Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/e2e048-2788-49b8-9ed5-453bd8995bca/1/_hOG0NLflehUuHU3_PaK7GP_4Vc.roa
File: _hOG0NLflehUuHU3_PaK7GP_4Vc.roa (raw, json)
Hash identifier: gS3Wg5/QQqnT1jwXmoxsgo7rC3Cgn142fEZ3nr4x3Vs=
Subject key identifier: FE:13:86:D0:D2:DF:95:E8:54:B8:75:37:FC:F6:8A:EC:63:FF:E1:57
Certificate issuer: /CN=c2b5d3afd0b72eb734c21ed782329eb6e7c1ce41
Certificate serial: 01879983746D5634E9D188D6991C01C5A527
Authority key identifier: C2:B5:D3:AF:D0:B7:2E:B7:34:C2:1E:D7:82:32:9E:B6:E7:C1:CE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wrXTr9C3Lrc0wh7XgjKetufBzkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/e2e048-2788-49b8-9ed5-453bd8995bca/1/_hOG0NLflehUuHU3_PaK7GP_4Vc.roa
Signing time: Wed 19 Apr 2023 12:35:41 +0000
ROA not before: Wed 19 Apr 2023 12:35:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204802
IP address blocks: 185.239.108.0/24 maxlen: 24
2a10:4880::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:83:74:6d:56:34:e9:d1:88:d6:99:1c:01:c5:a5:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2b5d3afd0b72eb734c21ed782329eb6e7c1ce41
Validity
Not Before: Apr 19 12:35:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe1386d0d2df95e854b87537fcf68aec63ffe157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d4:25:89:e1:e7:32:16:b0:16:4c:e5:1e:c9:
fb:f3:de:6b:43:0a:89:c8:bc:ba:cf:c3:3b:b7:f7:
72:50:82:b7:7c:52:08:65:8d:e4:8c:a2:88:c7:7b:
8f:0d:ad:b5:70:c3:c9:a8:38:85:76:a6:b5:e9:07:
fa:ff:fe:e4:31:7f:6c:97:5e:cb:45:17:80:d3:1a:
f8:f9:21:ec:13:62:5f:fc:14:3a:89:57:6a:95:7c:
ad:09:f8:94:0e:2e:0a:ee:d3:e5:b0:46:77:a1:9b:
e0:bc:a5:dc:1d:f9:55:d4:48:a4:9f:fb:2d:29:94:
fc:f3:79:36:69:b4:c1:1b:0e:7c:fb:a1:eb:7b:9f:
6c:45:42:60:c8:1c:82:af:1a:73:0a:a1:d7:75:80:
ec:52:22:1b:57:11:d1:eb:bf:ab:7f:74:bd:1f:bd:
46:49:0e:b6:f4:df:d7:ef:51:86:29:e9:dc:9a:a6:
fc:69:49:db:8d:06:bf:20:6b:f8:47:25:1c:36:01:
54:7e:20:2c:36:30:6d:08:f5:f1:d4:16:4b:b4:34:
a4:38:ec:e9:3d:d7:b8:75:fb:4a:f9:3e:7e:32:17:
12:28:d0:ea:f4:49:27:c5:d9:6f:c0:6b:98:8f:4e:
2a:0f:d3:ce:e3:97:e1:ac:ee:1b:25:9e:1c:1b:96:
a1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:13:86:D0:D2:DF:95:E8:54:B8:75:37:FC:F6:8A:EC:63:FF:E1:57
X509v3 Authority Key Identifier:
keyid:C2:B5:D3:AF:D0:B7:2E:B7:34:C2:1E:D7:82:32:9E:B6:E7:C1:CE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wrXTr9C3Lrc0wh7XgjKetufBzkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/e2e048-2788-49b8-9ed5-453bd8995bca/1/_hOG0NLflehUuHU3_PaK7GP_4Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/e2e048-2788-49b8-9ed5-453bd8995bca/1/wrXTr9C3Lrc0wh7XgjKetufBzkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.108.0/24
IPv6:
2a10:4880::/29
Signature Algorithm: sha256WithRSAEncryption
5c:d9:01:cd:04:53:a0:2f:2f:3c:b0:f9:73:3c:1f:3c:86:7d:
e4:95:92:d0:58:5c:f6:4f:44:da:1c:d1:ca:09:11:10:f7:1e:
09:c4:ff:69:bc:75:2c:8e:64:f9:b8:d6:09:ac:5d:c5:f9:49:
18:c3:01:35:e9:de:5f:ab:a8:14:ea:23:4a:db:4e:84:15:6a:
3f:c9:22:8d:73:57:cf:16:6e:f7:b4:b2:a2:7c:50:ee:5c:87:
da:31:c7:58:ff:c5:f6:8b:d2:de:91:81:4a:3c:43:bd:c0:e2:
a2:8b:75:89:d2:60:bd:28:69:d9:99:9f:72:63:97:cc:35:28:
5c:f6:54:c8:e0:c7:8b:32:d0:d8:d1:2f:31:8e:85:61:3f:90:
50:20:94:f3:5b:08:10:a9:30:e2:ec:29:e3:ac:4a:87:58:c8:
06:f0:f1:27:26:40:c5:65:a6:11:ab:1b:a5:da:7e:66:25:d4:
6f:58:fd:95:10:70:b3:31:31:bb:3a:21:b4:18:3f:51:a7:e2:
83:73:2c:d0:7e:af:e9:01:d4:ba:7f:c9:c4:47:df:84:36:3e:
fe:a8:cb:bb:85:19:c2:4e:78:b5:d4:23:a3:c1:f6:73:c6:e9:
42:f1:20:86:be:4a:84:73:7a:b0:bf:a3:2d:91:d2:55:e4:2c:
fc:8b:dd:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYeZg3RtVjTp0YjWmRwBxaUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYjVkM2FmZDBiNzJlYjczNGMyMWVkNzgyMzI5ZWI2ZTdj
MWNlNDEwHhcNMjMwNDE5MTIzNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTEzODZkMGQyZGY5NWU4NTRiODc1MzdmY2Y2OGFlYzYzZmZlMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdQlieHnMhawFkzlHsn7895rQwqJ
yLy6z8M7t/dyUIK3fFIIZY3kjKKIx3uPDa21cMPJqDiFdqa16Qf6//7kMX9sl17L
RReA0xr4+SHsE2Jf/BQ6iVdqlXytCfiUDi4K7tPlsEZ3oZvgvKXcHflV1Eikn/st
KZT883k2abTBGw58+6Hre59sRUJgyByCrxpzCqHXdYDsUiIbVxHR67+rf3S9H71G
SQ629N/X71GGKencmqb8aUnbjQa/IGv4RyUcNgFUfiAsNjBtCPXx1BZLtDSkOOzp
Pde4dftK+T5+MhcSKNDq9EknxdlvwGuYj04qD9PO45fhrO4bJZ4cG5ahawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP4ThtDS35XoVLh1N/z2iuxj/+FXMB8GA1UdIwQY
MBaAFMK106/Qty63NMIe14Iynrbnwc5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3JYVHI5QzNMcmMwd2g3WGdqS2V0dWZCemtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9lMmUwNDgtMjc4OC00OWI4LTllZDUt
NDUzYmQ4OTk1YmNhLzEvX2hPRzBOTGZsZWhVdUhVM19QYUs3R1BfNFZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9lMmUwNDgtMjc4OC00OWI4LTllZDUtNDUzYmQ4OTk1YmNh
LzEvd3JYVHI5QzNMcmMwd2g3WGdqS2V0dWZCemtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAue9sMA0E
AgACMAcDBQMqEEiAMA0GCSqGSIb3DQEBCwUAA4IBAQBc2QHNBFOgLy88sPlzPB88
hn3klZLQWFz2T0TaHNHKCREQ9x4JxP9pvHUsjmT5uNYJrF3F+UkYwwE16d5fq6gU
6iNK206EFWo/ySKNc1fPFm73tLKifFDuXIfaMcdY/8X2i9LekYFKPEO9wOKii3WJ
0mC9KGnZmZ9yY5fMNShc9lTI4MeLMtDY0S8xjoVhP5BQIJTzWwgQqTDi7CnjrEqH
WMgG8PEnJkDFZaYRqxul2n5mJdRvWP2VEHCzMTG7OiG0GD9Rp+KDcyzQfq/pAdS6
f8nER9+ENj7+qMu7hRnCTni11COjwfZzxulC8SCGvkqEc3qwv6MtkdJV5Cz8i91D
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:53 2024 by rpki-client on console.sobornost.net