Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/n0PQ3pNha77Fwcvd8DJ233xzGEw.roa
File: n0PQ3pNha77Fwcvd8DJ233xzGEw.roa (raw, json)
Hash identifier: oR5ZKZB/CsLdFHdjboW6vN2ZOjcZpeNzViVKIlbQU1Q=
Subject key identifier: 9F:43:D0:DE:93:61:6B:BE:C5:C1:CB:DD:F0:32:76:DF:7C:73:18:4C
Certificate issuer: /CN=c98a186e8eeb8714edca5b0d716e51d66c168ce1
Certificate serial: 0187FBA3338F131F2F9B3E656F19343CB835
Authority key identifier: C9:8A:18:6E:8E:EB:87:14:ED:CA:5B:0D:71:6E:51:D6:6C:16:8C:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYoYbo7rhxTtylsNcW5R1mwWjOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/n0PQ3pNha77Fwcvd8DJ233xzGEw.roa
Signing time: Mon 08 May 2023 13:53:09 +0000
ROA not before: Mon 08 May 2023 13:53:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42703
IP address blocks: 185.106.225.0/24 maxlen: 24
185.106.224.0/22 maxlen: 22
185.106.224.0/24 maxlen: 24
185.106.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fb:a3:33:8f:13:1f:2f:9b:3e:65:6f:19:34:3c:b8:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c98a186e8eeb8714edca5b0d716e51d66c168ce1
Validity
Not Before: May 8 13:53:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f43d0de93616bbec5c1cbddf03276df7c73184c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:64:bf:e5:6d:59:50:12:41:2c:b5:4d:f9:32:
73:5b:38:de:04:ef:cc:53:f2:7b:8f:2f:ed:6b:cd:
b1:61:50:14:54:99:1f:b2:20:f1:11:79:74:c3:c2:
75:7a:f1:74:16:5a:54:3a:2a:3a:24:9b:6d:8d:97:
18:c2:41:5c:7e:3a:bf:9e:0e:ec:f3:95:66:50:6f:
cc:4a:b9:4c:23:4c:5b:2f:43:0c:34:a2:8a:f5:60:
3e:0a:b2:b2:47:fa:3c:85:cf:98:a2:4f:2d:66:20:
78:e8:bf:67:a2:25:e3:ab:32:c3:8e:10:78:aa:28:
28:ac:01:46:64:20:4b:f1:1a:4b:b0:07:cf:b5:68:
c3:51:03:c9:1a:6d:d8:e2:9c:a0:59:e2:5a:cd:e8:
ee:95:a5:ac:bb:98:f2:e4:7d:5f:2c:f5:38:e6:82:
53:e3:30:fb:cb:9e:c1:f6:47:b7:34:8d:58:87:1a:
be:1c:75:b4:00:51:42:8b:85:88:ed:b2:37:c2:5d:
30:65:67:34:58:9a:eb:58:fb:3b:8a:c5:58:78:88:
97:65:55:88:13:3f:ac:e5:fb:8c:32:75:06:be:fc:
b4:b4:ff:70:73:a2:94:64:95:f7:1a:ed:75:0b:0e:
27:44:df:3d:65:26:79:4d:24:c7:87:ee:44:d3:5f:
6a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:43:D0:DE:93:61:6B:BE:C5:C1:CB:DD:F0:32:76:DF:7C:73:18:4C
X509v3 Authority Key Identifier:
keyid:C9:8A:18:6E:8E:EB:87:14:ED:CA:5B:0D:71:6E:51:D6:6C:16:8C:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYoYbo7rhxTtylsNcW5R1mwWjOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/n0PQ3pNha77Fwcvd8DJ233xzGEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/yYoYbo7rhxTtylsNcW5R1mwWjOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.224.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:c8:77:90:77:c3:c2:ef:31:63:37:3d:4d:91:2a:8c:f9:d7:
60:78:2f:a1:86:48:36:0b:71:79:93:4c:80:18:e9:7c:29:42:
ba:fb:69:7e:96:91:c0:03:48:0c:a3:81:b8:d3:03:31:ac:21:
1c:d9:68:c9:61:b1:98:c8:7a:7d:6a:85:83:1b:df:51:6e:78:
b1:55:7f:f5:d9:6f:bc:e3:d2:63:37:35:f6:dd:0f:9a:fc:07:
62:08:f8:03:39:fd:2b:13:00:ec:06:21:8b:7a:4d:7f:da:cf:
00:f4:c1:ef:f9:d0:83:2a:d4:3a:64:78:2f:08:d5:a9:a5:56:
d8:ea:85:a7:c0:b7:73:57:b2:b2:c2:dc:4f:43:74:f3:91:cd:
72:20:fb:3f:13:6c:ec:64:dd:8e:5d:15:5d:f6:16:79:8d:d8:
0b:08:35:79:bf:6e:5b:79:0c:ca:3f:2d:49:04:a6:13:df:34:
1c:68:1c:41:f7:db:ef:9e:0e:ad:15:08:fc:59:9e:52:56:57:
86:d1:ee:92:7d:74:4a:ea:8d:6c:88:34:09:31:b8:2e:39:d9:
ef:31:da:54:70:1b:c8:23:f3:cd:5b:fd:62:1a:ab:44:9a:fb:
be:2e:74:d9:2f:14:6b:55:73:8d:e5:e3:30:27:44:9a:89:2c:
ea:44:43:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf7ozOPEx8vmz5lbxk0PLg1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5OGExODZlOGVlYjg3MTRlZGNhNWIwZDcxNmU1MWQ2NmMx
NjhjZTEwHhcNMjMwNTA4MTM1MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQzZDBkZTkzNjE2YmJlYzVjMWNiZGRmMDMyNzZkZjdjNzMxODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWS/5W1ZUBJBLLVN+TJzWzjeBO/M
U/J7jy/ta82xYVAUVJkfsiDxEXl0w8J1evF0FlpUOio6JJttjZcYwkFcfjq/ng7s
85VmUG/MSrlMI0xbL0MMNKKK9WA+CrKyR/o8hc+Yok8tZiB46L9noiXjqzLDjhB4
qigorAFGZCBL8RpLsAfPtWjDUQPJGm3Y4pygWeJazejulaWsu5jy5H1fLPU45oJT
4zD7y57B9ke3NI1Yhxq+HHW0AFFCi4WI7bI3wl0wZWc0WJrrWPs7isVYeIiXZVWI
Ez+s5fuMMnUGvvy0tP9wc6KUZJX3Gu11Cw4nRN89ZSZ5TSTHh+5E019q2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ9D0N6TYWu+xcHL3fAydt98cxhMMB8GA1UdIwQY
MBaAFMmKGG6O64cU7cpbDXFuUdZsFozhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlvWWJvN3JoeFR0eWxzTmNXNVIxbXdXak9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iYTcyMTQtNTU2OC00YTQyLWE5OTkt
N2E1YThkMDk2N2M4LzEvbjBQUTNwTmhhNzdGd2N2ZDhESjIzM3h6R0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iYTcyMTQtNTU2OC00YTQyLWE5OTktN2E1YThkMDk2N2M4
LzEveVlvWWJvN3JoeFR0eWxzTmNXNVIxbXdXak9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWrgMA0G
CSqGSIb3DQEBCwUAA4IBAQA8yHeQd8PC7zFjNz1NkSqM+ddgeC+hhkg2C3F5k0yA
GOl8KUK6+2l+lpHAA0gMo4G40wMxrCEc2WjJYbGYyHp9aoWDG99RbnixVX/12W+8
49JjNzX23Q+a/AdiCPgDOf0rEwDsBiGLek1/2s8A9MHv+dCDKtQ6ZHgvCNWppVbY
6oWnwLdzV7KywtxPQ3Tzkc1yIPs/E2zsZN2OXRVd9hZ5jdgLCDV5v25beQzKPy1J
BKYT3zQcaBxB99vvng6tFQj8WZ5SVleG0e6SfXRK6o1siDQJMbguOdnvMdpUcBvI
I/PNW/1iGqtEmvu+LnTZLxRrVXON5eMwJ0SaiSzqRENq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:43 2024 by rpki-client on console-fra.rpki-client.org