Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/EiOTqMRnaNXXlbct1qoSSioQLj8.roa
File: EiOTqMRnaNXXlbct1qoSSioQLj8.roa (raw, json)
Hash identifier: UkI0JkLm20Wr6xAA6Ki0VdTWbX6a4Og7+M4HFnszroo=
Subject key identifier: 12:23:93:A8:C4:67:68:D5:D7:95:B7:2D:D6:AA:12:4A:2A:10:2E:3F
Certificate issuer: /CN=c011ee066641750a51147d8dc99a1b105658d203
Certificate serial: 018572033AAB4FAF24BD6DE38BF906389C91
Authority key identifier: C0:11:EE:06:66:41:75:0A:51:14:7D:8D:C9:9A:1B:10:56:58:D2:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wBHuBmZBdQpRFH2NyZobEFZY0gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/EiOTqMRnaNXXlbct1qoSSioQLj8.roa
Signing time: Mon 02 Jan 2023 10:24:51 +0000
ROA not before: Mon 02 Jan 2023 10:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57184
IP address blocks: 185.128.200.0/22 maxlen: 22
2a03:9b60::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:3a:ab:4f:af:24:bd:6d:e3:8b:f9:06:38:9c:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c011ee066641750a51147d8dc99a1b105658d203
Validity
Not Before: Jan 2 10:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=122393a8c46768d5d795b72dd6aa124a2a102e3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:64:69:5c:f0:df:aa:30:8c:83:cb:24:93:de:
9b:11:53:ca:dd:a6:6f:60:e9:c1:a4:ec:b7:16:d1:
e3:7d:d7:f2:ba:30:e5:50:1a:a7:16:b2:f4:d6:bb:
f3:5a:7b:b2:a2:f2:ee:42:c9:8f:cf:ca:a3:59:7d:
ea:05:7a:ba:74:d7:9a:28:33:3c:7f:2a:df:e7:79:
d7:fd:48:96:26:aa:d0:53:c2:20:0a:d1:e4:e5:a7:
95:db:d3:f1:3c:92:20:3b:7a:c9:f8:be:c0:14:6b:
d0:52:af:11:98:be:72:41:da:1a:32:d2:7b:f2:f0:
c4:f6:b0:c4:0e:73:8d:89:4e:67:13:62:b7:87:e9:
79:cf:40:31:de:af:b5:54:60:c5:cc:bc:28:c0:ea:
2e:1e:8e:bb:2a:29:2e:3c:bc:d0:3a:b4:e1:59:fc:
3f:18:8d:6d:e0:32:f5:ce:14:d7:82:0c:24:e3:3b:
cb:18:92:f9:46:94:ea:b9:77:2c:11:11:95:10:fc:
8c:2b:e8:60:83:ea:0f:b8:64:ac:3b:86:85:4b:36:
c5:cd:1e:53:77:1e:f1:e3:cc:f2:4b:1d:d8:99:74:
70:af:a8:16:a0:7d:b8:b0:31:9a:7e:ac:3a:2c:56:
53:72:cf:e7:15:01:32:01:0e:7a:dd:a8:88:33:69:
a8:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:23:93:A8:C4:67:68:D5:D7:95:B7:2D:D6:AA:12:4A:2A:10:2E:3F
X509v3 Authority Key Identifier:
keyid:C0:11:EE:06:66:41:75:0A:51:14:7D:8D:C9:9A:1B:10:56:58:D2:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wBHuBmZBdQpRFH2NyZobEFZY0gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/EiOTqMRnaNXXlbct1qoSSioQLj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/wBHuBmZBdQpRFH2NyZobEFZY0gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.200.0/22
IPv6:
2a03:9b60::/32
Signature Algorithm: sha256WithRSAEncryption
40:0e:b1:21:cd:9a:9b:db:0b:8e:43:8b:3b:8a:7e:03:c2:e7:
47:5a:0a:d9:fe:63:c9:97:1f:e5:a9:ee:50:3a:cd:34:5c:0a:
b3:fd:10:ed:57:e9:cb:1a:5e:23:6a:4f:2e:14:95:c5:28:f3:
13:43:bf:09:bb:c7:08:3e:35:dd:3e:89:57:68:28:9d:6e:8d:
f7:8c:70:a5:ec:d8:9c:61:68:0b:19:5c:bf:3d:b3:14:ea:14:
da:aa:c7:49:41:45:74:cf:a8:e4:5f:54:9e:6d:dd:f4:35:9e:
1b:75:38:b0:45:7f:ff:f8:fc:83:8c:57:5f:6f:6b:57:ed:10:
ab:ea:f5:9a:48:1f:cc:58:a8:30:83:5c:e4:47:fe:8c:70:2c:
d7:b4:eb:ba:c7:bb:dd:5a:e1:2f:3c:de:72:29:f1:9f:6d:31:
3c:9a:81:c2:63:7a:42:f9:d6:16:bc:04:74:c6:b9:ba:fb:5d:
09:24:08:3b:e8:41:10:c2:4c:0f:8e:df:0a:5a:db:fa:f0:3b:
4b:a9:66:9d:3b:af:3f:dc:ee:05:64:52:b7:10:56:15:88:5d:
69:c4:29:2c:f1:46:fb:0a:fe:09:65:79:01:ae:35:48:a9:97:
24:21:2c:b8:8e:32:c5:b8:dd:e8:04:63:0f:0f:37:b4:33:48:
1d:f9:d4:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyAzqrT68kvW3ji/kGOJyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMTFlZTA2NjY0MTc1MGE1MTE0N2Q4ZGM5OWExYjEwNTY1
OGQyMDMwHhcNMjMwMTAyMTAyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjIzOTNhOGM0Njc2OGQ1ZDc5NWI3MmRkNmFhMTI0YTJhMTAyZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2RpXPDfqjCMg8skk96bEVPK3aZv
YOnBpOy3FtHjfdfyujDlUBqnFrL01rvzWnuyovLuQsmPz8qjWX3qBXq6dNeaKDM8
fyrf53nX/UiWJqrQU8IgCtHk5aeV29PxPJIgO3rJ+L7AFGvQUq8RmL5yQdoaMtJ7
8vDE9rDEDnONiU5nE2K3h+l5z0Ax3q+1VGDFzLwowOouHo67KikuPLzQOrThWfw/
GI1t4DL1zhTXggwk4zvLGJL5RpTquXcsERGVEPyMK+hgg+oPuGSsO4aFSzbFzR5T
dx7x48zySx3YmXRwr6gWoH24sDGafqw6LFZTcs/nFQEyAQ563aiIM2moSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBIjk6jEZ2jV15W3LdaqEkoqEC4/MB8GA1UdIwQY
MBaAFMAR7gZmQXUKURR9jcmaGxBWWNIDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0JIdUJtWkJkUXBSRkgyTnlab2JFRlpZMGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85YmU4NTYtMGUzMi00MDBmLThlODkt
MzY5Y2Q4YmUyNWZlLzEvRWlPVHFNUm5hTlhYbGJjdDFxb1NTaW9RTGo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85YmU4NTYtMGUzMi00MDBmLThlODktMzY5Y2Q4YmUyNWZl
LzEvd0JIdUJtWkJkUXBSRkgyTnlab2JFRlpZMGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYDIMA0E
AgACMAcDBQAqA5tgMA0GCSqGSIb3DQEBCwUAA4IBAQBADrEhzZqb2wuOQ4s7in4D
wudHWgrZ/mPJlx/lqe5QOs00XAqz/RDtV+nLGl4jak8uFJXFKPMTQ78Ju8cIPjXd
PolXaCidbo33jHCl7NicYWgLGVy/PbMU6hTaqsdJQUV0z6jkX1Sebd30NZ4bdTiw
RX//+PyDjFdfb2tX7RCr6vWaSB/MWKgwg1zkR/6McCzXtOu6x7vdWuEvPN5yKfGf
bTE8moHCY3pC+dYWvAR0xrm6+10JJAg76EEQwkwPjt8KWtv68DtLqWadO68/3O4F
ZFK3EFYViF1pxCks8Ub7Cv4JZXkBrjVIqZckISy4jjLFuN3oBGMPDze0M0gd+dT+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:25 2024 by rpki-client on console-fra.rpki-client.org