Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/6a754e-58f6-4c10-9d5e-f43aa27003c5/1/nG4OA0IL_Ebi0bVyMq_9BLvGrx8.roa
File: nG4OA0IL_Ebi0bVyMq_9BLvGrx8.roa (raw, json)
Hash identifier: rzGKdQ/n+1PD+fdrPcyG5Efo0YDCNHCr1K3P1yZDYUk=
Subject key identifier: 9C:6E:0E:03:42:0B:FC:46:E2:D1:B5:72:32:AF:FD:04:BB:C6:AF:1F
Certificate issuer: /CN=ef583686464c533d4152bca2edf3a01b487eea92
Certificate serial: 01856B6EB6F04E6EE7096B60FB3061B0FA83
Authority key identifier: EF:58:36:86:46:4C:53:3D:41:52:BC:A2:ED:F3:A0:1B:48:7E:EA:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71g2hkZMUz1BUryi7fOgG0h-6pI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/6a754e-58f6-4c10-9d5e-f43aa27003c5/1/nG4OA0IL_Ebi0bVyMq_9BLvGrx8.roa
Signing time: Sun 01 Jan 2023 03:44:55 +0000
ROA not before: Sun 01 Jan 2023 03:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205844
IP address blocks: 185.204.128.0/22 maxlen: 24
178.157.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:b6:f0:4e:6e:e7:09:6b:60:fb:30:61:b0:fa:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef583686464c533d4152bca2edf3a01b487eea92
Validity
Not Before: Jan 1 03:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c6e0e03420bfc46e2d1b57232affd04bbc6af1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:78:1f:68:56:73:e7:90:d1:d6:74:1e:ba:b1:
20:dc:5f:96:06:af:70:d1:83:78:a1:fa:a5:70:b7:
d1:78:d4:fb:d2:21:b4:54:51:f1:2c:7d:b1:69:8a:
2c:4e:6d:11:bd:5e:ea:56:05:cf:87:02:e5:91:1c:
a8:56:b2:24:27:b9:b1:e2:6d:a9:50:5f:cd:92:10:
4b:02:7c:60:c2:75:ef:f7:bb:3e:df:d5:0e:99:61:
8e:6f:84:ab:51:89:3a:6c:ad:5f:66:b4:b4:99:4b:
06:5d:f9:c0:fe:98:70:d5:8f:e7:37:0f:5d:a4:a9:
b3:9b:a1:41:84:f1:f1:15:12:0e:b5:61:a3:c7:39:
f5:95:54:24:91:47:c3:9e:aa:6e:9a:0a:64:6f:cf:
86:50:21:51:b4:1d:df:ce:05:9e:91:d1:11:28:8c:
d0:fa:e3:74:d1:7c:be:7c:71:0a:a5:76:14:db:05:
df:c6:15:62:54:4b:ba:36:25:8a:12:2c:22:98:f9:
e3:0f:ff:2b:00:88:b7:db:cb:6b:db:e0:27:03:a0:
e4:67:38:f7:92:4a:a3:ac:dc:81:75:9f:0c:f5:50:
9f:66:b2:5a:d0:86:c1:54:52:00:4c:28:a0:8c:20:
72:ab:9b:07:7f:d9:e5:f8:3d:8c:00:ef:68:89:64:
74:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:6E:0E:03:42:0B:FC:46:E2:D1:B5:72:32:AF:FD:04:BB:C6:AF:1F
X509v3 Authority Key Identifier:
keyid:EF:58:36:86:46:4C:53:3D:41:52:BC:A2:ED:F3:A0:1B:48:7E:EA:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71g2hkZMUz1BUryi7fOgG0h-6pI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6a754e-58f6-4c10-9d5e-f43aa27003c5/1/nG4OA0IL_Ebi0bVyMq_9BLvGrx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6a754e-58f6-4c10-9d5e-f43aa27003c5/1/71g2hkZMUz1BUryi7fOgG0h-6pI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.157.88.0/23
185.204.128.0/22
Signature Algorithm: sha256WithRSAEncryption
43:25:66:1b:47:c3:79:99:a7:e6:77:31:59:d9:bf:da:72:59:
47:23:69:a7:8d:e7:d7:95:c4:08:24:33:37:bf:0c:d8:dc:0f:
8f:7b:76:7d:68:dc:dd:07:61:0d:fd:a0:a5:09:df:1c:68:6e:
07:12:85:d4:7c:53:7e:15:42:84:d2:8b:7e:46:0d:9a:bc:3f:
cf:e3:64:91:70:84:b1:4e:7f:ea:f1:1b:20:3e:c7:77:95:44:
e9:9b:a0:34:27:fb:36:ff:72:26:c8:cd:48:86:d7:f5:4c:2e:
72:6e:9d:bd:40:87:ae:42:14:64:50:de:4d:b6:8f:e2:4c:eb:
f2:ad:c5:17:14:8e:33:75:7c:6a:4f:eb:bb:90:74:d7:60:86:
9c:2c:f4:d0:f0:20:36:67:04:b1:53:fa:ef:be:d3:ac:9c:72:
16:82:b2:77:09:c8:13:dd:fd:77:dd:f2:f0:47:89:20:a0:06:
4c:07:ff:3c:31:28:7c:f5:19:97:ed:31:54:f6:d9:70:00:db:
50:3f:c6:f0:7d:07:12:a2:21:61:b7:07:0d:b7:a8:a2:13:94:
b7:18:8b:f1:f1:32:f2:c1:05:5d:ad:fe:fa:bd:35:66:80:0a:
29:c7:51:6d:fa:59:5f:8b:3d:8f:5e:2e:7f:9f:ae:1a:02:77:
0b:0d:80:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrbrbwTm7nCWtg+zBhsPqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTgzNjg2NDY0YzUzM2Q0MTUyYmNhMmVkZjNhMDFiNDg3
ZWVhOTIwHhcNMjMwMTAxMDM0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzZlMGUwMzQyMGJmYzQ2ZTJkMWI1NzIzMmFmZmQwNGJiYzZhZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvngfaFZz55DR1nQeurEg3F+WBq9w
0YN4ofqlcLfReNT70iG0VFHxLH2xaYosTm0RvV7qVgXPhwLlkRyoVrIkJ7mx4m2p
UF/NkhBLAnxgwnXv97s+39UOmWGOb4SrUYk6bK1fZrS0mUsGXfnA/phw1Y/nNw9d
pKmzm6FBhPHxFRIOtWGjxzn1lVQkkUfDnqpumgpkb8+GUCFRtB3fzgWekdERKIzQ
+uN00Xy+fHEKpXYU2wXfxhViVEu6NiWKEiwimPnjD/8rAIi328tr2+AnA6DkZzj3
kkqjrNyBdZ8M9VCfZrJa0IbBVFIATCigjCByq5sHf9nl+D2MAO9oiWR0KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJxuDgNCC/xG4tG1cjKv/QS7xq8fMB8GA1UdIwQY
MBaAFO9YNoZGTFM9QVK8ou3zoBtIfuqSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFnMmhrWk1VejFCVXJ5aTdmT2dHMGgtNnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS82YTc1NGUtNThmNi00YzEwLTlkNWUt
ZjQzYWEyNzAwM2M1LzEvbkc0T0EwSUxfRWJpMGJWeU1xXzlCTHZHcng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS82YTc1NGUtNThmNi00YzEwLTlkNWUtZjQzYWEyNzAwM2M1
LzEvNzFnMmhrWk1VejFCVXJ5aTdmT2dHMGgtNnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBsp1YAwQC
ucyAMA0GCSqGSIb3DQEBCwUAA4IBAQBDJWYbR8N5mafmdzFZ2b/acllHI2mnjefX
lcQIJDM3vwzY3A+Pe3Z9aNzdB2EN/aClCd8caG4HEoXUfFN+FUKE0ot+Rg2avD/P
42SRcISxTn/q8RsgPsd3lUTpm6A0J/s2/3ImyM1Ihtf1TC5ybp29QIeuQhRkUN5N
to/iTOvyrcUXFI4zdXxqT+u7kHTXYIacLPTQ8CA2ZwSxU/rvvtOsnHIWgrJ3CcgT
3f133fLwR4kgoAZMB/88MSh89RmX7TFU9tlwANtQP8bwfQcSoiFhtwcNt6iiE5S3
GIvx8TLywQVdrf76vTVmgAopx1Ft+llfiz2PXi5/n64aAncLDYB+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:25 2024 by rpki-client on console-fra.rpki-client.org