Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/85e00e-d9ae-4074-9662-48790f600c64/1/t7W3UaompEw1WA6VqgPZt0aSDCs.roa
File: t7W3UaompEw1WA6VqgPZt0aSDCs.roa (raw, json)
Hash identifier: M5qnt2aOqUQ3d3fAsEk8O9n8zKQiUtwnevnaEoUc6WY=
Subject key identifier: B7:B5:B7:51:AA:26:A4:4C:35:58:0E:95:AA:03:D9:B7:46:92:0C:2B
Certificate issuer: /CN=93a10fa9eca8ec8ddd5e125426438e8df8c87abc
Certificate serial: 01856F5DBFE60C32AB064028C9ACD85A07C3
Authority key identifier: 93:A1:0F:A9:EC:A8:EC:8D:DD:5E:12:54:26:43:8E:8D:F8:C8:7A:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k6EPqeyo7I3dXhJUJkOOjfjIerw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/85e00e-d9ae-4074-9662-48790f600c64/1/t7W3UaompEw1WA6VqgPZt0aSDCs.roa
Signing time: Sun 01 Jan 2023 22:04:52 +0000
ROA not before: Sun 01 Jan 2023 22:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57219
IP address blocks: 185.198.18.0/23 maxlen: 23
2a0a:8240::/29 maxlen: 29
2001:7f8:b3::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:32:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:bf:e6:0c:32:ab:06:40:28:c9:ac:d8:5a:07:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93a10fa9eca8ec8ddd5e125426438e8df8c87abc
Validity
Not Before: Jan 1 22:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7b5b751aa26a44c35580e95aa03d9b746920c2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d7:9f:16:c3:e5:fd:2b:90:3d:b1:ec:7f:fc:
d3:11:c2:ba:cd:c6:88:3e:49:fa:27:32:9e:72:1d:
32:c8:5d:a2:32:16:a8:40:bf:fd:63:ad:01:78:9f:
92:27:da:83:a5:d9:04:cc:3d:c9:6b:04:22:2d:cf:
c2:9c:ff:58:4f:55:c7:50:c2:a9:d5:1f:5b:2c:f8:
be:b6:75:c7:a7:1f:0d:dd:1f:1e:e0:bc:e0:57:09:
a8:90:6e:19:8e:c1:5d:b1:4c:4a:3d:1c:93:5f:3e:
e7:ce:d8:e3:3b:35:b2:0b:e7:74:b9:0c:32:9f:ea:
4e:d8:91:4e:52:56:ca:ad:3e:08:13:34:ef:7b:d7:
18:56:5a:ab:a3:48:9d:b6:31:46:f0:de:74:b5:68:
f6:82:bd:15:15:b9:3c:79:b6:79:23:a9:4a:3b:ca:
c7:2e:20:a5:4d:81:45:b7:d9:3b:d1:b7:61:1b:27:
5d:56:72:f4:1e:f2:05:4d:ab:16:70:bb:f9:99:56:
99:11:b7:30:2f:d6:a2:76:7f:67:49:42:c0:46:ef:
24:90:03:0f:ea:d6:46:cf:0a:3f:3f:20:cd:c2:15:
a3:88:8c:e6:3d:6c:bd:ac:5e:60:b4:dd:9d:12:78:
fb:d5:74:1e:c8:55:48:7a:1a:09:fe:23:64:90:81:
e3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B5:B7:51:AA:26:A4:4C:35:58:0E:95:AA:03:D9:B7:46:92:0C:2B
X509v3 Authority Key Identifier:
keyid:93:A1:0F:A9:EC:A8:EC:8D:DD:5E:12:54:26:43:8E:8D:F8:C8:7A:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k6EPqeyo7I3dXhJUJkOOjfjIerw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/85e00e-d9ae-4074-9662-48790f600c64/1/t7W3UaompEw1WA6VqgPZt0aSDCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/85e00e-d9ae-4074-9662-48790f600c64/1/k6EPqeyo7I3dXhJUJkOOjfjIerw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.18.0/23
IPv6:
2001:7f8:b3::/48
2a0a:8240::/29
Signature Algorithm: sha256WithRSAEncryption
17:02:76:a9:55:e5:03:7d:4f:42:d6:7a:df:7b:21:ff:76:63:
95:70:46:c3:03:ad:a9:7a:2e:c7:f1:70:00:6c:32:a1:ca:b7:
d5:5e:e0:94:57:05:55:84:74:5e:09:ce:90:f4:76:0a:d1:ee:
ed:28:f4:35:d0:51:af:5a:73:7f:33:7e:31:ea:36:4e:53:d8:
81:ee:bb:c3:e6:fa:76:bb:ea:f2:47:98:48:46:dc:a3:e7:b4:
24:a3:3e:be:fd:8a:bc:40:bb:74:d6:55:c4:35:4c:13:6b:3d:
c9:5e:07:d4:2d:d0:f0:eb:a0:93:98:bd:9b:fd:9a:48:90:f5:
1d:35:a3:ea:8b:a2:10:00:dd:63:3a:fe:84:fb:d8:64:7a:6a:
cd:d9:42:ad:9e:c5:27:04:18:2a:b1:5a:96:7b:39:4c:e7:29:
8c:f4:a7:ec:dc:f0:95:d2:aa:a1:0f:1e:f5:39:6e:3e:49:ff:
45:a9:36:5b:d2:5d:5d:41:f6:c7:6b:a3:a4:36:56:e2:18:e1:
dd:fc:0c:41:6b:57:cc:3e:f0:b1:bd:8e:d3:da:91:14:1d:7e:
92:22:7f:83:36:ed:f2:07:e3:30:c3:20:79:cd:63:e1:e2:9f:
f3:47:c0:17:a5:54:b4:b2:8b:35:e2:23:7c:e7:bb:90:c9:34:
ba:2d:51:fb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvXb/mDDKrBkAoyazYWgfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYTEwZmE5ZWNhOGVjOGRkZDVlMTI1NDI2NDM4ZThkZjhj
ODdhYmMwHhcNMjMwMTAxMjIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2I1Yjc1MWFhMjZhNDRjMzU1ODBlOTVhYTAzZDliNzQ2OTIwYzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9efFsPl/SuQPbHsf/zTEcK6zcaI
Pkn6JzKech0yyF2iMhaoQL/9Y60BeJ+SJ9qDpdkEzD3JawQiLc/CnP9YT1XHUMKp
1R9bLPi+tnXHpx8N3R8e4LzgVwmokG4ZjsFdsUxKPRyTXz7nztjjOzWyC+d0uQwy
n+pO2JFOUlbKrT4IEzTve9cYVlqro0idtjFG8N50tWj2gr0VFbk8ebZ5I6lKO8rH
LiClTYFFt9k70bdhGyddVnL0HvIFTasWcLv5mVaZEbcwL9aidn9nSULARu8kkAMP
6tZGzwo/PyDNwhWjiIzmPWy9rF5gtN2dEnj71XQeyFVIehoJ/iNkkIHjGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLe1t1GqJqRMNVgOlaoD2bdGkgwrMB8GA1UdIwQY
MBaAFJOhD6nsqOyN3V4SVCZDjo34yHq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazZFUHFleW83STNkWGhKVUprT09qZmpJZXJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84NWUwMGUtZDlhZS00MDc0LTk2NjIt
NDg3OTBmNjAwYzY0LzEvdDdXM1Vhb21wRXcxV0E2VnFnUFp0MGFTRENzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84NWUwMGUtZDlhZS00MDc0LTk2NjItNDg3OTBmNjAwYzY0
LzEvazZFUHFleW83STNkWGhKVUprT09qZmpJZXJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQBucYSMBYE
AgACMBADBwAgAQf4ALMDBQMqCoJAMA0GCSqGSIb3DQEBCwUAA4IBAQAXAnapVeUD
fU9C1nrfeyH/dmOVcEbDA62pei7H8XAAbDKhyrfVXuCUVwVVhHReCc6Q9HYK0e7t
KPQ10FGvWnN/M34x6jZOU9iB7rvD5vp2u+ryR5hIRtyj57Qkoz6+/Yq8QLt01lXE
NUwTaz3JXgfULdDw66CTmL2b/ZpIkPUdNaPqi6IQAN1jOv6E+9hkemrN2UKtnsUn
BBgqsVqWezlM5ymM9Kfs3PCV0qqhDx71OW4+Sf9FqTZb0l1dQfbHa6OkNlbiGOHd
/AxBa1fMPvCxvY7T2pEUHX6SIn+DNu3yB+MwwyB5zWPh4p/zR8AXpVS0sos14iN8
57uQyTS6LVH7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:01 2024 by rpki-client on console-ams.rpki-client.org