Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/64773f-7c7e-4898-b193-08d8e50fc9c5/1/rnX3BCrFnqAtNhBQhObWpVSDfEw.roa
File: rnX3BCrFnqAtNhBQhObWpVSDfEw.roa (raw, json)
Hash identifier: wE5JW0OIGKeS0KcM5d9DK7ASsxrKVc36ftlI0JfQkgk=
Subject key identifier: AE:75:F7:04:2A:C5:9E:A0:2D:36:10:50:84:E6:D6:A5:54:83:7C:4C
Certificate issuer: /CN=495c7427af74da9454f1e287c16f9a5f3a77831f
Certificate serial: 01856C53CA688504D253B2BD76120B3E5E2C
Authority key identifier: 49:5C:74:27:AF:74:DA:94:54:F1:E2:87:C1:6F:9A:5F:3A:77:83:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SVx0J6902pRU8eKHwW-aXzp3gx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/64773f-7c7e-4898-b193-08d8e50fc9c5/1/rnX3BCrFnqAtNhBQhObWpVSDfEw.roa
Signing time: Sun 01 Jan 2023 07:55:08 +0000
ROA not before: Sun 01 Jan 2023 07:55:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61110
IP address blocks: 185.153.192.0/22 maxlen: 22
185.153.192.0/23 maxlen: 23
2a07:8d80::/29 maxlen: 29
2a07:8d84::/32 maxlen: 32
2a07:8d80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:ca:68:85:04:d2:53:b2:bd:76:12:0b:3e:5e:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=495c7427af74da9454f1e287c16f9a5f3a77831f
Validity
Not Before: Jan 1 07:55:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae75f7042ac59ea02d36105084e6d6a554837c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e7:e1:17:dc:3f:86:ce:fd:04:6a:68:54:09:
8b:fc:0e:e7:c0:72:20:fb:b4:df:d3:15:1f:72:d6:
ba:41:24:88:30:68:f3:b9:be:e8:a3:6c:f1:71:25:
da:f4:91:08:21:9b:1e:0c:8d:ea:4e:25:28:7c:e2:
d9:fe:6c:f4:c3:2a:9c:47:ce:8d:3e:3a:09:a6:a2:
01:6a:99:25:82:c5:ef:c5:fe:d2:40:46:28:50:41:
64:5a:c8:1e:70:60:ec:b7:58:f5:da:bc:f6:82:0d:
e8:7a:91:2f:eb:98:e9:a1:18:b2:40:07:f9:6f:a0:
7c:1d:49:3c:ec:e9:d2:68:28:d3:a1:0d:bb:4b:de:
a1:b7:50:90:bc:5c:b6:20:a5:96:87:b2:e6:e5:a9:
36:01:0b:1d:13:9a:15:56:9c:7c:29:10:8d:52:4c:
88:48:a6:0c:47:b4:27:5b:1f:21:32:61:45:94:cf:
de:e6:f1:e3:db:84:07:24:dc:38:d4:5b:f7:ad:65:
58:1c:43:80:7b:79:be:ef:0b:83:60:2f:2f:d1:eb:
73:8a:8f:18:31:3c:3c:dd:ea:bb:ec:30:ce:7f:d4:
7b:7f:00:04:31:bc:58:e8:6f:c7:24:79:c6:ed:2b:
33:de:48:21:a5:b0:e0:d0:69:ef:6c:d7:a3:76:01:
5a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:75:F7:04:2A:C5:9E:A0:2D:36:10:50:84:E6:D6:A5:54:83:7C:4C
X509v3 Authority Key Identifier:
keyid:49:5C:74:27:AF:74:DA:94:54:F1:E2:87:C1:6F:9A:5F:3A:77:83:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVx0J6902pRU8eKHwW-aXzp3gx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/64773f-7c7e-4898-b193-08d8e50fc9c5/1/rnX3BCrFnqAtNhBQhObWpVSDfEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/64773f-7c7e-4898-b193-08d8e50fc9c5/1/SVx0J6902pRU8eKHwW-aXzp3gx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.192.0/22
IPv6:
2a07:8d80::/29
Signature Algorithm: sha256WithRSAEncryption
5b:35:a8:21:82:31:f4:3c:3c:76:d3:db:60:cf:19:3b:0b:67:
df:76:63:f5:2d:13:b0:a7:56:f5:a0:70:e3:55:62:78:7d:c5:
1c:1f:cf:f9:a2:80:87:47:15:08:0a:02:79:d1:3b:a1:0d:c1:
5b:5e:d3:96:ca:59:b7:e7:5a:8e:bd:64:0f:78:e6:2f:f7:79:
85:4c:d7:e6:8d:f8:dd:73:e5:ed:fc:79:cc:15:4c:e7:3f:5a:
99:c3:ef:2e:6b:7a:62:19:f1:35:db:14:cd:30:28:05:c6:73:
08:15:49:d6:43:da:3f:c3:d6:fa:d7:81:83:a1:78:e7:b6:73:
78:3b:98:8e:8d:10:ff:75:ea:b1:44:76:46:92:ba:84:2a:1f:
67:df:36:da:54:07:ed:c3:38:7c:82:e0:05:7b:cd:04:e0:ed:
f2:64:7c:9d:cf:31:a2:9e:42:71:ca:19:bf:e5:b7:51:54:c3:
2e:aa:10:4b:6b:10:c6:eb:21:84:3f:11:75:a9:e8:ae:d8:a4:
4c:46:0f:7b:a2:7f:11:28:8a:f8:79:08:1f:f3:e1:5f:3f:b7:
c4:7e:ec:db:06:de:ca:dd:5a:a4:c4:d6:dc:4c:a0:0f:49:13:
18:b2:fa:d4:3b:d8:e8:cb:fc:28:8e:45:41:06:39:c9:b6:2d:
97:bb:d6:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsU8pohQTSU7K9dhILPl4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NWM3NDI3YWY3NGRhOTQ1NGYxZTI4N2MxNmY5YTVmM2E3
NzgzMWYwHhcNMjMwMTAxMDc1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTc1ZjcwNDJhYzU5ZWEwMmQzNjEwNTA4NGU2ZDZhNTU0ODM3YzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlufhF9w/hs79BGpoVAmL/A7nwHIg
+7Tf0xUfcta6QSSIMGjzub7oo2zxcSXa9JEIIZseDI3qTiUofOLZ/mz0wyqcR86N
PjoJpqIBapklgsXvxf7SQEYoUEFkWsgecGDst1j12rz2gg3oepEv65jpoRiyQAf5
b6B8HUk87OnSaCjToQ27S96ht1CQvFy2IKWWh7Lm5ak2AQsdE5oVVpx8KRCNUkyI
SKYMR7QnWx8hMmFFlM/e5vHj24QHJNw41Fv3rWVYHEOAe3m+7wuDYC8v0etzio8Y
MTw83eq77DDOf9R7fwAEMbxY6G/HJHnG7Ssz3kghpbDg0GnvbNejdgFaFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK519wQqxZ6gLTYQUITm1qVUg3xMMB8GA1UdIwQY
MBaAFElcdCevdNqUVPHih8Fvml86d4MfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1Z4MEo2OTAycFJVOGVLSHdXLWFYenAzZ3g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82NDc3M2YtN2M3ZS00ODk4LWIxOTMt
MDhkOGU1MGZjOWM1LzEvcm5YM0JDckZucUF0TmhCUWhPYldwVlNEZkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82NDc3M2YtN2M3ZS00ODk4LWIxOTMtMDhkOGU1MGZjOWM1
LzEvU1Z4MEo2OTAycFJVOGVLSHdXLWFYenAzZ3g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZnAMA0E
AgACMAcDBQMqB42AMA0GCSqGSIb3DQEBCwUAA4IBAQBbNaghgjH0PDx209tgzxk7
C2ffdmP1LROwp1b1oHDjVWJ4fcUcH8/5ooCHRxUICgJ50TuhDcFbXtOWylm351qO
vWQPeOYv93mFTNfmjfjdc+Xt/HnMFUznP1qZw+8ua3piGfE12xTNMCgFxnMIFUnW
Q9o/w9b614GDoXjntnN4O5iOjRD/deqxRHZGkrqEKh9n3zbaVAftwzh8guAFe80E
4O3yZHydzzGinkJxyhm/5bdRVMMuqhBLaxDG6yGEPxF1qeiu2KRMRg97on8RKIr4
eQgf8+FfP7fEfuzbBt7K3VqkxNbcTKAPSRMYsvrUO9joy/wojkVBBjnJti2Xu9aT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:40 2024 by rpki-client on console-ams.rpki-client.org