Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/kEWhCNqMlaLtULZP69fucYWe6qY.roa
File: kEWhCNqMlaLtULZP69fucYWe6qY.roa (raw, json)
Hash identifier: D6U+GWdzbhkdG0P7M7dGhTrpRxfPBpeFHAEK18wJrFA=
Subject key identifier: 90:45:A1:08:DA:8C:95:A2:ED:50:B6:4F:EB:D7:EE:71:85:9E:EA:A6
Certificate issuer: /CN=480c3b93ff2a34fbfa5ae82556f670340cb5d5c9
Certificate serial: 01885861CD707A5CA00CDDE9A9569F682C8F
Authority key identifier: 48:0C:3B:93:FF:2A:34:FB:FA:5A:E8:25:56:F6:70:34:0C:B5:D5:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAw7k_8qNPv6WuglVvZwNAy11ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/kEWhCNqMlaLtULZP69fucYWe6qY.roa
Signing time: Fri 26 May 2023 14:06:24 +0000
ROA not before: Fri 26 May 2023 14:06:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209365
IP address blocks: 185.206.63.0/24 maxlen: 24
185.206.62.0/24 maxlen: 24
85.208.100.0/24 maxlen: 24
85.208.103.0/24 maxlen: 24
85.208.101.0/24 maxlen: 24
2a09:85c0:50::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 May 2023 08:38:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:58:61:cd:70:7a:5c:a0:0c:dd:e9:a9:56:9f:68:2c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=480c3b93ff2a34fbfa5ae82556f670340cb5d5c9
Validity
Not Before: May 26 14:06:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9045a108da8c95a2ed50b64febd7ee71859eeaa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:17:7d:3c:59:7d:12:3c:bb:8d:74:7b:b2:71:
c6:75:c2:a3:ce:f3:89:d3:a1:f4:c3:b3:4d:8a:82:
44:c1:9e:33:82:79:d0:37:ad:43:ab:48:9c:2b:72:
a6:7f:a4:d6:db:d2:53:5c:d5:fd:77:83:79:a5:0b:
4a:ac:4f:15:eb:7a:70:d9:66:05:63:69:88:24:fe:
e5:65:c8:b0:79:88:92:7b:dd:e3:cc:ab:a4:03:d9:
60:b8:1a:b8:bc:06:3c:6c:f7:07:da:77:8c:28:72:
49:ef:33:e8:31:52:83:d8:54:c3:f6:d2:f8:b6:50:
12:d7:75:52:f2:d6:58:fa:d0:30:89:62:f1:1b:1e:
59:93:7c:e0:c2:2f:ef:c9:e9:f6:da:1d:be:dd:63:
c8:46:6d:7e:91:90:70:4f:f8:31:0f:d8:27:ef:f2:
f5:77:cc:ad:9b:1c:eb:c1:79:e6:31:df:e1:73:b4:
6c:0c:45:70:e5:1a:8c:ab:26:57:26:a7:2a:e4:0d:
91:44:53:47:77:fe:ea:a6:19:ff:7e:24:f7:d4:6d:
02:ce:e4:d7:76:bd:4e:8f:2d:35:3d:57:f7:8e:ea:
99:03:d0:c5:c5:6d:0a:13:48:f6:d5:f9:20:33:da:
ec:8d:e5:f2:0a:f5:1c:6b:11:10:33:83:ad:0c:e9:
9d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:45:A1:08:DA:8C:95:A2:ED:50:B6:4F:EB:D7:EE:71:85:9E:EA:A6
X509v3 Authority Key Identifier:
keyid:48:0C:3B:93:FF:2A:34:FB:FA:5A:E8:25:56:F6:70:34:0C:B5:D5:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAw7k_8qNPv6WuglVvZwNAy11ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/kEWhCNqMlaLtULZP69fucYWe6qY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/SAw7k_8qNPv6WuglVvZwNAy11ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.100.0/23
85.208.103.0/24
185.206.62.0/23
IPv6:
2a09:85c0:50::/48
Signature Algorithm: sha256WithRSAEncryption
1d:d0:28:2a:01:8e:6a:71:ee:47:3d:e7:c6:87:ef:fe:ec:09:
b1:44:20:23:97:6a:fc:4e:06:96:1d:25:0d:c0:3e:28:fc:76:
43:9d:11:33:65:15:9e:50:5c:bf:a5:be:52:87:5a:c4:e1:0f:
29:31:e3:cc:69:f2:d1:7a:a9:ca:8f:6a:f2:ea:aa:fc:f1:e7:
5c:9d:e2:2b:a3:af:03:0b:01:22:92:a2:75:21:ae:02:0b:7c:
b8:1e:3f:1b:52:eb:d1:b7:30:de:2a:86:13:bd:49:34:ab:06:
57:cd:87:14:ed:aa:f3:3b:3b:cf:f8:1b:53:70:20:a9:16:b4:
12:1b:1b:95:74:52:9f:6e:f9:f8:3c:5f:8c:df:ce:b7:31:9e:
9f:8e:77:fa:0d:d8:78:82:fb:7e:60:99:ad:4f:95:89:6c:56:
4b:e6:d1:8d:c3:78:9f:9c:29:35:9b:29:01:5d:d7:ca:e2:39:
09:41:cf:35:d5:61:73:04:e7:9b:b8:22:c2:45:1f:4b:26:6f:
0d:d8:20:71:59:b6:7a:13:24:51:ec:7e:6b:ca:50:bd:f6:7b:
9c:50:cf:5c:bc:6c:10:23:72:83:ca:90:c9:eb:81:3c:e5:65:
3a:d6:2b:87:6a:a7:79:e1:7c:66:2c:cc:22:f0:ba:2f:22:4a:
5e:22:bb:ac
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYhYYc1welygDN3pqVafaCyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MGMzYjkzZmYyYTM0ZmJmYTVhZTgyNTU2ZjY3MDM0MGNi
NWQ1YzkwHhcNMjMwNTI2MTQwNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDQ1YTEwOGRhOGM5NWEyZWQ1MGI2NGZlYmQ3ZWU3MTg1OWVlYWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixd9PFl9Ejy7jXR7snHGdcKjzvOJ
06H0w7NNioJEwZ4zgnnQN61Dq0icK3Kmf6TW29JTXNX9d4N5pQtKrE8V63pw2WYF
Y2mIJP7lZciweYiSe93jzKukA9lguBq4vAY8bPcH2neMKHJJ7zPoMVKD2FTD9tL4
tlAS13VS8tZY+tAwiWLxGx5Zk3zgwi/vyen22h2+3WPIRm1+kZBwT/gxD9gn7/L1
d8ytmxzrwXnmMd/hc7RsDEVw5RqMqyZXJqcq5A2RRFNHd/7qphn/fiT31G0CzuTX
dr1Ojy01PVf3juqZA9DFxW0KE0j21fkgM9rsjeXyCvUcaxEQM4OtDOmdFwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJBFoQjajJWi7VC2T+vX7nGFnuqmMB8GA1UdIwQY
MBaAFEgMO5P/KjT7+lroJVb2cDQMtdXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0F3N2tfOHFOUHY2V3VnbFZ2WndOQXkxMWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xODAwYTQtNTBmYy00ZmY4LTllMzYt
NDljNmZkYmJhZmI3LzEva0VXaENOcU1sYUx0VUxaUDY5ZnVjWVdlNnFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xODAwYTQtNTBmYy00ZmY4LTllMzYtNDljNmZkYmJhZmI3
LzEvU0F3N2tfOHFOUHY2V3VnbFZ2WndOQXkxMWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBVdBkAwQA
VdBnAwQBuc4+MA8EAgACMAkDBwAqCYXAAFAwDQYJKoZIhvcNAQELBQADggEBAB3Q
KCoBjmpx7kc958aH7/7sCbFEICOXavxOBpYdJQ3APij8dkOdETNlFZ5QXL+lvlKH
WsThDykx48xp8tF6qcqPavLqqvzx51yd4iujrwMLASKSonUhrgILfLgePxtS69G3
MN4qhhO9STSrBlfNhxTtqvM7O8/4G1NwIKkWtBIbG5V0Up9u+fg8X4zfzrcxnp+O
d/oN2HiC+35gma1PlYlsVkvm0Y3DeJ+cKTWbKQFd18riOQlBzzXVYXME55u4IsJF
H0smbw3YIHFZtnoTJFHsfmvKUL32e5xQz1y8bBAjcoPKkMnrgTzlZTrWK4dqp3nh
fGYszCLwui8iSl4iu6w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:56 2024 by rpki-client on console-ams.rpki-client.org