Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/28bd13-8a3b-4550-9700-f0f93cca2479/1/V7EqhWpp41jkvLWgFypcu29RgtM.roa
File: V7EqhWpp41jkvLWgFypcu29RgtM.roa (raw, json)
Hash identifier: ATo5x+bTxPmZZJYD4/uD/OScq8vNhMf46lNtZjXjIeQ=
Subject key identifier: 57:B1:2A:85:6A:69:E3:58:E4:BC:B5:A0:17:2A:5C:BB:6F:51:82:D3
Certificate issuer: /CN=f4f430d0805f42ffa3bcd0c0b7c550805117923a
Certificate serial: 018731E3541D894247607AD68C9F2BB36527
Authority key identifier: F4:F4:30:D0:80:5F:42:FF:A3:BC:D0:C0:B7:C5:50:80:51:17:92:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9PQw0IBfQv-jvNDAt8VQgFEXkjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/28bd13-8a3b-4550-9700-f0f93cca2479/1/V7EqhWpp41jkvLWgFypcu29RgtM.roa
Signing time: Thu 30 Mar 2023 09:39:54 +0000
ROA not before: Thu 30 Mar 2023 09:39:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200480
IP address blocks: 185.105.240.0/24 maxlen: 24
185.105.240.0/22 maxlen: 22
2a06:38c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:31:e3:54:1d:89:42:47:60:7a:d6:8c:9f:2b:b3:65:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4f430d0805f42ffa3bcd0c0b7c550805117923a
Validity
Not Before: Mar 30 09:39:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57b12a856a69e358e4bcb5a0172a5cbb6f5182d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6d:03:88:36:c8:69:ea:71:c4:05:c8:06:71:
01:2b:51:12:fa:8c:4f:71:50:09:79:90:84:c4:94:
f0:5a:e0:15:2c:05:97:e2:00:1f:b5:76:ec:0a:bb:
30:cb:3f:5c:a6:d1:31:ca:b1:bd:da:25:fa:77:71:
e0:ae:a7:5e:01:2a:e7:17:04:d6:25:25:b6:38:f0:
fc:8c:2f:5e:cc:10:f6:43:b6:2d:60:c9:ff:b9:08:
9f:9d:bb:20:ec:c5:58:53:07:f2:fa:31:3b:6f:17:
ef:a9:08:ec:ff:3c:41:e9:0c:26:16:17:8f:52:92:
76:70:9b:be:76:0d:00:6f:df:f7:f0:4b:a9:09:58:
fe:d4:03:2c:ed:33:eb:f7:e7:79:df:f7:91:fa:95:
25:5d:89:4c:3b:f3:a8:f7:a4:ff:8a:89:42:e2:3a:
19:52:fb:5b:ec:0f:57:e4:d7:41:3c:12:c1:90:98:
a7:25:eb:31:ec:e4:71:a9:56:68:42:be:eb:6d:42:
ec:64:8e:eb:4e:f3:85:94:99:21:db:76:e7:fa:3c:
20:4b:ce:36:4f:a6:af:96:ad:41:45:2b:c5:40:30:
a8:7d:7a:27:c3:e2:0e:a3:58:af:c6:94:ea:a0:82:
73:d8:ae:b6:f8:48:38:46:53:b0:a4:64:5e:e3:cd:
4b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B1:2A:85:6A:69:E3:58:E4:BC:B5:A0:17:2A:5C:BB:6F:51:82:D3
X509v3 Authority Key Identifier:
keyid:F4:F4:30:D0:80:5F:42:FF:A3:BC:D0:C0:B7:C5:50:80:51:17:92:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PQw0IBfQv-jvNDAt8VQgFEXkjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/28bd13-8a3b-4550-9700-f0f93cca2479/1/V7EqhWpp41jkvLWgFypcu29RgtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/28bd13-8a3b-4550-9700-f0f93cca2479/1/9PQw0IBfQv-jvNDAt8VQgFEXkjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.240.0/22
IPv6:
2a06:38c0::/29
Signature Algorithm: sha256WithRSAEncryption
33:21:4e:cf:d6:b4:24:15:85:57:5d:36:e1:1b:ea:7f:19:1b:
11:ca:8d:e6:12:eb:39:ab:95:28:e6:30:7a:10:a5:30:c9:1e:
91:08:43:2f:5d:1b:d2:3d:86:67:fa:3e:c2:38:2c:c6:40:8d:
63:07:f8:61:0d:96:66:7d:c9:25:24:4c:f8:44:c0:4b:80:99:
92:64:7b:ab:4c:48:83:3c:b0:61:e5:c8:c0:45:c0:6d:26:fb:
e2:00:a6:fa:e7:ec:09:97:87:16:3e:4e:11:3f:7f:96:d6:ac:
dd:36:52:db:c6:0a:db:97:5b:40:53:33:d5:64:ff:96:5b:7f:
88:cf:59:c0:82:dd:bc:36:65:1c:1b:6a:5c:6c:52:78:6b:49:
86:24:52:57:21:1c:06:f4:e3:4e:74:ae:67:af:7b:0b:e5:27:
6c:69:13:57:d8:96:6a:7b:04:82:d0:24:a6:26:84:15:d3:ae:
f1:09:0f:1c:15:1a:e7:d1:c3:58:85:a2:5c:d4:df:d6:53:e2:
27:e3:d8:34:3b:e6:0b:59:02:6c:bb:df:87:4e:d1:4c:bc:3c:
80:ab:72:74:2d:95:bd:72:45:c9:19:9b:8f:dc:01:44:75:0a:
61:62:63:29:1f:c0:5b:02:c6:7b:eb:ea:62:e8:dd:51:db:37:
0b:b9:e1:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcx41QdiUJHYHrWjJ8rs2UnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZjQzMGQwODA1ZjQyZmZhM2JjZDBjMGI3YzU1MDgwNTEx
NzkyM2EwHhcNMjMwMzMwMDkzOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2IxMmE4NTZhNjllMzU4ZTRiY2I1YTAxNzJhNWNiYjZmNTE4MmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgG0DiDbIaepxxAXIBnEBK1ES+oxP
cVAJeZCExJTwWuAVLAWX4gAftXbsCrswyz9cptExyrG92iX6d3HgrqdeASrnFwTW
JSW2OPD8jC9ezBD2Q7YtYMn/uQifnbsg7MVYUwfy+jE7bxfvqQjs/zxB6QwmFheP
UpJ2cJu+dg0Ab9/38EupCVj+1AMs7TPr9+d53/eR+pUlXYlMO/Oo96T/iolC4joZ
Uvtb7A9X5NdBPBLBkJinJesx7ORxqVZoQr7rbULsZI7rTvOFlJkh23bn+jwgS842
T6avlq1BRSvFQDCofXonw+IOo1ivxpTqoIJz2K62+Eg4RlOwpGRe481LBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFexKoVqaeNY5Ly1oBcqXLtvUYLTMB8GA1UdIwQY
MBaAFPT0MNCAX0L/o7zQwLfFUIBRF5I6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBRdzBJQmZRdi1qdk5EQXQ4VlFnRkVYa2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8yOGJkMTMtOGEzYi00NTUwLTk3MDAt
ZjBmOTNjY2EyNDc5LzEvVjdFcWhXcHA0MWprdkxXZ0Z5cGN1MjlSZ3RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8yOGJkMTMtOGEzYi00NTUwLTk3MDAtZjBmOTNjY2EyNDc5
LzEvOVBRdzBJQmZRdi1qdk5EQXQ4VlFnRkVYa2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWnwMA0E
AgACMAcDBQMqBjjAMA0GCSqGSIb3DQEBCwUAA4IBAQAzIU7P1rQkFYVXXTbhG+p/
GRsRyo3mEus5q5Uo5jB6EKUwyR6RCEMvXRvSPYZn+j7COCzGQI1jB/hhDZZmfckl
JEz4RMBLgJmSZHurTEiDPLBh5cjARcBtJvviAKb65+wJl4cWPk4RP3+W1qzdNlLb
xgrbl1tAUzPVZP+WW3+Iz1nAgt28NmUcG2pcbFJ4a0mGJFJXIRwG9ONOdK5nr3sL
5SdsaRNX2JZqewSC0CSmJoQV067xCQ8cFRrn0cNYhaJc1N/WU+In49g0O+YLWQJs
u9+HTtFMvDyAq3J0LZW9ckXJGZuP3AFEdQphYmMpH8BbAsZ76+pi6N1R2zcLueEY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:57 2024 by rpki-client on console-ams.rpki-client.org