Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/4UfG3xiWA8ylr0S9_Q5-XuWVKFs.roa
File: 4UfG3xiWA8ylr0S9_Q5-XuWVKFs.roa (raw, json)
Hash identifier: mH41kimVvYE5c2tXdh96q2C5pDNLdPDn7Vrw9AHVtXw=
Subject key identifier: E1:47:C6:DF:18:96:03:CC:A5:AF:44:BD:FD:0E:7E:5E:E5:95:28:5B
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 0185BF0787A65A6BBC74133081AA40B8E661
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/4UfG3xiWA8ylr0S9_Q5-XuWVKFs.roa
Signing time: Tue 17 Jan 2023 09:20:19 +0000
ROA not before: Tue 17 Jan 2023 09:20:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205892
IP address blocks: 185.190.72.0/22 maxlen: 24
2a0a:540::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Feb 2023 08:35:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bf:07:87:a6:5a:6b:bc:74:13:30:81:aa:40:b8:e6:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: Jan 17 09:20:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e147c6df189603cca5af44bdfd0e7e5ee595285b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4a:5f:19:45:82:da:7a:57:34:fe:c3:31:41:
db:2d:1a:61:be:c7:93:13:ca:8b:f8:77:8e:40:91:
99:14:23:2a:59:63:43:15:11:93:63:0f:75:c5:4e:
28:a0:ce:40:51:55:dc:18:b5:bc:00:7c:45:2a:8a:
47:2d:e6:ae:4c:a7:f7:84:74:7c:7f:14:ca:61:fd:
49:3f:be:66:4c:ae:17:6f:ef:c5:0b:ab:46:29:6a:
c3:3f:89:9a:35:d2:65:e3:97:68:6b:eb:56:07:12:
99:5e:53:ca:90:4d:9e:5b:a6:9c:3a:fc:6f:9e:2b:
cb:46:5e:23:6b:cb:52:de:20:c6:d4:8f:9c:80:00:
f4:d6:86:01:70:cb:c0:e4:d5:8a:56:06:1f:73:3a:
77:a7:e6:e3:b9:eb:5c:23:5e:3e:19:0a:df:9b:35:
47:2c:0c:d2:1e:ce:c6:dc:5e:4b:b1:6e:7d:1e:2e:
8e:bc:3c:fa:a2:87:0d:57:1f:f9:36:b6:38:6b:e4:
2e:f2:95:ef:4a:8c:47:e7:d9:db:03:ea:be:39:db:
ff:44:87:2d:1e:cc:ac:d7:d5:d1:4f:30:25:6a:4a:
35:36:bd:2f:4f:67:b9:92:80:c1:a9:a6:f0:4f:bf:
ad:f3:80:5a:d9:67:32:a8:50:0d:27:25:e8:f0:e0:
f8:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:47:C6:DF:18:96:03:CC:A5:AF:44:BD:FD:0E:7E:5E:E5:95:28:5B
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/4UfG3xiWA8ylr0S9_Q5-XuWVKFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.72.0/22
IPv6:
2a0a:540::/29
Signature Algorithm: sha256WithRSAEncryption
5d:b1:17:61:3e:c0:db:8e:cb:11:05:06:b8:8b:da:93:40:46:
05:d8:e3:f2:a4:ab:66:e6:01:c8:f6:ef:58:83:14:79:68:09:
aa:27:77:9b:10:72:c7:95:a9:31:46:d8:73:e0:fb:38:32:1b:
4c:e4:86:ba:af:cb:d0:05:79:b2:4c:6e:d6:df:62:9f:77:4e:
52:47:2f:ee:b1:75:9d:08:9c:49:85:2c:e8:ef:83:20:d9:2a:
7b:14:a9:1a:63:b5:5e:fe:7f:ad:6a:bf:56:32:a8:0d:c1:84:
6e:4b:ae:68:ac:ca:08:8d:d7:c7:03:6a:6a:60:5c:bd:e7:6a:
4f:48:4c:18:4f:85:a2:ce:fe:2b:8a:5f:39:53:f3:d2:38:30:
77:8f:17:63:c9:0f:ff:3c:a3:06:1e:8d:83:08:c3:6c:15:fb:
c6:5d:41:96:bb:ce:b4:32:5b:65:09:63:e4:bc:53:8c:24:c3:
ec:ce:64:c6:06:00:67:78:55:08:b5:e7:ad:e9:27:47:2c:9d:
93:38:0e:f9:08:38:55:bc:08:ba:94:f6:08:4d:da:ef:5a:34:
42:6a:cb:4a:f4:d7:55:94:3c:c3:43:c5:dc:2f:55:2c:78:f0:
61:0f:65:72:ad:bd:44:d2:a6:c3:87:4f:a3:fe:05:9a:18:c7:
74:9a:b3:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYW/B4emWmu8dBMwgapAuOZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjMwMTE3MDkyMDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQ3YzZkZjE4OTYwM2NjYTVhZjQ0YmRmZDBlN2U1ZWU1OTUyODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkpfGUWC2npXNP7DMUHbLRphvseT
E8qL+HeOQJGZFCMqWWNDFRGTYw91xU4ooM5AUVXcGLW8AHxFKopHLeauTKf3hHR8
fxTKYf1JP75mTK4Xb+/FC6tGKWrDP4maNdJl45doa+tWBxKZXlPKkE2eW6acOvxv
nivLRl4ja8tS3iDG1I+cgAD01oYBcMvA5NWKVgYfczp3p+bjuetcI14+GQrfmzVH
LAzSHs7G3F5LsW59Hi6OvDz6oocNVx/5NrY4a+Qu8pXvSoxH59nbA+q+Odv/RIct
Hsys19XRTzAlako1Nr0vT2e5koDBqabwT7+t84Ba2WcyqFANJyXo8OD4SwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOFHxt8YlgPMpa9Evf0Ofl7llShbMB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvNFVmRzN4aVdBOHlscjBTOV9RNS1YdVdWS0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub5IMA0E
AgACMAcDBQMqCgVAMA0GCSqGSIb3DQEBCwUAA4IBAQBdsRdhPsDbjssRBQa4i9qT
QEYF2OPypKtm5gHI9u9YgxR5aAmqJ3ebEHLHlakxRthz4Ps4MhtM5Ia6r8vQBXmy
TG7W32Kfd05SRy/usXWdCJxJhSzo74Mg2Sp7FKkaY7Ve/n+tar9WMqgNwYRuS65o
rMoIjdfHA2pqYFy952pPSEwYT4Wizv4ril85U/PSODB3jxdjyQ//PKMGHo2DCMNs
FfvGXUGWu860MltlCWPkvFOMJMPszmTGBgBneFUIteet6SdHLJ2TOA75CDhVvAi6
lPYITdrvWjRCastK9NdVlDzDQ8XcL1UsePBhD2Vyrb1E0qbDh0+j/gWaGMd0mrO9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:01 2024 by rpki-client on console-fra.rpki-client.org