Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/2uCSkkk6jv4bvrh-NRUPUcWYv8g.roa
File: 2uCSkkk6jv4bvrh-NRUPUcWYv8g.roa (raw, json)
Hash identifier: Iikp5ckpah9z7ECWfj9TAWkT9BUSRlUX9SJsZY/q7iY=
Subject key identifier: DA:E0:92:92:49:3A:8E:FE:1B:BE:B8:7E:35:15:0F:51:C5:98:BF:C8
Certificate issuer: /CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0
Certificate serial: 01856E8B2DFD2A7E1AED33FF9902CCDF6DBB
Authority key identifier: A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/2uCSkkk6jv4bvrh-NRUPUcWYv8g.roa
Signing time: Sun 01 Jan 2023 18:14:52 +0000
ROA not before: Sun 01 Jan 2023 18:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34867
IP address blocks: 185.48.196.0/22 maxlen: 22
95.67.0.0/17 maxlen: 17
2a00:17a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 03 Aug 2023 14:38:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:2d:fd:2a:7e:1a:ed:33:ff:99:02:cc:df:6d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0
Validity
Not Before: Jan 1 18:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dae09292493a8efe1bbeb87e35150f51c598bfc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5c:c0:bd:27:6b:19:ce:d1:c8:68:9a:80:54:
30:28:92:0b:3b:70:f6:ca:6c:35:80:65:00:ef:5c:
7d:af:5b:f4:f6:53:9c:0a:9a:a1:3b:a5:b4:79:b6:
c4:9d:d3:e0:bf:6a:af:5a:8f:4a:0c:3c:cf:78:0b:
1b:ae:5f:f8:41:0a:b4:dd:94:ab:cd:89:cf:86:bc:
f8:11:b3:a7:90:b9:89:38:b3:dd:97:e6:06:b5:c8:
24:11:6f:3e:e9:d8:1d:45:45:af:94:02:d1:98:f6:
a4:30:98:ae:31:c0:c9:05:c2:41:1e:26:5f:74:d3:
9e:1e:49:46:a4:30:3c:b8:ae:19:17:52:8b:c9:c3:
be:8d:14:ff:ef:ad:fe:7d:0a:d1:70:2b:bd:d9:3d:
40:35:bc:49:b7:59:bb:85:a7:48:b7:9b:2a:f4:38:
ad:bd:d4:26:a8:63:bb:f4:00:c2:64:bb:80:31:f7:
a8:3e:17:8c:d4:37:64:60:2e:de:dc:38:73:b1:49:
2d:74:ed:d4:fe:96:9c:e3:49:37:6e:25:68:d0:92:
a1:5c:41:25:49:49:f9:dc:3b:af:32:aa:3f:b3:40:
d0:79:d0:de:06:0d:57:92:11:5d:c8:47:91:be:21:
99:6f:dc:49:00:ac:55:23:e2:3b:af:fe:60:96:37:
ed:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E0:92:92:49:3A:8E:FE:1B:BE:B8:7E:35:15:0F:51:C5:98:BF:C8
X509v3 Authority Key Identifier:
keyid:A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/2uCSkkk6jv4bvrh-NRUPUcWYv8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/ppR2gdoNt_55MV7G29oov41mD8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.67.0.0/17
185.48.196.0/22
IPv6:
2a00:17a0::/32
Signature Algorithm: sha256WithRSAEncryption
46:88:6d:e0:1f:c8:c8:a5:aa:13:b4:e6:5c:6a:47:79:02:10:
fe:bf:e3:db:db:4a:12:0c:ea:7a:ba:61:3e:51:86:88:dc:c3:
f1:97:05:73:4a:03:7f:a7:bf:91:db:24:9b:97:b6:e0:2b:97:
6f:52:a3:a3:2e:7c:a5:1b:b6:04:e4:2f:84:13:7d:8e:f1:56:
63:45:25:c9:a9:6e:dd:e5:2f:07:45:2b:a2:fc:fe:e3:22:af:
5b:71:81:d5:0f:05:83:ff:67:c5:81:30:25:9f:c2:6b:9a:9a:
40:1a:c8:b7:79:79:b1:37:43:e9:1e:0c:f8:e3:8d:b4:0d:4a:
1b:66:aa:20:20:19:7f:2f:49:a6:c0:c3:e3:11:92:9e:79:2d:
e8:f3:dd:34:ee:19:88:0f:46:68:25:a5:45:5a:6b:a6:c3:5c:
53:14:5f:cb:d6:70:87:67:18:c7:1c:d2:73:ea:79:c5:0f:38:
92:11:8e:65:13:2d:19:ee:a1:6a:d0:45:0e:97:18:1d:27:38:
e5:c6:63:8f:26:b1:0f:3d:2a:1e:0e:50:e1:fd:ae:95:15:a4:
fc:df:50:c0:c3:28:e9:06:7f:94:4a:57:88:c1:0b:df:99:10:
fa:48:89:b1:49:ad:30:8e:6b:90:7b:3d:ce:6d:b3:1f:6f:32:
78:68:b1:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuiy39Kn4a7TP/mQLM3227MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OTQ3NjgxZGEwZGI3ZmU3OTMxNWVjNmRiZGEyOGJmOGQ2
NjBmYzAwHhcNMjMwMTAxMTgxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWUwOTI5MjQ5M2E4ZWZlMWJiZWI4N2UzNTE1MGY1MWM1OThiZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1zAvSdrGc7RyGiagFQwKJILO3D2
ymw1gGUA71x9r1v09lOcCpqhO6W0ebbEndPgv2qvWo9KDDzPeAsbrl/4QQq03ZSr
zYnPhrz4EbOnkLmJOLPdl+YGtcgkEW8+6dgdRUWvlALRmPakMJiuMcDJBcJBHiZf
dNOeHklGpDA8uK4ZF1KLycO+jRT/763+fQrRcCu92T1ANbxJt1m7hadIt5sq9Dit
vdQmqGO79ADCZLuAMfeoPheM1DdkYC7e3DhzsUktdO3U/pac40k3biVo0JKhXEEl
SUn53DuvMqo/s0DQedDeBg1XkhFdyEeRviGZb9xJAKxVI+I7r/5gljftiwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNrgkpJJOo7+G764fjUVD1HFmL/IMB8GA1UdIwQY
MBaAFKaUdoHaDbf+eTFextvaKL+NZg/AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHBSMmdkb050XzU1TVY3RzI5b292NDFtRDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mNjQ5YTItNTE4ZC00NDU2LTk4YTct
MjNjM2RmODJjMjMwLzEvMnVDU2trazZqdjRidnJoLU5SVVBVY1dZdjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mNjQ5YTItNTE4ZC00NDU2LTk4YTctMjNjM2RmODJjMjMw
LzEvcHBSMmdkb050XzU1TVY3RzI5b292NDFtRDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHX0MAAwQC
uTDEMA0EAgACMAcDBQAqABegMA0GCSqGSIb3DQEBCwUAA4IBAQBGiG3gH8jIpaoT
tOZcakd5AhD+v+Pb20oSDOp6umE+UYaI3MPxlwVzSgN/p7+R2ySbl7bgK5dvUqOj
LnylG7YE5C+EE32O8VZjRSXJqW7d5S8HRSui/P7jIq9bcYHVDwWD/2fFgTAln8Jr
mppAGsi3eXmxN0PpHgz44420DUobZqogIBl/L0mmwMPjEZKeeS3o89007hmID0Zo
JaVFWmumw1xTFF/L1nCHZxjHHNJz6nnFDziSEY5lEy0Z7qFq0EUOlxgdJzjlxmOP
JrEPPSoeDlDh/a6VFaT831DAwyjpBn+USleIwQvfmRD6SImxSa0wjmuQez3ObbMf
bzJ4aLHj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:24 2024 by rpki-client on console-fra.rpki-client.org