Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ipetFluXvpMX8UkP9EuJu-sIfjY.roa
File: ipetFluXvpMX8UkP9EuJu-sIfjY.roa (raw, json)
Hash identifier: vyqkhhtTJ6nLaIENj5efjyDWYgDdbAULrOwrRBoXhP8=
Subject key identifier: 8A:97:AD:16:5B:97:BE:93:17:F1:49:0F:F4:4B:89:BB:EB:08:7E:36
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0187754637BFC0CBD5DA6FEF116C4178544B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ipetFluXvpMX8UkP9EuJu-sIfjY.roa
Signing time: Wed 12 Apr 2023 11:42:28 +0000
ROA not before: Wed 12 Apr 2023 11:42:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200017
IP address blocks: 185.126.83.0/24 maxlen: 24
185.228.73.0/24 maxlen: 24
176.125.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:46:37:bf:c0:cb:d5:da:6f:ef:11:6c:41:78:54:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 12 11:42:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a97ad165b97be9317f1490ff44b89bbeb087e36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6a:d0:11:08:2e:50:e5:86:2d:e1:95:ac:b7:
d7:4a:09:75:c1:72:a7:a5:55:75:c8:24:6a:6e:4b:
c3:1b:55:33:76:e2:5b:30:3b:40:2b:65:40:76:7a:
8f:c8:8f:dc:8b:61:9b:99:5a:53:ee:a8:2b:f8:8e:
6c:59:a7:1a:e7:c3:bd:d8:aa:28:71:16:61:52:9d:
22:c5:0a:f1:9d:04:80:d0:62:68:b9:1c:4f:a6:62:
24:53:d0:0b:cf:69:77:aa:c9:0e:ba:84:5f:04:1d:
80:8f:f8:69:b8:ed:65:c1:84:9a:62:8a:f7:57:b6:
8a:bb:0c:86:1a:75:09:e7:78:9b:44:78:5f:98:45:
45:a6:2f:ca:a2:e5:62:12:04:bc:c2:97:ed:1d:cd:
a5:9f:3b:74:75:be:0c:5c:47:06:ac:37:5c:29:38:
ba:51:be:9b:78:24:1d:dc:40:57:c0:a4:11:98:52:
92:38:30:68:48:3e:e9:20:e6:19:ff:ae:91:c5:0b:
88:51:16:af:f8:46:26:bb:54:94:3a:87:56:86:b0:
9a:3e:f3:42:9e:3c:69:79:63:ad:52:a8:fc:55:a9:
1e:ea:56:0f:70:d9:65:9f:b3:35:11:bd:a1:77:e8:
e0:25:7d:8c:c9:8f:ef:08:a1:26:e5:b4:eb:7f:7b:
93:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:97:AD:16:5B:97:BE:93:17:F1:49:0F:F4:4B:89:BB:EB:08:7E:36
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ipetFluXvpMX8UkP9EuJu-sIfjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.249.0/24
185.126.83.0/24
185.228.73.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e0:6c:97:22:26:ac:11:96:ac:e3:70:73:67:29:89:70:0d:
cb:fb:90:23:61:f7:96:61:9e:9c:8b:57:51:9a:50:da:2c:59:
61:75:94:b9:8f:c9:d5:a5:d2:6c:0d:2a:17:9d:64:d8:2d:a0:
09:e7:54:ff:27:05:5c:05:e2:41:40:60:b6:63:54:f5:48:43:
55:62:d3:53:24:4a:76:86:e9:6b:f4:6d:62:08:fb:ca:69:fe:
0b:45:5e:e5:68:8c:d5:db:1c:8c:80:6b:7d:11:58:09:74:ad:
af:ec:1c:7b:f7:36:47:23:ba:ae:e6:f6:e0:4b:de:13:6c:4c:
8a:5e:9f:85:e2:a4:e2:f0:9c:2f:d2:02:f9:3b:c0:d1:0f:c7:
97:42:02:ba:2d:ae:7a:3d:b2:04:31:46:f8:8d:bf:1d:80:b5:
bd:14:1c:6c:13:b7:d0:b2:ee:8a:57:40:9b:2b:f5:6a:fd:f1:
8b:4c:5a:b2:3d:52:43:59:20:41:25:a7:69:bc:1a:5a:45:eb:
36:5b:c2:f6:ef:ac:f8:eb:5c:48:4b:75:80:c5:cc:aa:9f:24:
95:b9:42:b4:87:da:67:0c:b1:0f:5f:4d:ab:d5:e9:e5:a9:50:
a5:d0:5b:ea:4b:50:88:d8:6c:69:60:14:6f:6e:d4:d8:cb:b8:
c4:0d:24:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd1Rje/wMvV2m/vEWxBeFRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDEyMTE0MjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTk3YWQxNjViOTdiZTkzMTdmMTQ5MGZmNDRiODliYmViMDg3ZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2rQEQguUOWGLeGVrLfXSgl1wXKn
pVV1yCRqbkvDG1UzduJbMDtAK2VAdnqPyI/ci2GbmVpT7qgr+I5sWaca58O92Koo
cRZhUp0ixQrxnQSA0GJouRxPpmIkU9ALz2l3qskOuoRfBB2Aj/hpuO1lwYSaYor3
V7aKuwyGGnUJ53ibRHhfmEVFpi/KouViEgS8wpftHc2lnzt0db4MXEcGrDdcKTi6
Ub6beCQd3EBXwKQRmFKSODBoSD7pIOYZ/66RxQuIURav+EYmu1SUOodWhrCaPvNC
njxpeWOtUqj8Vake6lYPcNlln7M1Eb2hd+jgJX2MyY/vCKEm5bTrf3uT2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIqXrRZbl76TF/FJD/RLibvrCH42MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaXBldEZsdVh2cE1YOFVrUDlFdUp1LXNJZmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsH35AwQA
uX5TAwQAueRJMA0GCSqGSIb3DQEBCwUAA4IBAQCC4GyXIiasEZas43BzZymJcA3L
+5AjYfeWYZ6ci1dRmlDaLFlhdZS5j8nVpdJsDSoXnWTYLaAJ51T/JwVcBeJBQGC2
Y1T1SENVYtNTJEp2hulr9G1iCPvKaf4LRV7laIzV2xyMgGt9EVgJdK2v7Bx79zZH
I7qu5vbgS94TbEyKXp+F4qTi8Jwv0gL5O8DRD8eXQgK6La56PbIEMUb4jb8dgLW9
FBxsE7fQsu6KV0CbK/Vq/fGLTFqyPVJDWSBBJadpvBpaRes2W8L276z461xIS3WA
xcyqnySVuUK0h9pnDLEPX02r1enlqVCl0FvqS1CI2GxpYBRvbtTYy7jEDSRt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org