Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/bMBTHktBT2M0ZHzuNCeMWatKWyk.roa
File: bMBTHktBT2M0ZHzuNCeMWatKWyk.roa (raw, json)
Hash identifier: mVlAaQzRTR2hVE+AWoOlUXm4QXWsiS4gPwOZY6iW54k=
Subject key identifier: 6C:C0:53:1E:4B:41:4F:63:34:64:7C:EE:34:27:8C:59:AB:4A:5B:29
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 01889602E5E2587550FC3B5EBC3D0CF94052
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/bMBTHktBT2M0ZHzuNCeMWatKWyk.roa
Signing time: Wed 07 Jun 2023 13:19:12 +0000
ROA not before: Wed 07 Jun 2023 13:19:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 185.200.204.0/24 maxlen: 24
185.200.204.0/23 maxlen: 23
185.200.206.0/23 maxlen: 23
185.200.206.0/24 maxlen: 24
185.200.205.0/24 maxlen: 24
185.200.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:96:02:e5:e2:58:75:50:fc:3b:5e:bc:3d:0c:f9:40:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Jun 7 13:19:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cc0531e4b414f6334647cee34278c59ab4a5b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:87:a1:46:f5:7e:57:19:31:43:a2:7d:dd:35:
1f:b2:9f:3b:7b:9e:36:c6:cc:19:3a:28:e2:e6:7f:
d0:7c:ea:69:b4:dc:6b:92:1e:b5:b3:e7:d5:fa:34:
d6:2f:98:34:e4:c0:ec:c8:c5:73:b0:32:0b:5a:bc:
a8:5c:0b:40:b0:fe:de:0a:4d:17:4a:29:c7:b0:8a:
79:46:f6:d9:69:2e:3e:d1:cb:19:a6:76:4d:fa:73:
b5:64:e3:e5:4f:55:8b:c0:bd:d2:a4:74:c1:81:93:
04:8c:e9:53:67:52:ef:62:c6:d5:da:50:1b:9c:1c:
15:fc:3f:34:57:67:d7:41:c2:ea:52:3a:0a:79:60:
5f:0a:ed:e7:46:7a:88:81:56:c9:75:5d:93:56:78:
80:65:5a:f0:33:9c:26:66:66:4c:ab:f4:de:49:16:
d4:dd:ac:d5:e3:85:32:17:bd:d6:fe:2e:c3:27:86:
13:65:bd:87:c8:69:67:86:cc:d4:f9:6b:df:b4:a4:
0a:97:2d:b3:2b:b1:9d:55:14:4a:c6:43:51:d5:fe:
83:5f:bd:4d:3e:ba:2b:07:1d:55:d9:3e:d9:64:1d:
e2:9f:ea:a2:3f:56:b4:77:39:d6:3a:7e:81:af:68:
af:60:19:ad:72:d5:e1:7a:89:45:43:42:01:4a:ed:
83:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C0:53:1E:4B:41:4F:63:34:64:7C:EE:34:27:8C:59:AB:4A:5B:29
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/bMBTHktBT2M0ZHzuNCeMWatKWyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.204.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:37:a6:2e:e0:5e:29:6a:99:8f:cf:80:6e:54:a2:c2:d2:ec:
79:1c:ae:f6:1b:24:07:b2:36:36:f4:0e:1e:5d:51:17:c4:51:
d2:21:1c:62:75:cb:0f:2c:55:65:5f:dd:c4:ae:26:37:1b:e1:
f1:3d:e4:51:05:1a:c2:39:36:93:cd:b4:7c:cd:5b:05:7a:35:
1d:c1:69:b3:2d:51:58:f6:ba:13:be:10:25:6f:35:1a:e4:0b:
3a:72:71:7e:63:63:5e:29:a8:b0:49:16:86:d4:46:04:69:31:
99:5e:61:f3:a0:07:5a:a9:c4:7d:ea:bd:62:3c:fc:61:2f:4e:
7b:42:d2:a1:95:c5:d6:0c:63:29:9a:27:ac:ef:ef:83:ad:8d:
8e:bf:a3:cd:30:06:cd:55:00:90:4b:14:e3:6a:4d:4e:cf:d1:
fb:02:bc:9c:af:1e:ac:65:d3:2d:29:bd:c7:7c:8c:75:b7:f7:
2b:35:a4:a6:f4:16:d3:bd:5d:50:77:f1:e8:50:1b:3f:c3:e8:
36:38:25:9d:b9:3c:58:b5:8c:c6:49:bb:e9:13:dc:b2:35:28:
0b:67:21:e7:a4:b2:ba:b2:e5:8b:25:a5:8f:9d:54:d7:5d:d7:
d5:3b:07:a5:ea:3c:da:43:02:a8:f7:37:17:50:00:14:13:87:
9e:b0:fa:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiWAuXiWHVQ/DtevD0M+UBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjMwNjA3MTMxOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2MwNTMxZTRiNDE0ZjYzMzQ2NDdjZWUzNDI3OGM1OWFiNGE1YjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroehRvV+VxkxQ6J93TUfsp87e542
xswZOiji5n/QfOpptNxrkh61s+fV+jTWL5g05MDsyMVzsDILWryoXAtAsP7eCk0X
SinHsIp5RvbZaS4+0csZpnZN+nO1ZOPlT1WLwL3SpHTBgZMEjOlTZ1LvYsbV2lAb
nBwV/D80V2fXQcLqUjoKeWBfCu3nRnqIgVbJdV2TVniAZVrwM5wmZmZMq/TeSRbU
3azV44UyF73W/i7DJ4YTZb2HyGlnhszU+WvftKQKly2zK7GdVRRKxkNR1f6DX71N
ProrBx1V2T7ZZB3in+qiP1a0dznWOn6Br2ivYBmtctXheolFQ0IBSu2DbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGzAUx5LQU9jNGR87jQnjFmrSlspMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvYk1CVEhrdEJUMk0wWkh6dU5DZU1XYXRLV3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucjMMA0G
CSqGSIb3DQEBCwUAA4IBAQCON6Yu4F4papmPz4BuVKLC0ux5HK72GyQHsjY29A4e
XVEXxFHSIRxidcsPLFVlX93EriY3G+HxPeRRBRrCOTaTzbR8zVsFejUdwWmzLVFY
9roTvhAlbzUa5As6cnF+Y2NeKaiwSRaG1EYEaTGZXmHzoAdaqcR96r1iPPxhL057
QtKhlcXWDGMpmies7++DrY2Ov6PNMAbNVQCQSxTjak1Oz9H7Arycrx6sZdMtKb3H
fIx1t/crNaSm9BbTvV1Qd/HoUBs/w+g2OCWduTxYtYzGSbvpE9yyNSgLZyHnpLK6
suWLJaWPnVTXXdfVOwel6jzaQwKo9zcXUAAUE4eesPpL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:32 2024 by rpki-client on console-ams.rpki-client.org