Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/aQMefaZsuUXhBiMTvnUqjDwOCAI.roa
File: aQMefaZsuUXhBiMTvnUqjDwOCAI.roa (raw, json)
Hash identifier: 1LfXp0J3UjqYuibnQCctIAK8Uc9i8jjrTuLIJwTJOAk=
Subject key identifier: 69:03:1E:7D:A6:6C:B9:45:E1:06:23:13:BE:75:2A:8C:3C:0E:08:02
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0189D0A234439A415537709F610A70EC1D6B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/aQMefaZsuUXhBiMTvnUqjDwOCAI.roa
Signing time: Mon 07 Aug 2023 15:33:58 +0000
ROA not before: Mon 07 Aug 2023 15:33:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 185.221.20.0/24 maxlen: 24
185.223.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Aug 2023 11:05:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d0:a2:34:43:9a:41:55:37:70:9f:61:0a:70:ec:1d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 7 15:33:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69031e7da66cb945e1062313be752a8c3c0e0802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:63:1f:b3:d5:ac:b5:ef:da:8c:68:95:62:54:
eb:0d:df:9d:38:f8:7f:c7:e7:b8:d9:51:3d:56:61:
3e:38:b9:7c:de:90:1e:d6:f3:62:a6:d2:55:a2:32:
55:8c:22:47:7a:5f:e8:8e:97:80:96:87:5c:63:d4:
94:cf:c8:98:00:13:51:d5:22:d0:e3:7a:2b:9b:07:
a3:ac:cb:d5:21:09:8d:bd:5f:df:eb:30:bc:7b:1c:
8f:30:8e:d7:82:ee:a1:bf:b7:ea:2b:b7:7e:ce:5a:
42:10:d3:f7:90:d9:59:28:16:0b:7e:fe:d0:e4:0a:
41:58:39:d8:43:fa:87:80:fc:af:3c:2e:8a:39:49:
b5:61:69:20:35:8e:de:c4:f1:62:97:70:9c:b6:b2:
d4:41:9e:b6:8a:52:03:fe:a5:2e:29:31:b7:54:f7:
ea:49:c7:a2:7c:0c:10:b3:59:35:86:26:43:fd:52:
31:b7:08:0b:11:cb:41:25:9b:95:e2:ba:b7:4d:d1:
41:30:b3:af:24:91:d2:9a:63:b5:c6:ed:53:94:8d:
84:35:d5:11:81:e2:6a:7d:52:23:64:8d:1f:93:e3:
68:39:98:1d:97:75:a2:58:6d:7f:70:10:21:38:a5:
f3:4c:a3:c4:21:ad:4f:f9:b0:0a:53:dd:4e:1e:00:
2f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:03:1E:7D:A6:6C:B9:45:E1:06:23:13:BE:75:2A:8C:3C:0E:08:02
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/aQMefaZsuUXhBiMTvnUqjDwOCAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.20.0/24
185.223.83.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:1c:85:51:6e:38:81:76:14:96:59:7c:f7:b9:66:5f:f0:11:
2b:c1:f9:70:41:eb:6f:a2:e0:84:88:1a:76:58:13:68:73:c9:
57:34:f7:5f:8e:a3:91:ac:1f:75:45:cb:a2:ad:87:3e:65:da:
5f:09:f3:f9:0f:58:90:a5:8f:cf:2f:e7:3a:37:50:33:8d:98:
3c:ca:bb:37:6a:05:a4:30:62:91:a4:0c:2d:02:7f:cb:b0:25:
e8:18:a5:90:17:cc:d1:cf:62:f3:33:1d:be:3c:0f:c5:39:09:
7e:c7:53:8c:a6:a5:a9:10:74:42:d4:1f:4e:c3:46:5c:bd:ea:
64:68:17:5a:77:21:b4:09:cf:ee:62:2e:2d:a2:2f:39:01:c0:
6a:19:f7:47:44:e7:16:0d:95:71:7c:8e:9c:aa:1d:8d:4f:7d:
58:04:ee:22:48:81:4d:4c:e5:ef:b1:fc:e9:ee:97:1c:aa:8f:
0b:4d:98:49:26:c8:0f:26:c7:aa:dc:d8:76:08:78:8a:dd:a7:
71:59:c0:89:39:bd:6a:1c:a1:78:6a:95:74:0c:0c:23:4c:64:
35:ab:35:85:28:87:a1:09:28:77:b5:dc:2f:97:f5:21:9f:59:
66:fd:29:00:a6:0b:8a:71:79:ab:19:f4:79:45:d6:a1:6f:77:
36:f3:b8:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnQojRDmkFVN3CfYQpw7B1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwODA3MTUzMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTAzMWU3ZGE2NmNiOTQ1ZTEwNjIzMTNiZTc1MmE4YzNjMGUwODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2Mfs9Wste/ajGiVYlTrDd+dOPh/
x+e42VE9VmE+OLl83pAe1vNiptJVojJVjCJHel/ojpeAlodcY9SUz8iYABNR1SLQ
43ormwejrMvVIQmNvV/f6zC8exyPMI7Xgu6hv7fqK7d+zlpCENP3kNlZKBYLfv7Q
5ApBWDnYQ/qHgPyvPC6KOUm1YWkgNY7exPFil3CctrLUQZ62ilID/qUuKTG3VPfq
SceifAwQs1k1hiZD/VIxtwgLEctBJZuV4rq3TdFBMLOvJJHSmmO1xu1TlI2ENdUR
geJqfVIjZI0fk+NoOZgdl3WiWG1/cBAhOKXzTKPEIa1P+bAKU91OHgAvgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGkDHn2mbLlF4QYjE751Kow8DggCMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYVFNZWZhWnN1VVhoQmlNVHZuVXFqRHdPQ0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAud0UAwQA
ud9TMA0GCSqGSIb3DQEBCwUAA4IBAQC3HIVRbjiBdhSWWXz3uWZf8BErwflwQetv
ouCEiBp2WBNoc8lXNPdfjqORrB91RcuirYc+ZdpfCfP5D1iQpY/PL+c6N1AzjZg8
yrs3agWkMGKRpAwtAn/LsCXoGKWQF8zRz2LzMx2+PA/FOQl+x1OMpqWpEHRC1B9O
w0ZcvepkaBdadyG0Cc/uYi4toi85AcBqGfdHROcWDZVxfI6cqh2NT31YBO4iSIFN
TOXvsfzp7pccqo8LTZhJJsgPJseq3Nh2CHiK3adxWcCJOb1qHKF4apV0DAwjTGQ1
qzWFKIehCSh3tdwvl/Uhn1lm/SkApguKcXmrGfR5Rdahb3c287iX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org