Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/cHZjWQ2QUJqLP_5X4FwPCYcQICA.roa
File: cHZjWQ2QUJqLP_5X4FwPCYcQICA.roa (raw, json)
Hash identifier: v9TZitdsfxcA8EP1aAjzuFpw8qUIkoLmebMk6Sbdy5Q=
Subject key identifier: 70:76:63:59:0D:90:50:9A:8B:3F:FE:57:E0:5C:0F:09:87:10:20:20
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC802825390BC99ED0811425FF1EDD300
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/cHZjWQ2QUJqLP_5X4FwPCYcQICA.roa
Signing time: Tue 02 Jan 2024 02:30:56 +0000
ROA not before: Tue 02 Jan 2024 02:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61112
IP address blocks: 185.225.20.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 15:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:82:53:90:bc:99:ed:08:11:42:5f:f1:ed:d3:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=707663590d90509a8b3ffe57e05c0f0987102020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:05:51:2d:d3:05:e6:58:08:d7:40:ae:31:d6:
f9:73:6f:88:8b:80:39:74:cd:6e:8e:07:b8:18:e6:
f8:e9:f3:27:3a:d1:ef:7b:30:9c:ee:22:9d:c9:2d:
00:fb:6f:5b:9f:06:8d:ad:6f:a1:d1:d1:03:fb:70:
d2:a9:4f:33:30:61:9b:eb:19:07:cf:98:ff:ea:26:
29:8d:c6:1f:5b:f9:15:b5:34:8c:5c:64:b1:71:9e:
d7:74:75:ba:96:c7:47:bc:41:cd:39:76:20:fd:bf:
68:d9:ae:07:f6:eb:f0:f8:64:1a:8e:91:86:30:c5:
57:64:b6:b0:f3:c0:c1:60:cb:c2:c3:0c:3f:d0:c2:
77:c1:9e:a9:69:c1:09:07:d5:0a:cd:7a:6d:91:26:
41:a9:34:b6:e6:e6:ce:d1:23:e1:bd:4c:d6:ee:ab:
2a:f8:ba:f3:62:ba:05:93:4d:c2:c4:18:d3:9f:17:
ad:57:5a:79:ab:ff:6b:ac:4d:d9:82:10:4b:14:99:
1c:85:64:b2:43:f9:8b:96:4a:f5:13:45:1f:27:69:
71:9f:c9:ab:5b:4b:ed:c7:e5:ab:a5:e7:27:3b:3f:
86:83:a9:d8:16:85:24:29:c2:2f:4d:14:f0:06:ea:
8d:0a:87:54:25:04:aa:22:1f:ce:4a:c6:35:51:5b:
5b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:76:63:59:0D:90:50:9A:8B:3F:FE:57:E0:5C:0F:09:87:10:20:20
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/cHZjWQ2QUJqLP_5X4FwPCYcQICA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.103.0/24
185.225.20.0/24
Signature Algorithm: sha256WithRSAEncryption
02:71:0d:19:9a:03:7d:a3:1b:47:f1:0d:0c:50:a6:db:3b:94:
1f:74:6a:1c:bd:a1:f9:38:92:cd:9f:87:94:7b:e5:92:3d:4e:
46:c5:5c:3e:20:f6:89:9b:78:61:2f:df:33:8c:d2:12:6c:27:
ef:a5:bb:89:0b:6e:02:11:c7:5d:25:7a:64:cb:3c:b4:66:b4:
07:3f:c6:75:9f:87:6f:f5:cf:81:74:3b:1d:fe:1b:b3:4b:04:
06:fd:6c:b3:22:7b:54:68:87:3a:50:17:38:75:8c:b6:ec:f5:
32:31:a3:2b:8e:28:78:6b:2c:13:97:86:be:dd:4b:ee:f0:c8:
01:1a:ac:99:80:2d:d9:91:45:7f:a2:64:c2:6a:e4:e7:96:20:
7b:45:9e:ab:6e:46:2a:f1:70:84:78:17:37:06:2d:4a:3b:24:
ed:d3:0e:7c:74:11:ea:ff:38:ee:16:0a:6a:d0:71:64:d8:50:
53:81:4f:77:d2:a6:04:a2:4a:a6:15:f8:8f:77:d2:ca:fd:90:
e4:02:5c:af:29:e8:29:0e:a7:d5:e7:ae:4b:bf:cb:9e:13:f0:
95:20:17:c3:6a:48:59:4c:5e:9a:8e:ca:b7:2c:9e:4b:88:cc:
c8:e6:28:08:4a:f6:3f:3a:77:c5:73:ac:d6:45:b2:59:45:41:
80:b2:d9:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAoJTkLyZ7QgRQl/x7dMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDc2NjM1OTBkOTA1MDlhOGIzZmZlNTdlMDVjMGYwOTg3MTAyMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQVRLdMF5lgI10CuMdb5c2+Ii4A5
dM1ujge4GOb46fMnOtHvezCc7iKdyS0A+29bnwaNrW+h0dED+3DSqU8zMGGb6xkH
z5j/6iYpjcYfW/kVtTSMXGSxcZ7XdHW6lsdHvEHNOXYg/b9o2a4H9uvw+GQajpGG
MMVXZLaw88DBYMvCwww/0MJ3wZ6pacEJB9UKzXptkSZBqTS25ubO0SPhvUzW7qsq
+LrzYroFk03CxBjTnxetV1p5q/9rrE3ZghBLFJkchWSyQ/mLlkr1E0UfJ2lxn8mr
W0vtx+WrpecnOz+Gg6nYFoUkKcIvTRTwBuqNCodUJQSqIh/OSsY1UVtbfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHB2Y1kNkFCaiz/+V+BcDwmHECAgMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvY0haaldRMlFVSnFMUF81WDRGd1BDWWNRSUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudZnAwQA
ueEUMA0GCSqGSIb3DQEBCwUAA4IBAQACcQ0ZmgN9oxtH8Q0MUKbbO5QfdGocvaH5
OJLNn4eUe+WSPU5GxVw+IPaJm3hhL98zjNISbCfvpbuJC24CEcddJXpkyzy0ZrQH
P8Z1n4dv9c+BdDsd/huzSwQG/WyzIntUaIc6UBc4dYy27PUyMaMrjih4aywTl4a+
3Uvu8MgBGqyZgC3ZkUV/omTCauTnliB7RZ6rbkYq8XCEeBc3Bi1KOyTt0w58dBHq
/zjuFgpq0HFk2FBTgU930qYEokqmFfiPd9LK/ZDkAlyvKegpDqfV565Lv8ueE/CV
IBfDakhZTF6ajsq3LJ5LiMzI5igISvY/OnfFc6zWRbJZRUGAstkk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org