Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/_XrrRsTANYgc9YVLaTN4LbyOLKw.roa
File: _XrrRsTANYgc9YVLaTN4LbyOLKw.roa (raw, json)
Hash identifier: Z5csUAf7AKw+liSoAOsz8vyryNbi5FYu1kPVSNIpisY=
Subject key identifier: FD:7A:EB:46:C4:C0:35:88:1C:F5:85:4B:69:33:78:2D:BC:8E:2C:AC
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 01856D13BE08BEB089C829243F52A18510B6
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/_XrrRsTANYgc9YVLaTN4LbyOLKw.roa
Signing time: Sun 01 Jan 2023 11:24:48 +0000
ROA not before: Sun 01 Jan 2023 11:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29286
IP address blocks: 185.23.96.0/23 maxlen: 23
185.23.99.0/24 maxlen: 24
128.140.128.0/20 maxlen: 20
213.180.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:be:08:be:b0:89:c8:29:24:3f:52:a1:85:10:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Jan 1 11:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd7aeb46c4c035881cf5854b6933782dbc8e2cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c2:27:75:0e:89:7a:f6:8d:6d:6c:23:ad:de:
77:42:21:4f:8e:eb:55:ea:c1:7a:a4:00:53:42:da:
96:89:34:1e:fb:0c:fd:a7:b7:2f:d5:90:54:ff:50:
51:f1:16:eb:63:17:dd:c5:6a:94:0e:f1:dc:c3:ee:
8b:ba:0a:aa:00:32:74:79:6a:e9:8e:54:2f:74:98:
5a:74:ca:ce:c4:a1:af:40:35:47:76:fa:84:5c:2c:
29:a8:34:4a:ef:2f:92:65:d4:ce:8f:82:95:00:a8:
f4:87:6a:b0:c6:b5:8b:ec:e7:48:ad:fe:6e:a4:77:
47:3b:db:7c:e2:3e:b1:9b:1e:28:7e:29:3f:be:49:
55:25:87:0e:08:24:00:21:15:6f:7c:09:64:fc:1f:
c2:76:dd:07:b9:48:1f:dc:16:2b:89:1c:fc:de:28:
14:e1:72:af:00:28:33:73:f3:cc:f0:68:99:1f:55:
b9:be:ab:74:ab:ee:2a:72:b4:f4:40:45:81:59:88:
51:d6:e4:9a:94:94:66:80:d8:8a:22:7e:c4:c9:a1:
c8:4d:ed:c6:4e:d1:9f:e1:1d:a2:41:6a:65:83:17:
8d:db:98:54:1d:27:47:e5:df:14:fc:cc:f5:6e:6d:
80:f4:2c:0f:06:31:5a:b9:a9:2d:a1:de:3c:a1:f8:
b0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:7A:EB:46:C4:C0:35:88:1C:F5:85:4B:69:33:78:2D:BC:8E:2C:AC
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/_XrrRsTANYgc9YVLaTN4LbyOLKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.140.128.0/20
185.23.96.0/23
185.23.99.0/24
213.180.252.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:5b:a6:1c:35:4f:3a:88:ba:47:a6:85:46:e8:26:e4:26:a0:
96:28:ef:7b:d7:26:17:c9:dd:cb:69:fb:de:e6:4c:cf:3b:42:
15:3d:7d:d2:bd:78:14:2e:63:0d:2b:c1:4f:25:52:8b:99:12:
2d:ac:d8:72:72:f6:19:79:69:d4:bc:61:fe:a6:37:c6:f2:c5:
b6:f3:7d:ba:49:be:d1:99:4c:73:df:d6:40:63:8a:04:2d:b6:
43:3e:42:5c:73:40:72:e9:ab:35:08:98:a3:ef:8f:42:d6:60:
26:0e:fe:8e:40:6d:f5:ce:b2:67:94:8c:8e:75:83:14:81:b5:
b1:6e:79:ff:f0:ce:4d:e5:62:65:5b:59:f5:ce:bb:6f:f9:30:
8c:05:ad:7a:8c:d1:f5:78:a4:23:cd:cb:e7:7c:12:49:fd:e2:
6c:53:b9:6e:b0:61:e3:61:16:e7:76:2c:d8:26:a0:e3:8c:5d:
ea:88:14:7d:bf:de:31:49:c1:e2:73:22:5b:c1:42:ad:12:28:
f1:47:b7:6b:22:ac:a1:4f:63:f7:db:62:ae:ce:d7:98:c4:cb:
af:79:ca:53:8d:04:15:29:bc:09:f4:a4:9d:6a:cc:d8:86:f9:
c3:95:d7:6c:b5:14:d6:43:ac:d6:4a:de:b9:07:81:e5:39:78:
bd:bc:37:d0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtE74IvrCJyCkkP1KhhRC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjMwMTAxMTEyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDdhZWI0NmM0YzAzNTg4MWNmNTg1NGI2OTMzNzgyZGJjOGUyY2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMIndQ6JevaNbWwjrd53QiFPjutV
6sF6pABTQtqWiTQe+wz9p7cv1ZBU/1BR8RbrYxfdxWqUDvHcw+6LugqqADJ0eWrp
jlQvdJhadMrOxKGvQDVHdvqEXCwpqDRK7y+SZdTOj4KVAKj0h2qwxrWL7OdIrf5u
pHdHO9t84j6xmx4ofik/vklVJYcOCCQAIRVvfAlk/B/Cdt0HuUgf3BYriRz83igU
4XKvACgzc/PM8GiZH1W5vqt0q+4qcrT0QEWBWYhR1uSalJRmgNiKIn7EyaHITe3G
TtGf4R2iQWplgxeN25hUHSdH5d8U/Mz1bm2A9CwPBjFauaktod48ofiwkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP1660bEwDWIHPWFS2kzeC28jiysMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvX1hyclJzVEFOWWdjOVlWTGFUTjRMYnlPTEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEgIyAAwQB
uRdgAwQAuRdjAwQC1bT8MA0GCSqGSIb3DQEBCwUAA4IBAQCyW6YcNU86iLpHpoVG
6CbkJqCWKO971yYXyd3Lafve5kzPO0IVPX3SvXgULmMNK8FPJVKLmRItrNhycvYZ
eWnUvGH+pjfG8sW28326Sb7RmUxz39ZAY4oELbZDPkJcc0By6as1CJij749C1mAm
Dv6OQG31zrJnlIyOdYMUgbWxbnn/8M5N5WJlW1n1zrtv+TCMBa16jNH1eKQjzcvn
fBJJ/eJsU7lusGHjYRbndizYJqDjjF3qiBR9v94xScHicyJbwUKtEijxR7drIqyh
T2P322KuzteYxMuvecpTjQQVKbwJ9KSdaszYhvnDlddstRTWQ6zWSt65B4HlOXi9
vDfQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:47 2024 by rpki-client on console-fra.rpki-client.org