Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/cEhuB-Nz9MbMinsu6vm2-_5Y4EQ.roa
File: cEhuB-Nz9MbMinsu6vm2-_5Y4EQ.roa (raw, json)
Hash identifier: hNQfWtx8peu7O9bo1TOklJYBK7CFsRK/CpgDPqwtJCk=
Subject key identifier: 70:48:6E:07:E3:73:F4:C6:CC:8A:7B:2E:EA:F9:B6:FB:FE:58:E0:44
Certificate issuer: /CN=d283616f1362c25d82ec2a70c4b9750565b1197f
Certificate serial: 01856F391E605B309492F0AFC87FF40C04A3
Authority key identifier: D2:83:61:6F:13:62:C2:5D:82:EC:2A:70:C4:B9:75:05:65:B1:19:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0oNhbxNiwl2C7CpwxLl1BWWxGX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/cEhuB-Nz9MbMinsu6vm2-_5Y4EQ.roa
Signing time: Sun 01 Jan 2023 21:24:52 +0000
ROA not before: Sun 01 Jan 2023 21:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24931
IP address blocks: 185.54.72.0/22 maxlen: 22
2a01:ba20::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:1e:60:5b:30:94:92:f0:af:c8:7f:f4:0c:04:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d283616f1362c25d82ec2a70c4b9750565b1197f
Validity
Not Before: Jan 1 21:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70486e07e373f4c6cc8a7b2eeaf9b6fbfe58e044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2d:71:1e:53:ac:35:a5:b1:61:a3:eb:80:f7:
b7:e2:55:a4:eb:db:6f:78:e1:bf:75:27:d4:3b:ec:
d3:82:6e:ae:69:15:70:38:23:8a:8d:60:74:c0:72:
0d:aa:59:7c:94:53:aa:5b:9d:b0:7d:09:c7:46:19:
7b:8f:fd:cc:6d:2a:ce:10:9c:e0:64:2c:73:c8:2f:
22:32:67:b0:53:7f:b5:69:3a:58:15:6c:68:09:bd:
ba:08:7d:11:2b:dd:fd:cb:74:f2:39:6c:22:f8:dd:
87:83:fc:fb:9e:28:46:41:b4:57:be:2d:f3:73:e1:
8a:0f:59:50:0c:ab:28:3a:16:84:f1:fb:e7:c2:5a:
0d:0b:22:03:f6:d2:c3:00:1a:07:b6:9a:ee:52:bb:
39:89:8e:e8:b3:08:58:93:6b:29:63:30:d3:92:7d:
69:dd:4a:2e:7c:71:04:dc:c7:ae:7b:42:ce:fe:0f:
14:3b:70:30:9b:21:8c:c2:d5:2f:f1:b3:32:4e:c7:
70:56:65:13:28:fe:cf:ae:73:f3:d8:e9:fc:c7:34:
a2:06:34:d5:78:c3:4e:b1:87:6c:db:f8:1c:9d:73:
37:8b:06:2e:c7:09:1e:c0:c2:2a:eb:ba:e4:43:70:
08:4d:d4:14:5f:db:87:0d:80:68:46:ed:76:6e:e7:
a1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:48:6E:07:E3:73:F4:C6:CC:8A:7B:2E:EA:F9:B6:FB:FE:58:E0:44
X509v3 Authority Key Identifier:
keyid:D2:83:61:6F:13:62:C2:5D:82:EC:2A:70:C4:B9:75:05:65:B1:19:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0oNhbxNiwl2C7CpwxLl1BWWxGX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/cEhuB-Nz9MbMinsu6vm2-_5Y4EQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/0oNhbxNiwl2C7CpwxLl1BWWxGX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.72.0/22
IPv6:
2a01:ba20::/32
Signature Algorithm: sha256WithRSAEncryption
07:20:d1:56:03:45:76:e8:9a:b7:7b:4a:ad:68:19:2f:ce:74:
52:08:f8:66:e7:7d:14:24:a9:a6:92:6a:98:33:28:14:dc:19:
a1:a9:7f:dc:04:05:3b:dd:ee:e7:ea:00:e3:de:3c:4a:44:d5:
66:56:20:01:a9:a6:43:37:ff:d6:35:b7:7b:cd:8f:e1:76:b9:
51:97:92:10:c3:13:d1:1e:04:1a:d9:84:e2:3f:9a:6c:40:11:
bc:3e:bf:27:73:35:da:d9:f7:e4:c5:f3:ab:07:3f:cd:2a:9c:
5a:29:4f:bf:7e:61:1c:39:30:c0:f0:4c:49:18:8d:ff:0b:00:
3b:e7:67:8c:c0:79:8c:5e:54:99:a3:0b:43:80:2c:97:3e:94:
4b:ea:f5:99:f8:36:0e:dd:18:97:a3:38:90:59:2d:a9:8a:76:
42:30:f8:50:8a:f0:4b:59:b8:0f:30:b8:c7:ef:f0:b8:12:ec:
df:e0:37:f4:2d:80:b5:78:9d:8a:c7:0d:b1:9d:34:5d:68:8d:
ca:ab:17:4f:b2:c9:71:64:2a:80:5a:7f:10:16:89:00:96:3d:
c8:7e:96:63:89:45:ed:a8:50:53:2f:bb:ef:10:72:ca:a6:96:
13:3d:f6:7c:2b:09:ca:8d:af:78:cb:f5:4e:95:51:cd:8b:1b:
73:07:97:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvOR5gWzCUkvCvyH/0DASjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyODM2MTZmMTM2MmMyNWQ4MmVjMmE3MGM0Yjk3NTA1NjVi
MTE5N2YwHhcNMjMwMTAxMjEyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDQ4NmUwN2UzNzNmNGM2Y2M4YTdiMmVlYWY5YjZmYmZlNThlMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS1xHlOsNaWxYaPrgPe34lWk69tv
eOG/dSfUO+zTgm6uaRVwOCOKjWB0wHINqll8lFOqW52wfQnHRhl7j/3MbSrOEJzg
ZCxzyC8iMmewU3+1aTpYFWxoCb26CH0RK939y3TyOWwi+N2Hg/z7nihGQbRXvi3z
c+GKD1lQDKsoOhaE8fvnwloNCyID9tLDABoHtpruUrs5iY7oswhYk2spYzDTkn1p
3UoufHEE3Meue0LO/g8UO3AwmyGMwtUv8bMyTsdwVmUTKP7PrnPz2On8xzSiBjTV
eMNOsYds2/gcnXM3iwYuxwkewMIq67rkQ3AITdQUX9uHDYBoRu12bueh8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHBIbgfjc/TGzIp7Lur5tvv+WOBEMB8GA1UdIwQY
MBaAFNKDYW8TYsJdguwqcMS5dQVlsRl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG9OaGJ4Tml3bDJDN0Nwd3hMbDFCV1d4R1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yZmJjY2MtNjRiNi00ZjY2LTg5Njkt
YTZkMjdjNDMxODE4LzEvY0VodUItTno5TWJNaW5zdTZ2bTItXzVZNEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yZmJjY2MtNjRiNi00ZjY2LTg5NjktYTZkMjdjNDMxODE4
LzEvMG9OaGJ4Tml3bDJDN0Nwd3hMbDFCV1d4R1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTZIMA0E
AgACMAcDBQAqAbogMA0GCSqGSIb3DQEBCwUAA4IBAQAHINFWA0V26Jq3e0qtaBkv
znRSCPhm530UJKmmkmqYMygU3BmhqX/cBAU73e7n6gDj3jxKRNVmViABqaZDN//W
Nbd7zY/hdrlRl5IQwxPRHgQa2YTiP5psQBG8Pr8nczXa2ffkxfOrBz/NKpxaKU+/
fmEcOTDA8ExJGI3/CwA752eMwHmMXlSZowtDgCyXPpRL6vWZ+DYO3RiXoziQWS2p
inZCMPhQivBLWbgPMLjH7/C4Euzf4Df0LYC1eJ2Kxw2xnTRdaI3KqxdPsslxZCqA
Wn8QFokAlj3IfpZjiUXtqFBTL7vvEHLKppYTPfZ8KwnKja94y/VOlVHNixtzB5dq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:39 2024 by rpki-client on console-fra.rpki-client.org