Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iZpY5CxSaUVsrXIPwtFgUJFDzrQ.roa
File: iZpY5CxSaUVsrXIPwtFgUJFDzrQ.roa (raw, json)
Hash identifier: 2KzZCU/eX3QfAGcM3gZZlBLG2rZNPpY+AkA+K3QtZQ4=
Subject key identifier: 89:9A:58:E4:2C:52:69:45:6C:AD:72:0F:C2:D1:60:50:91:43:CE:B4
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A6C0C37A20F3AD45C1E46B4B1C677C921
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iZpY5CxSaUVsrXIPwtFgUJFDzrQ.roa
Signing time: Wed 06 Sep 2023 19:50:54 +0000
ROA not before: Wed 06 Sep 2023 19:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61112
IP address blocks: 185.225.20.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6c:0c:37:a2:0f:3a:d4:5c:1e:46:b4:b1:c6:77:c9:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 6 19:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=899a58e42c5269456cad720fc2d160509143ceb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1f:e1:2a:5c:a3:9a:70:76:17:5c:df:21:a9:
24:a0:e0:ed:40:7d:86:c9:2b:b3:47:04:16:de:2f:
1c:ec:c5:aa:06:58:43:52:be:d5:90:77:d2:7a:23:
a7:06:d8:e1:6f:50:8a:34:4b:5d:b2:1a:b0:48:b4:
4a:34:12:fa:3c:5a:a6:be:b2:df:f1:12:51:a8:e7:
ff:6e:b1:78:12:1b:fe:ae:ee:de:65:60:e8:2a:67:
dd:ef:96:ce:c9:07:14:0e:0c:58:61:f9:82:b0:f6:
53:36:c3:01:67:1e:7c:e6:9a:fb:1d:fc:af:3e:aa:
b4:57:de:84:d0:65:3a:28:3a:ae:4e:6d:53:66:c3:
ce:64:39:6b:7e:a9:76:44:03:ac:be:94:54:4d:85:
52:3d:d9:9c:0a:49:93:8b:bd:eb:4d:e8:f4:9d:ef:
b9:2c:83:3f:d2:6c:1a:37:93:dc:78:25:70:f5:16:
41:01:ea:a6:ad:3a:7a:9b:24:21:bc:cc:72:36:80:
dd:2f:55:97:fe:b9:cb:2f:45:15:9e:b8:35:ad:89:
6a:a5:73:ba:ae:ba:c2:dc:cd:52:be:0f:db:8f:21:
d7:81:6e:66:b7:b0:a8:3b:b7:7d:2f:cf:6f:fe:e2:
36:c5:79:82:b6:c2:5e:64:1a:ff:eb:58:fd:3d:be:
e3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9A:58:E4:2C:52:69:45:6C:AD:72:0F:C2:D1:60:50:91:43:CE:B4
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iZpY5CxSaUVsrXIPwtFgUJFDzrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.103.0/24
185.225.20.0/24
Signature Algorithm: sha256WithRSAEncryption
49:2d:fe:ff:95:57:c1:3b:97:31:9a:23:eb:1c:3a:cb:27:28:
e8:b9:df:5b:39:15:df:17:67:75:f0:c0:56:db:ef:f0:54:e5:
f6:57:a9:59:5a:76:bb:10:09:59:6f:b5:f3:d1:a1:b4:63:9f:
a7:ef:fc:af:b8:cd:dc:a5:28:1d:39:40:19:48:36:04:d6:23:
ab:31:31:3f:0b:2d:26:ce:76:e6:05:16:f1:a5:23:a5:b9:45:
cd:07:c9:b9:2f:31:19:e4:49:b2:34:c3:22:73:da:88:99:a8:
05:b9:cf:00:51:f8:2c:86:0f:49:5e:1f:7b:17:bf:9a:5d:32:
75:74:69:d3:c8:8a:0d:01:99:bc:3f:03:a9:9d:b8:fc:68:07:
48:e7:12:fd:52:29:73:2b:36:db:b8:12:65:16:a5:df:f9:58:
6c:d3:cc:85:39:d3:16:61:e4:b5:36:21:a7:b6:78:2b:fb:49:
3a:55:d8:43:98:af:8d:c5:7a:be:f4:22:6b:ba:b3:92:29:1f:
fb:7b:9b:2e:5b:8a:21:97:45:53:87:bd:08:2a:4a:ef:9b:84:
db:34:bd:30:c0:18:f1:31:c4:ff:07:61:37:5b:48:84:be:34:
d6:cc:32:22:37:be:d7:12:56:03:62:3c:11:92:fa:2d:e0:a6:
56:1d:af:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpsDDeiDzrUXB5GtLHGd8khMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTA2MTk1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTlhNThlNDJjNTI2OTQ1NmNhZDcyMGZjMmQxNjA1MDkxNDNjZWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR/hKlyjmnB2F1zfIakkoODtQH2G
ySuzRwQW3i8c7MWqBlhDUr7VkHfSeiOnBtjhb1CKNEtdshqwSLRKNBL6PFqmvrLf
8RJRqOf/brF4Ehv+ru7eZWDoKmfd75bOyQcUDgxYYfmCsPZTNsMBZx585pr7Hfyv
Pqq0V96E0GU6KDquTm1TZsPOZDlrfql2RAOsvpRUTYVSPdmcCkmTi73rTej0ne+5
LIM/0mwaN5PceCVw9RZBAeqmrTp6myQhvMxyNoDdL1WX/rnLL0UVnrg1rYlqpXO6
rrrC3M1Svg/bjyHXgW5mt7CoO7d9L89v/uI2xXmCtsJeZBr/61j9Pb7jEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFImaWOQsUmlFbK1yD8LRYFCRQ860MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaVpwWTVDeFNhVVZzclhJUHd0RmdVSkZEenJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudZnAwQA
ueEUMA0GCSqGSIb3DQEBCwUAA4IBAQBJLf7/lVfBO5cxmiPrHDrLJyjoud9bORXf
F2d18MBW2+/wVOX2V6lZWna7EAlZb7Xz0aG0Y5+n7/yvuM3cpSgdOUAZSDYE1iOr
MTE/Cy0mznbmBRbxpSOluUXNB8m5LzEZ5EmyNMMic9qImagFuc8AUfgshg9JXh97
F7+aXTJ1dGnTyIoNAZm8PwOpnbj8aAdI5xL9UilzKzbbuBJlFqXf+Vhs08yFOdMW
YeS1NiGntngr+0k6VdhDmK+NxXq+9CJrurOSKR/7e5suW4ohl0VTh70IKkrvm4Tb
NL0wwBjxMcT/B2E3W0iEvjTWzDIiN77XElYDYjwRkvot4KZWHa8F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org