Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/31bd07-9a1f-4345-a66b-7942404016f3/1/XHEiBNyBpWmfdP7o83utoJes50w.roa
File: XHEiBNyBpWmfdP7o83utoJes50w.roa (raw, json)
Hash identifier: KhxltAhgT+Fhpy2zHkm4VhtiikdcTjh8wdq7tyyG/+Q=
Subject key identifier: 5C:71:22:04:DC:81:A5:69:9F:74:FE:E8:F3:7B:AD:A0:97:AC:E7:4C
Certificate issuer: /CN=6d0c80318177bc16b72383f8e092d52a3ae133b4
Certificate serial: 01856D0AE2CF743D0294F268336C60421491
Authority key identifier: 6D:0C:80:31:81:77:BC:16:B7:23:83:F8:E0:92:D5:2A:3A:E1:33:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQyAMYF3vBa3I4P44JLVKjrhM7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/31bd07-9a1f-4345-a66b-7942404016f3/1/XHEiBNyBpWmfdP7o83utoJes50w.roa
Signing time: Sun 01 Jan 2023 11:15:08 +0000
ROA not before: Sun 01 Jan 2023 11:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205643
IP address blocks: 185.207.73.0/24 maxlen: 24
185.207.74.0/23 maxlen: 23
185.207.72.0/22 maxlen: 22
185.207.72.0/23 maxlen: 23
185.207.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:e2:cf:74:3d:02:94:f2:68:33:6c:60:42:14:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d0c80318177bc16b72383f8e092d52a3ae133b4
Validity
Not Before: Jan 1 11:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c712204dc81a5699f74fee8f37bada097ace74c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ad:94:4f:44:a4:c1:a2:56:92:14:6c:d3:f8:
ed:85:10:75:a5:7a:78:8a:a7:48:13:5c:a0:b1:03:
2e:32:6e:ac:d2:ca:8f:ec:08:e6:f5:14:a3:c3:ad:
35:85:42:49:42:0c:d3:fa:69:b7:eb:7e:15:51:dd:
35:69:85:48:96:1a:95:13:5f:98:f3:12:32:93:de:
58:2d:63:08:a8:7d:20:29:9d:da:96:94:d2:55:27:
71:5d:47:ce:d5:c3:0f:a4:64:79:ae:07:be:25:91:
61:9f:e5:fa:2e:c9:84:78:9c:85:9a:fe:99:f2:7c:
e6:42:a2:86:00:9c:25:a4:db:15:28:fa:f6:c2:7f:
be:61:7f:b7:57:b1:ac:9e:7f:96:78:49:38:a3:ec:
e3:ef:ea:df:16:84:90:55:ad:9d:f9:32:73:d6:b6:
31:a7:08:19:c6:a9:c3:84:5b:c9:0d:8f:db:73:c2:
07:21:a5:b1:c3:01:fd:86:a0:32:db:a9:fe:e7:fd:
6f:b5:3b:cd:6f:b9:7f:0c:a7:0c:3c:a9:82:a0:48:
54:1a:81:f5:fc:a6:2b:b3:ec:db:44:c4:b9:3e:00:
18:ca:b3:20:b7:14:e8:67:b6:51:af:92:07:51:ca:
ac:2c:80:44:14:4a:17:b9:79:e7:d4:4a:a3:ce:e2:
1a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:71:22:04:DC:81:A5:69:9F:74:FE:E8:F3:7B:AD:A0:97:AC:E7:4C
X509v3 Authority Key Identifier:
keyid:6D:0C:80:31:81:77:BC:16:B7:23:83:F8:E0:92:D5:2A:3A:E1:33:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQyAMYF3vBa3I4P44JLVKjrhM7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/31bd07-9a1f-4345-a66b-7942404016f3/1/XHEiBNyBpWmfdP7o83utoJes50w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/31bd07-9a1f-4345-a66b-7942404016f3/1/bQyAMYF3vBa3I4P44JLVKjrhM7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.72.0/22
Signature Algorithm: sha256WithRSAEncryption
39:9b:ff:d8:b2:ec:da:c2:0a:d0:84:3f:38:83:44:14:7d:80:
d6:b5:83:22:03:4b:50:47:f9:1c:3f:f7:98:19:4a:23:23:dc:
7b:34:b5:4f:05:01:c6:5d:d5:1c:38:76:3c:e8:c6:08:e5:23:
6d:96:79:41:2f:72:f3:b6:5c:d7:6d:14:1b:be:ef:40:9f:ee:
76:48:64:f0:22:2d:01:cc:91:37:ed:62:0c:13:cc:8b:19:5f:
45:ba:a0:7c:0f:9b:22:28:68:fe:f8:53:48:58:85:91:59:38:
21:9c:e8:ea:54:7b:a5:38:37:a9:b8:a2:1d:d0:d7:04:cf:54:
70:4e:93:4e:42:b0:a0:fb:0a:f8:4f:c3:ce:a2:5e:28:7b:65:
0a:8a:ed:06:05:71:61:df:85:70:94:50:74:f9:a7:f5:96:59:
67:c9:6f:09:4a:d4:24:ce:7d:fe:41:a1:f0:c6:3f:4e:e1:ba:
ba:3b:4e:36:e2:cf:6b:2a:d5:35:39:74:0c:9e:33:67:9a:dc:
51:3d:15:de:ee:70:c4:17:5c:22:46:e4:f8:fa:3a:5f:9d:36:
2d:fa:41:22:16:1f:01:66:e4:f2:57:9e:90:0f:1d:c4:1a:bd:
a1:15:d3:75:b5:b9:e8:f1:73:cb:75:8a:15:f5:eb:00:a3:a4:
e7:66:dd:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCuLPdD0ClPJoM2xgQhSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMGM4MDMxODE3N2JjMTZiNzIzODNmOGUwOTJkNTJhM2Fl
MTMzYjQwHhcNMjMwMTAxMTExNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzcxMjIwNGRjODFhNTY5OWY3NGZlZThmMzdiYWRhMDk3YWNlNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa2UT0SkwaJWkhRs0/jthRB1pXp4
iqdIE1ygsQMuMm6s0sqP7Ajm9RSjw601hUJJQgzT+mm3634VUd01aYVIlhqVE1+Y
8xIyk95YLWMIqH0gKZ3alpTSVSdxXUfO1cMPpGR5rge+JZFhn+X6LsmEeJyFmv6Z
8nzmQqKGAJwlpNsVKPr2wn++YX+3V7Gsnn+WeEk4o+zj7+rfFoSQVa2d+TJz1rYx
pwgZxqnDhFvJDY/bc8IHIaWxwwH9hqAy26n+5/1vtTvNb7l/DKcMPKmCoEhUGoH1
/KYrs+zbRMS5PgAYyrMgtxToZ7ZRr5IHUcqsLIBEFEoXuXnn1EqjzuIaEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxxIgTcgaVpn3T+6PN7raCXrOdMMB8GA1UdIwQY
MBaAFG0MgDGBd7wWtyOD+OCS1So64TO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlF5QU1ZRjN2QmEzSTRQNDRKTFZLanJoTTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8zMWJkMDctOWExZi00MzQ1LWE2NmIt
Nzk0MjQwNDAxNmYzLzEvWEhFaUJOeUJwV21mZFA3bzgzdXRvSmVzNTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8zMWJkMDctOWExZi00MzQ1LWE2NmItNzk0MjQwNDAxNmYz
LzEvYlF5QU1ZRjN2QmEzSTRQNDRKTFZLanJoTTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc9IMA0G
CSqGSIb3DQEBCwUAA4IBAQA5m//YsuzawgrQhD84g0QUfYDWtYMiA0tQR/kcP/eY
GUojI9x7NLVPBQHGXdUcOHY86MYI5SNtlnlBL3LztlzXbRQbvu9An+52SGTwIi0B
zJE37WIME8yLGV9FuqB8D5siKGj++FNIWIWRWTghnOjqVHulODepuKId0NcEz1Rw
TpNOQrCg+wr4T8POol4oe2UKiu0GBXFh34VwlFB0+af1lllnyW8JStQkzn3+QaHw
xj9O4bq6O0424s9rKtU1OXQMnjNnmtxRPRXe7nDEF1wiRuT4+jpfnTYt+kEiFh8B
ZuTyV56QDx3EGr2hFdN1tbno8XPLdYoV9esAo6TnZt3Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org