Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/bbb5wPncdQiUyeLxjH5MSuE_trU.roa
File: bbb5wPncdQiUyeLxjH5MSuE_trU.roa (raw, json)
Hash identifier: ssyvmTFAvRNp+4mPcsLKFQocBWAQ9++Qde3DL2mg0J4=
Subject key identifier: 6D:B6:F9:C0:F9:DC:75:08:94:C9:E2:F1:8C:7E:4C:4A:E1:3F:B6:B5
Certificate issuer: /CN=fc9be4ed4e54b601e6b6a42d0ba04cfb7ab2c3bf
Certificate serial: 018CC8715C6826F7066B63B516D31C524085
Authority key identifier: FC:9B:E4:ED:4E:54:B6:01:E6:B6:A4:2D:0B:A0:4C:FB:7A:B2:C3:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Jvk7U5UtgHmtqQtC6BM-3qyw78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/bbb5wPncdQiUyeLxjH5MSuE_trU.roa
Signing time: Tue 02 Jan 2024 04:32:01 +0000
ROA not before: Tue 02 Jan 2024 04:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202319
IP address blocks: 185.166.104.0/24 maxlen: 24
185.166.105.0/24 maxlen: 24
185.166.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Mar 2024 19:54:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:5c:68:26:f7:06:6b:63:b5:16:d3:1c:52:40:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc9be4ed4e54b601e6b6a42d0ba04cfb7ab2c3bf
Validity
Not Before: Jan 2 04:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6db6f9c0f9dc750894c9e2f18c7e4c4ae13fb6b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:55:5f:ca:36:d2:e5:dd:16:e3:1a:2a:4c:fb:
cb:97:0f:fc:d0:d4:d4:f7:71:48:3a:04:7c:f8:a4:
69:26:e3:39:1a:38:20:95:ee:06:5c:3c:75:94:9b:
e9:a2:a7:ed:6f:fa:63:e1:61:de:d9:89:19:4a:dd:
d3:6b:98:c8:bf:e8:8b:37:24:a5:ff:18:bb:8d:6f:
16:c4:ac:d3:82:74:bf:9a:be:2b:10:6c:47:ab:2a:
a7:86:f1:cd:89:c3:53:bf:c2:d7:05:8b:14:fe:7e:
a2:39:df:54:d9:6f:62:41:2a:c1:97:21:32:e9:06:
a3:3c:ea:a4:f1:44:18:b4:ee:9d:94:1a:e7:9f:eb:
b0:b6:0b:f7:0a:40:2a:56:df:5e:53:c7:7a:c9:ae:
3d:a8:74:80:7c:5f:f2:63:ea:bf:e8:57:e3:16:a3:
5d:54:93:fa:eb:bb:92:e3:1f:a4:af:08:5b:d6:96:
08:23:4d:8a:40:43:2e:e1:c6:27:d4:49:2b:32:45:
be:04:d3:04:e2:b1:95:3c:ed:ea:99:d9:12:26:ba:
8f:a1:47:d7:c8:ce:58:b0:3f:bd:f8:f4:90:a3:a8:
d4:83:98:dd:6d:c8:e9:0d:a6:22:08:96:44:c4:00:
8d:d8:fc:29:b2:0e:14:30:4b:1a:47:ca:cb:df:4d:
68:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B6:F9:C0:F9:DC:75:08:94:C9:E2:F1:8C:7E:4C:4A:E1:3F:B6:B5
X509v3 Authority Key Identifier:
keyid:FC:9B:E4:ED:4E:54:B6:01:E6:B6:A4:2D:0B:A0:4C:FB:7A:B2:C3:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Jvk7U5UtgHmtqQtC6BM-3qyw78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/bbb5wPncdQiUyeLxjH5MSuE_trU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/_Jvk7U5UtgHmtqQtC6BM-3qyw78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.104.0/23
185.166.107.0/24
Signature Algorithm: sha256WithRSAEncryption
40:0a:8f:98:40:e6:c5:fb:ea:d1:b3:c7:30:23:b1:fb:b0:95:
14:16:6a:2f:35:88:dd:2d:73:2d:c3:f7:5f:ef:9b:86:ea:dd:
7f:a7:01:09:bc:52:0a:92:bd:b5:67:e8:f9:7a:15:86:8b:23:
9f:f2:5c:07:06:d6:1b:de:a4:77:c2:d7:ae:15:72:3e:16:07:
32:80:ae:3c:3c:c2:cc:a1:0e:cf:82:c9:7d:8d:de:cb:0b:3c:
5b:78:e5:52:62:92:ea:3f:6d:41:ef:20:ac:ff:cf:b4:35:b4:
42:e9:84:d8:e6:53:a5:c2:2b:55:34:17:57:2b:53:fa:ae:11:
02:be:e2:ea:27:c0:30:bc:3d:01:cd:bb:71:90:75:a6:71:52:
01:22:f0:5f:fa:cc:b4:c5:c5:d3:29:da:19:2c:33:d6:40:ea:
2a:f7:de:bc:ec:1f:68:42:45:8a:84:56:ef:f8:e8:69:82:31:
46:73:8e:11:5c:32:71:ec:c1:a2:ca:1e:a2:28:dc:f4:ba:38:
0e:99:ed:60:02:4d:c4:55:b6:c4:22:d1:fb:0f:93:26:1f:9b:
76:21:27:5b:46:80:ab:75:49:5e:d5:2a:e3:18:9a:c0:d7:6a:
fc:df:a0:75:1b:12:b0:58:07:91:3e:82:e7:e1:ba:b5:49:a3:
fb:f7:09:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcVxoJvcGa2O1FtMcUkCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOWJlNGVkNGU1NGI2MDFlNmI2YTQyZDBiYTA0Y2ZiN2Fi
MmMzYmYwHhcNMjQwMTAyMDQzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGI2ZjljMGY5ZGM3NTA4OTRjOWUyZjE4YzdlNGM0YWUxM2ZiNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFVfyjbS5d0W4xoqTPvLlw/80NTU
93FIOgR8+KRpJuM5Gjggle4GXDx1lJvpoqftb/pj4WHe2YkZSt3Ta5jIv+iLNySl
/xi7jW8WxKzTgnS/mr4rEGxHqyqnhvHNicNTv8LXBYsU/n6iOd9U2W9iQSrBlyEy
6QajPOqk8UQYtO6dlBrnn+uwtgv3CkAqVt9eU8d6ya49qHSAfF/yY+q/6FfjFqNd
VJP667uS4x+krwhb1pYII02KQEMu4cYn1EkrMkW+BNME4rGVPO3qmdkSJrqPoUfX
yM5YsD+9+PSQo6jUg5jdbcjpDaYiCJZExACN2Pwpsg4UMEsaR8rL301onwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG22+cD53HUIlMni8Yx+TErhP7a1MB8GA1UdIwQY
MBaAFPyb5O1OVLYB5rakLQugTPt6ssO/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0p2azdVNVV0Z0htdHFRdEM2Qk0tM3F5dzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zNjM2MmEtZDkxYy00YWQ0LTkyYzct
MWQyNTEzMzA4ZDIxLzEvYmJiNXdQbmNkUWlVeWVMeGpINU1TdUVfdHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zNjM2MmEtZDkxYy00YWQ0LTkyYzctMWQyNTEzMzA4ZDIx
LzEvX0p2azdVNVV0Z0htdHFRdEM2Qk0tM3F5dzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuaZoAwQA
uaZrMA0GCSqGSIb3DQEBCwUAA4IBAQBACo+YQObF++rRs8cwI7H7sJUUFmovNYjd
LXMtw/df75uG6t1/pwEJvFIKkr21Z+j5ehWGiyOf8lwHBtYb3qR3wteuFXI+Fgcy
gK48PMLMoQ7Pgsl9jd7LCzxbeOVSYpLqP21B7yCs/8+0NbRC6YTY5lOlwitVNBdX
K1P6rhECvuLqJ8AwvD0BzbtxkHWmcVIBIvBf+sy0xcXTKdoZLDPWQOoq99687B9o
QkWKhFbv+OhpgjFGc44RXDJx7MGiyh6iKNz0ujgOme1gAk3EVbbEItH7D5MmH5t2
ISdbRoCrdUle1SrjGJrA12r836B1GxKwWAeRPoLn4bq1SaP79wn6
-----END CERTIFICATE-----
Generated at Sun Mar 24 21:55:47 2024 by rpki-client on console.sobornost.net