Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ab5e88-d2f9-487b-bb92-a4cb1cfd00b8/1/1-9hllXT20TsWS5ZMVZOiP_M0HFQ.roa
File: 1-9hllXT20TsWS5ZMVZOiP_M0HFQ.roa (raw, json)
Hash identifier: EU2aUHaqWd/g4fYPa/qd5X5rkpZRqyDQp4JdT70iZcw=
Subject key identifier: FB:D8:65:95:74:F6:D1:3B:16:4B:96:4C:55:93:A2:3F:F3:34:1C:54
Certificate issuer: /CN=2989647851efcd198972ed3d149ccbbde9c55c00
Certificate serial: 018829BB323C9D566122876ACDAF2EB2740C
Authority key identifier: 29:89:64:78:51:EF:CD:19:89:72:ED:3D:14:9C:CB:BD:E9:C5:5C:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYlkeFHvzRmJcu09FJzLvenFXAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/ab5e88-d2f9-487b-bb92-a4cb1cfd00b8/1/1-9hllXT20TsWS5ZMVZOiP_M0HFQ.roa
Signing time: Wed 17 May 2023 12:41:53 +0000
ROA not before: Wed 17 May 2023 12:41:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41993
IP address blocks: 185.82.144.0/22 maxlen: 22
2a05:9100::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:29:bb:32:3c:9d:56:61:22:87:6a:cd:af:2e:b2:74:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2989647851efcd198972ed3d149ccbbde9c55c00
Validity
Not Before: May 17 12:41:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbd8659574f6d13b164b964c5593a23ff3341c54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0d:ad:06:67:30:ce:57:08:be:68:3a:ce:06:
0f:52:c4:ae:6b:8b:56:7f:eb:23:9a:71:cf:c4:b3:
bc:29:30:d7:dd:bd:43:f4:86:ba:05:37:a6:be:47:
e1:d8:f7:08:dc:36:62:41:0a:5e:fc:61:6d:69:0d:
bc:6a:76:aa:5b:99:e2:b1:48:e5:c5:34:a3:d8:3d:
b2:74:3f:62:73:b1:4d:9d:dc:36:65:f1:e1:c3:af:
80:e6:a9:03:7e:b4:e1:fe:29:cf:cc:c7:30:97:dd:
74:35:67:a6:31:24:5e:ab:bc:a4:e6:6c:f2:59:eb:
1c:5e:d1:78:98:c4:d4:32:62:a9:04:85:3d:cd:5f:
9c:e8:9e:c5:41:a5:6d:8b:8a:b4:e7:d5:ff:7d:c3:
8f:48:fa:53:92:0a:86:07:b6:a0:99:70:84:6d:c5:
68:47:30:0c:98:aa:81:e9:fc:0e:92:ba:44:98:1f:
ff:7e:db:96:ff:72:a9:68:ee:7f:da:68:77:72:04:
1c:c5:a1:89:28:64:7b:e4:e4:3b:8c:31:37:64:6c:
b6:84:72:2e:af:25:25:ca:57:03:49:b1:d0:f9:40:
39:1f:b9:fe:0d:cd:94:c5:ee:7b:07:72:3b:28:48:
fe:ee:a6:25:9a:5d:90:34:3c:66:98:6a:26:29:b5:
ad:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D8:65:95:74:F6:D1:3B:16:4B:96:4C:55:93:A2:3F:F3:34:1C:54
X509v3 Authority Key Identifier:
keyid:29:89:64:78:51:EF:CD:19:89:72:ED:3D:14:9C:CB:BD:E9:C5:5C:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYlkeFHvzRmJcu09FJzLvenFXAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ab5e88-d2f9-487b-bb92-a4cb1cfd00b8/1/1-9hllXT20TsWS5ZMVZOiP_M0HFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ab5e88-d2f9-487b-bb92-a4cb1cfd00b8/1/KYlkeFHvzRmJcu09FJzLvenFXAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.144.0/22
IPv6:
2a05:9100::/29
Signature Algorithm: sha256WithRSAEncryption
a7:e1:e4:63:1d:b7:70:e8:96:14:29:92:2a:c4:40:f3:e8:4b:
18:16:8d:e8:67:25:aa:93:f7:42:24:ef:f2:58:80:c5:95:f4:
33:af:00:cf:59:1e:04:d3:83:7b:98:03:cb:e0:cd:1e:d1:66:
71:bb:85:72:a0:7c:a4:2d:b8:88:9b:29:47:87:b1:f4:d6:2e:
1b:a2:60:c3:8f:00:af:80:1e:c3:13:22:eb:ca:51:17:6f:69:
e9:48:ac:f5:b0:b7:b4:aa:5e:c9:96:55:cf:d5:3e:34:27:f4:
9d:75:06:3d:d2:0f:8e:c1:aa:cc:91:ef:26:34:2b:8d:19:61:
7a:8e:4f:25:19:c4:51:d2:91:bf:d3:25:15:7d:39:ea:03:14:
76:86:58:6f:32:26:d1:56:56:3c:47:12:fe:1f:80:18:80:8d:
dc:dd:97:79:31:d2:12:d8:20:f2:aa:12:d1:b1:df:21:93:99:
f0:1a:ab:ca:28:ac:0d:50:0b:cb:fc:76:e0:51:30:4f:bc:2b:
93:52:7a:c5:bd:cb:c9:c2:40:57:65:8d:76:df:f0:43:49:5f:
56:fa:f8:12:ce:ad:38:6f:ca:ff:44:ba:fe:9d:31:d3:76:4a:
15:89:e8:86:58:2d:79:08:be:8d:af:e5:36:63:7c:08:2d:cc:
ac:7f:ed:2f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYgpuzI8nVZhIodqza8usnQMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODk2NDc4NTFlZmNkMTk4OTcyZWQzZDE0OWNjYmJkZTlj
NTVjMDAwHhcNMjMwNTE3MTI0MTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmQ4NjU5NTc0ZjZkMTNiMTY0Yjk2NGM1NTkzYTIzZmYzMzQxYzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA2tBmcwzlcIvmg6zgYPUsSua4tW
f+sjmnHPxLO8KTDX3b1D9Ia6BTemvkfh2PcI3DZiQQpe/GFtaQ28anaqW5nisUjl
xTSj2D2ydD9ic7FNndw2ZfHhw6+A5qkDfrTh/inPzMcwl910NWemMSReq7yk5mzy
WescXtF4mMTUMmKpBIU9zV+c6J7FQaVti4q059X/fcOPSPpTkgqGB7agmXCEbcVo
RzAMmKqB6fwOkrpEmB//ftuW/3KpaO5/2mh3cgQcxaGJKGR75OQ7jDE3ZGy2hHIu
ryUlylcDSbHQ+UA5H7n+Dc2Uxe57B3I7KEj+7qYlml2QNDxmmGomKbWtMQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPvYZZV09tE7FkuWTFWToj/zNBxUMB8GA1UdIwQY
MBaAFCmJZHhR780ZiXLtPRScy73pxVwAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lsa2VGSHZ6Um1KY3UwOUZKekx2ZW5GWEFBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9hYjVlODgtZDJmOS00ODdiLWJiOTIt
YTRjYjFjZmQwMGI4LzEvMS05aGxsWFQyMFRzV1M1Wk1WWk9pUF9NMEhGUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWMvYWI1ZTg4LWQyZjktNDg3Yi1iYjkyLWE0Y2IxY2ZkMDBi
OC8xL0tZbGtlRkh2elJtSmN1MDlGSnpMdmVuRlhBQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlSkDAN
BAIAAjAHAwUDKgWRADANBgkqhkiG9w0BAQsFAAOCAQEAp+HkYx23cOiWFCmSKsRA
8+hLGBaN6GclqpP3QiTv8liAxZX0M68Az1keBNODe5gDy+DNHtFmcbuFcqB8pC24
iJspR4ex9NYuG6Jgw48Ar4AewxMi68pRF29p6Uis9bC3tKpeyZZVz9U+NCf0nXUG
PdIPjsGqzJHvJjQrjRlheo5PJRnEUdKRv9MlFX056gMUdoZYbzIm0VZWPEcS/h+A
GICN3N2XeTHSEtgg8qoS0bHfIZOZ8BqryiisDVALy/x24FEwT7wrk1J6xb3LycJA
V2WNdt/wQ0lfVvr4Es6tOG/K/0S6/p0x03ZKFYnohlgteQi+ja/lNmN8CC3MrH/t
Lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:09 2024 by rpki-client on console-ams.rpki-client.org