Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/kUfreXmQE3IDrszr9OuEKSrnqP0.roa
File: kUfreXmQE3IDrszr9OuEKSrnqP0.roa (raw, json)
Hash identifier: DVbQSOftZbzbqxhqU7bppjw9lU6zuvI5qIVDA9uq3Rg=
Subject key identifier: 91:47:EB:79:79:90:13:72:03:AE:CC:EB:F4:EB:84:29:2A:E7:A8:FD
Certificate issuer: /CN=81e34878f96b3997aa78f4c7fb695ef0dbc6d360
Certificate serial: 01856D941CF696C47CE4E8CD5DD06B981FC0
Authority key identifier: 81:E3:48:78:F9:6B:39:97:AA:78:F4:C7:FB:69:5E:F0:DB:C6:D3:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/geNIePlrOZeqePTH-2le8NvG02A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/kUfreXmQE3IDrszr9OuEKSrnqP0.roa
Signing time: Sun 01 Jan 2023 13:45:01 +0000
ROA not before: Sun 01 Jan 2023 13:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209281
IP address blocks: 185.20.108.0/22 maxlen: 22
2a00:4de0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:1c:f6:96:c4:7c:e4:e8:cd:5d:d0:6b:98:1f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81e34878f96b3997aa78f4c7fb695ef0dbc6d360
Validity
Not Before: Jan 1 13:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9147eb797990137203aeccebf4eb84292ae7a8fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d5:05:2e:f5:4c:e2:4b:1a:23:09:4b:e0:cd:
e6:20:ad:4c:da:b7:79:5b:47:b9:07:2f:73:f1:cc:
12:ad:ab:ab:e2:e8:98:7f:a0:01:a5:8a:c5:b0:30:
4f:43:69:90:19:1b:b6:58:d6:42:0f:de:01:d7:b3:
73:d6:6d:b5:3a:27:42:12:32:33:7a:7f:0c:bc:64:
a4:c0:57:17:de:42:50:f7:22:c2:60:df:1d:7f:f7:
46:7a:4b:d3:ff:d8:5c:ba:d5:cd:1b:32:d4:34:d3:
8a:68:ab:c3:88:01:ea:f2:69:3d:69:98:c0:88:2e:
02:c5:ff:35:7f:7b:96:72:ff:a9:7d:03:d8:40:4d:
4f:39:cb:6c:fa:b4:c4:d5:b8:b7:60:ba:a4:0b:05:
78:da:cc:81:e8:ff:80:91:96:f8:0d:fe:be:97:2a:
8a:da:8f:1d:d8:8b:78:4d:f5:1f:e6:40:b2:94:8d:
c0:63:cf:c7:1a:5f:7d:7f:48:8b:4b:71:29:f3:2c:
18:50:a6:1b:0b:d0:6f:69:29:e3:b4:4b:f7:eb:55:
76:de:49:d9:3d:1e:e4:7b:98:b3:1e:91:a3:38:42:
4f:e6:00:10:f9:09:ab:b1:aa:c6:ee:f9:b3:d6:87:
a0:dc:8d:90:58:28:84:f7:a0:af:14:40:46:c1:d5:
74:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:47:EB:79:79:90:13:72:03:AE:CC:EB:F4:EB:84:29:2A:E7:A8:FD
X509v3 Authority Key Identifier:
keyid:81:E3:48:78:F9:6B:39:97:AA:78:F4:C7:FB:69:5E:F0:DB:C6:D3:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geNIePlrOZeqePTH-2le8NvG02A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/kUfreXmQE3IDrszr9OuEKSrnqP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/geNIePlrOZeqePTH-2le8NvG02A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.108.0/22
IPv6:
2a00:4de0::/29
Signature Algorithm: sha256WithRSAEncryption
69:69:ea:92:d7:2e:73:51:53:ff:86:47:4c:39:ec:cd:80:6c:
25:aa:0d:de:21:b1:0f:10:24:74:54:cb:3f:60:56:21:fe:9a:
d0:e4:ca:53:cb:e9:78:b8:dc:3c:2c:56:aa:3d:f5:4f:26:a7:
9c:5d:53:a2:89:d2:f1:a1:8b:ca:b4:65:6c:4b:0e:1e:6b:22:
72:55:86:c5:40:e9:51:c0:d4:74:c6:d1:f5:f6:e8:71:78:51:
dd:46:e2:21:db:1f:36:d0:86:74:30:7e:a7:54:f7:32:62:19:
b1:b1:7a:fb:1c:d6:3f:62:54:2e:dd:64:a2:94:9f:2f:b1:9d:
dc:a8:b5:06:bf:9c:e7:fc:50:04:ff:d4:6f:7b:06:fc:bb:24:
e2:bb:e9:4c:e3:8c:c1:52:43:ba:ba:79:09:99:14:73:62:a6:
8d:12:45:70:19:3f:4a:15:30:82:9f:48:a6:9d:a4:9d:be:80:
a6:1c:f3:63:5a:a4:47:60:b0:fc:ec:61:dc:e0:a2:55:38:24:
61:6e:36:94:86:d6:1b:07:a2:a9:2f:ae:ba:f9:c0:ed:4b:4a:
ea:10:4e:71:df:d8:98:1c:f4:9f:12:45:af:7b:e0:4b:ee:76:
05:ae:20:20:1a:49:2e:cd:9f:26:f9:a0:98:00:39:b6:61:2a:
1f:47:8d:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtlBz2lsR85OjNXdBrmB/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTM0ODc4Zjk2YjM5OTdhYTc4ZjRjN2ZiNjk1ZWYwZGJj
NmQzNjAwHhcNMjMwMTAxMTM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTQ3ZWI3OTc5OTAxMzcyMDNhZWNjZWJmNGViODQyOTJhZTdhOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtUFLvVM4ksaIwlL4M3mIK1M2rd5
W0e5By9z8cwSraur4uiYf6ABpYrFsDBPQ2mQGRu2WNZCD94B17Nz1m21OidCEjIz
en8MvGSkwFcX3kJQ9yLCYN8df/dGekvT/9hcutXNGzLUNNOKaKvDiAHq8mk9aZjA
iC4Cxf81f3uWcv+pfQPYQE1POcts+rTE1bi3YLqkCwV42syB6P+AkZb4Df6+lyqK
2o8d2It4TfUf5kCylI3AY8/HGl99f0iLS3Ep8ywYUKYbC9BvaSnjtEv361V23knZ
PR7ke5izHpGjOEJP5gAQ+QmrsarG7vmz1oeg3I2QWCiE96CvFEBGwdV0RQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJFH63l5kBNyA67M6/TrhCkq56j9MB8GA1UdIwQY
MBaAFIHjSHj5azmXqnj0x/tpXvDbxtNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VOSWVQbHJPWmVxZVBUSC0ybGU4TnZHMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iZWJjMzMtZTkwMS00NTU5LWJkZDAt
YjUzMjA0ZDkzYzMzLzEva1VmcmVYbVFFM0lEcnN6cjlPdUVLU3JucVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iZWJjMzMtZTkwMS00NTU5LWJkZDAtYjUzMjA0ZDkzYzMz
LzEvZ2VOSWVQbHJPWmVxZVBUSC0ybGU4TnZHMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRRsMA0E
AgACMAcDBQMqAE3gMA0GCSqGSIb3DQEBCwUAA4IBAQBpaeqS1y5zUVP/hkdMOezN
gGwlqg3eIbEPECR0VMs/YFYh/prQ5MpTy+l4uNw8LFaqPfVPJqecXVOiidLxoYvK
tGVsSw4eayJyVYbFQOlRwNR0xtH19uhxeFHdRuIh2x820IZ0MH6nVPcyYhmxsXr7
HNY/YlQu3WSilJ8vsZ3cqLUGv5zn/FAE/9Rvewb8uyTiu+lM44zBUkO6unkJmRRz
YqaNEkVwGT9KFTCCn0imnaSdvoCmHPNjWqRHYLD87GHc4KJVOCRhbjaUhtYbB6Kp
L666+cDtS0rqEE5x39iYHPSfEkWve+BL7nYFriAgGkkuzZ8m+aCYADm2YSofR41P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:30 2024 by rpki-client on console-fra.rpki-client.org