Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/u0dYISwz2jwHJPWTccoALHPOAYc.roa
File: u0dYISwz2jwHJPWTccoALHPOAYc.roa (raw, json)
Hash identifier: 3eowtLB83gWeIeumjr5+0dGDNMqJFJux8ik7aJP4MJU=
Subject key identifier: BB:47:58:21:2C:33:DA:3C:07:24:F5:93:71:CA:00:2C:73:CE:01:87
Certificate issuer: /CN=8bdea2d4ab1380f0a3b7fe7d4fa7828e1c943558
Certificate serial: 0185720C48C8A66982D67C2BCE4463364378
Authority key identifier: 8B:DE:A2:D4:AB:13:80:F0:A3:B7:FE:7D:4F:A7:82:8E:1C:94:35:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i96i1KsTgPCjt_59T6eCjhyUNVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/u0dYISwz2jwHJPWTccoALHPOAYc.roa
Signing time: Mon 02 Jan 2023 10:34:45 +0000
ROA not before: Mon 02 Jan 2023 10:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204356
IP address blocks: 185.252.103.0/24 maxlen: 24
185.252.100.0/24 maxlen: 24
185.252.101.0/24 maxlen: 24
185.252.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:48:c8:a6:69:82:d6:7c:2b:ce:44:63:36:43:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdea2d4ab1380f0a3b7fe7d4fa7828e1c943558
Validity
Not Before: Jan 2 10:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb4758212c33da3c0724f59371ca002c73ce0187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b2:4b:ce:36:b3:90:e5:75:61:8a:cc:4e:a7:
91:55:62:69:a2:5b:94:34:3f:ea:4a:54:d1:d3:4f:
b3:79:5c:c0:c6:de:05:9a:2d:2c:82:d5:38:4a:29:
18:46:26:b2:9a:2f:be:f1:b4:0a:a0:49:e1:c8:6c:
e6:f7:ba:a3:2d:58:6b:6a:2b:63:ce:bf:d7:52:dd:
7f:24:29:dd:8e:b8:db:57:7a:07:5e:cc:b4:30:dd:
e3:91:05:07:94:33:7c:54:aa:75:86:40:de:12:8d:
b4:71:0e:ad:9d:6b:64:b7:ef:68:dd:49:b4:7c:c5:
e1:08:80:c3:87:d9:86:ae:df:4b:4e:d8:78:3d:f3:
e6:13:19:e3:a7:02:f0:16:e9:66:5a:9a:76:02:b3:
3d:94:c6:9c:8f:a3:52:2e:69:da:06:7e:79:36:51:
89:bd:7a:ea:58:1b:19:21:5d:fd:05:a5:fa:97:ec:
dd:58:93:0d:37:a8:2c:96:7c:35:b0:52:2a:d4:a2:
40:14:00:a0:6c:4d:36:ff:0e:6e:fa:e1:bd:74:13:
af:fe:7b:72:80:49:98:e2:88:6a:1c:74:15:15:e5:
24:3e:cb:1a:37:00:0a:9f:59:e0:c1:32:b8:50:75:
fa:57:8e:f3:25:91:1c:dc:bb:ad:99:b9:d9:04:5c:
aa:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:47:58:21:2C:33:DA:3C:07:24:F5:93:71:CA:00:2C:73:CE:01:87
X509v3 Authority Key Identifier:
keyid:8B:DE:A2:D4:AB:13:80:F0:A3:B7:FE:7D:4F:A7:82:8E:1C:94:35:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i96i1KsTgPCjt_59T6eCjhyUNVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/u0dYISwz2jwHJPWTccoALHPOAYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/i96i1KsTgPCjt_59T6eCjhyUNVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.100.0/22
Signature Algorithm: sha256WithRSAEncryption
64:d9:c9:37:ec:5c:aa:f1:bb:dd:ee:38:a4:b5:33:85:db:35:
c5:c0:9b:4e:cc:54:cd:9e:23:0d:72:59:d3:88:61:8a:c6:5d:
17:cf:84:bb:88:14:05:62:e1:02:01:28:8c:35:17:a0:5d:17:
a5:ba:17:9f:71:fc:a5:9f:cd:53:57:18:36:37:c8:ec:4c:9e:
09:9c:bd:8f:ec:52:9d:2b:ad:fb:38:10:30:f5:fb:3c:fa:51:
db:08:ed:e7:46:0b:8b:ae:f9:b0:6c:fc:ce:c1:ee:97:10:b0:
05:ca:58:91:3d:e2:64:8c:fc:3d:44:a9:b0:b0:1d:31:17:25:
6c:51:10:bc:1f:b0:a2:93:f5:55:85:b2:38:a0:a8:89:24:2a:
05:61:75:ec:8f:71:fc:25:81:43:3d:46:74:e9:83:c5:4a:74:
b0:d2:bc:05:08:f4:1c:a5:79:cf:40:ff:dc:b8:04:d5:ba:04:
a9:40:2e:5b:9f:6f:5f:f7:41:a4:b0:c5:e9:f9:d5:05:29:ef:
a2:a0:5f:e7:0d:a0:f6:f3:2b:68:a6:a8:e4:ee:0c:be:86:16:
45:69:a7:51:f3:ee:b4:12:e2:9d:cd:12:37:d9:43:eb:5c:60:
0a:d5:a8:72:d8:78:8c:71:d9:45:c2:53:96:3e:18:70:a2:7c:
63:fb:9f:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDEjIpmmC1nwrzkRjNkN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGVhMmQ0YWIxMzgwZjBhM2I3ZmU3ZDRmYTc4MjhlMWM5
NDM1NTgwHhcNMjMwMTAyMTAzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQ3NTgyMTJjMzNkYTNjMDcyNGY1OTM3MWNhMDAyYzczY2UwMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLJLzjazkOV1YYrMTqeRVWJpoluU
ND/qSlTR00+zeVzAxt4Fmi0sgtU4SikYRiaymi++8bQKoEnhyGzm97qjLVhraitj
zr/XUt1/JCndjrjbV3oHXsy0MN3jkQUHlDN8VKp1hkDeEo20cQ6tnWtkt+9o3Um0
fMXhCIDDh9mGrt9LTth4PfPmExnjpwLwFulmWpp2ArM9lMacj6NSLmnaBn55NlGJ
vXrqWBsZIV39BaX6l+zdWJMNN6gslnw1sFIq1KJAFACgbE02/w5u+uG9dBOv/nty
gEmY4ohqHHQVFeUkPssaNwAKn1ngwTK4UHX6V47zJZEc3LutmbnZBFyqIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtHWCEsM9o8ByT1k3HKACxzzgGHMB8GA1UdIwQY
MBaAFIveotSrE4Dwo7f+fU+ngo4clDVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk2aTFLc1RnUENqdF81OVQ2ZUNqaHlVTlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jNjdkOTAtZDMwNC00ODFiLThhNjQt
MWUzMjZkZWJhNGQwLzEvdTBkWUlTd3oyandISlBXVGNjb0FMSFBPQVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jNjdkOTAtZDMwNC00ODFiLThhNjQtMWUzMjZkZWJhNGQw
LzEvaTk2aTFLc1RnUENqdF81OVQ2ZUNqaHlVTlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufxkMA0G
CSqGSIb3DQEBCwUAA4IBAQBk2ck37Fyq8bvd7jiktTOF2zXFwJtOzFTNniMNclnT
iGGKxl0Xz4S7iBQFYuECASiMNRegXReluhefcfyln81TVxg2N8jsTJ4JnL2P7FKd
K637OBAw9fs8+lHbCO3nRguLrvmwbPzOwe6XELAFyliRPeJkjPw9RKmwsB0xFyVs
URC8H7Cik/VVhbI4oKiJJCoFYXXsj3H8JYFDPUZ06YPFSnSw0rwFCPQcpXnPQP/c
uATVugSpQC5bn29f90GksMXp+dUFKe+ioF/nDaD28ytopqjk7gy+hhZFaadR8+60
EuKdzRI32UPrXGAK1ahy2HiMcdlFwlOWPhhwonxj+59W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:44 2024 by rpki-client on console-ams.rpki-client.org