Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/a4I5gyZecNST3rI4cYkwUfypVEU.roa
File: a4I5gyZecNST3rI4cYkwUfypVEU.roa (raw, json)
Hash identifier: ZoxO/+5KchZT+Ul6lGuKCoxVmEr+BUj7FeyQw3imiEc=
Subject key identifier: 6B:82:39:83:26:5E:70:D4:93:DE:B2:38:71:89:30:51:FC:A9:54:45
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0186A3CEE0C0F073D09DC68D3B7EB3DB3D7C
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/a4I5gyZecNST3rI4cYkwUfypVEU.roa
Signing time: Thu 02 Mar 2023 19:31:29 +0000
ROA not before: Thu 02 Mar 2023 19:31:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209706
IP address blocks: 185.172.20.0/22 maxlen: 22
185.64.100.0/22 maxlen: 22
188.212.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 16 May 2023 15:53:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a3:ce:e0:c0:f0:73:d0:9d:c6:8d:3b:7e:b3:db:3d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Mar 2 19:31:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b823983265e70d493deb23871893051fca95445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0d:00:9c:fa:c3:f1:fb:81:fb:39:0e:df:c5:
cb:3b:73:64:9a:c9:8e:49:50:46:9d:db:df:49:7a:
8a:94:34:05:8a:82:f3:48:12:f9:5e:c0:4b:56:20:
76:82:c6:23:4f:20:dd:2d:ca:bf:c2:0c:78:08:35:
f0:15:06:7e:14:26:82:2e:3a:87:46:dd:3e:2b:14:
0c:7d:19:8c:92:8c:8b:6f:d8:3b:a0:3a:ba:55:85:
5a:3e:8a:79:c5:70:66:ab:ac:98:16:0d:62:2c:e8:
76:b2:7b:95:83:0f:c8:9d:05:26:a9:09:ee:e7:6d:
03:1a:28:2c:b1:a8:ad:78:15:4e:36:9f:b0:e3:3f:
93:20:f9:ba:92:5e:f7:40:11:bc:3d:55:04:1f:e9:
23:c7:95:50:13:0e:d5:d0:bd:b9:e4:ae:39:9d:ea:
06:1c:49:46:91:b2:10:c3:69:1a:ec:aa:46:d6:f7:
4a:04:14:f5:10:2b:3c:d1:2a:33:43:ac:60:23:94:
29:e2:70:36:a3:f7:fa:2a:0f:1c:8c:12:84:e2:d1:
48:ce:51:5c:c1:3e:ce:ae:48:9f:29:70:f5:59:ce:
54:51:50:86:fc:3d:0d:2c:b7:a4:40:73:8a:7d:2f:
f9:93:76:44:1c:39:4b:9f:ce:d7:62:58:19:1e:1c:
58:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:82:39:83:26:5E:70:D4:93:DE:B2:38:71:89:30:51:FC:A9:54:45
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/a4I5gyZecNST3rI4cYkwUfypVEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.100.0/22
185.172.20.0/22
188.212.104.0/22
Signature Algorithm: sha256WithRSAEncryption
74:2f:1a:a3:1c:2e:27:0c:b1:d1:ff:a0:31:89:0d:9c:09:b3:
47:9d:93:5b:5c:1b:9d:e0:40:2a:90:04:a6:4c:c5:60:53:f4:
1e:f9:eb:95:4a:07:50:da:fd:0b:30:bc:89:a1:b2:20:04:6b:
50:b0:ef:35:e2:a1:e1:6e:8b:a2:73:17:6b:c7:9a:d1:2b:7a:
d1:02:3e:4a:e7:af:ba:78:9e:3b:b7:ab:0c:96:33:85:68:ce:
be:71:cf:8b:19:ba:d3:57:67:db:5d:3d:0a:8b:36:6a:41:b4:
a8:bc:94:d5:7d:76:df:5f:c8:b4:1d:1e:cf:74:61:32:f9:9a:
8b:52:5c:2f:27:f7:09:68:e7:38:8c:46:c2:fb:f2:fa:48:b4:
33:8e:af:0e:77:33:8f:d5:9b:ce:b4:0f:d3:70:86:08:da:fc:
9d:ce:c0:c6:5f:13:2b:e1:12:b5:b7:37:79:a5:76:05:18:bf:
ed:bb:9d:07:2f:70:57:9a:eb:66:7e:f4:58:65:d0:f4:a1:ae:
51:d4:85:13:61:0d:f8:33:a9:e7:ae:82:d6:fb:3a:7b:ba:de:
20:c4:f4:c7:90:ef:69:5f:43:57:0d:a6:8a:07:38:d1:86:9f:
22:24:e4:3f:a6:49:70:3f:74:c7:80:c5:03:b6:fd:37:f4:34:
a8:e4:41:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYajzuDA8HPQncaNO36z2z18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMzAyMTkzMTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjgyMzk4MzI2NWU3MGQ0OTNkZWIyMzg3MTg5MzA1MWZjYTk1NDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw0AnPrD8fuB+zkO38XLO3NkmsmO
SVBGndvfSXqKlDQFioLzSBL5XsBLViB2gsYjTyDdLcq/wgx4CDXwFQZ+FCaCLjqH
Rt0+KxQMfRmMkoyLb9g7oDq6VYVaPop5xXBmq6yYFg1iLOh2snuVgw/InQUmqQnu
520DGigssaiteBVONp+w4z+TIPm6kl73QBG8PVUEH+kjx5VQEw7V0L255K45neoG
HElGkbIQw2ka7KpG1vdKBBT1ECs80SozQ6xgI5Qp4nA2o/f6Kg8cjBKE4tFIzlFc
wT7OrkifKXD1Wc5UUVCG/D0NLLekQHOKfS/5k3ZEHDlLn87XYlgZHhxYhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGuCOYMmXnDUk96yOHGJMFH8qVRFMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvYTRJNWd5WmVjTlNUM3JJNGNZa3dVZnlwVkVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuUBkAwQC
uawUAwQCvNRoMA0GCSqGSIb3DQEBCwUAA4IBAQB0LxqjHC4nDLHR/6AxiQ2cCbNH
nZNbXBud4EAqkASmTMVgU/Qe+euVSgdQ2v0LMLyJobIgBGtQsO814qHhbouicxdr
x5rRK3rRAj5K56+6eJ47t6sMljOFaM6+cc+LGbrTV2fbXT0KizZqQbSovJTVfXbf
X8i0HR7PdGEy+ZqLUlwvJ/cJaOc4jEbC+/L6SLQzjq8OdzOP1ZvOtA/TcIYI2vyd
zsDGXxMr4RK1tzd5pXYFGL/tu50HL3BXmutmfvRYZdD0oa5R1IUTYQ34M6nnroLW
+zp7ut4gxPTHkO9pX0NXDaaKBzjRhp8iJOQ/pklwP3THgMUDtv039DSo5EFX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org