Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/cG1dQOM2lzgaqBf1q-xnngGSpc8.roa
File: cG1dQOM2lzgaqBf1q-xnngGSpc8.roa (raw, json)
Hash identifier: oMb9xfQ1/8FY1rn0BhsXDu4S+lrQT3apJ5XOECwFo5g=
Subject key identifier: 70:6D:5D:40:E3:36:97:38:1A:A8:17:F5:AB:EC:67:9E:01:92:A5:CF
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 0185707059F99A72886D2374204B61F0468A
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/cG1dQOM2lzgaqBf1q-xnngGSpc8.roa
Signing time: Mon 02 Jan 2023 03:04:49 +0000
ROA not before: Mon 02 Jan 2023 03:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204652
IP address blocks: 185.25.142.0/24 maxlen: 24
2a02:2339:c000::/34 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:59:f9:9a:72:88:6d:23:74:20:4b:61:f0:46:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Jan 2 03:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=706d5d40e33697381aa817f5abec679e0192a5cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:40:df:38:e5:c7:95:83:e6:55:3b:72:ac:87:
d9:b3:c7:56:12:fe:32:94:3b:99:0c:1b:3f:9d:d7:
96:3a:f6:6b:1a:03:1e:30:ab:36:7a:e9:5a:6f:7b:
98:e0:cf:ca:a3:dd:c0:28:54:07:38:24:d4:2a:19:
0b:e4:07:67:9d:17:b3:ba:9c:56:67:29:87:40:fe:
ba:0c:54:d9:77:37:fd:65:11:63:20:02:93:51:ee:
cb:b3:84:e6:41:a1:78:97:1b:f9:87:04:32:f7:dc:
b6:83:8b:0a:4d:e7:8b:64:1a:24:ed:1e:c5:b1:24:
0a:90:de:16:68:b5:bd:01:f3:fc:f8:57:8c:92:22:
c5:18:0d:a2:f6:ae:29:4f:32:3b:cc:ae:a8:90:fa:
c0:a5:8b:2e:05:28:3c:35:7b:7d:a4:ff:56:5e:d4:
43:12:94:d3:74:5f:c2:11:4d:a9:b5:1c:98:c4:9d:
9d:3e:f7:11:f5:f6:ac:8d:d1:11:cb:38:bf:7e:61:
9c:01:9a:53:e5:87:c4:c9:7e:bf:a6:ea:42:f5:c3:
e7:1c:87:bc:38:68:79:5e:10:ed:78:b3:9e:a5:52:
1e:41:9f:e3:36:67:78:a4:5f:13:76:59:8e:d9:e8:
8a:d5:41:90:fd:66:5c:ba:3d:68:61:aa:e1:45:ea:
7c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:6D:5D:40:E3:36:97:38:1A:A8:17:F5:AB:EC:67:9E:01:92:A5:CF
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/cG1dQOM2lzgaqBf1q-xnngGSpc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.142.0/24
IPv6:
2a02:2339:c000::/34
Signature Algorithm: sha256WithRSAEncryption
3a:0e:87:53:b4:e4:4f:c7:f1:0c:e2:48:a9:9c:96:73:bd:1b:
9d:99:cc:c6:5b:fe:f6:75:09:d0:bc:12:0d:f8:ae:2d:9c:dc:
94:fd:8e:98:8e:67:e8:00:5a:97:35:db:3c:a6:c0:83:6b:1e:
b9:4f:24:bc:66:d0:7e:0d:33:7e:0f:4b:6f:94:ab:b9:1a:92:
90:27:b2:d5:bd:cf:d4:1d:3b:6d:59:0d:20:c3:90:0c:76:ac:
1e:b0:51:a5:60:2d:b2:d8:73:33:7f:8a:46:e3:cd:a8:a3:da:
25:40:6a:91:7e:c2:5f:07:e7:df:e3:e3:ec:3e:89:54:a0:04:
f8:5b:53:7d:ea:b5:b6:dc:87:d4:23:35:bc:4c:5c:8b:0d:24:
af:b0:0f:9c:40:40:7a:33:4d:29:9d:dc:38:59:cc:df:f8:81:
7d:2d:4b:c1:9d:21:3c:4b:7c:00:a3:2b:a9:b4:5f:12:af:15:
f5:0d:8f:2f:25:8b:f0:c5:7f:80:df:9e:b0:75:9a:d5:61:64:
cf:96:a8:08:8a:b2:0a:02:bb:04:fa:77:58:de:93:fd:38:34:
52:55:45:7b:86:6c:d2:28:87:24:06:fc:c7:6f:71:d0:0f:8e:
95:d3:f1:1f:c5:3a:05:61:d9:47:e6:76:36:1d:32:f8:17:24:
7b:81:a1:6e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVwcFn5mnKIbSN0IEth8EaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjMwMTAyMDMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDZkNWQ0MGUzMzY5NzM4MWFhODE3ZjVhYmVjNjc5ZTAxOTJhNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0DfOOXHlYPmVTtyrIfZs8dWEv4y
lDuZDBs/ndeWOvZrGgMeMKs2eulab3uY4M/Ko93AKFQHOCTUKhkL5AdnnRezupxW
ZymHQP66DFTZdzf9ZRFjIAKTUe7Ls4TmQaF4lxv5hwQy99y2g4sKTeeLZBok7R7F
sSQKkN4WaLW9AfP8+FeMkiLFGA2i9q4pTzI7zK6okPrApYsuBSg8NXt9pP9WXtRD
EpTTdF/CEU2ptRyYxJ2dPvcR9fasjdERyzi/fmGcAZpT5YfEyX6/pupC9cPnHIe8
OGh5XhDteLOepVIeQZ/jNmd4pF8TdlmO2eiK1UGQ/WZcuj1oYarhRep81QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHBtXUDjNpc4GqgX9avsZ54BkqXPMB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvY0cxZFFPTTJsemdhcUJmMXEteG5uZ0dTcGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuRmOMA4E
AgACMAgDBgYqAiM5wDANBgkqhkiG9w0BAQsFAAOCAQEAOg6HU7TkT8fxDOJIqZyW
c70bnZnMxlv+9nUJ0LwSDfiuLZzclP2OmI5n6ABalzXbPKbAg2seuU8kvGbQfg0z
fg9Lb5SruRqSkCey1b3P1B07bVkNIMOQDHasHrBRpWAtsthzM3+KRuPNqKPaJUBq
kX7CXwfn3+Pj7D6JVKAE+FtTfeq1ttyH1CM1vExciw0kr7APnEBAejNNKZ3cOFnM
3/iBfS1LwZ0hPEt8AKMrqbRfEq8V9Q2PLyWL8MV/gN+esHWa1WFkz5aoCIqyCgK7
BPp3WN6T/Tg0UlVFe4Zs0iiHJAb8x29x0A+OldPxH8U6BWHZR+Z2Nh0y+Bcke4Gh
bg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:23 2024 by rpki-client on console-fra.rpki-client.org