Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/buGvi0kxQ8IYKDUhYaxqrOZq7-M.roa
File: buGvi0kxQ8IYKDUhYaxqrOZq7-M.roa (raw, json)
Hash identifier: Mqr8rL5h2ZP0YMNcjPzEsBbji0Sw3qES/HhSbeRFlNg=
Subject key identifier: 6E:E1:AF:8B:49:31:43:C2:18:28:35:21:61:AC:6A:AC:E6:6A:EF:E3
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 01857082C7CC074400BD7B14A40AE5F4382D
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/buGvi0kxQ8IYKDUhYaxqrOZq7-M.roa
Signing time: Mon 02 Jan 2023 03:24:57 +0000
ROA not before: Mon 02 Jan 2023 03:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206961
IP address blocks: 185.197.140.0/24 maxlen: 24
185.197.141.0/24 maxlen: 24
185.197.142.0/24 maxlen: 24
185.197.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Oct 2023 13:05:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:c7:cc:07:44:00:bd:7b:14:a4:0a:e5:f4:38:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jan 2 03:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ee1af8b493143c21828352161ac6aace66aefe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d8:96:da:8c:44:b5:c5:e8:21:d0:fb:3c:87:
dc:73:65:c1:8d:f8:42:d6:7e:a7:b8:80:1b:2c:27:
4e:93:7f:b0:ed:a5:29:25:6d:5b:2f:6f:b2:51:87:
f0:24:bd:70:33:1e:90:e1:e2:60:35:90:00:9a:0b:
37:48:9f:0f:94:c5:e0:ff:e2:56:e5:0b:50:3f:fc:
90:ee:2a:5f:33:e9:59:8b:05:7a:bc:fa:bb:fb:34:
4f:cf:f0:9f:a5:69:1f:2f:1c:da:72:08:b9:b4:cc:
c6:fa:65:3a:8c:bf:30:71:bb:4c:b3:dc:35:b1:76:
0b:d6:c9:f6:d1:3a:6d:2c:72:2e:c4:1a:0b:44:b2:
e5:72:b8:aa:37:70:13:e8:37:3f:7f:c6:f7:98:a8:
e2:ba:94:29:73:86:b9:8b:ef:f2:69:f6:84:fd:ba:
bd:5d:92:3e:d5:87:7c:4d:7a:15:a5:ed:6f:b2:99:
a8:f5:ad:16:ec:4b:5a:fb:03:fb:5f:b9:f1:2e:c4:
bf:fc:89:dd:c3:25:08:0e:20:6e:31:4f:34:28:25:
13:12:cf:b2:d8:e2:89:73:96:98:5a:7c:3e:9d:02:
39:f2:0c:b6:1b:fb:82:80:90:a1:fb:e0:88:06:bd:
3c:be:f1:33:c8:26:36:d8:f9:3d:94:32:27:5f:02:
b5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E1:AF:8B:49:31:43:C2:18:28:35:21:61:AC:6A:AC:E6:6A:EF:E3
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/buGvi0kxQ8IYKDUhYaxqrOZq7-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.140.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:0d:ed:7b:3a:9b:99:0b:34:b9:a4:4b:48:3b:30:9a:17:46:
a2:8e:ab:46:42:88:f8:c2:c0:18:67:37:a7:a3:05:84:1a:88:
d5:d5:4a:e4:fc:7a:32:f2:1e:ad:fd:c2:dc:8c:04:99:6e:9d:
e6:fb:52:50:42:aa:9d:31:91:bb:d3:a0:89:20:50:24:a0:c8:
09:68:16:e5:34:dc:16:73:ac:a4:d9:6f:bd:84:f6:e4:c3:91:
d5:17:0f:f8:cf:14:72:d8:b2:53:66:51:10:56:b7:b3:86:1f:
b0:c5:9a:c2:56:79:91:fc:e9:98:94:cd:49:c7:26:2e:5f:7b:
f1:3c:a4:87:bf:ad:db:f1:e2:23:68:e3:9a:4c:95:f7:3b:44:
f1:23:53:d4:27:ad:94:6b:27:0b:e2:70:2c:18:db:48:37:ef:
4a:b6:04:52:f1:4b:7b:80:ff:b3:87:da:35:d3:77:44:12:f8:
47:b5:d5:ee:a2:fe:a3:bf:f5:e6:ae:32:45:30:09:79:81:e7:
43:34:da:76:c2:12:14:fa:02:b1:60:9d:87:4b:b3:52:0e:bb:
9d:65:f5:29:71:bd:2d:eb:15:19:31:93:a9:0a:43:a4:cb:7b:
76:ed:13:88:86:d2:6f:14:13:ae:7a:a7:74:69:02:e4:4e:75:
c6:05:bb:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgsfMB0QAvXsUpArl9DgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjMwMTAyMDMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWUxYWY4YjQ5MzE0M2MyMTgyODM1MjE2MWFjNmFhY2U2NmFlZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudiW2oxEtcXoIdD7PIfcc2XBjfhC
1n6nuIAbLCdOk3+w7aUpJW1bL2+yUYfwJL1wMx6Q4eJgNZAAmgs3SJ8PlMXg/+JW
5QtQP/yQ7ipfM+lZiwV6vPq7+zRPz/CfpWkfLxzacgi5tMzG+mU6jL8wcbtMs9w1
sXYL1sn20TptLHIuxBoLRLLlcriqN3AT6Dc/f8b3mKjiupQpc4a5i+/yafaE/bq9
XZI+1Yd8TXoVpe1vspmo9a0W7Eta+wP7X7nxLsS//IndwyUIDiBuMU80KCUTEs+y
2OKJc5aYWnw+nQI58gy2G/uCgJCh++CIBr08vvEzyCY22Pk9lDInXwK1bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7hr4tJMUPCGCg1IWGsaqzmau/jMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvYnVHdmkwa3hROElZS0RVaFlheHFyT1pxNy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucWMMA0G
CSqGSIb3DQEBCwUAA4IBAQCPDe17OpuZCzS5pEtIOzCaF0aijqtGQoj4wsAYZzen
owWEGojV1Urk/Hoy8h6t/cLcjASZbp3m+1JQQqqdMZG706CJIFAkoMgJaBblNNwW
c6yk2W+9hPbkw5HVFw/4zxRy2LJTZlEQVrezhh+wxZrCVnmR/OmYlM1JxyYuX3vx
PKSHv63b8eIjaOOaTJX3O0TxI1PUJ62UaycL4nAsGNtIN+9KtgRS8Ut7gP+zh9o1
03dEEvhHtdXuov6jv/XmrjJFMAl5gedDNNp2whIU+gKxYJ2HS7NSDrudZfUpcb0t
6xUZMZOpCkOky3t27ROIhtJvFBOueqd0aQLkTnXGBbud
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:59 2024 by rpki-client on console-fra.rpki-client.org