Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/U3xaKZ9Te63_K2t_5NlPo7keIEQ.roa
File: U3xaKZ9Te63_K2t_5NlPo7keIEQ.roa (raw, json)
Hash identifier: H7SR9sG3bW1M0wP53OCxJkF8KuoQef7bgc5FotyvFo4=
Subject key identifier: 53:7C:5A:29:9F:53:7B:AD:FF:2B:6B:7F:E4:D9:4F:A3:B9:1E:20:44
Certificate issuer: /CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Certificate serial: 01856C65D039F9E980919A42D51A8B94356F
Authority key identifier: 77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/U3xaKZ9Te63_K2t_5NlPo7keIEQ.roa
Signing time: Sun 01 Jan 2023 08:14:49 +0000
ROA not before: Sun 01 Jan 2023 08:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201980
IP address blocks: 185.56.4.0/22 maxlen: 24
2a02:4f20::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:d0:39:f9:e9:80:91:9a:42:d5:1a:8b:94:35:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Validity
Not Before: Jan 1 08:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=537c5a299f537badff2b6b7fe4d94fa3b91e2044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6d:2f:90:95:dd:c7:74:ea:73:55:68:19:b7:
f1:ef:5b:12:8a:bb:58:a5:cd:af:93:58:3b:15:bd:
4f:a3:2c:35:85:64:81:8e:75:ce:7c:42:be:5a:74:
c7:2f:6e:05:df:d9:a6:b7:a2:8f:92:ba:99:e5:b9:
57:3d:db:eb:cd:6a:f1:86:68:f2:c1:f2:66:5e:8a:
77:73:b6:63:d1:35:fb:a2:8f:56:b4:9a:18:b5:28:
ac:af:b9:22:b7:52:61:6f:1a:6d:70:92:51:83:a8:
8a:a9:2f:a2:10:73:e3:c2:f2:f2:76:ad:d1:93:69:
2b:30:b4:a1:b1:ae:9f:6d:ec:ef:60:8f:be:01:70:
0d:be:72:7f:c3:f9:12:dd:51:a8:1c:23:d7:2f:a1:
ea:3f:30:3b:a7:0b:80:5a:4b:26:3b:21:55:e3:dc:
cb:1b:e3:ba:9d:85:55:a1:78:d4:82:7d:b7:8e:c4:
54:92:46:59:15:b7:80:50:6c:0d:a8:e3:a1:84:df:
c2:1a:ed:59:d5:35:a5:c9:03:56:8b:b6:8f:a3:21:
b6:42:10:bf:74:f3:79:e5:0b:60:8b:1b:6c:e7:88:
3c:42:e2:34:6f:87:7c:0f:2e:e3:a4:85:8a:0c:33:
b1:f3:1a:59:94:5b:b7:4d:6e:f8:32:32:d7:0c:3f:
98:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:7C:5A:29:9F:53:7B:AD:FF:2B:6B:7F:E4:D9:4F:A3:B9:1E:20:44
X509v3 Authority Key Identifier:
keyid:77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/U3xaKZ9Te63_K2t_5NlPo7keIEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.4.0/22
IPv6:
2a02:4f20::/32
Signature Algorithm: sha256WithRSAEncryption
6f:56:c7:a6:e5:64:bd:f1:87:41:d1:a7:e6:97:ab:84:ac:a7:
d2:57:c0:c5:b0:22:d6:16:18:08:ca:05:09:f3:d8:f1:c2:d8:
15:51:3c:be:63:c2:a5:0f:7b:c4:ac:15:eb:21:89:c9:5f:e6:
92:a0:f0:b7:83:50:60:5e:55:1d:82:b2:3f:1d:6d:3d:51:e1:
b3:ce:09:a0:d4:7a:06:fb:43:8d:a5:4e:d4:9b:fb:c6:99:d4:
a5:33:f9:d2:b5:e3:80:a1:f6:c7:06:0a:03:4b:f6:69:ff:76:
6e:6b:63:89:0a:da:31:21:f0:54:1c:9c:4c:90:5d:3c:59:00:
f3:64:8f:09:c0:ee:70:c3:4d:29:26:46:04:7f:7a:18:16:a4:
ef:5d:97:2c:69:30:9c:57:f3:6f:44:8f:ab:a9:97:aa:77:55:
05:90:d6:ef:33:01:cf:dd:94:f6:a9:84:d2:43:24:89:3f:21:
89:ae:a4:fe:79:d5:59:88:a6:c6:bd:56:b1:10:dc:00:2f:dd:
d4:66:55:09:b9:bd:d9:27:ac:58:66:de:4d:68:e0:e2:bc:2d:
69:e6:e9:11:7e:9c:4c:fc:f2:b6:1e:54:23:c3:0f:b8:38:84:
fd:b6:a3:d2:89:ec:bf:b9:b7:c3:c9:e4:97:c3:04:88:45:ef:
e2:69:c3:75
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsZdA5+emAkZpC1RqLlDVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjhjZjQ1NGIwOTYyZDE2YTQ4NTU4MDhmZDNhYmMxNTg1
MmJiZDgwHhcNMjMwMTAxMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzdjNWEyOTlmNTM3YmFkZmYyYjZiN2ZlNGQ5NGZhM2I5MWUyMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoW0vkJXdx3Tqc1VoGbfx71sSirtY
pc2vk1g7Fb1Poyw1hWSBjnXOfEK+WnTHL24F39mmt6KPkrqZ5blXPdvrzWrxhmjy
wfJmXop3c7Zj0TX7oo9WtJoYtSisr7kit1JhbxptcJJRg6iKqS+iEHPjwvLydq3R
k2krMLShsa6fbezvYI++AXANvnJ/w/kS3VGoHCPXL6HqPzA7pwuAWksmOyFV49zL
G+O6nYVVoXjUgn23jsRUkkZZFbeAUGwNqOOhhN/CGu1Z1TWlyQNWi7aPoyG2QhC/
dPN55Qtgixts54g8QuI0b4d8Dy7jpIWKDDOx8xpZlFu3TW74MjLXDD+YcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFN8WimfU3ut/ytrf+TZT6O5HiBEMB8GA1UdIwQY
MBaAFHe4z0VLCWLRakhVgI/Tq8FYUrvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYt
YTRmYzllMjQ1OGVjLzEvVTN4YUtaOVRlNjNfSzJ0XzVObFBvN2tlSUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYtYTRmYzllMjQ1OGVj
LzEvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTgEMA0E
AgACMAcDBQAqAk8gMA0GCSqGSIb3DQEBCwUAA4IBAQBvVsem5WS98YdB0afml6uE
rKfSV8DFsCLWFhgIygUJ89jxwtgVUTy+Y8KlD3vErBXrIYnJX+aSoPC3g1BgXlUd
grI/HW09UeGzzgmg1HoG+0ONpU7Um/vGmdSlM/nSteOAofbHBgoDS/Zp/3Zua2OJ
CtoxIfBUHJxMkF08WQDzZI8JwO5ww00pJkYEf3oYFqTvXZcsaTCcV/NvRI+rqZeq
d1UFkNbvMwHP3ZT2qYTSQySJPyGJrqT+edVZiKbGvVaxENwAL93UZlUJub3ZJ6xY
Zt5NaODivC1p5ukRfpxM/PK2HlQjww+4OIT9tqPSiey/ubfDyeSXwwSIRe/iacN1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:54 2024 by rpki-client on console-fra.rpki-client.org