Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/453aed-7645-459d-85d8-85d80a544beb/1/uNlHotxvziJZbzE-6VFwCwaol-Y.roa
File: uNlHotxvziJZbzE-6VFwCwaol-Y.roa (raw, json)
Hash identifier: 5HpZsG+zm+LFhU1gM+DGwftxgYCG1jMH1XQfKXfGTus=
Subject key identifier: B8:D9:47:A2:DC:6F:CE:22:59:6F:31:3E:E9:51:70:0B:06:A8:97:E6
Certificate issuer: /CN=e4ccd73508a9b59985d5597868e3a5d5ec745f5e
Certificate serial: 01856B49F0E0858D0469EA13E98C848FA74A
Authority key identifier: E4:CC:D7:35:08:A9:B5:99:85:D5:59:78:68:E3:A5:D5:EC:74:5F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5MzXNQiptZmF1Vl4aOOl1ex0X14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/453aed-7645-459d-85d8-85d80a544beb/1/uNlHotxvziJZbzE-6VFwCwaol-Y.roa
Signing time: Sun 01 Jan 2023 03:04:45 +0000
ROA not before: Sun 01 Jan 2023 03:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42926
IP address blocks: 185.122.12.0/24 maxlen: 24
185.122.15.0/24 maxlen: 24
185.122.14.0/24 maxlen: 24
185.122.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jul 2023 12:25:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:49:f0:e0:85:8d:04:69:ea:13:e9:8c:84:8f:a7:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4ccd73508a9b59985d5597868e3a5d5ec745f5e
Validity
Not Before: Jan 1 03:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8d947a2dc6fce22596f313ee951700b06a897e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d5:73:a5:2a:0f:50:b4:ed:b0:a2:4a:18:c3:
74:2a:09:6e:f4:6d:81:c3:99:ba:83:e5:dc:7a:8f:
c9:8a:c3:0b:6d:55:9e:58:8f:90:72:fc:98:09:12:
c4:46:46:d5:2a:87:d8:82:f4:be:3c:52:0b:45:62:
6b:5b:9f:93:83:e3:98:77:dc:ba:5a:56:d6:eb:02:
47:67:e0:5c:84:2b:9a:6c:a9:79:8d:a2:ba:84:e6:
c3:5d:25:f6:83:48:29:15:59:9c:17:40:ab:87:85:
e0:e2:d1:bf:c4:3e:35:0d:ac:87:cf:90:ff:ae:c8:
a6:4d:86:25:19:a0:6a:59:5f:a8:ba:f7:e9:d9:03:
f8:95:bd:10:d0:87:a9:1a:89:6c:de:7f:1f:51:5d:
ee:4b:4a:43:96:4a:2e:a4:25:2e:58:13:c7:4b:fc:
c3:ed:e8:e4:86:54:2a:6e:c9:39:51:83:9b:c1:a0:
c0:f0:88:d5:09:5a:da:83:68:aa:4c:7c:1c:d5:af:
df:30:72:39:45:ff:20:2f:f8:eb:ed:68:ea:98:c4:
3f:ea:9b:38:c3:de:90:67:86:71:85:92:56:61:7a:
9e:64:e4:99:da:b9:b8:f8:18:2e:af:e1:df:2e:60:
6b:80:74:8c:cb:ed:08:68:3b:b3:e0:f7:b6:9a:81:
d2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D9:47:A2:DC:6F:CE:22:59:6F:31:3E:E9:51:70:0B:06:A8:97:E6
X509v3 Authority Key Identifier:
keyid:E4:CC:D7:35:08:A9:B5:99:85:D5:59:78:68:E3:A5:D5:EC:74:5F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5MzXNQiptZmF1Vl4aOOl1ex0X14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/453aed-7645-459d-85d8-85d80a544beb/1/uNlHotxvziJZbzE-6VFwCwaol-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/453aed-7645-459d-85d8-85d80a544beb/1/5MzXNQiptZmF1Vl4aOOl1ex0X14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.12.0/22
Signature Algorithm: sha256WithRSAEncryption
95:18:de:b3:b6:34:b4:d7:07:93:fe:76:2c:cb:6a:3e:cf:58:
b7:ee:32:82:98:28:fe:1a:fe:5d:f3:3b:0f:f5:d1:15:f4:2f:
e6:0e:84:c7:1e:75:b1:71:fc:ce:33:79:b4:04:76:4f:a4:f7:
c4:a0:68:96:62:54:08:c2:b5:1e:c1:5f:65:76:26:09:20:12:
53:7e:41:c0:6d:7d:a9:57:b6:f5:04:6e:f0:28:1a:e1:58:43:
bb:4b:a8:b4:bf:d8:9a:7d:87:fe:40:c1:1a:83:d7:d8:c4:3b:
49:c6:62:67:d0:ef:3f:2b:0e:fb:3f:1e:f0:50:b8:1a:01:a1:
d2:e9:cb:56:7b:34:80:d2:75:64:7a:08:bc:f7:a3:00:48:dc:
64:fd:c8:88:93:56:68:25:69:26:37:64:3a:c7:5d:52:c2:a6:
1d:89:2d:92:09:65:a6:ee:27:df:9a:d1:bf:05:ee:5e:72:2b:
47:b4:8a:0e:ad:ff:b1:23:ed:26:6c:b7:90:de:b6:46:7d:07:
ea:3a:ad:db:28:c1:4a:d5:c4:ab:3d:2a:0a:37:01:6e:2d:9b:
b2:23:2d:5c:11:fb:e0:2b:b6:51:f3:e0:9d:95:10:cf:10:bf:
a2:bb:43:5c:3e:04:71:9c:f4:67:29:77:fb:2e:05:0b:b1:d7:
5f:d6:8b:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrSfDghY0EaeoT6YyEj6dKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Y2NkNzM1MDhhOWI1OTk4NWQ1NTk3ODY4ZTNhNWQ1ZWM3
NDVmNWUwHhcNMjMwMTAxMDMwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQ5NDdhMmRjNmZjZTIyNTk2ZjMxM2VlOTUxNzAwYjA2YTg5N2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9VzpSoPULTtsKJKGMN0Kglu9G2B
w5m6g+Xceo/JisMLbVWeWI+QcvyYCRLERkbVKofYgvS+PFILRWJrW5+Tg+OYd9y6
WlbW6wJHZ+BchCuabKl5jaK6hObDXSX2g0gpFVmcF0Crh4Xg4tG/xD41DayHz5D/
rsimTYYlGaBqWV+ouvfp2QP4lb0Q0IepGols3n8fUV3uS0pDlkoupCUuWBPHS/zD
7ejkhlQqbsk5UYObwaDA8IjVCVrag2iqTHwc1a/fMHI5Rf8gL/jr7WjqmMQ/6ps4
w96QZ4ZxhZJWYXqeZOSZ2rm4+Bgur+HfLmBrgHSMy+0IaDuz4Pe2moHSxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLjZR6Lcb84iWW8xPulRcAsGqJfmMB8GA1UdIwQY
MBaAFOTM1zUIqbWZhdVZeGjjpdXsdF9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU16WE5RaXB0Wm1GMVZsNGFPT2wxZXgwWDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC80NTNhZWQtNzY0NS00NTlkLTg1ZDgt
ODVkODBhNTQ0YmViLzEvdU5sSG90eHZ6aUpaYnpFLTZWRndDd2FvbC1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC80NTNhZWQtNzY0NS00NTlkLTg1ZDgtODVkODBhNTQ0YmVi
LzEvNU16WE5RaXB0Wm1GMVZsNGFPT2wxZXgwWDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXoMMA0G
CSqGSIb3DQEBCwUAA4IBAQCVGN6ztjS01weT/nYsy2o+z1i37jKCmCj+Gv5d8zsP
9dEV9C/mDoTHHnWxcfzOM3m0BHZPpPfEoGiWYlQIwrUewV9ldiYJIBJTfkHAbX2p
V7b1BG7wKBrhWEO7S6i0v9iafYf+QMEag9fYxDtJxmJn0O8/Kw77Px7wULgaAaHS
6ctWezSA0nVkegi896MASNxk/ciIk1ZoJWkmN2Q6x11SwqYdiS2SCWWm7iffmtG/
Be5ecitHtIoOrf+xI+0mbLeQ3rZGfQfqOq3bKMFK1cSrPSoKNwFuLZuyIy1cEfvg
K7ZR8+CdlRDPEL+iu0NcPgRxnPRnKXf7LgULsddf1otJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:28 2024 by rpki-client on console-fra.rpki-client.org