Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/ea376d-8efc-4440-8f54-949aa5b75a45/1/one3yZfi9FFT-cpOEldUvG3KjtA.roa
File: one3yZfi9FFT-cpOEldUvG3KjtA.roa (raw, json)
Hash identifier: oShNyqSmQF2qAPVkJZ30oA206/4CJMDnniJgXi7FmJA=
Subject key identifier: A2:77:B7:C9:97:E2:F4:51:53:F9:CA:4E:12:57:54:BC:6D:CA:8E:D0
Certificate issuer: /CN=196379769c57ca5b26a2c61fa5d9acc527bea789
Certificate serial: 0185704BCF15E2DD87C7C59A753B99D01855
Authority key identifier: 19:63:79:76:9C:57:CA:5B:26:A2:C6:1F:A5:D9:AC:C5:27:BE:A7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWN5dpxXylsmosYfpdmsxSe-p4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/ea376d-8efc-4440-8f54-949aa5b75a45/1/one3yZfi9FFT-cpOEldUvG3KjtA.roa
Signing time: Mon 02 Jan 2023 02:24:54 +0000
ROA not before: Mon 02 Jan 2023 02:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48885
IP address blocks: 185.167.4.0/24 maxlen: 24
185.167.5.0/24 maxlen: 24
185.167.7.0/24 maxlen: 24
185.167.6.0/24 maxlen: 24
185.196.137.0/24 maxlen: 24
185.196.136.0/24 maxlen: 24
2a0a:6d40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:cf:15:e2:dd:87:c7:c5:9a:75:3b:99:d0:18:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=196379769c57ca5b26a2c61fa5d9acc527bea789
Validity
Not Before: Jan 2 02:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a277b7c997e2f45153f9ca4e125754bc6dca8ed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bc:d6:6b:09:18:b6:03:f7:6f:3f:50:d6:12:
f7:b8:bf:e8:43:d4:66:8d:69:d8:bf:d8:45:f3:89:
a7:58:9f:ec:d1:a0:87:7f:6d:94:ef:14:d7:3c:15:
cb:8f:87:94:a2:57:92:4a:66:d9:10:98:57:af:18:
07:ce:bd:c2:c0:4a:fb:1c:bc:f2:09:ac:11:cf:5b:
42:0c:14:4a:c9:cf:a9:e5:96:d0:43:98:63:39:b1:
56:54:82:df:e2:3c:29:bf:5a:b3:38:d1:1e:0e:8e:
51:e8:64:01:ec:a5:59:0f:87:8c:57:b2:05:ec:25:
62:e1:f9:f4:e0:9b:61:05:74:b1:70:bf:92:a6:da:
60:bc:88:3f:bc:e4:ef:c0:af:0d:67:f9:2c:3c:a8:
20:f8:75:68:b4:51:1f:68:b6:ee:80:77:07:b6:9c:
1b:41:35:e5:ab:5f:54:0f:84:33:aa:a4:d6:c8:2f:
e4:ef:ca:ed:4b:43:fb:92:37:22:fd:46:02:83:ab:
61:ee:ec:b4:06:87:d2:00:65:c4:08:fb:6c:c8:7b:
59:cf:2c:a3:81:a8:b1:56:a4:c1:78:94:d6:af:5d:
f0:b2:26:a7:b3:b7:3b:2d:19:c4:c2:89:8a:c2:78:
9a:60:46:ef:f9:ea:1a:eb:81:1a:d6:4f:d1:df:4f:
4d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:77:B7:C9:97:E2:F4:51:53:F9:CA:4E:12:57:54:BC:6D:CA:8E:D0
X509v3 Authority Key Identifier:
keyid:19:63:79:76:9C:57:CA:5B:26:A2:C6:1F:A5:D9:AC:C5:27:BE:A7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWN5dpxXylsmosYfpdmsxSe-p4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/ea376d-8efc-4440-8f54-949aa5b75a45/1/one3yZfi9FFT-cpOEldUvG3KjtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/ea376d-8efc-4440-8f54-949aa5b75a45/1/GWN5dpxXylsmosYfpdmsxSe-p4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.4.0/22
185.196.136.0/23
IPv6:
2a0a:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
60:dd:23:44:f6:48:bc:1d:39:3c:89:94:c0:23:c5:70:dd:f1:
b7:0d:a5:32:81:de:f4:64:99:9e:1f:5f:7c:5e:6d:58:19:47:
e9:4c:12:b8:1e:c4:04:e7:79:90:f8:2d:fa:be:0a:d4:96:c5:
f0:6f:00:57:10:1a:93:84:01:6e:67:e5:44:ca:de:28:86:21:
2a:b7:5f:ec:de:73:29:62:82:ab:c0:8b:87:10:ed:e8:b1:b3:
71:b7:86:da:d5:44:b3:f8:37:de:27:7b:b7:66:3f:67:1a:55:
56:54:16:4f:38:ee:9c:1d:fb:07:60:62:6c:31:b4:81:e1:fa:
e8:4d:bc:aa:62:c1:05:1b:3f:93:e6:3f:5d:89:44:3b:df:bc:
b7:bc:8a:8e:0d:f8:4d:5a:8a:9c:5a:20:c3:e7:88:a8:2d:dd:
c9:34:33:a1:61:62:ed:f4:d2:96:e4:86:32:0c:07:3e:18:d2:
93:66:60:fc:25:3b:3c:3c:0a:7f:ec:bf:da:4b:c4:2e:ba:16:
f8:b4:1b:06:fc:73:de:d4:4a:77:cf:87:f5:6d:3a:af:e0:e9:
82:6b:27:b2:5b:e9:34:be:9f:80:7e:b0:34:b5:94:2b:75:07:
b2:8f:f4:65:5a:f0:fb:06:81:1f:78:29:1d:e7:42:28:14:69:
74:ed:9d:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwS88V4t2Hx8WadTuZ0BhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjM3OTc2OWM1N2NhNWIyNmEyYzYxZmE1ZDlhY2M1Mjdi
ZWE3ODkwHhcNMjMwMTAyMDIyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjc3YjdjOTk3ZTJmNDUxNTNmOWNhNGUxMjU3NTRiYzZkY2E4ZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbzWawkYtgP3bz9Q1hL3uL/oQ9Rm
jWnYv9hF84mnWJ/s0aCHf22U7xTXPBXLj4eUoleSSmbZEJhXrxgHzr3CwEr7HLzy
CawRz1tCDBRKyc+p5ZbQQ5hjObFWVILf4jwpv1qzONEeDo5R6GQB7KVZD4eMV7IF
7CVi4fn04JthBXSxcL+SptpgvIg/vOTvwK8NZ/ksPKgg+HVotFEfaLbugHcHtpwb
QTXlq19UD4QzqqTWyC/k78rtS0P7kjci/UYCg6th7uy0BofSAGXECPtsyHtZzyyj
gaixVqTBeJTWr13wsians7c7LRnEwomKwniaYEbv+eoa64Ea1k/R309NyQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKJ3t8mX4vRRU/nKThJXVLxtyo7QMB8GA1UdIwQY
MBaAFBljeXacV8pbJqLGH6XZrMUnvqeJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dONWRweFh5bHNtb3NZZnBkbXN4U2UtcDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9lYTM3NmQtOGVmYy00NDQwLThmNTQt
OTQ5YWE1Yjc1YTQ1LzEvb25lM3laZmk5RkZULWNwT0VsZFV2RzNLanRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9lYTM3NmQtOGVmYy00NDQwLThmNTQtOTQ5YWE1Yjc1YTQ1
LzEvR1dONWRweFh5bHNtb3NZZnBkbXN4U2UtcDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuacEAwQB
ucSIMA0EAgACMAcDBQMqCm1AMA0GCSqGSIb3DQEBCwUAA4IBAQBg3SNE9ki8HTk8
iZTAI8Vw3fG3DaUygd70ZJmeH198Xm1YGUfpTBK4HsQE53mQ+C36vgrUlsXwbwBX
EBqThAFuZ+VEyt4ohiEqt1/s3nMpYoKrwIuHEO3osbNxt4ba1USz+DfeJ3u3Zj9n
GlVWVBZPOO6cHfsHYGJsMbSB4froTbyqYsEFGz+T5j9diUQ737y3vIqODfhNWoqc
WiDD54ioLd3JNDOhYWLt9NKW5IYyDAc+GNKTZmD8JTs8PAp/7L/aS8Quuhb4tBsG
/HPe1Ep3z4f1bTqv4OmCayeyW+k0vp+AfrA0tZQrdQeyj/RlWvD7BoEfeCkd50Io
FGl07Z3L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org