Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/f01f9a-cdea-4d03-aa8a-85b65bacd4fb/1/3DUFbc2MrtUDlcHHysGd_DcApl4.roa
File: 3DUFbc2MrtUDlcHHysGd_DcApl4.roa (raw, json)
Hash identifier: 6rZkZHQwjdJ+dSD2W9WXpw7lOocnyMSZaD8T2EPPT80=
Subject key identifier: DC:35:05:6D:CD:8C:AE:D5:03:95:C1:C7:CA:C1:9D:FC:37:00:A6:5E
Certificate issuer: /CN=a76a90e716530f15f7399b7ac3e0d2939a21a210
Certificate serial: 018BA5300EDBA3D18D0ADC24CAE7E32417B9
Authority key identifier: A7:6A:90:E7:16:53:0F:15:F7:39:9B:7A:C3:E0:D2:93:9A:21:A2:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2qQ5xZTDxX3OZt6w-DSk5ohohA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/f01f9a-cdea-4d03-aa8a-85b65bacd4fb/1/3DUFbc2MrtUDlcHHysGd_DcApl4.roa
Signing time: Mon 06 Nov 2023 15:11:12 +0000
ROA not before: Mon 06 Nov 2023 15:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204586
IP address blocks: 185.218.72.0/22 maxlen: 22
185.218.74.0/24 maxlen: 24
185.218.75.0/24 maxlen: 24
185.218.72.0/24 maxlen: 24
185.218.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Nov 2023 15:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a5:30:0e:db:a3:d1:8d:0a:dc:24:ca:e7:e3:24:17:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76a90e716530f15f7399b7ac3e0d2939a21a210
Validity
Not Before: Nov 6 15:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc35056dcd8caed50395c1c7cac19dfc3700a65e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:57:c2:69:d8:44:4f:b6:5e:c6:89:df:54:80:
55:ed:ea:3c:b2:c9:52:2e:70:c1:ed:16:dc:d2:c6:
16:aa:8b:3f:18:0e:70:73:c5:8c:c9:01:9b:55:0f:
7c:62:7a:7c:b8:92:50:75:cf:13:d7:d8:ad:2a:c9:
3d:02:9c:81:0a:29:f2:2a:5f:b3:90:30:b0:55:07:
46:24:2e:39:03:eb:ed:0e:98:db:46:27:eb:57:d0:
32:5e:6c:66:8b:57:c7:89:7c:6b:6a:94:c2:f2:18:
3e:3c:79:42:3c:13:84:0d:e6:1a:02:bd:6f:f6:d5:
c9:d1:5a:6f:f9:39:c8:89:5e:8c:97:7d:ae:23:32:
61:0d:7e:bb:74:52:ec:7e:a2:ec:ef:a3:b3:4b:3b:
c8:e0:9d:19:ac:ca:11:4d:ad:f1:1b:5c:41:ad:a3:
95:5a:fa:a6:0d:3e:ba:81:69:05:69:47:1a:c9:cd:
b5:60:6b:61:df:0c:ea:57:cb:81:f3:58:2f:39:b5:
c5:3c:39:b3:56:c0:f3:80:42:c8:57:ba:8b:80:18:
2c:b8:8d:af:94:b1:e1:03:7f:10:ea:74:65:dd:60:
68:9e:65:82:3d:ab:79:d4:51:7f:b5:f2:37:bd:fb:
0b:5e:21:b5:ca:68:bf:36:20:39:3e:b5:1a:b0:77:
d4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:35:05:6D:CD:8C:AE:D5:03:95:C1:C7:CA:C1:9D:FC:37:00:A6:5E
X509v3 Authority Key Identifier:
keyid:A7:6A:90:E7:16:53:0F:15:F7:39:9B:7A:C3:E0:D2:93:9A:21:A2:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2qQ5xZTDxX3OZt6w-DSk5ohohA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f01f9a-cdea-4d03-aa8a-85b65bacd4fb/1/3DUFbc2MrtUDlcHHysGd_DcApl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f01f9a-cdea-4d03-aa8a-85b65bacd4fb/1/p2qQ5xZTDxX3OZt6w-DSk5ohohA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.72.0/22
Signature Algorithm: sha256WithRSAEncryption
59:f1:6a:d2:2f:3a:04:62:11:62:ab:0c:f1:af:53:1d:fd:1b:
80:ff:c2:3f:ee:13:69:03:5a:30:a7:c6:2f:49:8c:9d:b9:9a:
d7:dd:3a:b5:72:45:84:02:b3:4c:68:ba:df:8e:a8:58:40:40:
42:71:54:96:dd:09:8f:f4:c3:2b:2e:0d:a9:24:c3:74:56:f3:
c1:cd:71:a0:e4:d4:dc:2a:d8:f9:79:7a:27:70:15:17:7f:f4:
e5:2b:79:c1:d7:ce:b5:f9:45:70:e3:97:1f:22:27:e7:df:b1:
0d:ca:ff:14:b7:e1:31:02:b1:dc:e1:46:f0:25:c8:de:29:cf:
9b:ae:f1:a8:f4:8c:b2:4c:43:70:9c:82:24:0e:46:cf:d7:0f:
31:1f:e9:30:c2:7d:2f:8d:60:f8:f0:83:a8:dd:36:57:c4:0c:
9a:2d:df:45:33:c4:ef:28:f7:e9:59:19:19:26:1e:00:a5:0e:
6d:88:3c:89:a4:b2:ad:07:c0:9e:e5:0d:f9:b2:44:3c:d1:1d:
59:79:f4:46:f7:b2:28:c5:4e:9d:dc:fd:18:b3:1b:e8:5a:75:
c9:c6:70:9b:bf:29:cc:15:7a:2e:7e:5c:13:2d:2b:d7:be:38:
26:ad:77:2e:c9:1a:1e:8b:1f:48:f7:eb:6c:29:6f:35:fd:ce:
b5:f7:18:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYulMA7bo9GNCtwkyufjJBe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmE5MGU3MTY1MzBmMTVmNzM5OWI3YWMzZTBkMjkzOWEy
MWEyMTAwHhcNMjMxMTA2MTUxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM1MDU2ZGNkOGNhZWQ1MDM5NWMxYzdjYWMxOWRmYzM3MDBhNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1fCadhET7ZexonfVIBV7eo8sslS
LnDB7Rbc0sYWqos/GA5wc8WMyQGbVQ98Ynp8uJJQdc8T19itKsk9ApyBCinyKl+z
kDCwVQdGJC45A+vtDpjbRifrV9AyXmxmi1fHiXxrapTC8hg+PHlCPBOEDeYaAr1v
9tXJ0Vpv+TnIiV6Ml32uIzJhDX67dFLsfqLs76OzSzvI4J0ZrMoRTa3xG1xBraOV
WvqmDT66gWkFaUcayc21YGth3wzqV8uB81gvObXFPDmzVsDzgELIV7qLgBgsuI2v
lLHhA38Q6nRl3WBonmWCPat51FF/tfI3vfsLXiG1ymi/NiA5PrUasHfUsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNw1BW3NjK7VA5XBx8rBnfw3AKZeMB8GA1UdIwQY
MBaAFKdqkOcWUw8V9zmbesPg0pOaIaIQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJxUTV4WlREeFgzT1p0NnctRFNrNW9ob2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9mMDFmOWEtY2RlYS00ZDAzLWFhOGEt
ODViNjViYWNkNGZiLzEvM0RVRmJjMk1ydFVEbGNISHlzR2RfRGNBcGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9mMDFmOWEtY2RlYS00ZDAzLWFhOGEtODViNjViYWNkNGZi
LzEvcDJxUTV4WlREeFgzT1p0NnctRFNrNW9ob2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudpIMA0G
CSqGSIb3DQEBCwUAA4IBAQBZ8WrSLzoEYhFiqwzxr1Md/RuA/8I/7hNpA1owp8Yv
SYyduZrX3Tq1ckWEArNMaLrfjqhYQEBCcVSW3QmP9MMrLg2pJMN0VvPBzXGg5NTc
Ktj5eXoncBUXf/TlK3nB1861+UVw45cfIifn37ENyv8Ut+ExArHc4UbwJcjeKc+b
rvGo9IyyTENwnIIkDkbP1w8xH+kwwn0vjWD48IOo3TZXxAyaLd9FM8TvKPfpWRkZ
Jh4ApQ5tiDyJpLKtB8Ce5Q35skQ80R1ZefRG97IoxU6d3P0YsxvoWnXJxnCbvynM
FXouflwTLSvXvjgmrXcuyRoeix9I9+tsKW81/c619xh/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:09 2024 by rpki-client on console-fra.rpki-client.org