Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/5b373e-d314-4459-b858-cf1d1f007a36/1/_JxDNZ6ixTn4vu5I2KDohypA734.roa
File: _JxDNZ6ixTn4vu5I2KDohypA734.roa (raw, json)
Hash identifier: 3GbT0eJSQpZgK9p+/Kq2xe0mlHSiO7w0H3iGIgpqBdU=
Subject key identifier: FC:9C:43:35:9E:A2:C5:39:F8:BE:EE:48:D8:A0:E8:87:2A:40:EF:7E
Certificate issuer: /CN=9b129de9eba6b47516f0a155734205abbb98b7c2
Certificate serial: 0185720350CD85E68F8257A3395A5490A55A
Authority key identifier: 9B:12:9D:E9:EB:A6:B4:75:16:F0:A1:55:73:42:05:AB:BB:98:B7:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mxKd6eumtHUW8KFVc0IFq7uYt8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/5b373e-d314-4459-b858-cf1d1f007a36/1/_JxDNZ6ixTn4vu5I2KDohypA734.roa
Signing time: Mon 02 Jan 2023 10:24:57 +0000
ROA not before: Mon 02 Jan 2023 10:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197650
IP address blocks: 185.208.104.0/24 maxlen: 24
185.208.106.0/24 maxlen: 24
185.208.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:50:cd:85:e6:8f:82:57:a3:39:5a:54:90:a5:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b129de9eba6b47516f0a155734205abbb98b7c2
Validity
Not Before: Jan 2 10:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc9c43359ea2c539f8beee48d8a0e8872a40ef7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:4e:73:29:0d:dc:a5:46:fb:dc:f6:dd:34:83:
6a:89:8b:94:b9:39:13:57:a0:c9:3d:67:5f:a6:cb:
0f:40:ad:91:6b:50:da:db:66:4f:82:53:b8:00:17:
e9:03:84:9c:4b:c8:a2:33:bd:74:66:8f:51:0f:cd:
c1:29:52:e1:63:ce:1a:c7:94:71:02:5e:88:79:7f:
a3:06:7d:0b:f7:7f:9c:48:fd:7d:2e:fb:1d:35:10:
61:16:e3:6f:64:f4:d1:37:22:a7:3a:77:9e:bb:ab:
dc:1c:c0:77:8d:df:5c:ba:e3:6c:df:e0:da:fb:94:
65:68:35:23:9e:54:60:58:d9:2d:2b:92:d4:6e:fb:
18:f1:39:55:8c:cc:2d:e7:c3:9a:60:bf:e7:e8:ff:
b7:fb:15:b0:4d:d0:e1:7e:ca:dd:4b:c4:a3:10:38:
c7:bd:2b:10:2f:34:72:3a:ad:37:81:e4:11:b2:d0:
46:c1:38:20:9c:5a:95:30:f6:b7:be:84:9c:6b:27:
a8:0b:df:72:f1:1f:14:fd:f1:8a:66:98:97:fd:64:
b8:7a:e5:1f:1b:bc:e4:07:5d:44:01:34:fa:7d:7a:
c5:8d:a9:c5:15:09:7f:a4:45:2a:6d:96:82:26:ec:
73:65:47:5c:df:86:2a:84:9f:44:3d:a4:db:b9:0c:
36:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:9C:43:35:9E:A2:C5:39:F8:BE:EE:48:D8:A0:E8:87:2A:40:EF:7E
X509v3 Authority Key Identifier:
keyid:9B:12:9D:E9:EB:A6:B4:75:16:F0:A1:55:73:42:05:AB:BB:98:B7:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mxKd6eumtHUW8KFVc0IFq7uYt8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5b373e-d314-4459-b858-cf1d1f007a36/1/_JxDNZ6ixTn4vu5I2KDohypA734.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5b373e-d314-4459-b858-cf1d1f007a36/1/mxKd6eumtHUW8KFVc0IFq7uYt8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.104.0/24
185.208.106.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:a1:50:d9:91:e6:c9:41:c3:68:74:6c:39:48:25:61:7c:07:
d4:ae:b7:86:09:f2:75:5d:41:de:57:70:e7:bb:2e:0a:48:4f:
a2:54:24:6a:a7:98:55:c1:8a:79:a9:e4:12:1f:0b:ed:9a:69:
e5:50:ae:b6:04:5f:a7:0d:75:c8:c5:34:30:58:8d:bb:be:75:
02:71:43:52:20:9b:d0:79:cc:f4:af:56:bc:b0:fe:c9:9a:bc:
a1:d6:84:9f:2f:70:01:a7:c6:b7:36:15:37:fc:17:e5:4b:6f:
bf:d6:89:5b:f5:01:02:05:c1:00:a4:3e:40:f0:6d:52:15:58:
35:c3:2a:58:c8:8c:a8:d9:8f:e1:d9:e2:a6:20:45:a1:88:a6:
58:87:e1:e2:fe:95:3a:e8:8c:f5:6f:aa:d2:df:85:83:24:64:
13:d7:bb:69:4a:38:d7:33:3d:bb:40:7b:0c:30:92:15:ad:7d:
6a:37:a3:05:49:62:bd:25:e7:4e:db:25:95:81:72:47:0a:9b:
fb:7e:6a:95:fb:d7:37:65:83:78:ec:3e:70:3f:83:f8:f0:5e:
30:ca:cd:4b:ee:8d:3b:67:1a:7b:83:7d:a4:b2:64:4d:d8:b9:
0c:f1:7e:da:fd:7c:88:3d:88:e2:8c:44:84:b2:7a:d1:69:6a:
e3:9f:6f:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyA1DNheaPglejOVpUkKVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMTI5ZGU5ZWJhNmI0NzUxNmYwYTE1NTczNDIwNWFiYmI5
OGI3YzIwHhcNMjMwMTAyMTAyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzljNDMzNTllYTJjNTM5ZjhiZWVlNDhkOGEwZTg4NzJhNDBlZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA805zKQ3cpUb73PbdNINqiYuUuTkT
V6DJPWdfpssPQK2Ra1Da22ZPglO4ABfpA4ScS8iiM710Zo9RD83BKVLhY84ax5Rx
Al6IeX+jBn0L93+cSP19LvsdNRBhFuNvZPTRNyKnOneeu6vcHMB3jd9cuuNs3+Da
+5RlaDUjnlRgWNktK5LUbvsY8TlVjMwt58OaYL/n6P+3+xWwTdDhfsrdS8SjEDjH
vSsQLzRyOq03geQRstBGwTggnFqVMPa3voScayeoC99y8R8U/fGKZpiX/WS4euUf
G7zkB11EATT6fXrFjanFFQl/pEUqbZaCJuxzZUdc34YqhJ9EPaTbuQw2iwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPycQzWeosU5+L7uSNig6IcqQO9+MB8GA1UdIwQY
MBaAFJsSnenrprR1FvChVXNCBau7mLfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXhLZDZldW10SFVXOEtGVmMwSUZxN3VZdDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy81YjM3M2UtZDMxNC00NDU5LWI4NTgt
Y2YxZDFmMDA3YTM2LzEvX0p4RE5aNml4VG40dnU1STJLRG9oeXBBNzM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy81YjM3M2UtZDMxNC00NDU5LWI4NTgtY2YxZDFmMDA3YTM2
LzEvbXhLZDZldW10SFVXOEtGVmMwSUZxN3VZdDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudBoAwQB
udBqMA0GCSqGSIb3DQEBCwUAA4IBAQBroVDZkebJQcNodGw5SCVhfAfUrreGCfJ1
XUHeV3Dnuy4KSE+iVCRqp5hVwYp5qeQSHwvtmmnlUK62BF+nDXXIxTQwWI27vnUC
cUNSIJvQecz0r1a8sP7Jmryh1oSfL3ABp8a3NhU3/BflS2+/1olb9QECBcEApD5A
8G1SFVg1wypYyIyo2Y/h2eKmIEWhiKZYh+Hi/pU66Iz1b6rS34WDJGQT17tpSjjX
Mz27QHsMMJIVrX1qN6MFSWK9JedO2yWVgXJHCpv7fmqV+9c3ZYN47D5wP4P48F4w
ys1L7o07Zxp7g32ksmRN2LkM8X7a/XyIPYjijESEsnrRaWrjn2/a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:17 2024 by rpki-client on console-ams.rpki-client.org