c0:33:0a:6d:90:87:c2:a1:c3:16:52:d8:
3c:02:9a:c4:a0:36:e2:a7:01:18:f5:b2:14:d1:f0:
b0:43:4e:a0:7c:a5:b6:1a:54:b4:39:18:d9:ce:28:
5d:40:9a:b1:8a:62:c7:a5:7e:bf:6f:33:cb:92:b4:
11:cc:f7:c9:b7:ee:19:93:10:62:05:9d:e6:b8:49:
18:6b:a1:5d:31:e6:ee:fc:f7:56:2f:61:7d:d0:63:
4e:b5:15:ab:fd:c6:bd:bb:4c:3f:33:51:52:b3:09:
67:ec:07:dd:8f:51:7c:7a:fb:fd:e4:69:28:97:8a:
b6:e0:6f:22:8c:a0:e0:f1:45:65:0c:1a:90:cc:fc:
1a:84:0c:9c:cb:14:66:7d:81:37:fb:36:f9:da:a0:
81:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:7A:3C:53:20:39:A9:0C:60:EF:37:57:6F:7C:FE:1B:DA:A9:DE:A1
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/D3o8UyA5qQxg7zdXb3z-G9qp3qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.82.0/24
185.225.22.0/24
185.246.115.0/24
193.58.144.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:8e:29:b3:bd:4f:1e:d7:00:fd:40:6b:3d:08:c4:b8:22:be:
9c:60:62:a3:10:59:78:4a:59:a0:7c:f2:3f:04:a7:ad:ee:96:
0e:e1:12:b4:74:35:bd:73:52:59:4f:35:63:de:4d:39:ad:79:
0d:d0:6f:ef:b1:f0:06:1c:5d:5f:b0:42:40:75:78:6f:c9:08:
fd:b0:ee:8e:6c:c2:a2:32:39:14:b3:c7:a7:69:c2:30:56:ec:
68:2e:ac:da:bb:e0:04:4a:37:a5:62:52:e8:cf:8a:28:b0:cd:
f1:f7:51:87:03:c0:b7:47:54:c1:9d:8f:b2:e9:0b:70:f0:23:
31:c9:a1:65:2d:c5:7a:ca:a2:98:62:81:c2:43:85:83:f7:b0:
0f:4a:52:21:34:16:0a:a2:42:1a:45:0c:7d:80:06:92:ae:51:
33:21:5d:24:f6:ce:f0:db:4c:b0:ec:25:17:70:41:90:3c:16:
04:24:f2:21:34:ba:20:8c:02:35:4c:da:fe:08:2b:ab:f9:b8:
68:ae:62:b4:49:bb:84:79:35:83:ba:2a:bf:13:95:3a:92:05:
36:d3:68:07:72:7f:18:46:21:a8:fc:d2:38:3b:ee:16:38:2a:
8a:ee:8b:1b:0e:2c:b6:4a:a8:08:69:a9:61:69:35:c6:ba:4b:
3d:49:4d:95
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYm65or44o7MaHonks4+iw9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwODAzMTAxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjdhM2M1MzIwMzlhOTBjNjBlZjM3NTc2ZjdjZmUxYmRhYTlkZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7QM7lKobWlLka5Z9ZxgngsGFb4o
7ILHS5NgH99EeP5drxjXsC2dVBpWsrVEx9Wt/NAvv+UovyE4q5b4aplDouTVzKRP
rooPb7BpA+rOHDTp3RsgqaA0iwBjLtmSrhBAw5z14bOfncp0vjnAMwptkIfCocMW
Utg8AprEoDbipwEY9bIU0fCwQ06gfKW2GlS0ORjZzihdQJqximLHpX6/bzPLkrQR
zPfJt+4ZkxBiBZ3muEkYa6FdMebu/PdWL2F90GNOtRWr/ca9u0w/M1FSswln7Afd
j1F8evv95Gkol4q24G8ijKDg8UVlDBqQzPwahAycyxRmfYE3+zb52qCBpwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA96PFMgOakMYO83V298/hvaqd6hMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRDNvOFV5QTVxUXhnN3pkWGIzei1HOXFwM3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAud9SAwQA
ueEWAwQAufZzAwQAwTqQMA0GCSqGSIb3DQEBCwUAA4IBAQC6jimzvU8e1wD9QGs9
CMS4Ir6cYGKjEFl4SlmgfPI/BKet7pYO4RK0dDW9c1JZTzVj3k05rXkN0G/vsfAG
HF1fsEJAdXhvyQj9sO6ObMKiMjkUs8enacIwVuxoLqzau+AESjelYlLoz4oosM3x
91GHA8C3R1TBnY+y6Qtw8CMxyaFlLcV6yqKYYoHCQ4WD97APSlIhNBYKokIaRQx9
gAaSrlEzIV0k9s7w20yw7CUXcEGQPBYEJPIhNLogjAI1TNr+CCur+bhormK0SbuE
eTWDuiq/E5U6kgU202gHcn8YRiGo/NI4O+4WOCqK7osbDiy2SqgIaalhaTXGuks9
SU2V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org