Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/502ecd-e6fe-4298-8054-1385871a909d/1/RKC_CmI67r37zDsPlIr5vxG7dQk.roa
File: RKC_CmI67r37zDsPlIr5vxG7dQk.roa (raw, json)
Hash identifier: 9wueApItv4oZG2eFz4IHBsIKJqdLOY/VdoVuWlJsOIk=
Subject key identifier: 44:A0:BF:0A:62:3A:EE:BD:FB:CC:3B:0F:94:8A:F9:BF:11:BB:75:09
Certificate issuer: /CN=23a3482e1d66d87f5b9a5eeb9c8afd6b5ec23224
Certificate serial: 0185714C4A58DDE0BC6D9F0F46C3E9DBB052
Authority key identifier: 23:A3:48:2E:1D:66:D8:7F:5B:9A:5E:EB:9C:8A:FD:6B:5E:C2:32:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I6NILh1m2H9bml7rnIr9a17CMiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/502ecd-e6fe-4298-8054-1385871a909d/1/RKC_CmI67r37zDsPlIr5vxG7dQk.roa
Signing time: Mon 02 Jan 2023 07:05:03 +0000
ROA not before: Mon 02 Jan 2023 07:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201411
IP address blocks: 185.70.143.0/24 maxlen: 24
185.70.140.0/22 maxlen: 23
185.70.142.0/24 maxlen: 24
2a05:2a40::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:4a:58:dd:e0:bc:6d:9f:0f:46:c3:e9:db:b0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23a3482e1d66d87f5b9a5eeb9c8afd6b5ec23224
Validity
Not Before: Jan 2 07:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44a0bf0a623aeebdfbcc3b0f948af9bf11bb7509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9b:34:f2:31:c8:30:3e:ce:1d:28:0a:32:f7:
68:ad:dd:76:7f:95:fb:18:72:e2:a9:45:e8:3c:61:
9a:93:ae:7b:45:80:10:5f:f7:95:8e:8d:bf:14:c8:
71:18:72:dd:42:47:a8:28:d9:40:5b:9e:b3:72:7d:
c4:60:76:cd:9c:be:00:dc:7f:9e:2f:54:a8:79:51:
8b:4f:1d:bf:bc:f7:d5:7c:54:c0:f9:c2:46:29:b3:
de:0c:97:8e:cb:45:2e:5b:4a:a2:25:bf:78:c6:92:
34:d7:0f:86:1d:21:46:6e:d7:30:92:b8:9d:c6:c1:
9e:ca:0a:65:b2:ed:81:61:1d:9a:b3:9d:14:54:17:
a9:4c:d9:55:e3:c5:23:8e:fa:d8:3a:90:33:27:f5:
50:c3:42:7c:c1:b3:01:48:37:af:39:9d:98:11:bd:
12:09:79:54:17:c0:ac:f2:14:a9:8e:b9:17:bc:79:
e4:ae:32:62:a6:71:09:fd:24:12:38:76:e5:95:44:
97:ac:49:82:00:ac:0e:6e:b8:08:df:21:46:da:cc:
f0:61:d9:3d:b0:9f:6d:d7:b0:a0:b4:64:ca:d0:1d:
f3:3f:9b:7c:d5:ad:fc:8f:13:5a:c3:db:6f:24:e8:
41:f4:5f:7c:8a:a3:2e:20:2c:bd:63:5e:2d:b0:61:
53:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A0:BF:0A:62:3A:EE:BD:FB:CC:3B:0F:94:8A:F9:BF:11:BB:75:09
X509v3 Authority Key Identifier:
keyid:23:A3:48:2E:1D:66:D8:7F:5B:9A:5E:EB:9C:8A:FD:6B:5E:C2:32:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6NILh1m2H9bml7rnIr9a17CMiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/502ecd-e6fe-4298-8054-1385871a909d/1/RKC_CmI67r37zDsPlIr5vxG7dQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/502ecd-e6fe-4298-8054-1385871a909d/1/I6NILh1m2H9bml7rnIr9a17CMiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.140.0/22
IPv6:
2a05:2a40::/29
Signature Algorithm: sha256WithRSAEncryption
22:bf:20:ff:8e:83:55:ef:79:57:43:ef:06:76:06:f9:79:f2:
9e:55:76:36:7d:c4:c5:45:93:a7:37:72:9a:48:bc:78:a0:4c:
e9:f4:ed:dc:82:c9:96:70:50:c8:d1:45:78:93:9a:58:3b:79:
50:f6:3a:7f:46:9c:45:0a:46:c6:b9:d5:9d:ff:79:4d:2a:57:
72:1f:3a:5d:a3:7a:14:08:2a:b0:a9:bb:ed:e9:ea:bf:c1:f0:
e6:9c:5b:1c:7a:23:5f:7b:2a:8d:0d:43:db:11:27:9a:7b:9d:
b5:74:ed:dc:c5:4e:88:52:6e:37:b3:1d:89:b6:6f:f8:a6:fd:
f6:b7:95:f9:78:e2:3a:46:a0:1c:ee:a6:5c:60:56:6f:ce:52:
e3:fa:8e:62:4b:66:68:f6:c9:64:3a:15:02:21:71:7f:d5:14:
64:d0:bc:97:92:fa:ff:8f:b3:d6:3a:b3:d2:a9:a0:a5:31:e2:
9f:b5:02:2e:ba:08:93:dc:be:2a:13:39:c9:98:24:b2:99:53:
1f:8f:a7:a8:ca:7b:30:14:a8:db:51:00:f7:96:60:bd:5b:fc:
5f:e5:1a:cc:0d:bf:14:32:9d:24:8e:53:1c:a4:3d:f6:8f:c6:
e2:d4:22:c1:47:ea:64:95:43:12:98:f2:66:df:ce:54:fc:1a:
79:36:d5:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxTEpY3eC8bZ8PRsPp27BSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTM0ODJlMWQ2NmQ4N2Y1YjlhNWVlYjljOGFmZDZiNWVj
MjMyMjQwHhcNMjMwMTAyMDcwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGEwYmYwYTYyM2FlZWJkZmJjYzNiMGY5NDhhZjliZjExYmI3NTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5s08jHIMD7OHSgKMvdord12f5X7
GHLiqUXoPGGak657RYAQX/eVjo2/FMhxGHLdQkeoKNlAW56zcn3EYHbNnL4A3H+e
L1SoeVGLTx2/vPfVfFTA+cJGKbPeDJeOy0UuW0qiJb94xpI01w+GHSFGbtcwkrid
xsGeygplsu2BYR2as50UVBepTNlV48UjjvrYOpAzJ/VQw0J8wbMBSDevOZ2YEb0S
CXlUF8Cs8hSpjrkXvHnkrjJipnEJ/SQSOHbllUSXrEmCAKwObrgI3yFG2szwYdk9
sJ9t17CgtGTK0B3zP5t81a38jxNaw9tvJOhB9F98iqMuICy9Y14tsGFT4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFESgvwpiOu69+8w7D5SK+b8Ru3UJMB8GA1UdIwQY
MBaAFCOjSC4dZth/W5pe65yK/WtewjIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZOSUxoMW0ySDlibWw3cm5JcjlhMTdDTWlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC81MDJlY2QtZTZmZS00Mjk4LTgwNTQt
MTM4NTg3MWE5MDlkLzEvUktDX0NtSTY3cjM3ekRzUGxJcjV2eEc3ZFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC81MDJlY2QtZTZmZS00Mjk4LTgwNTQtMTM4NTg3MWE5MDlk
LzEvSTZOSUxoMW0ySDlibWw3cm5JcjlhMTdDTWlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUaMMA0E
AgACMAcDBQMqBSpAMA0GCSqGSIb3DQEBCwUAA4IBAQAivyD/joNV73lXQ+8Gdgb5
efKeVXY2fcTFRZOnN3KaSLx4oEzp9O3cgsmWcFDI0UV4k5pYO3lQ9jp/RpxFCkbG
udWd/3lNKldyHzpdo3oUCCqwqbvt6eq/wfDmnFsceiNfeyqNDUPbESeae521dO3c
xU6IUm43sx2Jtm/4pv32t5X5eOI6RqAc7qZcYFZvzlLj+o5iS2Zo9slkOhUCIXF/
1RRk0LyXkvr/j7PWOrPSqaClMeKftQIuugiT3L4qEznJmCSymVMfj6eoynswFKjb
UQD3lmC9W/xf5RrMDb8UMp0kjlMcpD32j8bi1CLBR+pklUMSmPJm385U/Bp5NtVh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:22 2024 by rpki-client on console-fra.rpki-client.org