Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/5d0fbb-ad7d-4a9a-b174-11b29052528d/1/8B5iueM9XARZkYFlC_MdwZ_BZ-o.roa
File: 8B5iueM9XARZkYFlC_MdwZ_BZ-o.roa (raw, json)
Hash identifier: 4xcMo+o9tbOsQXbGSeoGD8BiRmSUu+YbXmRLrxz5jL0=
Subject key identifier: F0:1E:62:B9:E3:3D:5C:04:59:91:81:65:0B:F3:1D:C1:9F:C1:67:EA
Certificate issuer: /CN=798bcb5432a45f25b04103967ab403c29d0d430a
Certificate serial: 01856FCBBC8E20D0F1E465C6AB73389ED9EC
Authority key identifier: 79:8B:CB:54:32:A4:5F:25:B0:41:03:96:7A:B4:03:C2:9D:0D:43:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eYvLVDKkXyWwQQOWerQDwp0NQwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/5d0fbb-ad7d-4a9a-b174-11b29052528d/1/8B5iueM9XARZkYFlC_MdwZ_BZ-o.roa
Signing time: Mon 02 Jan 2023 00:05:00 +0000
ROA not before: Mon 02 Jan 2023 00:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62405
IP address blocks: 185.36.160.0/22 maxlen: 22
2a00:de20::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:bc:8e:20:d0:f1:e4:65:c6:ab:73:38:9e:d9:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798bcb5432a45f25b04103967ab403c29d0d430a
Validity
Not Before: Jan 2 00:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f01e62b9e33d5c04599181650bf31dc19fc167ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:73:22:86:c5:77:8a:f2:99:ea:31:ef:3c:2b:
97:45:a8:a5:4b:ea:ec:4e:26:b6:31:33:35:d7:8c:
64:74:b3:74:a6:96:3e:27:b2:e8:83:28:47:42:c6:
c7:97:9d:8f:2a:2b:f9:cf:70:b8:8b:21:30:4e:df:
c9:08:ae:cd:c5:1e:88:1d:cd:da:43:c9:45:57:21:
9b:e2:5f:1d:16:6c:c4:32:81:56:75:e8:4f:81:00:
ad:2c:39:cf:32:dd:fe:45:0a:f5:99:cf:2f:d3:73:
6e:53:80:39:00:51:3c:20:94:b3:06:65:d3:8f:31:
8a:74:15:5c:ee:4e:7e:6e:49:89:90:8f:5d:7b:17:
9d:df:fa:fb:06:c3:9a:54:a9:be:42:98:d8:ec:b7:
fa:b8:a2:a3:14:8e:04:6d:98:ed:9a:31:c1:f2:55:
96:69:25:8c:39:04:1e:53:1d:17:c1:63:d0:2b:23:
2f:64:2a:6e:1b:4a:98:6d:4d:b2:63:96:01:59:13:
72:d4:e1:b7:21:04:d9:bd:73:e9:70:9d:64:89:01:
b9:0e:97:cc:c6:4a:c4:3d:04:80:1b:f0:22:11:8c:
30:06:77:6d:7e:72:60:3e:33:37:5f:82:bf:26:65:
bf:77:8e:72:60:2b:22:29:75:03:8c:c4:14:31:17:
dc:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:1E:62:B9:E3:3D:5C:04:59:91:81:65:0B:F3:1D:C1:9F:C1:67:EA
X509v3 Authority Key Identifier:
keyid:79:8B:CB:54:32:A4:5F:25:B0:41:03:96:7A:B4:03:C2:9D:0D:43:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eYvLVDKkXyWwQQOWerQDwp0NQwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/5d0fbb-ad7d-4a9a-b174-11b29052528d/1/8B5iueM9XARZkYFlC_MdwZ_BZ-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/5d0fbb-ad7d-4a9a-b174-11b29052528d/1/eYvLVDKkXyWwQQOWerQDwp0NQwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.160.0/22
IPv6:
2a00:de20::/32
Signature Algorithm: sha256WithRSAEncryption
0a:20:21:1e:5b:aa:90:11:b8:97:b9:a4:bf:b4:9f:f9:b3:ec:
fa:50:bb:2d:c7:ec:71:46:d3:2c:eb:3c:6b:05:de:fa:70:e3:
99:53:9a:9c:cb:98:89:4e:18:a7:8c:0c:be:53:45:1e:e7:47:
dc:9e:14:2f:d9:80:94:2d:90:b8:da:f7:d1:a0:54:8d:35:00:
8e:e1:a4:ac:0e:82:e0:dc:a4:45:83:d2:00:69:b8:78:d7:a6:
bc:4a:13:9e:e5:27:4c:aa:be:72:e5:3b:19:1a:a8:8a:b9:0e:
05:b6:60:be:46:73:ec:33:9a:50:12:30:6d:38:d2:e8:94:9e:
e2:d6:de:49:d4:30:0d:f6:ce:65:a7:1b:3b:7a:f3:49:ea:ff:
b5:a3:a7:a8:eb:bc:5c:b7:0e:12:64:36:d8:b7:bf:d9:90:44:
ae:eb:b7:46:b9:c5:51:18:d0:02:d8:78:79:52:2a:8c:81:c1:
d1:75:b6:b3:c5:6a:ef:1d:f3:26:15:aa:9a:04:b8:91:f1:a3:
dc:0c:69:1d:7e:b6:6c:4e:15:75:c5:c0:30:fa:c4:e2:79:4a:
12:b7:c1:c5:14:00:71:76:09:e2:3b:b9:e5:fb:a8:bb:87:06:
26:c5:69:ec:fe:45:83:68:65:7a:71:5e:34:d3:de:6f:48:81:
02:01:f8:c8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvy7yOINDx5GXGq3M4ntnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGJjYjU0MzJhNDVmMjViMDQxMDM5NjdhYjQwM2MyOWQw
ZDQzMGEwHhcNMjMwMTAyMDAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDFlNjJiOWUzM2Q1YzA0NTk5MTgxNjUwYmYzMWRjMTlmYzE2N2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXMihsV3ivKZ6jHvPCuXRailS+rs
Tia2MTM114xkdLN0ppY+J7LogyhHQsbHl52PKiv5z3C4iyEwTt/JCK7NxR6IHc3a
Q8lFVyGb4l8dFmzEMoFWdehPgQCtLDnPMt3+RQr1mc8v03NuU4A5AFE8IJSzBmXT
jzGKdBVc7k5+bkmJkI9dexed3/r7BsOaVKm+QpjY7Lf6uKKjFI4EbZjtmjHB8lWW
aSWMOQQeUx0XwWPQKyMvZCpuG0qYbU2yY5YBWRNy1OG3IQTZvXPpcJ1kiQG5DpfM
xkrEPQSAG/AiEYwwBndtfnJgPjM3X4K/JmW/d45yYCsiKXUDjMQUMRfcuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPAeYrnjPVwEWZGBZQvzHcGfwWfqMB8GA1UdIwQY
MBaAFHmLy1QypF8lsEEDlnq0A8KdDUMKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVl2TFZES2tYeVd3UVFPV2VyUUR3cDBOUXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC81ZDBmYmItYWQ3ZC00YTlhLWIxNzQt
MTFiMjkwNTI1MjhkLzEvOEI1aXVlTTlYQVJaa1lGbENfTWR3Wl9CWi1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC81ZDBmYmItYWQ3ZC00YTlhLWIxNzQtMTFiMjkwNTI1Mjhk
LzEvZVl2TFZES2tYeVd3UVFPV2VyUUR3cDBOUXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSSgMA0E
AgACMAcDBQAqAN4gMA0GCSqGSIb3DQEBCwUAA4IBAQAKICEeW6qQEbiXuaS/tJ/5
s+z6ULstx+xxRtMs6zxrBd76cOOZU5qcy5iJThinjAy+U0Ue50fcnhQv2YCULZC4
2vfRoFSNNQCO4aSsDoLg3KRFg9IAabh416a8ShOe5SdMqr5y5TsZGqiKuQ4FtmC+
RnPsM5pQEjBtONLolJ7i1t5J1DAN9s5lpxs7evNJ6v+1o6eo67xctw4SZDbYt7/Z
kESu67dGucVRGNAC2Hh5UiqMgcHRdbazxWrvHfMmFaqaBLiR8aPcDGkdfrZsThV1
xcAw+sTieUoSt8HFFABxdgniO7nl+6i7hwYmxWns/kWDaGV6cV40095vSIECAfjI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:04 2024 by rpki-client on console-fra.rpki-client.org