Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/O6akDc_Kc3jwvZt-fP1Sd829n6A.roa
File: O6akDc_Kc3jwvZt-fP1Sd829n6A.roa (raw, json)
Hash identifier: RfgDKyiSxeR5qL/qnLoGA7J7H70NKuWFEQqfL0RG33g=
Subject key identifier: 3B:A6:A4:0D:CF:CA:73:78:F0:BD:9B:7E:7C:FD:52:77:CD:BD:9F:A0
Certificate issuer: /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial: 01887CA1655ABAFCA8A8B2C48C08ED2F453A
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/O6akDc_Kc3jwvZt-fP1Sd829n6A.roa
Signing time: Fri 02 Jun 2023 15:02:11 +0000
ROA not before: Fri 02 Jun 2023 15:02:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 185.201.17.0/24 maxlen: 24
185.201.16.0/24 maxlen: 24
185.201.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 13:55:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:a1:65:5a:ba:fc:a8:a8:b2:c4:8c:08:ed:2f:45:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
Validity
Not Before: Jun 2 15:02:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ba6a40dcfca7378f0bd9b7e7cfd5277cdbd9fa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c9:75:79:b2:e9:ec:f8:5e:a3:71:02:05:71:
0e:74:1e:98:5f:11:68:c1:e3:f2:3b:a5:0d:9e:ed:
3d:12:58:78:91:18:c5:52:2c:a7:aa:3a:0a:df:e9:
8f:2c:7d:1a:5b:4b:68:d1:fb:24:a9:c8:d7:7e:ca:
cb:a6:ee:fb:c6:1c:b9:4c:a2:91:41:e9:e3:e6:bd:
40:d0:31:2c:8d:28:80:83:b5:02:d1:b7:ef:e2:6a:
a0:53:d9:17:01:ae:aa:a9:8f:f3:47:eb:e0:90:07:
64:ab:be:67:98:2c:27:c3:21:91:6d:aa:24:1a:9c:
3c:58:15:b8:2a:50:91:e1:02:d6:3d:05:64:f6:83:
09:02:77:e5:da:39:0b:24:48:b2:44:5b:08:26:30:
25:e6:73:3f:02:94:94:24:55:bb:3b:a4:a3:f5:76:
3b:0c:88:b4:d0:5e:22:ee:20:23:1d:37:70:fb:46:
42:cf:50:15:0e:d5:04:73:6c:7f:48:94:57:79:89:
14:73:57:4b:dc:14:c3:64:7a:12:00:04:cd:e9:3d:
6a:0d:ce:45:d5:23:2b:d1:dc:c3:88:2e:bf:6c:29:
9b:24:be:7d:34:7d:59:5c:5f:68:45:f6:f4:69:3f:
fc:7c:7e:2a:e7:86:77:77:7a:8c:0b:64:ef:87:b4:
57:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A6:A4:0D:CF:CA:73:78:F0:BD:9B:7E:7C:FD:52:77:CD:BD:9F:A0
X509v3 Authority Key Identifier:
keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/O6akDc_Kc3jwvZt-fP1Sd829n6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.16.0/23
185.201.19.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:ec:e2:c7:46:40:87:9f:40:24:48:5d:cb:81:c2:b7:59:98:
65:48:1d:9d:7c:9d:6b:22:d1:63:e7:5a:13:f9:90:d9:3a:21:
cc:af:d7:2e:bc:01:f0:8e:81:ed:f4:6d:f5:60:86:bf:af:e4:
f5:dc:b2:ec:8a:58:8e:6a:48:99:0f:25:b5:ed:be:53:19:26:
22:be:9c:cf:ac:03:11:ec:2d:9e:46:a4:6e:1a:c9:d7:0c:13:
4c:f9:35:35:59:a5:75:16:fa:25:78:53:8d:2e:65:9a:29:3d:
51:cd:b6:2f:61:de:59:6e:6f:9e:f2:75:5a:95:b7:db:1a:a5:
30:f8:a5:9d:27:5b:39:ee:75:29:c8:bb:07:eb:8e:0d:83:98:
5e:89:7f:d1:3b:94:5b:22:54:97:82:c6:1b:07:69:6d:c1:86:
f1:08:9d:99:c4:c5:99:1b:ac:e0:26:33:5b:cf:6a:06:cf:fa:
28:6b:39:5d:f9:34:58:1a:a5:2f:6e:ff:9c:20:3f:4d:1b:70:
2b:75:9b:2b:54:c9:e0:2a:6e:11:83:b6:f4:26:e7:01:7d:a4:
f5:9b:4f:09:e8:09:44:26:0c:f6:89:24:05:4d:c9:d4:94:20:
11:ec:cc:0d:8f:1c:ca:6b:ef:48:44:14:d8:9c:78:9e:bb:ef:
cc:e8:d5:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYh8oWVauvyoqLLEjAjtL0U6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjMwNjAyMTUwMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmE2YTQwZGNmY2E3Mzc4ZjBiZDliN2U3Y2ZkNTI3N2NkYmQ5ZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8l1ebLp7Pheo3ECBXEOdB6YXxFo
wePyO6UNnu09Elh4kRjFUiynqjoK3+mPLH0aW0to0fskqcjXfsrLpu77xhy5TKKR
Qenj5r1A0DEsjSiAg7UC0bfv4mqgU9kXAa6qqY/zR+vgkAdkq75nmCwnwyGRbaok
Gpw8WBW4KlCR4QLWPQVk9oMJAnfl2jkLJEiyRFsIJjAl5nM/ApSUJFW7O6Sj9XY7
DIi00F4i7iAjHTdw+0ZCz1AVDtUEc2x/SJRXeYkUc1dL3BTDZHoSAATN6T1qDc5F
1SMr0dzDiC6/bCmbJL59NH1ZXF9oRfb0aT/8fH4q54Z3d3qMC2Tvh7RX1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDumpA3PynN48L2bfnz9UnfNvZ+gMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvTzZha0RjX0tjM2p3dlp0LWZQMVNkODI5bjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuckQAwQA
uckTMA0GCSqGSIb3DQEBCwUAA4IBAQB/7OLHRkCHn0AkSF3LgcK3WZhlSB2dfJ1r
ItFj51oT+ZDZOiHMr9cuvAHwjoHt9G31YIa/r+T13LLsiliOakiZDyW17b5TGSYi
vpzPrAMR7C2eRqRuGsnXDBNM+TU1WaV1FvoleFONLmWaKT1RzbYvYd5Zbm+e8nVa
lbfbGqUw+KWdJ1s57nUpyLsH644Ng5heiX/RO5RbIlSXgsYbB2ltwYbxCJ2ZxMWZ
G6zgJjNbz2oGz/ooazld+TRYGqUvbv+cID9NG3ArdZsrVMngKm4Rg7b0JucBfaT1
m08J6AlEJgz2iSQFTcnUlCAR7MwNjxzKa+9IRBTYnHieu+/M6NUZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:18 2024 by rpki-client on console-fra.rpki-client.org