Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c96247-e979-4e58-89f6-eebdcbd3aee8/1/1-AVQL9GPhfbXPo3yvlZgbObNjrE.roa
File: 1-AVQL9GPhfbXPo3yvlZgbObNjrE.roa (raw, json)
Hash identifier: rBCjtDt8d6Ore3zWewBezV/niHmk0TVhbH/9AXe9+kM=
Subject key identifier: F8:05:50:2F:D1:8F:85:F6:D7:3E:8D:F2:BE:56:60:6C:E6:CD:8E:B1
Certificate issuer: /CN=6b1a57f06ef72007dd6193f960a616344b73301f
Certificate serial: 0185718C27F7186C39D9BD8B17E7E767A0CD
Authority key identifier: 6B:1A:57:F0:6E:F7:20:07:DD:61:93:F9:60:A6:16:34:4B:73:30:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/axpX8G73IAfdYZP5YKYWNEtzMB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c96247-e979-4e58-89f6-eebdcbd3aee8/1/1-AVQL9GPhfbXPo3yvlZgbObNjrE.roa
Signing time: Mon 02 Jan 2023 08:14:48 +0000
ROA not before: Mon 02 Jan 2023 08:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203052
IP address blocks: 185.146.140.0/22 maxlen: 22
2a07:5100::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:27:f7:18:6c:39:d9:bd:8b:17:e7:e7:67:a0:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b1a57f06ef72007dd6193f960a616344b73301f
Validity
Not Before: Jan 2 08:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f805502fd18f85f6d73e8df2be56606ce6cd8eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:52:c8:ec:8e:66:92:1f:f5:7a:1e:0e:ec:3d:
64:73:de:c0:28:74:33:fb:25:f4:72:99:6a:9f:52:
4d:de:5b:77:5c:87:f2:67:27:35:7c:b5:2b:53:54:
90:00:4c:89:2b:24:e9:3c:50:af:03:af:8d:3f:1e:
9b:98:50:53:23:74:f8:89:81:85:cc:57:6c:b0:fa:
08:07:11:5f:c3:1c:15:70:47:0a:28:cc:36:70:f6:
5a:03:12:c8:1a:6c:e3:94:f9:c2:48:d0:90:31:c9:
fb:c3:99:1b:ad:e7:18:f1:68:2b:73:74:05:ee:54:
e6:35:71:a0:a9:af:b1:9e:95:b7:af:37:7c:51:28:
07:3a:08:2d:1a:b3:5c:05:2f:00:c8:90:67:27:2b:
f0:d6:da:02:21:1b:f0:dd:fa:3f:d8:61:49:a1:5a:
27:79:5d:07:15:60:f4:14:1d:b5:0d:96:59:bb:1a:
df:f0:7a:94:d5:5b:24:22:20:d1:51:35:23:d4:92:
20:b9:4f:c2:b2:99:4a:7e:67:be:2a:9d:e8:86:cb:
5b:55:ce:69:55:ff:4e:25:58:65:3c:76:c2:83:8f:
0e:5f:1d:9c:af:0b:1a:af:c9:76:07:2f:9d:c7:72:
85:33:5b:88:7c:75:72:d2:e1:60:e6:80:db:dc:37:
75:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:05:50:2F:D1:8F:85:F6:D7:3E:8D:F2:BE:56:60:6C:E6:CD:8E:B1
X509v3 Authority Key Identifier:
keyid:6B:1A:57:F0:6E:F7:20:07:DD:61:93:F9:60:A6:16:34:4B:73:30:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/axpX8G73IAfdYZP5YKYWNEtzMB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c96247-e979-4e58-89f6-eebdcbd3aee8/1/1-AVQL9GPhfbXPo3yvlZgbObNjrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c96247-e979-4e58-89f6-eebdcbd3aee8/1/axpX8G73IAfdYZP5YKYWNEtzMB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.140.0/22
IPv6:
2a07:5100::/29
Signature Algorithm: sha256WithRSAEncryption
ac:ab:12:a3:23:9c:6f:3a:ac:b3:41:f5:5d:a7:30:fb:c6:12:
85:c2:2c:7c:09:f1:96:93:77:d4:d9:b6:2b:ca:f8:76:26:ac:
b6:1a:7e:43:c9:10:e5:37:52:38:fc:57:d1:77:c2:b8:a2:7e:
33:25:fb:6e:8a:2e:47:73:3c:49:50:29:47:15:a7:4e:83:4e:
5b:c3:ec:11:13:fb:65:2b:ca:96:cd:2e:7f:7c:a1:d6:9b:a5:
98:ca:84:a6:0a:a9:93:0e:4a:9a:1f:0d:6b:81:54:fb:1e:3c:
24:db:72:17:27:2d:a4:b8:bf:9f:15:a8:77:02:b8:ff:3e:25:
75:2f:32:00:ca:fb:e7:ea:c7:4c:f6:ea:09:5d:2c:9f:8b:a1:
0c:95:00:7c:bc:ef:e4:20:02:88:b3:2d:fb:05:ad:31:89:03:
da:00:3c:d3:9f:60:27:4f:20:32:23:ed:e7:70:35:6e:60:82:
92:72:6f:87:fa:42:73:dd:92:5c:1b:4f:9d:ce:c7:ca:55:36:
ff:86:4d:c7:57:c5:31:74:24:ce:46:0b:d0:e7:d3:f0:04:ac:
dc:ee:72:bf:6d:0f:e6:bd:97:28:ad:bc:ec:77:b6:7c:ba:25:
2d:68:07:bd:32:09:c6:a9:ac:8f:d5:db:ec:79:dc:01:ef:9e:
15:f2:8d:39
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVxjCf3GGw52b2LF+fnZ6DNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMWE1N2YwNmVmNzIwMDdkZDYxOTNmOTYwYTYxNjM0NGI3
MzMwMWYwHhcNMjMwMTAyMDgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODA1NTAyZmQxOGY4NWY2ZDczZThkZjJiZTU2NjA2Y2U2Y2Q4ZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFLI7I5mkh/1eh4O7D1kc97AKHQz
+yX0cplqn1JN3lt3XIfyZyc1fLUrU1SQAEyJKyTpPFCvA6+NPx6bmFBTI3T4iYGF
zFdssPoIBxFfwxwVcEcKKMw2cPZaAxLIGmzjlPnCSNCQMcn7w5kbrecY8Wgrc3QF
7lTmNXGgqa+xnpW3rzd8USgHOggtGrNcBS8AyJBnJyvw1toCIRvw3fo/2GFJoVon
eV0HFWD0FB21DZZZuxrf8HqU1VskIiDRUTUj1JIguU/CsplKfme+Kp3ohstbVc5p
Vf9OJVhlPHbCg48OXx2crwsar8l2By+dx3KFM1uIfHVy0uFg5oDb3Dd1dQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPgFUC/Rj4X21z6N8r5WYGzmzY6xMB8GA1UdIwQY
MBaAFGsaV/Bu9yAH3WGT+WCmFjRLczAfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXhwWDhHNzNJQWZkWVpQNVlLWVdORXR6TUI4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jOTYyNDctZTk3OS00ZTU4LTg5ZjYt
ZWViZGNiZDNhZWU4LzEvMS1BVlFMOUdQaGZiWFBvM3l2bFpnYk9iTmpyRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDUvYzk2MjQ3LWU5NzktNGU1OC04OWY2LWVlYmRjYmQzYWVl
OC8xL2F4cFg4RzczSUFmZFlaUDVZS1lXTkV0ek1COC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmSjDAN
BAIAAjAHAwUDKgdRADANBgkqhkiG9w0BAQsFAAOCAQEArKsSoyOcbzqss0H1Xacw
+8YShcIsfAnxlpN31Nm2K8r4diasthp+Q8kQ5TdSOPxX0XfCuKJ+MyX7boouR3M8
SVApRxWnToNOW8PsERP7ZSvKls0uf3yh1pulmMqEpgqpkw5Kmh8Na4FU+x48JNty
FyctpLi/nxWodwK4/z4ldS8yAMr75+rHTPbqCV0sn4uhDJUAfLzv5CACiLMt+wWt
MYkD2gA8059gJ08gMiPt53A1bmCCknJvh/pCc92SXBtPnc7HylU2/4ZNx1fFMXQk
zkYL0OfT8ASs3O5yv20P5r2XKK287He2fLolLWgHvTIJxqmsj9Xb7HncAe+eFfKN
OQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:39:59 2024 by rpki-client on console-ams.rpki-client.org