Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/lAEVA90ATE8Bj6dl24lrEB0O8f4.roa
File: lAEVA90ATE8Bj6dl24lrEB0O8f4.roa (raw, json)
Hash identifier: /dKzfNJKvE7WKS3dCbOzA4m+xRs/7wi85wZNBuGp5oQ=
Subject key identifier: 94:01:15:03:DD:00:4C:4F:01:8F:A7:65:DB:89:6B:10:1D:0E:F1:FE
Certificate issuer: /CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Certificate serial: 0187B1FA92727BB9651B8F2051C27C26570A
Authority key identifier: EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/lAEVA90ATE8Bj6dl24lrEB0O8f4.roa
Signing time: Mon 24 Apr 2023 06:36:41 +0000
ROA not before: Mon 24 Apr 2023 06:36:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210512
IP address blocks: 185.236.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b1:fa:92:72:7b:b9:65:1b:8f:20:51:c2:7c:26:57:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Validity
Not Before: Apr 24 06:36:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94011503dd004c4f018fa765db896b101d0ef1fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:80:73:2a:1b:50:db:a0:20:8b:4f:0b:c2:db:
f7:b9:ef:59:ec:37:58:4c:f1:42:f4:68:be:54:c5:
d2:23:eb:06:24:81:2a:75:bc:31:e3:16:a4:17:f8:
2a:02:1f:d4:42:a0:66:c5:76:ec:a9:98:fd:cd:1d:
19:9e:99:30:be:8f:26:5c:4d:e0:31:53:76:c9:ae:
60:75:80:01:24:c0:af:b2:09:60:02:de:00:83:06:
b1:a8:e0:93:2d:e6:10:70:81:3e:01:74:fd:30:c5:
eb:bd:80:3d:4b:2f:d7:04:01:c4:24:67:fa:57:8c:
50:d5:d0:e2:3c:de:a4:fb:98:0b:a6:a0:df:5c:84:
3b:98:82:df:68:57:fb:bc:ca:0b:bd:16:73:e6:8c:
0f:09:a3:df:fc:6c:ef:ce:24:34:24:ca:df:61:e3:
e3:76:74:17:e9:97:74:e8:2e:82:6a:52:5b:8f:30:
89:05:0b:16:00:05:b3:11:d9:11:a7:f5:fb:53:3e:
26:43:3a:11:d3:3b:8e:b1:df:64:e1:24:55:f0:c4:
bd:62:e1:dd:26:cf:cd:e0:39:da:6f:41:ad:f4:b6:
fb:57:68:a8:1b:2d:65:ff:b6:8a:53:5c:9c:ac:63:
47:4a:5d:31:58:a6:50:eb:f1:8e:9f:aa:fc:1e:ec:
6a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:01:15:03:DD:00:4C:4F:01:8F:A7:65:DB:89:6B:10:1D:0E:F1:FE
X509v3 Authority Key Identifier:
keyid:EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/lAEVA90ATE8Bj6dl24lrEB0O8f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.20.0/24
Signature Algorithm: sha256WithRSAEncryption
13:15:13:48:c2:6b:60:90:32:86:d7:7a:46:4d:c1:18:0b:09:
0a:41:cf:46:a7:f1:60:fb:82:d0:c1:dc:c9:85:5a:32:46:ac:
25:2a:f4:d8:c3:3d:14:7f:ea:df:00:e3:1f:54:0d:2b:0f:16:
7e:ab:cf:e9:10:72:24:96:0b:a2:75:89:f4:e0:5e:97:2d:30:
8e:01:eb:0a:56:1c:61:d7:6a:94:08:2a:64:f8:fd:a3:14:8b:
a2:f3:ca:a5:a5:e7:69:35:72:03:cd:11:81:96:0a:db:a2:f2:
03:46:47:9a:80:56:73:1a:a5:4a:81:59:2c:d9:68:f1:6a:7f:
39:be:31:a9:8d:0d:76:a2:74:e8:36:45:5d:17:8d:d6:fa:e2:
9c:84:a3:61:e8:39:ad:9b:b7:be:e4:93:46:f1:0c:b3:f8:84:
a1:a1:db:fd:37:df:96:43:f6:ac:80:8f:6b:eb:91:2a:29:1a:
58:ec:31:1c:11:a5:51:a5:cc:81:59:3e:de:c4:e2:db:12:87:
a9:b5:c8:60:af:bc:69:73:88:27:38:e9:ad:96:c7:f6:d9:d8:
31:87:0a:5b:97:c9:59:a6:10:e0:66:55:bc:da:3c:15:0f:61:
5b:fe:da:cb:0f:d2:01:4a:69:00:d8:5b:c7:9a:1e:30:7b:24:
1c:92:a8:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYex+pJye7llG48gUcJ8JlcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjdjYTlmZmFmZTcyYTMwOTY2ZjdlNDNkOTJiNThlNzc0
Y2U3NDEwHhcNMjMwNDI0MDYzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDAxMTUwM2RkMDA0YzRmMDE4ZmE3NjVkYjg5NmIxMDFkMGVmMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IBzKhtQ26Agi08Lwtv3ue9Z7DdY
TPFC9Gi+VMXSI+sGJIEqdbwx4xakF/gqAh/UQqBmxXbsqZj9zR0Znpkwvo8mXE3g
MVN2ya5gdYABJMCvsglgAt4AgwaxqOCTLeYQcIE+AXT9MMXrvYA9Sy/XBAHEJGf6
V4xQ1dDiPN6k+5gLpqDfXIQ7mILfaFf7vMoLvRZz5owPCaPf/GzvziQ0JMrfYePj
dnQX6Zd06C6CalJbjzCJBQsWAAWzEdkRp/X7Uz4mQzoR0zuOsd9k4SRV8MS9YuHd
Js/N4Dnab0Gt9Lb7V2ioGy1l/7aKU1ycrGNHSl0xWKZQ6/GOn6r8HuxqpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQBFQPdAExPAY+nZduJaxAdDvH+MB8GA1UdIwQY
MBaAFOz3yp/6/nKjCWb35D2StY53TOdBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUt
OTgxZmJiMzQ0MmRkLzEvbEFFVkE5MEFURThCajZkbDI0bHJFQjBPOGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUtOTgxZmJiMzQ0MmRk
LzEvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuewUMA0G
CSqGSIb3DQEBCwUAA4IBAQATFRNIwmtgkDKG13pGTcEYCwkKQc9Gp/Fg+4LQwdzJ
hVoyRqwlKvTYwz0Uf+rfAOMfVA0rDxZ+q8/pEHIklguidYn04F6XLTCOAesKVhxh
12qUCCpk+P2jFIui88qlpedpNXIDzRGBlgrbovIDRkeagFZzGqVKgVks2Wjxan85
vjGpjQ12onToNkVdF43W+uKchKNh6Dmtm7e+5JNG8Qyz+IShodv9N9+WQ/asgI9r
65EqKRpY7DEcEaVRpcyBWT7exOLbEoeptchgr7xpc4gnOOmtlsf22dgxhwpbl8lZ
phDgZlW82jwVD2Fb/trLD9IBSmkA2FvHmh4weyQckqjF
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:00 2024 by rpki-client on console-fra.rpki-client.org