Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pafDcPEf1ghFKYHq_u3JWWCdP8k.roa
File: pafDcPEf1ghFKYHq_u3JWWCdP8k.roa (raw, json)
Hash identifier: FE9vzKz8y6kvaJpys4i7NG/H60yWsurLXTm8c9g/nFY=
Subject key identifier: A5:A7:C3:70:F1:1F:D6:08:45:29:81:EA:FE:ED:C9:59:60:9D:3F:C9
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018BD49E78A4FAFA60D45166596C1EA62573
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pafDcPEf1ghFKYHq_u3JWWCdP8k.roa
Signing time: Wed 15 Nov 2023 20:13:57 +0000
ROA not before: Wed 15 Nov 2023 20:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24768
IP address blocks: 185.206.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Nov 2023 17:23:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d4:9e:78:a4:fa:fa:60:d4:51:66:59:6c:1e:a6:25:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 15 20:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5a7c370f11fd608452981eafeedc959609d3fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:86:69:c2:e4:3d:c2:29:6a:1f:db:8d:22:0a:
5c:75:00:3c:c6:a9:29:c0:0a:3b:20:b6:0e:42:a9:
f6:71:d7:e8:f7:b2:57:c3:90:64:9b:d2:46:0a:d6:
bd:9e:d7:50:41:5d:ea:65:10:47:c7:6c:1d:5d:61:
fb:02:43:45:b1:39:c3:ca:0a:df:b9:38:0b:a5:d7:
d7:48:a0:81:ff:6a:01:ab:0b:e7:33:06:23:e3:cd:
e3:2b:be:43:d7:7e:fb:b4:dc:e9:a2:d4:66:5b:34:
e3:5b:aa:1b:cb:fd:70:92:3c:74:c9:b7:ad:e5:44:
6f:b4:36:24:02:d6:78:bf:04:ba:c0:b1:4b:09:33:
e9:6f:79:97:0a:63:66:7b:de:43:70:6e:e3:af:9f:
9b:a4:f5:29:d6:b9:42:85:8d:04:83:81:3a:e2:88:
13:60:44:17:74:26:41:0c:b1:8a:32:ae:3d:37:4f:
27:05:58:c3:7b:30:2b:72:99:4b:84:3a:7d:bb:40:
77:7f:10:2e:d1:5b:a2:17:09:54:6a:0a:95:b8:14:
33:c7:c1:4c:85:a8:94:9a:dd:8b:c8:dd:ef:c9:b6:
d0:b9:e6:58:4e:d6:22:55:4e:fc:66:72:c1:91:fa:
49:c8:6a:d9:f7:55:98:0a:59:f3:f8:7e:87:a1:90:
25:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A7:C3:70:F1:1F:D6:08:45:29:81:EA:FE:ED:C9:59:60:9D:3F:C9
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pafDcPEf1ghFKYHq_u3JWWCdP8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.250.0/24
Signature Algorithm: sha256WithRSAEncryption
78:7a:10:79:88:2a:7b:90:5c:0d:8a:8f:28:ce:fd:9e:b1:e3:
d6:73:78:62:7f:12:70:1a:23:55:29:33:14:a9:89:f9:5c:6e:
c3:15:14:a3:07:de:c5:26:ed:de:ff:df:84:ab:a6:ca:89:32:
3c:58:5b:70:8f:2f:b6:ad:89:bb:92:9f:67:27:35:91:eb:4b:
82:36:92:db:57:ff:08:53:1c:d5:f4:85:02:68:94:c6:7b:d8:
33:25:b2:ee:6a:86:a0:19:a9:9d:4a:fd:2f:2e:09:ec:3f:55:
10:e9:bc:fe:02:3b:91:fd:b0:38:43:7f:e2:49:56:35:e6:a4:
08:e9:42:47:62:18:4d:f3:2e:ce:f5:df:4d:a1:30:8c:95:39:
26:62:a3:10:26:aa:e4:d4:46:c3:c3:8a:be:ab:04:50:4b:78:
fc:5e:93:86:f8:c7:d5:f1:da:f3:2a:7f:51:b0:bb:f3:92:73:
36:56:6f:4a:3a:f4:9d:b4:c0:c5:56:3f:da:cb:81:ec:c6:af:
9c:71:f2:96:7b:36:a7:4b:d6:c2:81:cc:d1:53:c0:49:10:dd:
27:15:a9:76:92:a8:c5:6d:a9:0a:a1:78:41:ab:48:0e:65:bd:
b4:b4:b6:e0:19:d8:55:b4:a0:63:9d:17:6e:87:44:3f:c0:cf:
a9:5d:18:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvUnnik+vpg1FFmWWwepiVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTE1MjAxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWE3YzM3MGYxMWZkNjA4NDUyOTgxZWFmZWVkYzk1OTYwOWQzZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoZpwuQ9wilqH9uNIgpcdQA8xqkp
wAo7ILYOQqn2cdfo97JXw5Bkm9JGCta9ntdQQV3qZRBHx2wdXWH7AkNFsTnDygrf
uTgLpdfXSKCB/2oBqwvnMwYj483jK75D1377tNzpotRmWzTjW6oby/1wkjx0ybet
5URvtDYkAtZ4vwS6wLFLCTPpb3mXCmNme95DcG7jr5+bpPUp1rlChY0Eg4E64ogT
YEQXdCZBDLGKMq49N08nBVjDezArcplLhDp9u0B3fxAu0VuiFwlUagqVuBQzx8FM
haiUmt2LyN3vybbQueZYTtYiVU78ZnLBkfpJyGrZ91WYClnz+H6HoZAlewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWnw3DxH9YIRSmB6v7tyVlgnT/JMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcGFmRGNQRWYxZ2hGS1lIcV91M0pXV0NkUDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc76MA0G
CSqGSIb3DQEBCwUAA4IBAQB4ehB5iCp7kFwNio8ozv2esePWc3hifxJwGiNVKTMU
qYn5XG7DFRSjB97FJu3e/9+Eq6bKiTI8WFtwjy+2rYm7kp9nJzWR60uCNpLbV/8I
UxzV9IUCaJTGe9gzJbLuaoagGamdSv0vLgnsP1UQ6bz+AjuR/bA4Q3/iSVY15qQI
6UJHYhhN8y7O9d9NoTCMlTkmYqMQJqrk1EbDw4q+qwRQS3j8XpOG+MfV8drzKn9R
sLvzknM2Vm9KOvSdtMDFVj/ay4Hsxq+ccfKWezanS9bCgczRU8BJEN0nFal2kqjF
bakKoXhBq0gOZb20tLbgGdhVtKBjnRduh0Q/wM+pXRgS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org