Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/cba0d3-5944-4747-8835-bed0567efa6b/1/KFvEIpwDwsg-VsORxDETsBXzFQY.roa
File: KFvEIpwDwsg-VsORxDETsBXzFQY.roa (raw, json)
Hash identifier: YeriFgJywVhnX9spd80bs6Rk6rWE8ru1UFmyOghsA0Y=
Subject key identifier: 28:5B:C4:22:9C:03:C2:C8:3E:56:C3:91:C4:31:13:B0:15:F3:15:06
Certificate issuer: /CN=773be7cf3252a68975d5e2245898c03c4fb60dda
Certificate serial: 01856BEED4F517A780DE0D8F771D18A1AE7E
Authority key identifier: 77:3B:E7:CF:32:52:A6:89:75:D5:E2:24:58:98:C0:3C:4F:B6:0D:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzvnzzJSpol11eIkWJjAPE-2Ddo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/cba0d3-5944-4747-8835-bed0567efa6b/1/KFvEIpwDwsg-VsORxDETsBXzFQY.roa
Signing time: Sun 01 Jan 2023 06:04:52 +0000
ROA not before: Sun 01 Jan 2023 06:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51142
IP address blocks: 185.189.211.0/24 maxlen: 24
185.189.210.0/24 maxlen: 24
185.189.209.0/24 maxlen: 24
185.189.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:d4:f5:17:a7:80:de:0d:8f:77:1d:18:a1:ae:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=773be7cf3252a68975d5e2245898c03c4fb60dda
Validity
Not Before: Jan 1 06:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=285bc4229c03c2c83e56c391c43113b015f31506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:de:20:68:49:0e:75:c2:25:7c:30:10:69:fb:
a4:90:eb:96:e1:aa:05:70:9c:6f:94:38:56:e1:af:
9f:10:6e:2e:95:7e:58:8b:ed:a3:68:cf:8d:bc:5f:
95:8f:55:77:5e:65:0b:10:b7:dd:c7:f0:b2:de:cf:
72:75:ae:44:49:c6:79:58:0c:11:7e:aa:45:26:ff:
d3:fe:ca:42:8d:ec:47:da:ab:5e:9f:c9:09:9a:5a:
be:27:20:fa:b3:65:31:76:d7:bd:3e:a5:73:93:bd:
89:29:2f:64:29:d2:c2:36:77:b4:6f:f2:e2:99:44:
92:f1:39:9b:8c:84:1c:6f:d6:69:e4:82:34:6d:94:
af:01:ef:d6:ab:74:7a:5c:09:a8:34:e8:5f:5a:81:
23:80:7f:cc:e0:ff:42:08:25:e4:ce:e5:df:d3:38:
9d:3c:5c:21:e1:3e:1f:51:4c:18:b0:72:fb:9a:7b:
5f:14:66:ac:06:fb:2d:8d:cc:4a:9f:e4:64:ac:3b:
3d:15:b7:e2:08:fd:61:cd:be:fe:7e:ca:83:77:6f:
43:3e:b0:d4:d3:42:1c:d9:f4:55:2a:b1:69:38:58:
de:29:1b:15:e0:41:13:06:6a:f5:11:12:af:31:e7:
b6:84:b7:f2:10:75:1c:a2:7a:3a:39:1f:bd:c5:6a:
3f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5B:C4:22:9C:03:C2:C8:3E:56:C3:91:C4:31:13:B0:15:F3:15:06
X509v3 Authority Key Identifier:
keyid:77:3B:E7:CF:32:52:A6:89:75:D5:E2:24:58:98:C0:3C:4F:B6:0D:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzvnzzJSpol11eIkWJjAPE-2Ddo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/cba0d3-5944-4747-8835-bed0567efa6b/1/KFvEIpwDwsg-VsORxDETsBXzFQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/cba0d3-5944-4747-8835-bed0567efa6b/1/dzvnzzJSpol11eIkWJjAPE-2Ddo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.208.0/22
Signature Algorithm: sha256WithRSAEncryption
00:70:8d:76:7c:f5:2b:e2:63:90:2a:dc:48:44:23:1c:22:b6:
7e:73:3d:de:40:71:1b:17:7c:a3:db:f1:af:14:5d:09:10:f9:
be:89:40:01:62:45:49:7f:0f:de:b9:28:77:e9:e0:f7:f0:fa:
fe:38:76:2a:65:17:18:c5:0f:1b:2a:3d:bf:63:71:1d:58:df:
83:a2:cf:6b:4f:02:88:07:46:96:36:b2:d3:08:2b:50:61:e2:
9e:06:86:7f:f0:2b:e6:7b:fa:5a:e1:1a:98:28:b3:36:07:93:
a8:b7:df:4f:13:27:8b:3c:9d:a4:36:45:f1:48:aa:b1:30:11:
34:41:4a:a4:b8:2a:d6:89:87:c6:10:22:c3:10:a5:f5:b6:bd:
27:2d:40:20:49:72:80:a7:04:5a:06:1b:ad:61:c2:87:ae:da:
eb:57:97:30:b2:d6:43:f8:ea:2d:e1:72:0f:c5:be:77:4c:9f:
22:30:1d:00:64:c8:02:ea:26:2a:80:f0:00:d3:28:7c:34:b4:
1a:23:c7:38:6b:78:e5:93:d2:90:02:6c:2d:45:e5:60:6a:0e:
d7:f5:bc:71:ff:1c:e7:89:6c:6e:66:a5:11:4b:f8:d5:0d:b6:
8a:4b:3e:de:74:b9:df:8e:a4:da:7a:7c:f4:c2:c0:49:fc:40:
a6:9e:ef:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7tT1F6eA3g2Pdx0Yoa5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3M2JlN2NmMzI1MmE2ODk3NWQ1ZTIyNDU4OThjMDNjNGZi
NjBkZGEwHhcNMjMwMTAxMDYwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODViYzQyMjljMDNjMmM4M2U1NmMzOTFjNDMxMTNiMDE1ZjMxNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxN4gaEkOdcIlfDAQafukkOuW4aoF
cJxvlDhW4a+fEG4ulX5Yi+2jaM+NvF+Vj1V3XmULELfdx/Cy3s9yda5EScZ5WAwR
fqpFJv/T/spCjexH2qten8kJmlq+JyD6s2Uxdte9PqVzk72JKS9kKdLCNne0b/Li
mUSS8TmbjIQcb9Zp5II0bZSvAe/Wq3R6XAmoNOhfWoEjgH/M4P9CCCXkzuXf0zid
PFwh4T4fUUwYsHL7mntfFGasBvstjcxKn+RkrDs9FbfiCP1hzb7+fsqDd29DPrDU
00Ic2fRVKrFpOFjeKRsV4EETBmr1ERKvMee2hLfyEHUcono6OR+9xWo/nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChbxCKcA8LIPlbDkcQxE7AV8xUGMB8GA1UdIwQY
MBaAFHc7588yUqaJddXiJFiYwDxPtg3aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHp2bnp6SlNwb2wxMWVJa1dKakFQRS0yRGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9jYmEwZDMtNTk0NC00NzQ3LTg4MzUt
YmVkMDU2N2VmYTZiLzEvS0Z2RUlwd0R3c2ctVnNPUnhERVRzQlh6RlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9jYmEwZDMtNTk0NC00NzQ3LTg4MzUtYmVkMDU2N2VmYTZi
LzEvZHp2bnp6SlNwb2wxMWVJa1dKakFQRS0yRGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub3QMA0G
CSqGSIb3DQEBCwUAA4IBAQAAcI12fPUr4mOQKtxIRCMcIrZ+cz3eQHEbF3yj2/Gv
FF0JEPm+iUABYkVJfw/euSh36eD38Pr+OHYqZRcYxQ8bKj2/Y3EdWN+Dos9rTwKI
B0aWNrLTCCtQYeKeBoZ/8Cvme/pa4RqYKLM2B5Oot99PEyeLPJ2kNkXxSKqxMBE0
QUqkuCrWiYfGECLDEKX1tr0nLUAgSXKApwRaBhutYcKHrtrrV5cwstZD+Oot4XIP
xb53TJ8iMB0AZMgC6iYqgPAA0yh8NLQaI8c4a3jlk9KQAmwtReVgag7X9bxx/xzn
iWxuZqURS/jVDbaKSz7edLnfjqTaenz0wsBJ/ECmnu8O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:00 2024 by rpki-client on console-fra.rpki-client.org