Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/eIHTWGs2YFR54TM2i0yEL2KSp7M.roa
File: eIHTWGs2YFR54TM2i0yEL2KSp7M.roa (raw, json)
Hash identifier: 1qhJaqEsh+8vLSkrf680IQ7AN21zpm/vdD7oVf47miM=
Subject key identifier: 78:81:D3:58:6B:36:60:54:79:E1:33:36:8B:4C:84:2F:62:92:A7:B3
Certificate issuer: /CN=7c45672fc42bdd33e545338a7417e8171a04ee3f
Certificate serial: 018D08EBC2249F82E279A65F6386FAFC38E8
Authority key identifier: 7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/eIHTWGs2YFR54TM2i0yEL2KSp7M.roa
Signing time: Sun 14 Jan 2024 17:01:24 +0000
ROA not before: Sun 14 Jan 2024 17:01:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29695
IP address blocks: 185.197.211.0/24 maxlen: 24
185.131.200.0/24 maxlen: 24
2a0c:1bc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 28 Jan 2024 19:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:08:eb:c2:24:9f:82:e2:79:a6:5f:63:86:fa:fc:38:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c45672fc42bdd33e545338a7417e8171a04ee3f
Validity
Not Before: Jan 14 17:01:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7881d3586b36605479e133368b4c842f6292a7b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d0:65:95:d0:44:72:42:80:e9:1d:a5:7f:53:
d8:c7:61:5a:c5:74:8b:b7:08:ac:b7:fe:7b:48:af:
4e:54:f9:da:1f:b2:46:c2:c7:0b:04:b6:7b:5c:4b:
4b:80:24:44:2d:20:5a:d6:c9:6b:88:3f:0b:a0:e9:
f6:a9:36:0e:ed:be:0a:61:84:8d:14:12:d1:0b:bc:
28:e1:c5:74:3e:1c:fc:02:48:08:b7:3d:ac:8b:bd:
23:e2:a3:4f:8f:ea:1e:c5:d5:2f:8c:69:ae:8c:08:
c5:fe:ed:85:30:74:eb:11:d0:11:a7:83:a3:05:d9:
cc:7b:fb:93:d2:8a:a0:bf:3a:f8:fb:d3:cf:ca:b9:
0c:db:38:ea:a8:24:13:a3:b2:47:c9:85:07:da:26:
50:f4:a4:2d:90:64:eb:92:ae:57:ad:db:39:14:26:
20:2b:c1:0f:c6:df:42:21:64:5f:f3:b2:f4:f7:e4:
78:4b:24:c7:b3:89:67:8e:e3:b7:71:92:f0:52:ba:
f3:e6:09:c7:ad:cd:2b:1f:de:0e:cf:fc:dd:ae:69:
1c:84:0b:a8:d6:4e:f2:46:cf:e5:18:47:f8:c6:af:
07:47:e5:56:e4:33:9a:cd:ff:d8:14:7e:e7:f1:c3:
f7:64:11:2a:c7:78:18:99:3c:f8:75:95:e6:06:11:
03:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:81:D3:58:6B:36:60:54:79:E1:33:36:8B:4C:84:2F:62:92:A7:B3
X509v3 Authority Key Identifier:
keyid:7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/eIHTWGs2YFR54TM2i0yEL2KSp7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.200.0/24
185.197.211.0/24
IPv6:
2a0c:1bc0::/32
Signature Algorithm: sha256WithRSAEncryption
9f:04:81:ad:36:a0:6b:c1:5c:83:e9:60:f7:0a:11:18:c1:2f:
3a:0c:3f:ed:39:b1:73:d2:f4:b9:53:0d:61:78:03:9b:dd:50:
0a:d1:a5:c2:15:13:44:02:c9:38:86:a2:67:d5:2c:42:12:d7:
77:0d:ba:18:d6:4d:7f:a2:5d:72:e1:36:d1:78:dd:ff:eb:f5:
70:b5:82:38:08:e4:eb:a4:ff:10:44:08:dc:cd:d5:72:be:c9:
79:3a:0a:70:63:bd:e3:05:cb:c3:5e:d2:14:d1:28:3d:bc:41:
db:d3:1b:72:41:18:a3:20:5b:bd:94:67:e8:90:0c:98:27:f9:
f1:86:40:d3:3d:3e:8d:de:44:74:a0:62:ab:b4:ba:64:3e:b2:
d2:1c:08:43:a1:f4:27:d7:e3:ef:84:5d:b4:86:44:a4:77:18:
b6:e9:1e:f5:d3:b8:0c:81:df:85:08:05:e9:e5:7e:c3:11:0c:
ca:f3:f5:e8:05:04:4b:2a:db:74:f7:11:66:9c:42:82:0f:7d:
2f:57:b7:04:ab:3f:ed:00:87:fb:0c:dd:c4:2b:a0:22:89:29:
77:06:d2:a9:59:e8:7e:33:db:ef:6f:58:57:2d:11:e7:be:3d:
81:67:40:17:46:9e:50:f2:02:cf:52:b3:54:99:12:91:68:c2:
fd:dc:4b:77
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY0I68Ikn4LieaZfY4b6/DjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNDU2NzJmYzQyYmRkMzNlNTQ1MzM4YTc0MTdlODE3MWEw
NGVlM2YwHhcNMjQwMTE0MTcwMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODgxZDM1ODZiMzY2MDU0NzllMTMzMzY4YjRjODQyZjYyOTJhN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNBlldBEckKA6R2lf1PYx2FaxXSL
twist/57SK9OVPnaH7JGwscLBLZ7XEtLgCRELSBa1slriD8LoOn2qTYO7b4KYYSN
FBLRC7wo4cV0Phz8AkgItz2si70j4qNPj+oexdUvjGmujAjF/u2FMHTrEdARp4Oj
BdnMe/uT0oqgvzr4+9PPyrkM2zjqqCQTo7JHyYUH2iZQ9KQtkGTrkq5Xrds5FCYg
K8EPxt9CIWRf87L09+R4SyTHs4lnjuO3cZLwUrrz5gnHrc0rH94Oz/zdrmkchAuo
1k7yRs/lGEf4xq8HR+VW5DOazf/YFH7n8cP3ZBEqx3gYmTz4dZXmBhEDCwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHiB01hrNmBUeeEzNotMhC9ikqezMB8GA1UdIwQY
MBaAFHxFZy/EK90z5UUzinQX6BcaBO4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDct
OTRiZWRiNWQwMzM0LzEvZUlIVFdHczJZRlI1NFRNMmkweUVMMktTcDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDctOTRiZWRiNWQwMzM0
LzEvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuYPIAwQA
ucXTMA0EAgACMAcDBQAqDBvAMA0GCSqGSIb3DQEBCwUAA4IBAQCfBIGtNqBrwVyD
6WD3ChEYwS86DD/tObFz0vS5Uw1heAOb3VAK0aXCFRNEAsk4hqJn1SxCEtd3DboY
1k1/ol1y4TbReN3/6/VwtYI4COTrpP8QRAjczdVyvsl5OgpwY73jBcvDXtIU0Sg9
vEHb0xtyQRijIFu9lGfokAyYJ/nxhkDTPT6N3kR0oGKrtLpkPrLSHAhDofQn1+Pv
hF20hkSkdxi26R7107gMgd+FCAXp5X7DEQzK8/XoBQRLKtt09xFmnEKCD30vV7cE
qz/tAIf7DN3EK6AiiSl3BtKpWeh+M9vvb1hXLRHnvj2BZ0AXRp5Q8gLPUrNUmRKR
aML93Et3
-----END CERTIFICATE-----
Generated at Sun Jan 28 20:19:46 2024 by rpki-client on console-fra.rpki-client.org