Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f58da0-dfbe-416a-bfaa-36170cd81330/1/rpZCPmqbhDyBPpt3cnJ5YjEudO0.roa
File: rpZCPmqbhDyBPpt3cnJ5YjEudO0.roa (raw, json)
Hash identifier: XkF4hcLvabdoDd7qlEK5KO2vH+voaLfU2v1MvtoCfus=
Subject key identifier: AE:96:42:3E:6A:9B:84:3C:81:3E:9B:77:72:72:79:62:31:2E:74:ED
Certificate issuer: /CN=987caf0cb6b3301cc084a25d5c21410a92ca7e36
Certificate serial: 018CC72657A5BCDF2364B8F1053D7F16054A
Authority key identifier: 98:7C:AF:0C:B6:B3:30:1C:C0:84:A2:5D:5C:21:41:0A:92:CA:7E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHyvDLazMBzAhKJdXCFBCpLKfjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f58da0-dfbe-416a-bfaa-36170cd81330/1/rpZCPmqbhDyBPpt3cnJ5YjEudO0.roa
Signing time: Mon 01 Jan 2024 22:30:27 +0000
ROA not before: Mon 01 Jan 2024 22:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12703
IP address blocks: 185.43.48.0/22 maxlen: 22
2a01:5ae0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Jan 2024 10:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:57:a5:bc:df:23:64:b8:f1:05:3d:7f:16:05:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=987caf0cb6b3301cc084a25d5c21410a92ca7e36
Validity
Not Before: Jan 1 22:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae96423e6a9b843c813e9b7772727962312e74ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:33:ec:f2:33:2a:7e:0b:57:56:35:6d:35:ed:
a8:07:8b:5e:46:7f:64:32:13:1c:a2:1a:4b:7d:bf:
db:ad:19:f7:81:63:7e:2a:2c:cd:13:66:ef:1c:d6:
f0:f1:65:7d:34:f7:4b:35:67:63:3a:be:62:4e:6f:
00:48:f1:df:17:ed:79:05:10:f8:fb:3c:29:d8:24:
7e:e9:95:43:ee:a2:a3:f8:98:c6:b9:d2:f8:10:50:
6b:e7:25:82:02:ca:b3:f4:62:5f:de:26:b1:f9:fb:
41:de:c9:9c:04:41:da:f5:66:f5:2e:a2:af:08:a7:
34:93:7b:3b:b2:b8:44:44:61:1c:39:18:b2:98:68:
7f:2c:33:a7:28:b2:0f:f8:90:62:26:b9:a2:08:21:
13:45:e6:6f:3b:bb:a0:44:3f:29:da:31:85:61:be:
db:8a:48:3b:a1:ec:a6:ef:78:65:83:ed:ee:16:2a:
f2:82:cc:c1:33:b6:fc:21:4f:57:76:2f:18:be:46:
ca:8a:f5:62:f6:1c:08:62:20:ee:bc:a1:96:81:fb:
86:e5:e1:a1:c6:d5:82:71:6a:fd:c2:a1:ee:65:23:
59:2c:bc:fa:3e:1f:b0:c1:e0:b1:45:8c:ee:7c:1d:
63:f2:6e:80:44:71:29:75:87:b1:c9:9c:6a:55:07:
75:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:96:42:3E:6A:9B:84:3C:81:3E:9B:77:72:72:79:62:31:2E:74:ED
X509v3 Authority Key Identifier:
keyid:98:7C:AF:0C:B6:B3:30:1C:C0:84:A2:5D:5C:21:41:0A:92:CA:7E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHyvDLazMBzAhKJdXCFBCpLKfjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f58da0-dfbe-416a-bfaa-36170cd81330/1/rpZCPmqbhDyBPpt3cnJ5YjEudO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f58da0-dfbe-416a-bfaa-36170cd81330/1/mHyvDLazMBzAhKJdXCFBCpLKfjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.48.0/22
IPv6:
2a01:5ae0::/32
Signature Algorithm: sha256WithRSAEncryption
9b:aa:44:39:f6:60:9d:d4:1a:c3:74:08:c4:d7:8d:8c:2d:2b:
95:a5:1e:10:21:4d:ff:fe:0f:79:8c:76:df:f2:b7:3d:46:1c:
01:aa:3c:89:76:1a:c6:32:83:47:35:c2:d7:5f:83:dc:53:5d:
c4:4b:4d:28:25:ac:e3:02:0c:52:3d:ea:62:71:5f:23:88:57:
30:bf:c5:19:67:1d:8b:1f:f3:5b:c6:2f:71:85:46:7f:75:e6:
29:c4:db:2e:9a:dd:06:a9:94:89:d4:8b:2f:42:2d:0d:24:b2:
9a:69:23:ca:7c:5b:a1:5c:b6:22:e5:36:02:53:6b:90:8f:54:
ad:69:25:4e:fd:15:a0:c4:6f:d5:82:35:d7:5b:d9:45:36:09:
d8:03:d3:3d:95:00:ca:02:9d:fb:c2:98:2e:9f:e0:85:7c:31:
cf:6f:a1:f2:0f:7a:71:a0:da:6e:d7:62:ed:35:67:b4:86:89:
2c:1b:07:79:05:b7:30:19:58:bb:07:b2:e9:4e:c7:ca:dc:d7:
f6:d2:dc:94:9f:65:68:20:cf:c9:58:80:03:0f:8d:61:26:82:
ec:30:e4:c6:ab:fd:24:99:14:97:c3:11:2d:45:80:a8:aa:e7:
c9:01:7a:db:01:48:3c:c5:e3:ca:38:02:e9:75:84:4d:57:88:
85:5e:c4:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJlelvN8jZLjxBT1/FgVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4N2NhZjBjYjZiMzMwMWNjMDg0YTI1ZDVjMjE0MTBhOTJj
YTdlMzYwHhcNMjQwMTAxMjIzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTk2NDIzZTZhOWI4NDNjODEzZTliNzc3MjcyNzk2MjMxMmU3NGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjPs8jMqfgtXVjVtNe2oB4teRn9k
MhMcohpLfb/brRn3gWN+KizNE2bvHNbw8WV9NPdLNWdjOr5iTm8ASPHfF+15BRD4
+zwp2CR+6ZVD7qKj+JjGudL4EFBr5yWCAsqz9GJf3iax+ftB3smcBEHa9Wb1LqKv
CKc0k3s7srhERGEcORiymGh/LDOnKLIP+JBiJrmiCCETReZvO7ugRD8p2jGFYb7b
ikg7oeym73hlg+3uFirygszBM7b8IU9Xdi8YvkbKivVi9hwIYiDuvKGWgfuG5eGh
xtWCcWr9wqHuZSNZLLz6Ph+wweCxRYzufB1j8m6ARHEpdYexyZxqVQd1awIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK6WQj5qm4Q8gT6bd3JyeWIxLnTtMB8GA1UdIwQY
MBaAFJh8rwy2szAcwISiXVwhQQqSyn42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUh5dkRMYXpNQnpBaEtKZFhDRkJDcExLZmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mNThkYTAtZGZiZS00MTZhLWJmYWEt
MzYxNzBjZDgxMzMwLzEvcnBaQ1BtcWJoRHlCUHB0M2NuSjVZakV1ZE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mNThkYTAtZGZiZS00MTZhLWJmYWEtMzYxNzBjZDgxMzMw
LzEvbUh5dkRMYXpNQnpBaEtKZFhDRkJDcExLZmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSswMA0E
AgACMAcDBQAqAVrgMA0GCSqGSIb3DQEBCwUAA4IBAQCbqkQ59mCd1BrDdAjE142M
LSuVpR4QIU3//g95jHbf8rc9RhwBqjyJdhrGMoNHNcLXX4PcU13ES00oJazjAgxS
PepicV8jiFcwv8UZZx2LH/Nbxi9xhUZ/deYpxNsumt0GqZSJ1IsvQi0NJLKaaSPK
fFuhXLYi5TYCU2uQj1StaSVO/RWgxG/VgjXXW9lFNgnYA9M9lQDKAp37wpgun+CF
fDHPb6HyD3pxoNpu12LtNWe0hoksGwd5BbcwGVi7B7LpTsfK3Nf20tyUn2VoIM/J
WIADD41hJoLsMOTGq/0kmRSXwxEtRYCoqufJAXrbAUg8xePKOALpdYRNV4iFXsQZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:15 2024 by rpki-client on console-ams.rpki-client.org