Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/9f2ffa-237b-474b-8880-46fd46d6b547/1/rQsywIYpmcQpImbh89flpb6dsos.roa
File: rQsywIYpmcQpImbh89flpb6dsos.roa (raw, json)
Hash identifier: ZVr8M+IiAqaNpw2KAsZlBTU9DpCm0Zb04TVPIMlnN+k=
Subject key identifier: AD:0B:32:C0:86:29:99:C4:29:22:66:E1:F3:D7:E5:A5:BE:9D:B2:8B
Certificate issuer: /CN=9442ced12d7bb049cd1cdf8df7ba5a957655386c
Certificate serial: 01856F8254FEFD97B4DC87E572406B407BB0
Authority key identifier: 94:42:CE:D1:2D:7B:B0:49:CD:1C:DF:8D:F7:BA:5A:95:76:55:38:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lELO0S17sEnNHN-N97palXZVOGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/9f2ffa-237b-474b-8880-46fd46d6b547/1/rQsywIYpmcQpImbh89flpb6dsos.roa
Signing time: Sun 01 Jan 2023 22:44:50 +0000
ROA not before: Sun 01 Jan 2023 22:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51263
IP address blocks: 185.164.180.0/22 maxlen: 22
2a0b:4c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:54:fe:fd:97:b4:dc:87:e5:72:40:6b:40:7b:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9442ced12d7bb049cd1cdf8df7ba5a957655386c
Validity
Not Before: Jan 1 22:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad0b32c0862999c4292266e1f3d7e5a5be9db28b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9f:01:b9:ef:53:cc:86:ef:67:86:28:1d:84:
25:22:57:70:6b:b0:49:72:95:4c:e5:e7:fa:4a:aa:
6d:4d:fb:01:5a:19:2f:d8:26:68:97:b3:55:91:fe:
ff:41:fa:1f:e7:1e:27:c1:0c:54:b3:ec:ac:dc:5c:
5b:da:74:96:b9:e5:bc:f1:ce:7d:8d:6e:48:36:e6:
30:2d:73:fc:9f:7a:a5:bd:07:b2:53:4d:4a:59:49:
ad:93:ad:ac:1e:15:0c:25:a0:c0:9c:5d:fd:98:29:
bd:4e:1d:ef:b5:6a:22:98:d4:d7:db:91:0f:d3:9c:
72:76:c2:ce:66:75:ae:39:d3:bd:bf:6a:04:c5:22:
26:4a:0b:98:5d:56:5a:67:41:8b:01:ac:d0:91:2e:
cf:53:d7:f2:ef:a1:b5:09:e5:c7:59:83:b2:1b:ba:
9d:ee:30:1d:cb:3d:79:af:14:e9:0a:25:f8:8d:ee:
3f:f3:b1:e2:cb:cb:96:e6:c6:3e:62:88:07:0a:d1:
42:b9:70:33:b7:f0:0b:6e:a2:be:e8:23:1c:90:05:
ac:3f:c7:72:eb:6a:eb:b3:e0:df:4f:69:fe:da:6d:
ec:6c:e8:70:a0:7b:3c:bb:90:0f:a3:ff:44:8a:c4:
aa:e6:01:40:44:a2:be:dc:73:c2:81:d4:90:87:7c:
78:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:0B:32:C0:86:29:99:C4:29:22:66:E1:F3:D7:E5:A5:BE:9D:B2:8B
X509v3 Authority Key Identifier:
keyid:94:42:CE:D1:2D:7B:B0:49:CD:1C:DF:8D:F7:BA:5A:95:76:55:38:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lELO0S17sEnNHN-N97palXZVOGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/9f2ffa-237b-474b-8880-46fd46d6b547/1/rQsywIYpmcQpImbh89flpb6dsos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/9f2ffa-237b-474b-8880-46fd46d6b547/1/lELO0S17sEnNHN-N97palXZVOGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.180.0/22
IPv6:
2a0b:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
02:88:ac:82:8d:64:b7:d9:19:68:8f:23:8a:3c:ec:4e:35:6c:
a5:f5:48:06:a6:d5:61:ff:6a:46:79:2f:5c:54:50:d4:f5:af:
d9:79:fc:8d:86:d4:0c:b0:8a:4c:d8:76:41:cf:a9:40:bf:9b:
e0:ee:c7:cd:32:4a:e2:90:a1:9e:0b:47:4b:0d:a3:b3:bd:ba:
5f:9d:c6:e5:be:53:64:b7:99:24:52:93:c6:3f:48:e7:ea:a6:
5f:c8:21:76:be:94:77:53:12:b8:0c:ed:db:07:57:3f:11:20:
5b:e7:6f:5c:76:07:86:0d:21:dc:0d:cc:d5:0e:c2:eb:72:9c:
a9:dc:85:b4:34:59:18:13:1d:a6:1d:9a:86:4e:ad:f1:df:38:
ce:9a:fb:5b:a9:3e:c1:b9:0d:ae:c2:45:24:af:81:7f:7a:14:
0a:86:4b:2e:80:fd:ea:cb:15:73:33:c6:1c:07:95:77:d7:31:
3a:b2:7c:5e:ae:03:1e:33:6f:44:f4:4c:94:e0:f2:1a:1a:e1:
a2:ec:d5:7d:ab:3c:be:43:3c:84:69:9c:67:33:9f:de:c2:5e:
cc:56:7a:f9:21:dc:16:4f:2b:d7:52:d9:f3:77:66:14:cf:c9:
a2:57:5e:93:e5:5f:21:db:9d:d3:e9:98:76:65:a7:91:5b:18:
36:2d:43:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvglT+/Ze03IflckBrQHuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NDJjZWQxMmQ3YmIwNDljZDFjZGY4ZGY3YmE1YTk1NzY1
NTM4NmMwHhcNMjMwMTAxMjI0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDBiMzJjMDg2Mjk5OWM0MjkyMjY2ZTFmM2Q3ZTVhNWJlOWRiMjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx58Bue9TzIbvZ4YoHYQlIldwa7BJ
cpVM5ef6SqptTfsBWhkv2CZol7NVkf7/Qfof5x4nwQxUs+ys3Fxb2nSWueW88c59
jW5INuYwLXP8n3qlvQeyU01KWUmtk62sHhUMJaDAnF39mCm9Th3vtWoimNTX25EP
05xydsLOZnWuOdO9v2oExSImSguYXVZaZ0GLAazQkS7PU9fy76G1CeXHWYOyG7qd
7jAdyz15rxTpCiX4je4/87Hiy8uW5sY+YogHCtFCuXAzt/ALbqK+6CMckAWsP8dy
62rrs+DfT2n+2m3sbOhwoHs8u5APo/9EisSq5gFARKK+3HPCgdSQh3x4qQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK0LMsCGKZnEKSJm4fPX5aW+nbKLMB8GA1UdIwQY
MBaAFJRCztEte7BJzRzfjfe6WpV2VThsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEVMTzBTMTdzRW5OSE4tTjk3cGFsWFpWT0d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi85ZjJmZmEtMjM3Yi00NzRiLTg4ODAt
NDZmZDQ2ZDZiNTQ3LzEvclFzeXdJWXBtY1FwSW1iaDg5ZmxwYjZkc29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi85ZjJmZmEtMjM3Yi00NzRiLTg4ODAtNDZmZDQ2ZDZiNTQ3
LzEvbEVMTzBTMTdzRW5OSE4tTjk3cGFsWFpWT0d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaS0MA0E
AgACMAcDBQMqC0wAMA0GCSqGSIb3DQEBCwUAA4IBAQACiKyCjWS32RlojyOKPOxO
NWyl9UgGptVh/2pGeS9cVFDU9a/ZefyNhtQMsIpM2HZBz6lAv5vg7sfNMkrikKGe
C0dLDaOzvbpfncblvlNkt5kkUpPGP0jn6qZfyCF2vpR3UxK4DO3bB1c/ESBb529c
dgeGDSHcDczVDsLrcpyp3IW0NFkYEx2mHZqGTq3x3zjOmvtbqT7BuQ2uwkUkr4F/
ehQKhksugP3qyxVzM8YcB5V31zE6snxergMeM29E9EyU4PIaGuGi7NV9qzy+QzyE
aZxnM5/ewl7MVnr5IdwWTyvXUtnzd2YUz8miV16T5V8h253T6Zh2ZaeRWxg2LUMV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:15 2024 by rpki-client on console-fra.rpki-client.org