Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/7c6b2d-ac42-487e-9c19-1618776bdaae/1/xJr8A_Jg_GBL8fjQuaTy2HCeda8.roa
File: xJr8A_Jg_GBL8fjQuaTy2HCeda8.roa (raw, json)
Hash identifier: BYpPg8lsk1TLlRkQE/NDW1YjDLJjD87ncZAF/pRyu7c=
Subject key identifier: C4:9A:FC:03:F2:60:FC:60:4B:F1:F8:D0:B9:A4:F2:D8:70:9E:75:AF
Certificate issuer: /CN=3b94a1d881dd4beb2fd31b76fa0d5d585a9b238f
Certificate serial: 01856F42B4F14A4BEBFAF4BA33D12817B1FD
Authority key identifier: 3B:94:A1:D8:81:DD:4B:EB:2F:D3:1B:76:FA:0D:5D:58:5A:9B:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O5Sh2IHdS-sv0xt2-g1dWFqbI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/7c6b2d-ac42-487e-9c19-1618776bdaae/1/xJr8A_Jg_GBL8fjQuaTy2HCeda8.roa
Signing time: Sun 01 Jan 2023 21:35:20 +0000
ROA not before: Sun 01 Jan 2023 21:35:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39479
IP address blocks: 185.91.160.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:b4:f1:4a:4b:eb:fa:f4:ba:33:d1:28:17:b1:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b94a1d881dd4beb2fd31b76fa0d5d585a9b238f
Validity
Not Before: Jan 1 21:35:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c49afc03f260fc604bf1f8d0b9a4f2d8709e75af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:52:1b:43:ad:e6:6c:ef:27:b8:e6:3e:87:63:
77:89:f3:6f:1d:e0:f3:46:88:71:a5:5f:a7:29:e6:
e5:97:f1:c7:73:70:5e:4c:ef:cf:64:4c:27:e5:53:
3a:6f:d6:b2:3b:c4:80:79:df:b1:f5:95:99:74:ea:
66:a2:66:c9:0f:e9:3f:e7:30:78:0f:9c:d4:12:9b:
08:52:9b:4e:e5:4e:a8:93:0c:9a:df:67:da:a6:1a:
65:00:db:fe:f0:cd:55:1f:02:8c:20:d5:9f:74:6d:
1c:69:8e:54:e5:de:4e:ee:4a:e3:ab:c7:88:5d:dc:
82:c9:6a:1d:cf:47:75:6d:3c:0b:b7:9d:07:58:a4:
92:1a:67:a0:41:78:cc:04:f0:6d:72:c6:80:f3:c2:
5e:a0:da:f1:c2:1b:b3:9c:1a:b1:a8:5c:ef:29:91:
3c:41:ad:9e:98:93:51:37:c4:6a:0f:01:d5:de:4c:
9f:5d:4c:0b:6e:35:b8:9e:a6:13:4d:3d:7f:de:37:
cf:e9:b9:34:ba:6b:e4:f9:82:27:86:ea:5c:7f:21:
82:68:fd:6e:7e:6f:0f:54:39:cd:dd:f9:b9:90:6b:
99:ca:94:ae:71:ca:2f:2e:0a:6f:aa:4d:82:98:ec:
61:9d:c0:87:31:9f:71:03:fe:7a:90:f2:6d:4e:f9:
6d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9A:FC:03:F2:60:FC:60:4B:F1:F8:D0:B9:A4:F2:D8:70:9E:75:AF
X509v3 Authority Key Identifier:
keyid:3B:94:A1:D8:81:DD:4B:EB:2F:D3:1B:76:FA:0D:5D:58:5A:9B:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5Sh2IHdS-sv0xt2-g1dWFqbI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/7c6b2d-ac42-487e-9c19-1618776bdaae/1/xJr8A_Jg_GBL8fjQuaTy2HCeda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/7c6b2d-ac42-487e-9c19-1618776bdaae/1/O5Sh2IHdS-sv0xt2-g1dWFqbI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.160.0/22
Signature Algorithm: sha256WithRSAEncryption
42:fc:03:56:28:97:f0:8a:cd:cd:0b:f7:d4:c5:62:d1:8f:96:
bf:ac:ce:ca:11:5b:94:44:ab:f7:e6:48:a2:52:a6:2a:af:48:
12:da:7f:87:c7:11:de:75:9b:f0:eb:56:70:46:3e:95:65:1e:
d9:31:d7:af:3b:09:bf:d7:5f:c1:ce:7e:ff:0c:f2:3d:42:86:
f2:7a:0f:d9:72:65:e9:11:6f:3c:0b:fd:e1:ec:16:ae:22:73:
bd:2e:4b:09:3e:8c:43:52:82:74:d0:ee:b0:69:65:25:2d:cb:
39:8e:bf:df:32:e2:07:1e:97:a1:f1:fd:cc:81:06:87:60:00:
0d:04:03:0e:00:b1:88:2c:57:49:08:6f:98:cc:bf:b9:3b:5d:
b1:db:6e:ab:0c:3f:26:de:bf:aa:2d:73:b2:69:96:bc:6a:58:
9f:4c:5d:f6:ba:4e:43:df:ab:76:54:05:c6:a0:a1:95:52:9f:
c1:c3:8a:d7:cb:1e:1a:f2:71:00:8a:98:9a:4a:40:2e:6a:c5:
a8:70:66:73:ed:29:01:c8:38:aa:25:4b:ba:50:96:91:47:cc:
b0:18:4a:79:12:4a:32:91:42:d6:3c:a4:46:03:83:53:2c:26:
c5:d2:ff:c9:94:2a:b8:e3:32:f8:c5:7e:a9:33:a9:5c:71:c8:
56:58:aa:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQrTxSkvr+vS6M9EoF7H9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTRhMWQ4ODFkZDRiZWIyZmQzMWI3NmZhMGQ1ZDU4NWE5
YjIzOGYwHhcNMjMwMTAxMjEzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDlhZmMwM2YyNjBmYzYwNGJmMWY4ZDBiOWE0ZjJkODcwOWU3NWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFIbQ63mbO8nuOY+h2N3ifNvHeDz
RohxpV+nKebll/HHc3BeTO/PZEwn5VM6b9ayO8SAed+x9ZWZdOpmombJD+k/5zB4
D5zUEpsIUptO5U6okwya32faphplANv+8M1VHwKMINWfdG0caY5U5d5O7krjq8eI
XdyCyWodz0d1bTwLt50HWKSSGmegQXjMBPBtcsaA88JeoNrxwhuznBqxqFzvKZE8
Qa2emJNRN8RqDwHV3kyfXUwLbjW4nqYTTT1/3jfP6bk0umvk+YInhupcfyGCaP1u
fm8PVDnN3fm5kGuZypSuccovLgpvqk2CmOxhncCHMZ9xA/56kPJtTvltQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSa/APyYPxgS/H40Lmk8thwnnWvMB8GA1UdIwQY
MBaAFDuUodiB3UvrL9MbdvoNXVhamyOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVTaDJJSGRTLXN2MHh0Mi1nMWRXRnFiSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS83YzZiMmQtYWM0Mi00ODdlLTljMTkt
MTYxODc3NmJkYWFlLzEveEpyOEFfSmdfR0JMOGZqUXVhVHkySENlZGE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS83YzZiMmQtYWM0Mi00ODdlLTljMTktMTYxODc3NmJkYWFl
LzEvTzVTaDJJSGRTLXN2MHh0Mi1nMWRXRnFiSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVugMA0G
CSqGSIb3DQEBCwUAA4IBAQBC/ANWKJfwis3NC/fUxWLRj5a/rM7KEVuURKv35kii
UqYqr0gS2n+HxxHedZvw61ZwRj6VZR7ZMdevOwm/11/Bzn7/DPI9Qobyeg/ZcmXp
EW88C/3h7BauInO9LksJPoxDUoJ00O6waWUlLcs5jr/fMuIHHpeh8f3MgQaHYAAN
BAMOALGILFdJCG+YzL+5O12x226rDD8m3r+qLXOyaZa8alifTF32uk5D36t2VAXG
oKGVUp/Bw4rXyx4a8nEAipiaSkAuasWocGZz7SkByDiqJUu6UJaRR8ywGEp5Ekoy
kULWPKRGA4NTLCbF0v/JlCq44zL4xX6pM6lccchWWKoJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:53 2024 by rpki-client on console-fra.rpki-client.org