Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/1-XFdeihkMz7miJk4xsirUVsqntE.roa
File: 1-XFdeihkMz7miJk4xsirUVsqntE.roa (raw, json)
Hash identifier: zNsD7qmkVcy0uv/y6RWe/spMUmKI0yvZv+e9etQTMmk=
Subject key identifier: F9:71:5D:7A:28:64:33:3E:E6:88:99:38:C6:C8:AB:51:5B:2A:9E:D1
Certificate issuer: /CN=bc127864cd43048550ed1699c584b5c14d80e098
Certificate serial: 0191FF5B247743A6F460ED31352275D392EC
Authority key identifier: BC:12:78:64:CD:43:04:85:50:ED:16:99:C5:84:B5:C1:4D:80:E0:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/1-XFdeihkMz7miJk4xsirUVsqntE.roa
Signing time: Tue 17 Sep 2024 09:40:48 +0000
ROA not before: Tue 17 Sep 2024 09:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205831
IP address blocks: 185.210.208.0/22 maxlen: 22
185.210.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 10:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:5b:24:77:43:a6:f4:60:ed:31:35:22:75:d3:92:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc127864cd43048550ed1699c584b5c14d80e098
Validity
Not Before: Sep 17 09:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9715d7a2864333ee6889938c6c8ab515b2a9ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ca:0f:f0:24:92:43:57:07:b9:2b:b6:67:3e:
9d:f0:1c:eb:d6:d3:8f:07:f5:71:b9:de:1d:53:0e:
44:60:db:41:2b:c8:9a:ef:cc:6d:33:a1:3b:62:fe:
64:93:64:b3:68:cc:f3:76:0d:28:1c:32:b5:14:c4:
97:0a:dc:78:a9:cb:52:12:3a:33:77:25:ec:28:1b:
a7:0d:43:f2:be:82:4a:4b:a5:eb:6c:e5:d5:fc:a2:
7e:8a:c4:8d:8b:fc:8c:70:68:d2:82:0e:f1:e5:ba:
23:3f:25:ee:c8:28:11:4e:fe:5d:b7:b0:8c:20:66:
ce:5f:6f:28:ed:20:e0:2c:ac:db:67:45:1d:3d:b7:
22:80:3b:41:b4:4d:6f:be:7f:97:b5:67:99:07:02:
43:0b:8c:59:04:8c:43:f0:1f:fb:9a:d2:72:59:5c:
f4:fd:80:70:18:8d:98:47:be:c4:9f:78:8f:1c:44:
b8:40:a7:12:c0:0b:24:50:89:48:02:91:c2:60:24:
c8:a3:4a:b4:eb:98:64:44:71:f2:52:cd:f7:05:3d:
bf:ed:dd:0d:58:b7:43:89:89:63:ec:cc:93:f4:e7:
a0:53:08:62:9a:1a:56:e8:c4:73:87:92:d5:04:44:
6d:96:20:a6:1a:59:8b:39:d4:45:65:e5:1b:23:f2:
fb:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:71:5D:7A:28:64:33:3E:E6:88:99:38:C6:C8:AB:51:5B:2A:9E:D1
X509v3 Authority Key Identifier:
keyid:BC:12:78:64:CD:43:04:85:50:ED:16:99:C5:84:B5:C1:4D:80:E0:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/1-XFdeihkMz7miJk4xsirUVsqntE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.208.0/22
Signature Algorithm: sha256WithRSAEncryption
52:42:28:ad:bb:f6:96:16:0d:2f:f9:25:0d:d4:ab:23:8a:e0:
87:c6:cf:e8:f2:4a:68:c8:1c:af:bf:06:9f:02:a5:8a:af:0a:
af:0b:1a:d7:7f:d9:ae:21:b0:9b:77:3e:36:c7:c9:6c:bb:4f:
1a:50:c7:18:75:c5:2f:03:6a:21:63:9e:a3:cd:f3:cc:41:4c:
1b:83:ee:bc:77:65:86:9c:7b:83:b9:5d:78:db:4e:67:c9:58:
7a:5d:ba:74:93:85:81:ec:07:7c:b6:c4:36:ef:14:4f:85:6b:
f2:13:ca:d4:8f:eb:4e:a5:36:c2:73:98:b3:d7:34:af:e7:cc:
be:13:cc:80:bf:f0:b8:e6:cf:9c:bd:15:bc:e3:8b:74:45:f2:
a0:24:f6:f5:98:5d:36:bf:61:d9:3c:d6:a8:60:31:18:4d:69:
75:46:19:49:74:5d:01:69:71:72:96:6c:1b:bd:4c:ad:b5:a2:
bd:63:e7:93:c5:65:6e:1b:16:bc:d2:3f:7a:05:52:7d:18:a6:
2b:a8:66:eb:d4:ef:3d:64:7c:3a:00:15:ce:c2:9b:94:fe:a2:
a8:8b:e6:ac:0b:5d:81:f2:5e:5d:56:b9:c5:00:5f:76:f4:25:
c9:aa:b2:c9:36:e1:6f:77:05:fc:6b:ba:f5:d5:d6:ee:e0:a4:
a6:86:4c:86
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZH/WyR3Q6b0YO0xNSJ105LsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMTI3ODY0Y2Q0MzA0ODU1MGVkMTY5OWM1ODRiNWMxNGQ4
MGUwOTgwHhcNMjQwOTE3MDk0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTcxNWQ3YTI4NjQzMzNlZTY4ODk5MzhjNmM4YWI1MTViMmE5ZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8oP8CSSQ1cHuSu2Zz6d8Bzr1tOP
B/Vxud4dUw5EYNtBK8ia78xtM6E7Yv5kk2SzaMzzdg0oHDK1FMSXCtx4qctSEjoz
dyXsKBunDUPyvoJKS6XrbOXV/KJ+isSNi/yMcGjSgg7x5bojPyXuyCgRTv5dt7CM
IGbOX28o7SDgLKzbZ0UdPbcigDtBtE1vvn+XtWeZBwJDC4xZBIxD8B/7mtJyWVz0
/YBwGI2YR77En3iPHES4QKcSwAskUIlIApHCYCTIo0q065hkRHHyUs33BT2/7d0N
WLdDiYlj7MyT9OegUwhimhpW6MRzh5LVBERtliCmGlmLOdRFZeUbI/L79wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPlxXXooZDM+5oiZOMbIq1FbKp7RMB8GA1UdIwQY
MBaAFLwSeGTNQwSFUO0WmcWEtcFNgOCYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkJKNFpNMURCSVZRN1JhWnhZUzF3VTJBNEpnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC84YTNiYjUtOWQ5NS00OTUzLTkzODgt
MDMxZjQwN2IzMjYzLzEvMS1YRmRlaWhrTXo3bWlKazR4c2lyVVZzcW50RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjgvOGEzYmI1LTlkOTUtNDk1My05Mzg4LTAzMWY0MDdiMzI2
My8xL3ZCSjRaTTFEQklWUTdSYVp4WVMxd1UyQTRKZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnS0DAN
BgkqhkiG9w0BAQsFAAOCAQEAUkIorbv2lhYNL/klDdSrI4rgh8bP6PJKaMgcr78G
nwKliq8Krwsa13/ZriGwm3c+NsfJbLtPGlDHGHXFLwNqIWOeo83zzEFMG4PuvHdl
hpx7g7ldeNtOZ8lYel26dJOFgewHfLbENu8UT4Vr8hPK1I/rTqU2wnOYs9c0r+fM
vhPMgL/wuObPnL0VvOOLdEXyoCT29ZhdNr9h2TzWqGAxGE1pdUYZSXRdAWlxcpZs
G71MrbWivWPnk8VlbhsWvNI/egVSfRimK6hm69TvPWR8OgAVzsKblP6iqIvmrAtd
gfJeXVa5xQBfdvQlyaqyyTbhb3cF/Gu69dXW7uCkpoZMhg==
-----END CERTIFICATE-----
Generated at Thu Sep 26 13:34:37 2024 by rpki-client on console-ams.rpki-client.org