Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/wq7IQ7gOFFRyBbu0-5Ak0fh7NiM.roa
File: wq7IQ7gOFFRyBbu0-5Ak0fh7NiM.roa (raw, json)
Hash identifier: r97uumJMrMImEBcGFUfFK6xkq77QXq+0rpTDpPlwdwc=
Subject key identifier: C2:AE:C8:43:B8:0E:14:54:72:05:BB:B4:FB:90:24:D1:F8:7B:36:23
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0187FB0DF942EBDF0DECE6C59EF3CF423C2A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/wq7IQ7gOFFRyBbu0-5Ak0fh7NiM.roa
Signing time: Mon 08 May 2023 11:10:09 +0000
ROA not before: Mon 08 May 2023 11:10:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 185.226.105.0/24 maxlen: 24
185.194.28.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fb:0d:f9:42:eb:df:0d:ec:e6:c5:9e:f3:cf:42:3c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 8 11:10:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2aec843b80e14547205bbb4fb9024d1f87b3623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5d:86:9b:3c:bc:e7:ea:e8:ac:3b:11:80:59:
9b:b0:be:05:ee:fc:17:90:24:cc:ea:fb:76:a5:44:
2b:f2:74:2a:ef:f1:27:4d:15:ae:a6:f7:09:db:1c:
00:7f:62:e8:e1:25:5c:3d:cf:11:6e:3f:f8:c6:10:
88:3c:f7:80:8c:39:1e:5d:93:ff:e0:03:f2:fa:7c:
f3:66:82:51:2f:74:50:ba:f9:0c:33:0e:aa:38:ed:
7e:2c:8e:e6:4a:0e:86:3f:cd:b2:74:66:01:bf:fd:
00:07:6f:c0:0a:ae:70:81:3b:d0:5e:b3:20:cf:51:
8a:ca:ed:b0:e5:39:83:83:dd:a6:64:3b:d9:7b:49:
2b:aa:46:8f:c1:f3:d8:8c:ca:74:dc:90:80:b7:13:
fc:79:13:ae:2f:40:d4:b0:d2:66:a6:a7:c5:b4:ee:
8b:3b:f2:ea:e8:4c:c2:f2:f4:9a:11:db:6f:fd:6b:
d0:83:be:af:4c:2e:2c:d7:f1:e8:67:e6:c5:57:e8:
1f:db:7f:7a:6d:96:72:4e:36:8d:d8:1e:79:61:2b:
41:36:db:aa:a3:3d:0d:2d:25:df:21:8f:ab:df:b6:
57:07:9b:3e:ee:a9:d7:99:a3:ab:9e:71:c9:d6:5d:
63:d7:88:86:3a:3e:57:ea:40:ca:84:32:32:9c:33:
b3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:AE:C8:43:B8:0E:14:54:72:05:BB:B4:FB:90:24:D1:F8:7B:36:23
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/wq7IQ7gOFFRyBbu0-5Ak0fh7NiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.28.0/24
185.225.3.0/24
185.226.105.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:f3:f6:b7:4d:ec:11:32:91:e7:3e:5c:c4:37:eb:f1:f7:d3:
f6:43:70:7a:a2:00:88:78:7b:54:19:91:4c:45:e4:c4:e0:a2:
1d:01:03:c0:f2:8c:bd:0c:e8:80:95:a2:98:52:74:45:46:98:
d2:b5:68:fe:64:af:6c:ea:53:f1:75:1c:cb:07:fb:cc:9f:97:
6a:8f:83:ef:9b:81:af:44:24:a8:2b:fd:1d:58:98:26:a2:5f:
90:7d:70:cd:34:b5:b9:69:2d:fc:a5:c0:33:9d:b0:84:09:7a:
d7:ec:1c:a8:f7:4e:45:a0:eb:ff:b9:3c:e9:97:f7:a9:c2:9e:
ce:b6:d5:bf:0d:16:2e:e7:0d:b9:a5:13:16:a1:5d:4c:c4:70:
c1:f6:ad:41:9f:d9:4e:23:69:54:33:6c:dc:a4:aa:65:4f:6b:
f4:0c:bf:a7:b9:e4:7d:d1:e1:2f:b9:b6:e6:af:e2:9e:4b:05:
4c:27:f5:e1:5c:70:7c:e2:da:63:e9:47:f5:e2:23:4b:08:82:
fe:60:d3:6d:f7:58:d2:d7:7d:1c:ce:62:ea:3f:f7:e5:6d:19:
b7:82:36:3f:79:5f:14:0f:31:1f:7a:ce:8c:3f:29:a4:19:9e:
c9:6e:da:80:ef:c7:a8:bf:28:a0:0e:d5:ec:86:80:25:a4:bf:
a9:34:9d:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYf7DflC698N7ObFnvPPQjwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTA4MTExMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmFlYzg0M2I4MGUxNDU0NzIwNWJiYjRmYjkwMjRkMWY4N2IzNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV2Gmzy85+rorDsRgFmbsL4F7vwX
kCTM6vt2pUQr8nQq7/EnTRWupvcJ2xwAf2Lo4SVcPc8Rbj/4xhCIPPeAjDkeXZP/
4APy+nzzZoJRL3RQuvkMMw6qOO1+LI7mSg6GP82ydGYBv/0AB2/ACq5wgTvQXrMg
z1GKyu2w5TmDg92mZDvZe0krqkaPwfPYjMp03JCAtxP8eROuL0DUsNJmpqfFtO6L
O/Lq6EzC8vSaEdtv/WvQg76vTC4s1/HoZ+bFV+gf2396bZZyTjaN2B55YStBNtuq
oz0NLSXfIY+r37ZXB5s+7qnXmaOrnnHJ1l1j14iGOj5X6kDKhDIynDOzwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMKuyEO4DhRUcgW7tPuQJNH4ezYjMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvd3E3SVE3Z09GRlJ5QmJ1MC01QWswZmg3TmlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAucIcAwQA
ueEDAwQAueJpMA0GCSqGSIb3DQEBCwUAA4IBAQAb8/a3TewRMpHnPlzEN+vx99P2
Q3B6ogCIeHtUGZFMReTE4KIdAQPA8oy9DOiAlaKYUnRFRpjStWj+ZK9s6lPxdRzL
B/vMn5dqj4Pvm4GvRCSoK/0dWJgmol+QfXDNNLW5aS38pcAznbCECXrX7Byo905F
oOv/uTzpl/epwp7OttW/DRYu5w25pRMWoV1MxHDB9q1Bn9lOI2lUM2zcpKplT2v0
DL+nueR90eEvubbmr+KeSwVMJ/XhXHB84tpj6Uf14iNLCIL+YNNt91jS130czmLq
P/flbRm3gjY/eV8UDzEfes6MPymkGZ7JbtqA78eovyigDtXshoAlpL+pNJ3Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org