Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/H9xjH3QBRb8BD2O-3lxp-_xthVU.roa
File: H9xjH3QBRb8BD2O-3lxp-_xthVU.roa (raw, json)
Hash identifier: sx+hFxxxjrt0VOQ10gT4BvYWmvCM8XfNRNvTXuVd04k=
Subject key identifier: 1F:DC:63:1F:74:01:45:BF:01:0F:63:BE:DE:5C:69:FB:FC:6D:85:55
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0189AD240B1A697BD232228A3ADDE498F9D3
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/H9xjH3QBRb8BD2O-3lxp-_xthVU.roa
Signing time: Mon 31 Jul 2023 18:09:27 +0000
ROA not before: Mon 31 Jul 2023 18:09:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 185.206.249.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.238.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Sep 2023 10:15:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ad:24:0b:1a:69:7b:d2:32:22:8a:3a:dd:e4:98:f9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 31 18:09:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fdc631f740145bf010f63bede5c69fbfc6d8555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:35:32:33:51:e8:2b:7d:08:4b:8d:29:37:c2:
da:5d:98:ef:fd:d2:e1:e2:a4:79:c5:50:83:70:2c:
94:a7:ae:38:01:ed:1e:6b:5b:0b:18:28:48:b3:fd:
c2:58:26:af:fd:f5:d4:32:d8:2a:26:87:ee:c2:32:
7e:ff:a5:7f:8d:9c:cc:c8:8b:15:67:a3:23:85:7a:
ff:2f:f7:e5:44:8d:5c:a5:06:5b:00:9e:b7:89:31:
0b:35:63:a8:5e:1d:a7:b3:17:e6:cf:b3:c2:ca:56:
9f:bf:43:fa:1e:54:f6:59:91:3b:29:c4:47:cb:97:
01:e2:5d:ef:cd:91:b0:46:08:13:ac:62:eb:87:5d:
86:5e:65:93:f7:d2:40:c4:96:a0:aa:68:da:6c:1d:
21:be:dd:a5:2d:58:81:4d:57:47:8d:c6:c6:e5:a1:
f5:b3:f6:08:40:1c:1e:b8:a1:9a:8e:1e:cf:70:59:
1d:62:84:72:2c:5a:0e:59:db:fc:00:24:47:04:ac:
a1:f6:69:14:18:29:48:2a:42:97:1d:71:e1:f2:77:
33:3f:1d:43:27:68:32:d1:78:11:08:a7:d7:29:09:
7d:f1:41:b8:93:a5:68:f0:cb:6e:d7:a4:71:c8:96:
00:78:10:03:54:b3:e1:34:ae:1f:1b:57:6b:16:ae:
77:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:DC:63:1F:74:01:45:BF:01:0F:63:BE:DE:5C:69:FB:FC:6D:85:55
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/H9xjH3QBRb8BD2O-3lxp-_xthVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.248.0/23
185.226.107.0/24
185.238.229.0/24
185.240.120.0/23
Signature Algorithm: sha256WithRSAEncryption
46:fc:ea:fe:17:87:6d:37:ed:96:c6:5c:ee:f3:da:82:51:9a:
3e:aa:8b:11:7f:24:50:3c:b7:40:de:28:03:7c:cf:79:17:24:
78:10:e9:cb:ed:1c:f6:6f:9b:b3:49:a3:33:5b:bc:82:b4:ff:
6e:c9:5b:a6:2c:74:3f:40:6e:ec:91:16:09:25:1b:af:9d:e8:
84:54:81:fa:a4:ce:fe:17:ef:a0:84:61:f9:ad:0f:95:f6:ad:
c2:88:9c:36:e6:ad:d6:6f:8e:98:b3:44:01:05:b2:1c:50:0c:
a9:2b:ae:c5:3c:7d:a1:a7:50:d0:a8:33:75:d2:77:d0:88:6e:
c9:9b:52:a0:c7:d2:1f:35:6d:9d:99:8f:b4:7e:ac:01:f3:27:
6f:23:43:77:2e:2a:bf:9c:66:82:73:f8:b0:3b:a5:0d:fb:d6:
ea:70:b5:a9:8c:1b:ad:28:4b:70:02:0c:e1:ef:ba:5f:aa:cc:
a6:fe:a1:d2:cb:22:db:2b:56:70:2f:c9:7b:b0:b4:11:e5:2c:
75:aa:b3:1a:65:e3:8e:09:71:f9:cb:07:e0:1a:ef:93:1d:8f:
b4:49:47:c6:aa:23:45:5b:7f:14:de:84:89:bb:ab:1f:6a:08:
90:4f:fb:dc:56:a9:8a:2e:1b:26:c2:4c:cd:b1:b4:9f:b9:45:
b4:d1:c9:4b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmtJAsaaXvSMiKKOt3kmPnTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzMxMTgwOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmRjNjMxZjc0MDE0NWJmMDEwZjYzYmVkZTVjNjlmYmZjNmQ4NTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzUyM1HoK30IS40pN8LaXZjv/dLh
4qR5xVCDcCyUp644Ae0ea1sLGChIs/3CWCav/fXUMtgqJofuwjJ+/6V/jZzMyIsV
Z6MjhXr/L/flRI1cpQZbAJ63iTELNWOoXh2nsxfmz7PCylafv0P6HlT2WZE7KcRH
y5cB4l3vzZGwRggTrGLrh12GXmWT99JAxJagqmjabB0hvt2lLViBTVdHjcbG5aH1
s/YIQBweuKGajh7PcFkdYoRyLFoOWdv8ACRHBKyh9mkUGClIKkKXHXHh8nczPx1D
J2gy0XgRCKfXKQl98UG4k6Vo8Mtu16RxyJYAeBADVLPhNK4fG1drFq53SwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB/cYx90AUW/AQ9jvt5cafv8bYVVMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSDl4akgzUUJSYjhCRDJPLTNseHAtX3h0aFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBuc74AwQA
ueJrAwQAue7lAwQBufB4MA0GCSqGSIb3DQEBCwUAA4IBAQBG/Or+F4dtN+2Wxlzu
89qCUZo+qosRfyRQPLdA3igDfM95FyR4EOnL7Rz2b5uzSaMzW7yCtP9uyVumLHQ/
QG7skRYJJRuvneiEVIH6pM7+F++ghGH5rQ+V9q3CiJw25q3Wb46Ys0QBBbIcUAyp
K67FPH2hp1DQqDN10nfQiG7Jm1Kgx9IfNW2dmY+0fqwB8ydvI0N3Liq/nGaCc/iw
O6UN+9bqcLWpjButKEtwAgzh77pfqsym/qHSyyLbK1ZwL8l7sLQR5Sx1qrMaZeOO
CXH5ywfgGu+THY+0SUfGqiNFW38U3oSJu6sfagiQT/vcVqmKLhsmwkzNsbSfuUW0
0clL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org