Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/BiAfi7TKNg0mUVhS-ZQtRYdIVfo.roa
File: BiAfi7TKNg0mUVhS-ZQtRYdIVfo.roa (raw, json)
Hash identifier: iFM0/56LyVmSsBGy0Z0nko02JHoOXEMRsEaN7+TogmA=
Subject key identifier: 06:20:1F:8B:B4:CA:36:0D:26:51:58:52:F9:94:2D:45:87:48:55:FA
Certificate issuer: /CN=d05a85c45bf53c3d88a76695aafebbd4aa77bbc1
Certificate serial: 01857082A4292F7735FF3BEECAA4593AB90E
Authority key identifier: D0:5A:85:C4:5B:F5:3C:3D:88:A7:66:95:AA:FE:BB:D4:AA:77:BB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0FqFxFv1PD2Ip2aVqv671Kp3u8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/BiAfi7TKNg0mUVhS-ZQtRYdIVfo.roa
Signing time: Mon 02 Jan 2023 03:24:47 +0000
ROA not before: Mon 02 Jan 2023 03:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41071
IP address blocks: 185.88.116.0/23 maxlen: 23
185.88.116.0/22 maxlen: 22
185.88.118.0/23 maxlen: 23
2a05:ca40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:a4:29:2f:77:35:ff:3b:ee:ca:a4:59:3a:b9:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d05a85c45bf53c3d88a76695aafebbd4aa77bbc1
Validity
Not Before: Jan 2 03:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06201f8bb4ca360d26515852f9942d45874855fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9b:a0:06:85:63:f4:fc:63:b7:1a:5b:d3:d1:
aa:56:9e:cc:c6:b2:5f:af:d9:33:d4:eb:38:ee:9f:
2e:1b:64:e0:53:46:bf:5a:d8:04:83:29:ac:a4:98:
02:4e:95:2a:4d:7f:0d:63:ef:49:73:79:ba:8b:62:
32:79:16:6c:ef:6f:72:b1:cd:fc:d1:c9:ed:0d:2c:
37:37:1d:cf:d9:a5:1f:b2:fd:da:34:ce:93:e9:75:
bd:d4:bb:e4:ed:8d:0c:cb:12:e0:cb:d6:a0:ea:bc:
fc:05:e1:30:c0:53:90:48:79:31:d9:60:4e:a8:8a:
a3:8f:b3:f3:a6:cb:ec:7a:a9:3f:e4:76:60:7a:7a:
84:e7:06:fb:d7:f1:d4:56:6a:03:b4:d1:33:7d:d4:
d2:36:cb:83:a1:96:9a:b8:2c:84:d6:72:ac:38:96:
da:5b:9b:18:ea:46:c2:50:22:b2:c4:2b:e7:16:51:
a3:a2:15:1c:bc:9a:ab:39:85:d4:64:f5:7a:82:6e:
ba:cc:b9:b8:0d:6d:c8:1f:db:20:18:7c:9b:0f:ed:
76:35:59:b9:70:5b:4f:24:aa:9d:71:c7:d9:86:52:
ac:3b:6a:66:97:83:52:5b:46:61:a3:e1:f6:c1:8c:
ec:d7:34:23:e2:eb:1e:b3:19:09:a1:ff:ea:e2:9c:
0a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:20:1F:8B:B4:CA:36:0D:26:51:58:52:F9:94:2D:45:87:48:55:FA
X509v3 Authority Key Identifier:
keyid:D0:5A:85:C4:5B:F5:3C:3D:88:A7:66:95:AA:FE:BB:D4:AA:77:BB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0FqFxFv1PD2Ip2aVqv671Kp3u8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/BiAfi7TKNg0mUVhS-ZQtRYdIVfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/0FqFxFv1PD2Ip2aVqv671Kp3u8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.116.0/22
IPv6:
2a05:ca40::/29
Signature Algorithm: sha256WithRSAEncryption
8c:7a:29:52:94:4a:e8:68:a0:ee:ec:d5:e8:84:de:fa:a8:23:
fc:d7:19:5a:61:8b:94:c5:35:40:2d:0c:ab:a7:b2:97:39:80:
9d:b3:b2:4d:44:f6:34:94:85:e4:e8:72:10:66:98:89:5f:a3:
ec:ee:1d:c6:fb:2c:10:dd:c4:bb:16:a4:17:cc:25:39:38:55:
6b:df:bb:eb:67:2f:25:a1:ea:e7:14:d4:9a:32:66:15:ca:23:
63:27:0a:3d:a6:c3:dc:eb:61:7a:90:60:b6:76:f9:85:75:9d:
6e:a3:12:3e:3c:2a:47:6c:af:f0:fd:44:b7:2e:3e:fe:87:17:
b5:b4:67:7e:13:f7:f8:fa:ac:75:eb:dd:4e:a1:d9:e2:9b:9a:
c9:7a:c4:fb:27:6d:13:f4:cc:06:f4:40:ea:82:bd:5e:ba:79:
7e:5d:bd:11:f0:97:98:02:c7:d4:64:e7:85:46:06:b4:58:af:
0f:ae:c5:9e:dd:2b:d4:97:28:dc:54:54:f0:45:2d:1f:aa:c6:
ee:8a:23:a1:eb:65:0c:00:e7:e4:8c:6d:83:52:f6:f2:4b:fc:
5e:67:3f:99:28:25:d5:8c:57:66:72:78:f0:56:69:bf:c6:28:
0b:fb:47:23:2a:91:de:ac:72:36:4f:63:33:6b:b8:f6:73:e4:
a2:d5:65:2d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwgqQpL3c1/zvuyqRZOrkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNWE4NWM0NWJmNTNjM2Q4OGE3NjY5NWFhZmViYmQ0YWE3
N2JiYzEwHhcNMjMwMTAyMDMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjIwMWY4YmI0Y2EzNjBkMjY1MTU4NTJmOTk0MmQ0NTg3NDg1NWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJugBoVj9Pxjtxpb09GqVp7MxrJf
r9kz1Os47p8uG2TgU0a/WtgEgymspJgCTpUqTX8NY+9Jc3m6i2IyeRZs729ysc38
0cntDSw3Nx3P2aUfsv3aNM6T6XW91Lvk7Y0MyxLgy9ag6rz8BeEwwFOQSHkx2WBO
qIqjj7Pzpsvseqk/5HZgenqE5wb71/HUVmoDtNEzfdTSNsuDoZaauCyE1nKsOJba
W5sY6kbCUCKyxCvnFlGjohUcvJqrOYXUZPV6gm66zLm4DW3IH9sgGHybD+12NVm5
cFtPJKqdccfZhlKsO2pml4NSW0Zho+H2wYzs1zQj4usesxkJof/q4pwKAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAYgH4u0yjYNJlFYUvmULUWHSFX6MB8GA1UdIwQY
MBaAFNBahcRb9Tw9iKdmlar+u9Sqd7vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEZxRnhGdjFQRDJJcDJhVnF2NjcxS3AzdThFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81NDk0NzctNGE4Mi00MmJjLTgzOWUt
NGY5ODQwZGVmYTFmLzEvQmlBZmk3VEtOZzBtVVZoUy1aUXRSWWRJVmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81NDk0NzctNGE4Mi00MmJjLTgzOWUtNGY5ODQwZGVmYTFm
LzEvMEZxRnhGdjFQRDJJcDJhVnF2NjcxS3AzdThFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVh0MA0E
AgACMAcDBQMqBcpAMA0GCSqGSIb3DQEBCwUAA4IBAQCMeilSlEroaKDu7NXohN76
qCP81xlaYYuUxTVALQyrp7KXOYCds7JNRPY0lIXk6HIQZpiJX6Ps7h3G+ywQ3cS7
FqQXzCU5OFVr37vrZy8loernFNSaMmYVyiNjJwo9psPc62F6kGC2dvmFdZ1uoxI+
PCpHbK/w/US3Lj7+hxe1tGd+E/f4+qx1691Oodnim5rJesT7J20T9MwG9EDqgr1e
unl+Xb0R8JeYAsfUZOeFRga0WK8PrsWe3SvUlyjcVFTwRS0fqsbuiiOh62UMAOfk
jG2DUvbyS/xeZz+ZKCXVjFdmcnjwVmm/xigL+0cjKpHerHI2T2Mza7j2c+Si1WUt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org