Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mGcFETzjAhW8aDbMWpeIynUVO8w.roa
File: mGcFETzjAhW8aDbMWpeIynUVO8w.roa (raw, json)
Hash identifier: wsG/2m2a82tWs/nl0hsjneXowpiHidD+06zSOXSyk6g=
Subject key identifier: 98:67:05:11:3C:E3:02:15:BC:68:36:CC:5A:97:88:CA:75:15:3B:CC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018926D529D425D0BF6C2B5CC686B154A895
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mGcFETzjAhW8aDbMWpeIynUVO8w.roa
Signing time: Wed 05 Jul 2023 16:14:11 +0000
ROA not before: Wed 05 Jul 2023 16:14:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 185.218.103.0/24 maxlen: 24
185.209.39.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jul 2023 18:35:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:d5:29:d4:25:d0:bf:6c:2b:5c:c6:86:b1:54:a8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 5 16:14:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=986705113ce30215bc6836cc5a9788ca75153bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cc:b3:0d:f0:b2:af:47:b7:df:ef:93:c2:cc:
8e:fd:7b:53:3c:b8:a3:00:8b:b7:65:84:52:c6:ae:
4d:f9:d3:6d:e5:24:1b:fc:78:63:43:26:5a:c8:92:
51:d0:a6:5b:22:45:9e:a6:be:dc:e6:c8:94:30:93:
39:47:c0:73:af:11:50:a6:8c:78:e9:6b:e7:d8:02:
97:18:ec:08:2e:5a:e3:d1:0f:d2:af:7a:f4:48:af:
fa:3c:27:19:83:5d:32:c2:a1:b6:b7:2b:86:d1:b9:
c2:13:b8:4d:81:31:e4:ea:1f:af:ac:e6:4a:a7:de:
fd:1f:b2:b6:c5:a8:e6:3f:c1:c3:ff:2d:16:0d:b9:
97:18:b4:31:df:8f:0d:ab:ac:54:a5:c5:88:4c:f3:
66:4e:c6:1f:c9:0c:4b:98:4a:87:5c:79:e6:dd:67:
cc:94:67:14:b2:b1:ad:ba:72:c9:28:59:6c:f6:89:
ac:3f:66:bf:77:bf:08:a0:17:2a:e1:35:22:f7:8a:
29:28:b1:8b:21:85:1f:3b:22:e0:a5:2a:35:bc:14:
c4:63:ed:b1:e7:da:73:25:cd:2c:cc:91:82:68:49:
e3:1f:d2:65:72:32:f7:ed:70:c0:70:cb:41:c7:f3:
a9:03:41:53:96:f6:81:70:78:b1:1f:33:24:37:f8:
ef:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:67:05:11:3C:E3:02:15:BC:68:36:CC:5A:97:88:CA:75:15:3B:CC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mGcFETzjAhW8aDbMWpeIynUVO8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.39.0/24
185.214.100.0/24
185.214.102.0/24
185.218.103.0/24
185.226.106.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:30:2c:9c:7f:34:31:61:87:77:b8:16:ae:0b:41:f6:7b:d4:
14:57:a3:22:81:b7:06:e4:87:ba:a0:8f:f2:ee:29:74:76:5f:
54:07:dc:34:90:d2:b5:34:44:82:ba:d7:4a:00:c3:c7:ce:97:
59:3d:e8:d3:75:62:db:f8:5e:ea:85:fb:ef:fa:aa:ef:7d:43:
9b:a4:c5:df:21:28:99:ed:b9:00:de:08:61:99:a9:0e:bf:1a:
36:8b:8c:4f:00:c7:81:ed:76:ce:d9:10:f8:92:da:2e:66:aa:
7a:60:48:d2:ae:30:df:6c:86:68:f5:c9:e4:75:4f:08:ea:d1:
17:d5:86:b6:10:b5:79:f6:a2:4a:07:d7:fc:d2:61:f6:97:94:
b0:4a:99:14:fa:f5:6f:c5:7a:08:75:2f:17:6c:ef:10:b3:78:
f0:60:c0:1d:fe:f9:49:84:8b:ed:59:88:c4:ac:97:4b:a0:b0:
db:34:1a:b2:51:70:bd:bc:db:63:96:ff:4d:f8:e1:fa:0b:7f:
0f:f1:dc:76:82:b9:aa:c0:54:8b:87:7c:b7:a2:b0:2c:ca:c4:
2e:cd:03:b5:4e:d6:28:9c:c0:e8:08:93:63:d8:fd:c5:40:22:
32:c7:cd:7c:5f:f0:f7:9c:57:e7:d7:51:ac:9d:81:55:ac:99:
7c:a8:88:63
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYkm1SnUJdC/bCtcxoaxVKiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzA1MTYxNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODY3MDUxMTNjZTMwMjE1YmM2ODM2Y2M1YTk3ODhjYTc1MTUzYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8yzDfCyr0e33++TwsyO/XtTPLij
AIu3ZYRSxq5N+dNt5SQb/HhjQyZayJJR0KZbIkWepr7c5siUMJM5R8BzrxFQpox4
6Wvn2AKXGOwILlrj0Q/Sr3r0SK/6PCcZg10ywqG2tyuG0bnCE7hNgTHk6h+vrOZK
p979H7K2xajmP8HD/y0WDbmXGLQx348Nq6xUpcWITPNmTsYfyQxLmEqHXHnm3WfM
lGcUsrGtunLJKFls9omsP2a/d78IoBcq4TUi94opKLGLIYUfOyLgpSo1vBTEY+2x
59pzJc0szJGCaEnjH9JlcjL37XDAcMtBx/OpA0FTlvaBcHixHzMkN/jvwwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJhnBRE84wIVvGg2zFqXiMp1FTvMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbUdjRkVUempBaFc4YURiTVdwZUl5blVWTzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAudEnAwQA
udZkAwQAudZmAwQAudpnAwQAueJqMA0GCSqGSIb3DQEBCwUAA4IBAQAqMCycfzQx
YYd3uBauC0H2e9QUV6MigbcG5Ie6oI/y7il0dl9UB9w0kNK1NESCutdKAMPHzpdZ
PejTdWLb+F7qhfvv+qrvfUObpMXfISiZ7bkA3ghhmakOvxo2i4xPAMeB7XbO2RD4
ktouZqp6YEjSrjDfbIZo9cnkdU8I6tEX1Ya2ELV59qJKB9f80mH2l5SwSpkU+vVv
xXoIdS8XbO8Qs3jwYMAd/vlJhIvtWYjErJdLoLDbNBqyUXC9vNtjlv9N+OH6C38P
8dx2grmqwFSLh3y3orAsysQuzQO1TtYonMDoCJNj2P3FQCIyx818X/D3nFfn11Gs
nYFVrJl8qIhj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org