Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/955340-f801-41a7-a9d4-01b7e262eff1/1/WuL2zu0okxpEiK6J7XulJPCFu-E.roa
File: WuL2zu0okxpEiK6J7XulJPCFu-E.roa (raw, json)
Hash identifier: 5OLh9wYOHiTZmL85YD4uCIjdz6Mz9OvHINSa+eAy25w=
Subject key identifier: 5A:E2:F6:CE:ED:28:93:1A:44:88:AE:89:ED:7B:A5:24:F0:85:BB:E1
Certificate issuer: /CN=bdef8a8ad007aa4dc81d7736189a182b0282bc18
Certificate serial: 01856BC1137E5C358FA7CB006C9F0204806C
Authority key identifier: BD:EF:8A:8A:D0:07:AA:4D:C8:1D:77:36:18:9A:18:2B:02:82:BC:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ve-KitAHqk3IHXc2GJoYKwKCvBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/955340-f801-41a7-a9d4-01b7e262eff1/1/WuL2zu0okxpEiK6J7XulJPCFu-E.roa
Signing time: Sun 01 Jan 2023 05:14:53 +0000
ROA not before: Sun 01 Jan 2023 05:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205310
IP address blocks: 185.220.228.0/22 maxlen: 24
2a11:c840::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:13:7e:5c:35:8f:a7:cb:00:6c:9f:02:04:80:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdef8a8ad007aa4dc81d7736189a182b0282bc18
Validity
Not Before: Jan 1 05:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ae2f6ceed28931a4488ae89ed7ba524f085bbe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4d:5f:13:73:bc:03:15:a6:1e:c9:c6:5e:34:
ff:39:4b:f7:2d:48:e7:2a:2b:c1:21:e2:75:0c:2f:
65:bb:0a:6b:a3:42:14:51:5b:64:ed:d0:70:62:e8:
70:1b:17:a7:8e:95:2f:74:61:1c:79:af:18:a0:ff:
72:d6:47:b1:d8:2f:b6:44:07:01:71:a6:0e:68:9a:
89:eb:ce:d7:7f:49:e2:fb:6f:4a:d5:a7:b7:a5:8a:
c2:ee:2f:b4:03:6f:0e:be:46:eb:34:b6:2f:23:84:
35:de:de:b6:5c:b9:70:03:66:44:ed:92:02:8c:6a:
29:74:14:c4:8e:4b:32:31:e1:8c:f1:46:6a:dd:66:
01:6d:17:57:17:22:4e:d0:77:a4:5e:93:0e:b5:0f:
92:15:9e:b4:21:7c:c9:6c:a6:14:51:81:20:2f:7f:
4e:18:41:72:ab:81:ec:47:cf:4b:e7:b0:cb:8c:2a:
04:8b:e8:93:d9:30:44:ef:d0:e3:c5:e1:a2:da:a5:
bc:62:53:e7:9c:d7:87:b5:99:18:33:64:71:17:aa:
18:16:9a:1a:56:a2:dc:a5:53:9f:24:1c:56:98:ad:
1f:0d:3d:2a:91:af:a5:08:a1:20:3b:e7:97:bd:ab:
c9:c7:87:c1:fc:2a:d4:61:61:b2:70:d5:c3:74:57:
43:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E2:F6:CE:ED:28:93:1A:44:88:AE:89:ED:7B:A5:24:F0:85:BB:E1
X509v3 Authority Key Identifier:
keyid:BD:EF:8A:8A:D0:07:AA:4D:C8:1D:77:36:18:9A:18:2B:02:82:BC:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ve-KitAHqk3IHXc2GJoYKwKCvBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/955340-f801-41a7-a9d4-01b7e262eff1/1/WuL2zu0okxpEiK6J7XulJPCFu-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/955340-f801-41a7-a9d4-01b7e262eff1/1/ve-KitAHqk3IHXc2GJoYKwKCvBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.228.0/22
IPv6:
2a11:c840::/48
Signature Algorithm: sha256WithRSAEncryption
ec:87:58:dd:35:96:97:8e:97:cf:c8:e4:fb:9e:d5:25:b6:6b:
a6:4d:8f:de:66:68:6e:0b:ce:37:36:d5:1a:2b:12:98:98:f7:
23:ec:1b:d4:1f:ed:0a:39:14:64:87:81:d1:c4:a1:3f:3b:37:
4b:99:3b:6f:63:e2:2a:15:73:cc:b5:bc:6b:79:82:1b:ab:28:
74:38:73:96:b9:e8:0f:bb:37:0d:14:99:fe:b2:b5:34:c9:f8:
2a:f0:f5:f0:a2:bf:72:81:e1:a5:35:e7:73:42:77:f8:74:07:
63:98:a0:f4:d3:b8:d2:86:ab:00:69:ca:d4:56:44:14:48:93:
42:cd:ac:c4:f9:f1:a3:e8:95:17:c0:45:74:f0:99:b1:08:c0:
0a:d0:ab:1e:6e:a3:09:ac:e6:79:40:a0:b6:4f:3c:4a:32:8a:
d0:eb:e1:5e:1f:b2:38:7c:f2:24:d3:95:fa:3d:cd:7d:d9:75:
a7:34:60:78:02:44:bb:3d:3f:18:0d:f2:fd:9c:d8:76:ee:de:
63:70:9c:3c:7f:c6:f3:4b:11:7d:e0:4c:7a:44:26:45:49:c8:
a8:ee:0b:52:dc:d3:76:57:d9:12:19:51:98:dd:a6:78:7f:c4:
e6:9d:e0:c6:4f:78:e6:47:51:1c:5d:1d:32:be:dc:1e:3b:ac:
ba:1a:1f:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrwRN+XDWPp8sAbJ8CBIBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZWY4YThhZDAwN2FhNGRjODFkNzczNjE4OWExODJiMDI4
MmJjMTgwHhcNMjMwMTAxMDUxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWUyZjZjZWVkMjg5MzFhNDQ4OGFlODllZDdiYTUyNGYwODViYmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk1fE3O8AxWmHsnGXjT/OUv3LUjn
KivBIeJ1DC9luwpro0IUUVtk7dBwYuhwGxenjpUvdGEcea8YoP9y1kex2C+2RAcB
caYOaJqJ687Xf0ni+29K1ae3pYrC7i+0A28OvkbrNLYvI4Q13t62XLlwA2ZE7ZIC
jGopdBTEjksyMeGM8UZq3WYBbRdXFyJO0HekXpMOtQ+SFZ60IXzJbKYUUYEgL39O
GEFyq4HsR89L57DLjCoEi+iT2TBE79DjxeGi2qW8YlPnnNeHtZkYM2RxF6oYFpoa
VqLcpVOfJBxWmK0fDT0qka+lCKEgO+eXvavJx4fB/CrUYWGycNXDdFdDzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFri9s7tKJMaRIiuie17pSTwhbvhMB8GA1UdIwQY
MBaAFL3viorQB6pNyB13NhiaGCsCgrwYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmUtS2l0QUhxazNJSFhjMkdKb1lLd0tDdkJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi85NTUzNDAtZjgwMS00MWE3LWE5ZDQt
MDFiN2UyNjJlZmYxLzEvV3VMMnp1MG9reHBFaUs2SjdYdWxKUENGdS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi85NTUzNDAtZjgwMS00MWE3LWE5ZDQtMDFiN2UyNjJlZmYx
LzEvdmUtS2l0QUhxazNJSFhjMkdKb1lLd0tDdkJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCudzkMA8E
AgACMAkDBwAqEchAAAAwDQYJKoZIhvcNAQELBQADggEBAOyHWN01lpeOl8/I5Pue
1SW2a6ZNj95maG4Lzjc21RorEpiY9yPsG9Qf7Qo5FGSHgdHEoT87N0uZO29j4ioV
c8y1vGt5ghurKHQ4c5a56A+7Nw0Umf6ytTTJ+Crw9fCiv3KB4aU153NCd/h0B2OY
oPTTuNKGqwBpytRWRBRIk0LNrMT58aPolRfARXTwmbEIwArQqx5uowms5nlAoLZP
PEoyitDr4V4fsjh88iTTlfo9zX3Zdac0YHgCRLs9PxgN8v2c2Hbu3mNwnDx/xvNL
EX3gTHpEJkVJyKjuC1Lc03ZX2RIZUZjdpnh/xOad4MZPeOZHURxdHTK+3B47rLoa
H3I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:11 2024 by rpki-client on console-fra.rpki-client.org