Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/7cc3f8-008b-407c-beef-76533245f2be/1/s6vTFL--DKzqSZb5lKxqLOyEjVg.roa
File: s6vTFL--DKzqSZb5lKxqLOyEjVg.roa (raw, json)
Hash identifier: Q0hpACUf8hFV/s+VaT9HljFg3uv/qYihXNXqPuFcq2w=
Subject key identifier: B3:AB:D3:14:BF:BE:0C:AC:EA:49:96:F9:94:AC:6A:2C:EC:84:8D:58
Certificate issuer: /CN=d9884f92afeb58ffab26487b23205fe0d5da8a9f
Certificate serial: 018C6D498E4F7CF10A4655F721490348CF31
Authority key identifier: D9:88:4F:92:AF:EB:58:FF:AB:26:48:7B:23:20:5F:E0:D5:DA:8A:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YhPkq_rWP-rJkh7IyBf4NXaip8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/7cc3f8-008b-407c-beef-76533245f2be/1/s6vTFL--DKzqSZb5lKxqLOyEjVg.roa
Signing time: Fri 15 Dec 2023 11:43:06 +0000
ROA not before: Fri 15 Dec 2023 11:43:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206519
IP address blocks: 185.184.85.0/24 maxlen: 24
185.184.84.0/24 maxlen: 24
185.184.87.0/24 maxlen: 24
185.184.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:49:8e:4f:7c:f1:0a:46:55:f7:21:49:03:48:cf:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9884f92afeb58ffab26487b23205fe0d5da8a9f
Validity
Not Before: Dec 15 11:43:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3abd314bfbe0cacea4996f994ac6a2cec848d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8d:31:33:53:f6:73:d7:de:58:2b:4e:f7:0b:
eb:7d:c8:65:c7:4b:de:f1:64:2f:33:64:67:8f:be:
39:8e:d8:e7:73:19:68:3c:5c:b8:d0:d7:8d:58:7e:
ed:0c:5f:be:f6:fe:af:01:cc:f6:af:19:d2:61:e4:
2e:34:35:c7:fb:c2:6b:7e:42:e3:85:3e:46:d3:e6:
60:96:6f:94:6e:04:0b:c2:61:64:f7:56:4d:82:85:
8b:fb:e4:a1:b3:37:cd:09:71:4e:57:18:90:53:5a:
4b:5f:17:46:1a:85:d6:c6:a7:be:3d:cd:d4:9f:80:
d0:e2:d6:80:70:82:5f:c6:81:80:b7:09:da:fb:f7:
a2:39:a4:71:b3:71:2c:f6:5e:89:f4:3c:41:52:b7:
43:e2:1c:39:47:02:4a:5e:6a:a2:01:3c:86:1a:10:
eb:66:b6:95:35:c3:7f:42:cd:59:15:19:5b:7c:10:
1e:38:48:ba:8e:78:2b:17:2a:5e:ca:a8:95:9f:92:
15:11:97:71:65:22:66:3b:d3:fa:45:2a:6f:31:be:
5d:4c:89:be:ab:e9:9e:12:e1:78:74:13:f3:39:76:
eb:06:be:4c:93:15:f2:df:69:f7:b0:e3:a5:fb:8c:
6b:63:c0:6f:31:6e:8c:70:84:62:01:55:57:b9:03:
70:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AB:D3:14:BF:BE:0C:AC:EA:49:96:F9:94:AC:6A:2C:EC:84:8D:58
X509v3 Authority Key Identifier:
keyid:D9:88:4F:92:AF:EB:58:FF:AB:26:48:7B:23:20:5F:E0:D5:DA:8A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YhPkq_rWP-rJkh7IyBf4NXaip8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/7cc3f8-008b-407c-beef-76533245f2be/1/s6vTFL--DKzqSZb5lKxqLOyEjVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/7cc3f8-008b-407c-beef-76533245f2be/1/2YhPkq_rWP-rJkh7IyBf4NXaip8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.84.0/22
Signature Algorithm: sha256WithRSAEncryption
22:53:93:1c:bb:34:08:20:21:8d:3c:58:3d:91:46:02:5a:6a:
c6:50:51:c7:b7:90:82:e5:a4:0f:d1:f5:bd:59:98:e0:e5:06:
66:5b:86:45:3e:19:7a:64:f1:d5:11:cc:5a:2f:9f:fc:18:67:
fb:fe:b1:fb:60:89:cb:9b:0b:63:63:e5:e8:cc:45:b4:a4:c3:
2b:40:65:58:98:ea:3f:23:30:ef:af:77:13:98:26:8f:9c:9e:
27:33:ee:96:0f:24:30:87:7c:71:c2:fb:8d:18:4b:aa:4e:a9:
d4:f4:cc:51:2c:eb:16:12:14:68:5f:cf:f8:65:47:0f:f1:5e:
36:6c:28:b8:75:63:7f:97:46:e7:8c:cf:9b:a6:22:0d:7f:76:
30:7c:61:f2:cc:2c:c2:19:5b:08:e9:3b:fd:23:d8:76:9b:45:
3b:71:ef:a5:50:89:39:2d:f7:34:60:12:80:ca:96:ce:55:61:
ff:47:8f:7f:0d:bd:43:e9:a9:11:24:c4:85:ba:2c:94:01:0a:
93:14:c5:58:72:43:16:c8:3b:15:7e:9a:c3:81:b7:14:16:f3:
df:a8:ce:77:bd:5c:4c:a0:18:e6:70:86:97:8a:5d:1d:01:63:
98:d5:9e:13:49:b3:d8:ec:1c:12:80:9e:17:96:02:60:34:d1:
9b:7b:d7:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxtSY5PfPEKRlX3IUkDSM8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODg0ZjkyYWZlYjU4ZmZhYjI2NDg3YjIzMjA1ZmUwZDVk
YThhOWYwHhcNMjMxMjE1MTE0MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2FiZDMxNGJmYmUwY2FjZWE0OTk2Zjk5NGFjNmEyY2VjODQ4ZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI0xM1P2c9feWCtO9wvrfchlx0ve
8WQvM2Rnj745jtjncxloPFy40NeNWH7tDF++9v6vAcz2rxnSYeQuNDXH+8JrfkLj
hT5G0+Zglm+UbgQLwmFk91ZNgoWL++ShszfNCXFOVxiQU1pLXxdGGoXWxqe+Pc3U
n4DQ4taAcIJfxoGAtwna+/eiOaRxs3Es9l6J9DxBUrdD4hw5RwJKXmqiATyGGhDr
ZraVNcN/Qs1ZFRlbfBAeOEi6jngrFypeyqiVn5IVEZdxZSJmO9P6RSpvMb5dTIm+
q+meEuF4dBPzOXbrBr5MkxXy32n3sOOl+4xrY8BvMW6McIRiAVVXuQNwlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOr0xS/vgys6kmW+ZSsaizshI1YMB8GA1UdIwQY
MBaAFNmIT5Kv61j/qyZIeyMgX+DV2oqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlloUGtxX3JXUC1ySmtoN0l5QmY0TlhhaXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS83Y2MzZjgtMDA4Yi00MDdjLWJlZWYt
NzY1MzMyNDVmMmJlLzEvczZ2VEZMLS1ES3pxU1piNWxLeHFMT3lFalZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS83Y2MzZjgtMDA4Yi00MDdjLWJlZWYtNzY1MzMyNDVmMmJl
LzEvMlloUGtxX3JXUC1ySmtoN0l5QmY0TlhhaXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubhUMA0G
CSqGSIb3DQEBCwUAA4IBAQAiU5McuzQIICGNPFg9kUYCWmrGUFHHt5CC5aQP0fW9
WZjg5QZmW4ZFPhl6ZPHVEcxaL5/8GGf7/rH7YInLmwtjY+XozEW0pMMrQGVYmOo/
IzDvr3cTmCaPnJ4nM+6WDyQwh3xxwvuNGEuqTqnU9MxRLOsWEhRoX8/4ZUcP8V42
bCi4dWN/l0bnjM+bpiINf3YwfGHyzCzCGVsI6Tv9I9h2m0U7ce+lUIk5Lfc0YBKA
ypbOVWH/R49/Db1D6akRJMSFuiyUAQqTFMVYckMWyDsVfprDgbcUFvPfqM53vVxM
oBjmcIaXil0dAWOY1Z4TSbPY7BwSgJ4XlgJgNNGbe9d6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:16 2024 by rpki-client on console-fra.rpki-client.org