Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/140105-e462-48d2-a58f-a57035792e57/1/_gSg3HFcWGtg0he7wIC342g4zQ4.roa
File: _gSg3HFcWGtg0he7wIC342g4zQ4.roa (raw, json)
Hash identifier: E2x94aZ/YZzYW2Z2crknx6tQF/d0fU+s+Hmo7SdqLFQ=
Subject key identifier: FE:04:A0:DC:71:5C:58:6B:60:D2:17:BB:C0:80:B7:E3:68:38:CD:0E
Certificate issuer: /CN=70f5d9eeefa305aecaee31e6fcb4e22321b2804a
Certificate serial: 019145D2227B4C7A5CF7E484FC3B29204B73
Authority key identifier: 70:F5:D9:EE:EF:A3:05:AE:CA:EE:31:E6:FC:B4:E2:23:21:B2:80:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPXZ7u-jBa7K7jHm_LTiIyGygEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/140105-e462-48d2-a58f-a57035792e57/1/_gSg3HFcWGtg0he7wIC342g4zQ4.roa
Signing time: Mon 12 Aug 2024 09:01:24 +0000
ROA not before: Mon 12 Aug 2024 09:01:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48402
IP address blocks: 185.141.128.0/22 maxlen: 24
185.141.128.0/23 maxlen: 23
2a07:2400::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 09 Sep 2024 13:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:d2:22:7b:4c:7a:5c:f7:e4:84:fc:3b:29:20:4b:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f5d9eeefa305aecaee31e6fcb4e22321b2804a
Validity
Not Before: Aug 12 09:01:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe04a0dc715c586b60d217bbc080b7e36838cd0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ef:bc:84:dd:39:bd:1a:72:3e:b5:07:f8:6d:
e2:4e:61:16:8b:ff:a1:ac:05:76:73:2e:ad:a5:2c:
ce:b0:78:d9:25:46:d7:fc:ed:5d:cd:15:1f:08:3e:
6d:82:f6:54:4c:d2:b4:be:ae:78:45:14:a7:f6:6c:
97:b0:c3:c3:81:b6:84:7b:73:01:45:eb:4d:e0:a3:
5a:f2:0b:cb:e1:81:9c:96:8e:8d:ab:75:5a:2e:24:
99:0d:cd:1a:20:d5:69:8b:33:fc:ba:9b:23:b1:c6:
d4:79:cf:ac:01:82:f2:16:ee:d6:0d:88:d3:f8:03:
f8:c6:0f:01:53:7a:20:02:f3:87:00:59:e9:1b:3a:
49:17:4e:66:1b:25:b5:f3:86:40:54:b6:a1:ad:19:
23:a0:c3:62:12:50:c4:c9:87:5a:00:fc:1c:f2:89:
4a:22:00:89:fe:88:04:03:34:c5:bb:e5:bf:3f:bb:
c8:9e:20:57:73:6f:ad:67:25:51:7f:66:f2:2c:8a:
74:d2:ab:5b:0a:59:cd:27:53:b0:6d:5d:2d:a9:c8:
aa:15:f0:95:4f:2a:48:87:8a:b5:76:1d:74:34:d7:
0e:e4:5d:1c:e9:1a:bf:a2:99:e2:0a:eb:ef:e4:f3:
f9:fc:49:82:2e:83:ce:0a:1b:07:79:3f:e6:dc:56:
28:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:04:A0:DC:71:5C:58:6B:60:D2:17:BB:C0:80:B7:E3:68:38:CD:0E
X509v3 Authority Key Identifier:
keyid:70:F5:D9:EE:EF:A3:05:AE:CA:EE:31:E6:FC:B4:E2:23:21:B2:80:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPXZ7u-jBa7K7jHm_LTiIyGygEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/140105-e462-48d2-a58f-a57035792e57/1/_gSg3HFcWGtg0he7wIC342g4zQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/140105-e462-48d2-a58f-a57035792e57/1/cPXZ7u-jBa7K7jHm_LTiIyGygEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.128.0/22
IPv6:
2a07:2400::/29
Signature Algorithm: sha256WithRSAEncryption
20:64:b4:6f:60:52:1c:80:87:6c:a9:0e:21:fe:74:2b:6f:fa:
89:ea:c2:a9:14:3c:12:89:ee:a2:9e:82:be:4f:29:a4:a6:48:
e8:39:19:bb:e7:5c:5b:ba:9e:36:48:bf:23:4c:3a:01:62:34:
15:f3:31:69:27:c9:6b:25:b7:ed:f1:9f:bf:f8:e2:9d:60:5b:
2e:e9:9f:86:17:60:85:5c:34:43:27:45:04:57:dc:4c:3a:69:
92:1a:dd:99:9f:fb:a5:4e:04:a7:84:0f:58:85:a9:9f:e7:7a:
3d:9d:eb:88:98:f0:87:81:72:1f:dd:bd:ea:09:44:60:eb:86:
f8:4b:42:95:21:c7:c2:ca:20:89:1a:6d:2c:cc:67:09:24:e3:
e9:27:12:45:fb:59:cf:aa:c4:3c:4d:28:87:83:17:62:6d:3f:
69:08:fd:58:57:f0:ad:83:cd:e3:93:c3:2b:9f:e6:73:ba:ad:
1e:4c:1f:df:82:39:c2:25:4d:17:c8:e3:fa:41:3c:84:5b:9e:
db:90:dd:78:69:df:37:1f:bc:33:ca:c9:46:d9:8b:cd:d3:b8:
75:c5:2d:00:8a:0a:c5:a4:50:b9:a0:4f:ef:38:80:f0:59:e9:
7c:5c:0a:7e:e6:4d:c1:85:f9:39:c4:a6:6e:44:c7:94:0a:fa:
74:a5:79:71
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZFF0iJ7THpc9+SE/DspIEtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjVkOWVlZWZhMzA1YWVjYWVlMzFlNmZjYjRlMjIzMjFi
MjgwNGEwHhcNMjQwODEyMDkwMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTA0YTBkYzcxNWM1ODZiNjBkMjE3YmJjMDgwYjdlMzY4MzhjZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme+8hN05vRpyPrUH+G3iTmEWi/+h
rAV2cy6tpSzOsHjZJUbX/O1dzRUfCD5tgvZUTNK0vq54RRSn9myXsMPDgbaEe3MB
RetN4KNa8gvL4YGclo6Nq3VaLiSZDc0aINVpizP8upsjscbUec+sAYLyFu7WDYjT
+AP4xg8BU3ogAvOHAFnpGzpJF05mGyW184ZAVLahrRkjoMNiElDEyYdaAPwc8olK
IgCJ/ogEAzTFu+W/P7vIniBXc2+tZyVRf2byLIp00qtbClnNJ1OwbV0tqciqFfCV
TypIh4q1dh10NNcO5F0c6Rq/opniCuvv5PP5/EmCLoPOChsHeT/m3FYoowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP4EoNxxXFhrYNIXu8CAt+NoOM0OMB8GA1UdIwQY
MBaAFHD12e7vowWuyu4x5vy04iMhsoBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BYWjd1LWpCYTdLN2pIbV9MVGlJeUd5Z0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8xNDAxMDUtZTQ2Mi00OGQyLWE1OGYt
YTU3MDM1NzkyZTU3LzEvX2dTZzNIRmNXR3RnMGhlN3dJQzM0Mmc0elE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8xNDAxMDUtZTQ2Mi00OGQyLWE1OGYtYTU3MDM1NzkyZTU3
LzEvY1BYWjd1LWpCYTdLN2pIbV9MVGlJeUd5Z0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY2AMA0E
AgACMAcDBQMqByQAMA0GCSqGSIb3DQEBCwUAA4IBAQAgZLRvYFIcgIdsqQ4h/nQr
b/qJ6sKpFDwSie6inoK+TymkpkjoORm751xbup42SL8jTDoBYjQV8zFpJ8lrJbft
8Z+/+OKdYFsu6Z+GF2CFXDRDJ0UEV9xMOmmSGt2Zn/ulTgSnhA9Yhamf53o9neuI
mPCHgXIf3b3qCURg64b4S0KVIcfCyiCJGm0szGcJJOPpJxJF+1nPqsQ8TSiHgxdi
bT9pCP1YV/Ctg83jk8Mrn+Zzuq0eTB/fgjnCJU0XyOP6QTyEW57bkN14ad83H7wz
yslG2YvN07h1xS0AigrFpFC5oE/vOIDwWel8XAp+5k3Bhfk5xKZuRMeUCvp0pXlx
-----END CERTIFICATE-----
Generated at Mon Sep 9 18:00:52 2024 by rpki-client on console-ams.rpki-client.org