Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/dIWHI6d8VxtrTO7YWZ8HML3PSY8.roa
File: dIWHI6d8VxtrTO7YWZ8HML3PSY8.roa (raw, json)
Hash identifier: qPgYsRvAARVo1kEcM5j5ocIUBm+s0OkCLQGgDfbAbJc=
Subject key identifier: 74:85:87:23:A7:7C:57:1B:6B:4C:EE:D8:59:9F:07:30:BD:CF:49:8F
Certificate issuer: /CN=d79da465615c60094370833892da84c886e1c4ef
Certificate serial: 018CCA2A59C5B6744F053617F7114205D14A
Authority key identifier: D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/dIWHI6d8VxtrTO7YWZ8HML3PSY8.roa
Signing time: Tue 02 Jan 2024 12:33:42 +0000
ROA not before: Tue 02 Jan 2024 12:33:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.231.0/24 maxlen: 24
217.29.66.0/23 maxlen: 23
217.29.68.0/23 maxlen: 23
185.1.186.0/24 maxlen: 24
2001:7f8:b:100::/64 maxlen: 64
2001:7f8:101:7::/64 maxlen: 64
2001:7f8:101:13::/64 maxlen: 64
2001:7f8:b:101::/64 maxlen: 64
Validation: Failed, certificate revoked on Wed 07 Feb 2024 16:37:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:59:c5:b6:74:4f:05:36:17:f7:11:42:05:d1:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79da465615c60094370833892da84c886e1c4ef
Validity
Not Before: Jan 2 12:33:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74858723a77c571b6b4ceed8599f0730bdcf498f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d5:33:74:f0:96:bf:e6:86:1d:0c:df:98:94:
fe:57:13:86:f8:3b:65:51:c2:2a:c7:44:32:c8:09:
e9:69:bc:6d:e4:cc:bb:3d:68:b4:3c:c3:ef:1b:cf:
3e:f3:69:15:a7:4b:dd:a6:3b:3c:aa:28:f8:2f:22:
ca:f6:66:a8:cd:09:96:9c:98:6e:32:13:e1:7a:4a:
07:6e:be:5e:f5:51:94:31:67:69:0e:57:23:65:cf:
b2:09:f1:fd:4c:73:a4:18:76:ce:84:cd:b1:82:d1:
69:a4:51:0e:09:72:40:54:82:ac:94:53:6d:a2:6d:
54:85:d1:10:63:8a:11:61:f4:f8:e9:01:69:64:f9:
7f:cb:76:ee:79:52:bd:ab:db:03:d4:9d:ad:5a:4d:
39:ac:91:14:b2:b4:98:30:d6:73:a9:20:71:11:f8:
a0:f1:3c:14:0a:9e:76:7b:a9:2a:a2:b9:a7:37:3c:
5d:70:bb:ac:66:27:5f:5e:fe:3a:62:c8:75:c6:9b:
a2:4d:3f:b7:4f:03:4e:93:eb:d2:e2:38:14:46:b6:
be:84:13:6c:67:68:55:33:46:9a:3a:d5:1e:14:a2:
00:60:f9:6a:56:14:6f:12:0a:c7:04:7c:7b:dc:e8:
82:5e:3d:c6:e8:4f:f2:cb:09:46:02:a4:09:4d:94:
75:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:85:87:23:A7:7C:57:1B:6B:4C:EE:D8:59:9F:07:30:BD:CF:49:8F
X509v3 Authority Key Identifier:
keyid:D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/dIWHI6d8VxtrTO7YWZ8HML3PSY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.186.0/24
185.1.231.0/24
217.29.66.0-217.29.69.255
IPv6:
2001:7f8:b:100::/63
2001:7f8:101:7::/64
2001:7f8:101:13::/64
Signature Algorithm: sha256WithRSAEncryption
45:3c:27:ed:15:a7:a1:38:ec:41:32:e6:f6:f6:dd:86:32:64:
1b:10:97:d6:55:95:ac:36:ba:03:84:ca:28:33:64:d4:ac:1b:
97:bc:20:11:74:84:a0:51:cb:75:14:f9:70:f1:dd:3a:a5:f4:
97:b9:29:c6:7f:b6:e4:aa:a5:db:18:4d:58:66:05:f2:9c:0d:
21:0c:9f:2d:29:11:87:ed:8f:47:a8:8f:bb:03:da:44:e0:a8:
d6:cd:16:ac:24:2e:2a:7d:f7:75:ba:be:ae:24:d3:1a:f5:6a:
04:ea:91:2e:df:77:a2:1a:1e:e6:df:97:3f:7c:d1:59:66:d1:
3d:6b:18:01:ae:d3:91:8c:8c:de:21:3b:f3:09:4b:d4:9c:21:
bf:0c:51:c5:62:f9:a8:1c:7a:9a:e7:04:2a:de:9b:6a:83:1b:
84:3b:a6:8f:4d:53:5d:48:60:47:6c:6d:4e:44:31:6e:8e:66:
7d:c6:9e:22:cb:cd:6f:77:bf:5a:bf:4f:dc:5a:44:55:07:3c:
ef:44:c7:cf:02:4b:cd:1c:48:54:d9:97:c2:a2:35:2c:22:93:
79:6b:c3:91:10:05:5d:1d:2f:d6:fb:16:dc:2e:50:e2:90:f6:
7d:5c:13:d4:63:9f:3b:7d:86:5c:93:db:ea:a0:72:0f:9e:ac:
cd:a2:1f:18
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYzKKlnFtnRPBTYX9xFCBdFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWRhNDY1NjE1YzYwMDk0MzcwODMzODkyZGE4NGM4ODZl
MWM0ZWYwHhcNMjQwMTAyMTIzMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDg1ODcyM2E3N2M1NzFiNmI0Y2VlZDg1OTlmMDczMGJkY2Y0OThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NUzdPCWv+aGHQzfmJT+VxOG+Dtl
UcIqx0QyyAnpabxt5My7PWi0PMPvG88+82kVp0vdpjs8qij4LyLK9maozQmWnJhu
MhPhekoHbr5e9VGUMWdpDlcjZc+yCfH9THOkGHbOhM2xgtFppFEOCXJAVIKslFNt
om1UhdEQY4oRYfT46QFpZPl/y3bueVK9q9sD1J2tWk05rJEUsrSYMNZzqSBxEfig
8TwUCp52e6kqormnNzxdcLusZidfXv46Ysh1xpuiTT+3TwNOk+vS4jgURra+hBNs
Z2hVM0aaOtUeFKIAYPlqVhRvEgrHBHx73OiCXj3G6E/yywlGAqQJTZR1XwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFHSFhyOnfFcba0zu2FmfBzC9z0mPMB8GA1UdIwQY
MBaAFNedpGVhXGAJQ3CDOJLahMiG4cTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTUya1pXRmNZQWxEY0lNNGt0cUV5SWJoeE84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9kNzljOTgtYzI3ZC00NWIzLTg2ZDkt
ZGFkM2JiMTNjMGEyLzEvZElXSEk2ZDhWeHRyVE83WVdaOEhNTDNQU1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9kNzljOTgtYzI3ZC00NWIzLTg2ZDktZGFkM2JiMTNjMGEy
LzEvMTUya1pXRmNZQWxEY0lNNGt0cUV5SWJoeE84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAgBAIAATAaAwQAuQG6AwQA
uQHnMAwDBAHZHUIDBAHZHUQwJwQCAAIwIQMJASABB/gACwEAAwkAIAEH+AEBAAcD
CQAgAQf4AQEAEzANBgkqhkiG9w0BAQsFAAOCAQEARTwn7RWnoTjsQTLm9vbdhjJk
GxCX1lWVrDa6A4TKKDNk1Kwbl7wgEXSEoFHLdRT5cPHdOqX0l7kpxn+25Kql2xhN
WGYF8pwNIQyfLSkRh+2PR6iPuwPaROCo1s0WrCQuKn33dbq+riTTGvVqBOqRLt93
ohoe5t+XP3zRWWbRPWsYAa7TkYyM3iE78wlL1JwhvwxRxWL5qBx6mucEKt6baoMb
hDumj01TXUhgR2xtTkQxbo5mfcaeIsvNb3e/Wr9P3FpEVQc870THzwJLzRxIVNmX
wqI1LCKTeWvDkRAFXR0v1vsW3C5Q4pD2fVwT1GOfO32GXJPb6qByD56szaIfGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:55 2024 by rpki-client on console-fra.rpki-client.org