Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/7cA2TAgB3G6VbeF4jlPu-Lx9k9s.roa
File: 7cA2TAgB3G6VbeF4jlPu-Lx9k9s.roa (raw, json)
Hash identifier: 7oUzgs1W7FO+WuCjjIRzR5ggW4YB7yOXa/PaO3REnh8=
Subject key identifier: ED:C0:36:4C:08:01:DC:6E:95:6D:E1:78:8E:53:EE:F8:BC:7D:93:DB
Certificate issuer: /CN=3b4df9a5460cbd450b4e75380393a821e85c74d8
Certificate serial: 01856F2FD7CBEE3FA314DFC4F0EFFE9A9B1A
Authority key identifier: 3B:4D:F9:A5:46:0C:BD:45:0B:4E:75:38:03:93:A8:21:E8:5C:74:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O035pUYMvUULTnU4A5OoIehcdNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/7cA2TAgB3G6VbeF4jlPu-Lx9k9s.roa
Signing time: Sun 01 Jan 2023 21:14:44 +0000
ROA not before: Sun 01 Jan 2023 21:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59715
IP address blocks: 185.5.200.0/22 maxlen: 24
2a02:cdc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 14 Aug 2023 10:12:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:d7:cb:ee:3f:a3:14:df:c4:f0:ef:fe:9a:9b:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b4df9a5460cbd450b4e75380393a821e85c74d8
Validity
Not Before: Jan 1 21:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edc0364c0801dc6e956de1788e53eef8bc7d93db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:de:b2:6d:c6:8c:6b:52:c0:7a:23:10:c7:63:
23:02:95:e8:61:58:86:c6:12:d8:5f:cb:f8:e8:29:
fd:1b:87:dc:c3:d0:6c:9f:18:16:f8:bb:32:4e:07:
fa:f2:97:a7:48:2f:ba:83:e3:74:20:e0:b1:ad:7b:
88:5d:60:ab:b1:2e:0a:78:fa:b3:26:da:40:0c:68:
6a:06:83:e4:c3:cb:5a:28:15:89:c4:63:53:b3:6d:
64:f1:e9:6b:e0:bf:07:23:ec:45:16:b8:07:2e:f0:
9b:63:c8:0f:d1:c5:ee:7c:69:76:6e:a5:9f:20:8a:
8a:ab:45:80:bd:f5:1d:1b:d6:d1:83:32:11:a4:45:
e8:27:d8:b9:9e:96:cc:93:e8:d7:95:91:8a:a7:a9:
cd:01:ad:b1:f7:76:5b:5b:d8:99:73:55:20:a1:ae:
3f:bf:45:66:5c:b1:87:8f:b5:48:37:84:6a:fb:d4:
f7:a5:56:01:ec:d4:c1:17:da:47:84:33:9d:ae:3c:
9a:db:20:39:7c:86:6c:ca:62:45:8c:9c:86:99:20:
12:29:c5:01:00:df:32:aa:72:82:65:a2:15:31:d5:
9d:29:5b:ac:97:69:57:92:97:cf:34:03:75:79:a9:
a0:d1:8f:96:55:80:04:03:f0:f6:e1:96:cd:48:77:
cd:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:C0:36:4C:08:01:DC:6E:95:6D:E1:78:8E:53:EE:F8:BC:7D:93:DB
X509v3 Authority Key Identifier:
keyid:3B:4D:F9:A5:46:0C:BD:45:0B:4E:75:38:03:93:A8:21:E8:5C:74:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O035pUYMvUULTnU4A5OoIehcdNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/7cA2TAgB3G6VbeF4jlPu-Lx9k9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/O035pUYMvUULTnU4A5OoIehcdNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.200.0/22
IPv6:
2a02:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
37:7d:5a:f8:dc:c0:eb:d5:83:03:85:4f:4a:84:47:c8:53:27:
98:b7:28:68:94:29:d7:72:ac:3e:db:59:2c:26:a9:9d:c6:11:
f2:ab:5a:56:49:90:7a:9c:56:10:5d:6a:fc:38:d0:ae:5a:72:
a7:1a:ad:15:d2:0d:dc:f3:c7:e0:33:ff:3e:84:c2:47:2a:31:
81:d2:63:3c:df:f0:7a:b9:36:07:d8:49:6e:dc:83:f7:cd:18:
c5:6b:b9:61:53:f9:a4:ef:99:3f:31:52:68:7c:1d:79:c9:7c:
23:4c:af:75:09:cd:8d:aa:50:10:1d:63:60:b3:60:bd:5b:82:
ec:9a:01:35:c4:01:17:7e:c2:07:da:47:a1:ea:7a:4c:4a:2b:
05:82:0c:53:f6:67:58:c8:80:90:cd:15:54:b4:6a:3c:f0:ea:
0d:a1:2e:1b:b4:d1:21:ff:46:1f:6c:64:19:51:a3:fb:cd:c6:
b1:aa:36:7d:57:82:35:60:6b:4f:df:04:39:18:91:f6:9b:b3:
e7:4a:23:29:5c:bf:a4:56:3d:9d:a5:0e:1b:db:e3:52:bc:9a:
ac:5c:f8:d0:1f:75:c6:b2:2f:67:d1:2b:9b:97:da:28:96:89:
36:a5:41:5b:4d:ef:f0:f0:9b:c0:cd:2b:5c:86:39:ad:f2:ae:
a7:93:9d:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvL9fL7j+jFN/E8O/+mpsaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNGRmOWE1NDYwY2JkNDUwYjRlNzUzODAzOTNhODIxZTg1
Yzc0ZDgwHhcNMjMwMTAxMjExNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGMwMzY0YzA4MDFkYzZlOTU2ZGUxNzg4ZTUzZWVmOGJjN2Q5M2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2d6ybcaMa1LAeiMQx2MjApXoYViG
xhLYX8v46Cn9G4fcw9BsnxgW+LsyTgf68penSC+6g+N0IOCxrXuIXWCrsS4KePqz
JtpADGhqBoPkw8taKBWJxGNTs21k8elr4L8HI+xFFrgHLvCbY8gP0cXufGl2bqWf
IIqKq0WAvfUdG9bRgzIRpEXoJ9i5npbMk+jXlZGKp6nNAa2x93ZbW9iZc1Ugoa4/
v0VmXLGHj7VIN4Rq+9T3pVYB7NTBF9pHhDOdrjya2yA5fIZsymJFjJyGmSASKcUB
AN8yqnKCZaIVMdWdKVusl2lXkpfPNAN1eamg0Y+WVYAEA/D24ZbNSHfN8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO3ANkwIAdxulW3heI5T7vi8fZPbMB8GA1UdIwQY
MBaAFDtN+aVGDL1FC051OAOTqCHoXHTYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzAzNXBVWU12VVVMVG5VNEE1T29JZWhjZE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wNDk3NWMtZWY0OS00NzU0LTk2Zjkt
OTgxMmQ3Y2ZkNjk0LzEvN2NBMlRBZ0IzRzZWYmVGNGpsUHUtTHg5azlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wNDk3NWMtZWY0OS00NzU0LTk2ZjktOTgxMmQ3Y2ZkNjk0
LzEvTzAzNXBVWU12VVVMVG5VNEE1T29JZWhjZE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQXIMA0E
AgACMAcDBQMqAs3AMA0GCSqGSIb3DQEBCwUAA4IBAQA3fVr43MDr1YMDhU9KhEfI
UyeYtyholCnXcqw+21ksJqmdxhHyq1pWSZB6nFYQXWr8ONCuWnKnGq0V0g3c88fg
M/8+hMJHKjGB0mM83/B6uTYH2Elu3IP3zRjFa7lhU/mk75k/MVJofB15yXwjTK91
Cc2NqlAQHWNgs2C9W4LsmgE1xAEXfsIH2keh6npMSisFggxT9mdYyICQzRVUtGo8
8OoNoS4btNEh/0YfbGQZUaP7zcaxqjZ9V4I1YGtP3wQ5GJH2m7PnSiMpXL+kVj2d
pQ4b2+NSvJqsXPjQH3XGsi9n0Subl9oolok2pUFbTe/w8JvAzStchjmt8q6nk52o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:36 2024 by rpki-client on console-fra.rpki-client.org