Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/a6db07-f54a-441f-9649-bc9b413b8eed/1/9llgOL8-35TW5WEqImsVM-rxuJ0.roa
File: 9llgOL8-35TW5WEqImsVM-rxuJ0.roa (raw, json)
Hash identifier: v6RHxmSFinK1NYxDnjTnrwD7ReZ8XTXJSAV2dWxau/4=
Subject key identifier: F6:59:60:38:BF:3E:DF:94:D6:E5:61:2A:22:6B:15:33:EA:F1:B8:9D
Certificate issuer: /CN=2b6ad90b63642b8fadc9007aa355239edfaf354e
Certificate serial: 018570798C084DFCA0D0F770E8E86CBB77E6
Authority key identifier: 2B:6A:D9:0B:63:64:2B:8F:AD:C9:00:7A:A3:55:23:9E:DF:AF:35:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K2rZC2NkK4-tyQB6o1Ujnt-vNU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/a6db07-f54a-441f-9649-bc9b413b8eed/1/9llgOL8-35TW5WEqImsVM-rxuJ0.roa
Signing time: Mon 02 Jan 2023 03:14:51 +0000
ROA not before: Mon 02 Jan 2023 03:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 185.218.120.0/24 maxlen: 24
185.218.121.0/24 maxlen: 24
185.218.122.0/24 maxlen: 24
185.218.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:8c:08:4d:fc:a0:d0:f7:70:e8:e8:6c:bb:77:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b6ad90b63642b8fadc9007aa355239edfaf354e
Validity
Not Before: Jan 2 03:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6596038bf3edf94d6e5612a226b1533eaf1b89d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:28:e4:1b:d6:66:75:9a:27:5b:6a:0d:bd:0b:
27:35:fd:b8:16:75:27:e1:1d:5d:97:87:7d:f8:31:
fa:ea:72:6f:1c:58:20:a8:23:41:84:7c:bb:ed:e6:
aa:c5:60:fd:60:83:d4:ef:b3:1b:52:a9:a9:f5:45:
a4:2b:7b:52:44:5b:89:32:ee:de:89:05:1c:c4:d6:
1e:a0:67:cf:92:67:c8:85:9a:9c:1a:bd:ed:35:40:
ec:4f:d1:3a:c8:bd:e4:ea:7e:3e:b5:ce:ed:80:5c:
48:4e:ff:84:4f:5a:38:54:12:c8:4c:48:89:e4:62:
4d:11:cf:7b:a1:6d:4f:e7:6f:0a:80:45:81:62:21:
7c:64:c7:7d:ef:3d:96:b0:65:01:da:86:ff:89:02:
ee:12:a2:bd:c6:82:bb:b9:99:28:35:41:cb:38:48:
b3:83:3b:03:5d:8a:cb:b6:90:35:b5:f9:6d:25:b0:
c3:ee:1f:d8:5b:27:f6:3e:83:12:81:80:7f:53:f2:
3e:2d:44:4e:96:0c:c3:d8:3c:59:f6:1f:36:08:50:
31:06:a9:5d:f1:e5:27:51:23:4b:b9:d3:5a:b7:b2:
f4:30:2c:09:61:28:55:04:e7:45:5c:bd:c0:87:eb:
26:80:09:cb:61:15:67:ee:ef:c2:f1:89:57:6e:9f:
bc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:59:60:38:BF:3E:DF:94:D6:E5:61:2A:22:6B:15:33:EA:F1:B8:9D
X509v3 Authority Key Identifier:
keyid:2B:6A:D9:0B:63:64:2B:8F:AD:C9:00:7A:A3:55:23:9E:DF:AF:35:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K2rZC2NkK4-tyQB6o1Ujnt-vNU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/a6db07-f54a-441f-9649-bc9b413b8eed/1/9llgOL8-35TW5WEqImsVM-rxuJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/a6db07-f54a-441f-9649-bc9b413b8eed/1/K2rZC2NkK4-tyQB6o1Ujnt-vNU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.120.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:59:6e:78:0d:fc:e3:5c:b1:03:ac:88:ff:e4:3e:36:59:95:
f7:f7:c0:0e:3b:8a:db:ac:6b:21:34:88:18:e9:e0:23:b7:bd:
a9:17:a1:6a:ec:33:bc:bc:3c:c6:52:a9:f1:c7:89:cd:e6:25:
1f:7d:d2:93:99:b2:a3:6b:d6:3d:b2:cb:5b:2a:ec:28:1e:97:
84:17:24:93:58:0f:a8:8f:1a:5b:44:94:a0:fa:f7:f7:22:2c:
bd:df:0a:b4:72:a6:49:e3:1b:7f:b2:0f:b1:60:67:c2:8e:6e:
8f:dc:bf:a9:49:eb:7a:1c:5b:d1:00:64:02:7c:c1:a5:e4:83:
5c:79:6c:64:d6:98:38:19:cf:2a:29:cf:b0:53:67:1f:97:f5:
38:6e:2d:8c:85:8e:90:c6:34:6f:f1:ac:be:67:e9:63:b4:a7:
8c:8f:99:c2:b4:da:d2:45:6e:30:43:83:97:c0:a3:f2:dd:64:
4c:eb:db:b6:ce:fe:0e:29:b2:22:7f:54:a6:52:3a:c3:6a:1e:
09:51:69:c9:16:06:e3:03:b4:7b:08:61:f5:dc:a5:30:a2:37:
7e:6b:d7:00:6c:16:36:cd:e0:62:80:02:b0:c6:c1:5e:2f:e1:
75:7c:7b:ee:c8:fe:a6:74:ec:70:21:f6:24:61:42:6d:43:a4:
9e:ca:6a:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweYwITfyg0Pdw6Ohsu3fmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmFkOTBiNjM2NDJiOGZhZGM5MDA3YWEzNTUyMzllZGZh
ZjM1NGUwHhcNMjMwMTAyMDMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjU5NjAzOGJmM2VkZjk0ZDZlNTYxMmEyMjZiMTUzM2VhZjFiODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yjkG9ZmdZonW2oNvQsnNf24FnUn
4R1dl4d9+DH66nJvHFggqCNBhHy77eaqxWD9YIPU77MbUqmp9UWkK3tSRFuJMu7e
iQUcxNYeoGfPkmfIhZqcGr3tNUDsT9E6yL3k6n4+tc7tgFxITv+ET1o4VBLITEiJ
5GJNEc97oW1P528KgEWBYiF8ZMd97z2WsGUB2ob/iQLuEqK9xoK7uZkoNUHLOEiz
gzsDXYrLtpA1tfltJbDD7h/YWyf2PoMSgYB/U/I+LUROlgzD2DxZ9h82CFAxBqld
8eUnUSNLudNat7L0MCwJYShVBOdFXL3Ah+smgAnLYRVn7u/C8YlXbp+8CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZZYDi/Pt+U1uVhKiJrFTPq8bidMB8GA1UdIwQY
MBaAFCtq2QtjZCuPrckAeqNVI57frzVOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzJyWkMyTmtLNC10eVFCNm8xVWpudC12TlU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9hNmRiMDctZjU0YS00NDFmLTk2NDkt
YmM5YjQxM2I4ZWVkLzEvOWxsZ09MOC0zNVRXNVdFcUltc1ZNLXJ4dUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9hNmRiMDctZjU0YS00NDFmLTk2NDktYmM5YjQxM2I4ZWVk
LzEvSzJyWkMyTmtLNC10eVFCNm8xVWpudC12TlU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudp4MA0G
CSqGSIb3DQEBCwUAA4IBAQBqWW54DfzjXLEDrIj/5D42WZX398AOO4rbrGshNIgY
6eAjt72pF6Fq7DO8vDzGUqnxx4nN5iUffdKTmbKja9Y9sstbKuwoHpeEFySTWA+o
jxpbRJSg+vf3Iiy93wq0cqZJ4xt/sg+xYGfCjm6P3L+pSet6HFvRAGQCfMGl5INc
eWxk1pg4Gc8qKc+wU2cfl/U4bi2MhY6QxjRv8ay+Z+ljtKeMj5nCtNrSRW4wQ4OX
wKPy3WRM69u2zv4OKbIif1SmUjrDah4JUWnJFgbjA7R7CGH13KUwojd+a9cAbBY2
zeBigAKwxsFeL+F1fHvuyP6mdOxwIfYkYUJtQ6SeymqO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:54 2024 by rpki-client on console-fra.rpki-client.org