Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Jb25OoNVfibK2qiFy66JZe62o6c.roa
File: Jb25OoNVfibK2qiFy66JZe62o6c.roa (raw, json)
Hash identifier: /ru0zD+5FaDViU/yuMoMENuIJDhFAhGgE/wsLZBE7QU=
Subject key identifier: 25:BD:B9:3A:83:55:7E:26:CA:DA:A8:85:CB:AE:89:65:EE:B6:A3:A7
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0189BADC9D159A87FDE22B8FDC896278DF78
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Jb25OoNVfibK2qiFy66JZe62o6c.roa
Signing time: Thu 03 Aug 2023 10:06:07 +0000
ROA not before: Thu 03 Aug 2023 10:06:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 185.218.103.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Aug 2023 15:31:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:dc:9d:15:9a:87:fd:e2:2b:8f:dc:89:62:78:df:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 3 10:06:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25bdb93a83557e26cadaa885cbae8965eeb6a3a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6c:e5:34:c6:03:c0:c7:8b:1f:9c:51:e1:dd:
64:9c:15:1d:20:bb:38:d2:bf:bc:85:bd:cd:cf:d5:
ed:11:53:7e:67:37:28:96:9a:41:0c:de:c9:74:75:
56:75:41:a4:69:c1:f4:1a:39:39:4e:3e:2c:4d:33:
49:30:03:84:9c:4c:fe:7c:95:5a:7a:11:4e:0b:94:
de:47:ef:9f:fe:f1:f7:f0:12:0d:59:3d:39:f9:f9:
4d:6c:15:18:a2:a2:28:b4:eb:23:ab:c1:67:5e:e4:
b5:7a:75:5f:ad:6e:86:66:8b:dd:ff:03:8c:79:84:
eb:24:03:25:57:73:59:e0:69:b6:1d:af:47:13:3b:
10:df:25:0f:71:64:b3:64:8e:02:55:eb:4d:2a:ee:
82:a1:7c:40:f0:f3:3a:60:ee:f5:f9:60:a8:65:2b:
4a:82:86:49:cb:a2:8e:86:7c:4e:5e:61:ea:eb:cb:
8b:86:4e:95:eb:4b:46:c7:1d:c0:4e:eb:3f:b5:1a:
1d:6b:ea:a1:8e:a8:09:85:da:27:01:17:28:1c:b7:
5e:26:e7:5e:55:cf:8d:0e:49:25:3b:c2:5f:1f:91:
79:8e:4a:c8:a8:ee:45:c1:4c:72:ec:8d:11:f1:a0:
4a:67:a5:d9:d0:ca:87:c5:f7:61:dc:1f:66:bb:d1:
40:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BD:B9:3A:83:55:7E:26:CA:DA:A8:85:CB:AE:89:65:EE:B6:A3:A7
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Jb25OoNVfibK2qiFy66JZe62o6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.100.0/24
185.218.103.0/24
185.220.248.0/24
185.246.112.0/24
Signature Algorithm: sha256WithRSAEncryption
07:3a:f2:e3:b8:06:6b:af:0b:30:2b:fa:7f:63:c5:f7:24:94:
f7:ec:62:28:b0:69:4e:88:01:83:c7:b4:db:1b:2e:97:fd:d5:
db:f6:e0:92:4f:3f:02:27:87:6d:97:86:91:ff:2b:69:e2:f4:
4b:bf:2e:3f:09:a3:52:fb:13:6e:5e:f8:70:ae:8d:da:17:b4:
b1:b3:a4:fb:af:90:e9:03:94:b8:a4:a3:54:14:89:da:88:22:
74:05:b2:c4:5b:c2:6d:d1:4a:7a:e8:1d:5a:2f:62:a4:04:83:
4a:36:35:c0:79:aa:ad:37:69:29:70:b5:0a:c9:05:73:b5:31:
be:b9:b6:a9:d3:4a:0f:5b:0e:a7:4c:36:e2:a9:fa:4a:03:9e:
e9:51:42:58:10:7a:cd:01:68:33:a1:70:7f:11:86:20:ad:07:
7c:a5:a6:be:d3:cd:31:db:52:ee:0d:93:88:ed:91:c7:b5:03:
e1:d8:20:fe:40:41:25:a7:d5:df:99:80:1b:a4:f9:c5:57:43:
5f:ca:e2:71:96:a2:52:a1:ae:da:66:3b:09:c7:18:6b:b8:92:
8a:16:81:1a:4a:af:6f:82:15:65:c9:c0:94:c2:9f:2c:48:66:
81:62:04:76:13:aa:2c:ae:d0:60:70:5c:70:5d:61:0d:e9:37:
23:08:6c:12
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYm63J0Vmof94iuP3IlieN94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwODAzMTAwNjA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWJkYjkzYTgzNTU3ZTI2Y2FkYWE4ODVjYmFlODk2NWVlYjZhM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWzlNMYDwMeLH5xR4d1knBUdILs4
0r+8hb3Nz9XtEVN+ZzcolppBDN7JdHVWdUGkacH0Gjk5Tj4sTTNJMAOEnEz+fJVa
ehFOC5TeR++f/vH38BINWT05+flNbBUYoqIotOsjq8FnXuS1enVfrW6GZovd/wOM
eYTrJAMlV3NZ4Gm2Ha9HEzsQ3yUPcWSzZI4CVetNKu6CoXxA8PM6YO71+WCoZStK
goZJy6KOhnxOXmHq68uLhk6V60tGxx3ATus/tRoda+qhjqgJhdonARcoHLdeJude
Vc+NDkklO8JfH5F5jkrIqO5FwUxy7I0R8aBKZ6XZ0MqHxfdh3B9mu9FAKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCW9uTqDVX4mytqohcuuiWXutqOnMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSmIyNU9vTlZmaWJLMnFpRnk2NkpaZTYybzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAudZkAwQA
udpnAwQAudz4AwQAufZwMA0GCSqGSIb3DQEBCwUAA4IBAQAHOvLjuAZrrwswK/p/
Y8X3JJT37GIosGlOiAGDx7TbGy6X/dXb9uCSTz8CJ4dtl4aR/ytp4vRLvy4/CaNS
+xNuXvhwro3aF7Sxs6T7r5DpA5S4pKNUFInaiCJ0BbLEW8Jt0Up66B1aL2KkBINK
NjXAeaqtN2kpcLUKyQVztTG+ubap00oPWw6nTDbiqfpKA57pUUJYEHrNAWgzoXB/
EYYgrQd8paa+080x21LuDZOI7ZHHtQPh2CD+QEElp9XfmYAbpPnFV0NfyuJxlqJS
oa7aZjsJxxhruJKKFoEaSq9vghVlycCUwp8sSGaBYgR2E6osrtBgcFxwXWEN6Tcj
CGwS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org