Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/msShVOofj-uIcJJtIzADSXFUipw.roa
File: msShVOofj-uIcJJtIzADSXFUipw.roa (raw, json)
Hash identifier: IQnUNdzWjOZdeY2+4xQc8N7ziw+WxHP3heeMR4tUkgo=
Subject key identifier: 9A:C4:A1:54:EA:1F:8F:EB:88:70:92:6D:23:30:03:49:71:54:8A:9C
Certificate issuer: /CN=7238fbfea5768479c86300906e74eb254dcb5c69
Certificate serial: 018FE7779FB8D8DE213FFD70731A1F267786
Authority key identifier: 72:38:FB:FE:A5:76:84:79:C8:63:00:90:6E:74:EB:25:4D:CB:5C:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cjj7_qV2hHnIYwCQbnTrJU3LXGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/msShVOofj-uIcJJtIzADSXFUipw.roa
Signing time: Wed 05 Jun 2024 08:15:27 +0000
ROA not before: Wed 05 Jun 2024 08:15:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210333
IP address blocks: 185.202.96.0/23 maxlen: 24
185.202.98.0/23 maxlen: 24
213.109.144.0/24 maxlen: 24
2a11:6a40::/40 maxlen: 48
2a11:6a40:100::/40 maxlen: 48
2a11:6a40:fff::/48 maxlen: 48
2a11:6a40:2000::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 13 Sep 2024 06:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:77:9f:b8:d8:de:21:3f:fd:70:73:1a:1f:26:77:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7238fbfea5768479c86300906e74eb254dcb5c69
Validity
Not Before: Jun 5 08:15:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ac4a154ea1f8feb8870926d2330034971548a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:99:7e:ef:4d:dd:2c:5d:e4:9c:54:e8:b8:2f:
99:e6:9f:40:92:21:75:3c:d3:f7:51:0e:61:6e:7f:
a3:4d:6c:da:04:4e:e1:52:c0:9c:47:01:f3:57:f5:
0a:23:44:28:ff:b5:04:13:00:1f:9d:bf:38:ea:29:
9f:d6:71:d9:0d:e9:80:e2:4d:2b:d2:8f:d2:5f:67:
7e:9f:d2:d2:45:42:34:38:c7:b1:b7:1c:9a:a2:61:
c9:8d:61:07:ca:d7:f4:b3:b2:55:41:7a:d4:61:dd:
70:e4:d6:d4:f6:68:ee:d2:8a:2e:30:f1:68:71:a2:
95:f4:c0:ae:11:31:f1:5c:90:b6:e3:85:80:33:bb:
41:5b:6d:2f:82:c5:13:e6:e5:24:91:cf:c5:34:40:
13:17:a1:e8:06:ae:b9:9b:b9:7f:c4:d6:95:b4:ea:
99:2d:1e:5c:0f:be:c5:95:9f:8f:f7:3c:1a:aa:42:
2d:99:e8:9c:d8:fb:bd:ed:61:12:26:01:6f:7c:8f:
41:11:f8:d0:de:d2:f7:1f:4b:00:af:fb:23:99:dd:
ca:bf:71:81:d4:a5:60:5f:76:f1:c2:5f:29:c3:cb:
92:c5:e6:1a:90:b2:7f:97:b8:d9:b1:62:ec:e1:a4:
bc:18:1b:bb:66:14:36:4f:5f:4f:53:91:1c:c6:5c:
d6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C4:A1:54:EA:1F:8F:EB:88:70:92:6D:23:30:03:49:71:54:8A:9C
X509v3 Authority Key Identifier:
keyid:72:38:FB:FE:A5:76:84:79:C8:63:00:90:6E:74:EB:25:4D:CB:5C:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cjj7_qV2hHnIYwCQbnTrJU3LXGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/msShVOofj-uIcJJtIzADSXFUipw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/cjj7_qV2hHnIYwCQbnTrJU3LXGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.96.0/22
213.109.144.0/24
IPv6:
2a11:6a40::/39
2a11:6a40:fff::/48
2a11:6a40:2000::/44
Signature Algorithm: sha256WithRSAEncryption
ca:5c:88:5a:6d:be:63:21:19:ce:91:16:2a:08:e5:a1:b9:3e:
e0:c3:dd:b1:86:fd:55:c3:04:c2:2e:c6:a0:7d:38:53:33:6e:
30:9f:05:49:e5:e3:31:77:54:84:c1:7a:be:4b:3b:73:ca:d3:
46:52:31:76:29:7f:70:9d:29:fa:a6:75:9c:dc:eb:ff:dd:81:
45:05:e5:53:c8:20:c1:93:fa:80:ea:f6:1d:dc:aa:f6:cd:c0:
03:1c:83:ef:2b:c3:11:83:a8:68:5f:9e:9a:0a:5e:2a:5e:7f:
34:2d:d7:ef:ce:dc:e3:71:80:19:5c:70:b4:c9:6a:65:15:70:
29:ea:1c:10:bd:30:72:2e:2c:8e:2d:04:27:97:ac:ac:b3:61:
3b:01:10:35:0f:50:6c:4a:5b:e8:6e:9e:78:4a:5c:07:ce:40:
a0:61:ac:6e:9d:a2:13:8f:b7:e0:0e:1e:4e:ac:b2:92:d7:9f:
b9:18:64:5b:25:23:de:60:0f:4d:cf:e8:2d:09:43:2a:26:52:
06:22:cb:6d:4a:4d:6d:d9:4f:de:5e:23:d7:12:7c:5f:1e:45:
b7:7c:1f:fc:54:61:2d:52:ec:56:d6:c2:38:b3:76:60:a8:2f:
27:42:73:8b:82:ec:8a:94:4a:ee:de:d7:3a:35:7d:33:1b:cd:
84:22:f1:4b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY/nd5+42N4hP/1wcxofJneGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMzhmYmZlYTU3Njg0NzljODYzMDA5MDZlNzRlYjI1NGRj
YjVjNjkwHhcNMjQwNjA1MDgxNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWM0YTE1NGVhMWY4ZmViODg3MDkyNmQyMzMwMDM0OTcxNTQ4YTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pl+703dLF3knFTouC+Z5p9AkiF1
PNP3UQ5hbn+jTWzaBE7hUsCcRwHzV/UKI0Qo/7UEEwAfnb846imf1nHZDemA4k0r
0o/SX2d+n9LSRUI0OMextxyaomHJjWEHytf0s7JVQXrUYd1w5NbU9mju0oouMPFo
caKV9MCuETHxXJC244WAM7tBW20vgsUT5uUkkc/FNEATF6HoBq65m7l/xNaVtOqZ
LR5cD77FlZ+P9zwaqkItmeic2Pu97WESJgFvfI9BEfjQ3tL3H0sAr/sjmd3Kv3GB
1KVgX3bxwl8pw8uSxeYakLJ/l7jZsWLs4aS8GBu7ZhQ2T19PU5EcxlzW7wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJrEoVTqH4/riHCSbSMwA0lxVIqcMB8GA1UdIwQY
MBaAFHI4+/6ldoR5yGMAkG506yVNy1xpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2pqN19xVjJoSG5JWXdDUWJuVHJKVTNMWEdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mYjIyYWItYjU0Ni00MDcxLWJlYjEt
YmUxMGU4YjRhMDBlLzEvbXNTaFZPb2ZqLXVJY0pKdEl6QURTWEZVaXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mYjIyYWItYjU0Ni00MDcxLWJlYjEtYmUxMGU4YjRhMDBl
LzEvY2pqN19xVjJoSG5JWXdDUWJuVHJKVTNMWEdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjASBAIAATAMAwQCucpgAwQA
1W2QMCAEAgACMBoDBgEqEWpAAAMHACoRakAP/wMHBCoRakAgADANBgkqhkiG9w0B
AQsFAAOCAQEAylyIWm2+YyEZzpEWKgjlobk+4MPdsYb9VcMEwi7GoH04UzNuMJ8F
SeXjMXdUhMF6vks7c8rTRlIxdil/cJ0p+qZ1nNzr/92BRQXlU8ggwZP6gOr2Hdyq
9s3AAxyD7yvDEYOoaF+emgpeKl5/NC3X787c43GAGVxwtMlqZRVwKeocEL0wci4s
ji0EJ5esrLNhOwEQNQ9QbEpb6G6eeEpcB85AoGGsbp2iE4+34A4eTqyyktefuRhk
WyUj3mAPTc/oLQlDKiZSBiLLbUpNbdlP3l4j1xJ8Xx5Ft3wf/FRhLVLsVtbCOLN2
YKgvJ0Jzi4LsipRK7t7XOjV9MxvNhCLxSw==
-----END CERTIFICATE-----
Generated at Fri Sep 13 07:51:12 2024 by rpki-client on console-ams.rpki-client.org