Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/e1wtztL5iTG5N0PEyQcdgGmcAf4.roa
File: e1wtztL5iTG5N0PEyQcdgGmcAf4.roa (raw, json)
Hash identifier: HsQV7xSDWNRpBIBZG8/466cyyXWk/9cgCPnIpugKNTE=
Subject key identifier: 7B:5C:2D:CE:D2:F9:89:31:B9:37:43:C4:C9:07:1D:80:69:9C:01:FE
Certificate issuer: /CN=ab9f84c6a48d5c6dfe64149873b148d1120b009b
Certificate serial: 0186C62EAE3A0EEA47A58F16083D9F2D046D
Authority key identifier: AB:9F:84:C6:A4:8D:5C:6D:FE:64:14:98:73:B1:48:D1:12:0B:00:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5-ExqSNXG3-ZBSYc7FI0RILAJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/e1wtztL5iTG5N0PEyQcdgGmcAf4.roa
Signing time: Thu 09 Mar 2023 11:43:13 +0000
ROA not before: Thu 09 Mar 2023 11:43:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58075
IP address blocks: 185.187.100.0/22 maxlen: 24
185.187.101.0/24 maxlen: 24
2a0a:47c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Mar 2023 16:09:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c6:2e:ae:3a:0e:ea:47:a5:8f:16:08:3d:9f:2d:04:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9f84c6a48d5c6dfe64149873b148d1120b009b
Validity
Not Before: Mar 9 11:43:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b5c2dced2f98931b93743c4c9071d80699c01fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a6:3c:87:72:8b:dc:03:30:07:40:5f:ca:da:
5f:bb:77:d8:38:3c:d7:06:13:e7:df:a9:76:da:a8:
69:04:d8:45:a3:d8:9d:4d:66:72:38:3d:74:1b:d8:
b1:9e:32:39:7e:7c:c3:21:2e:9f:15:6b:e4:82:d0:
be:f4:cc:87:b3:02:68:6b:3b:43:d2:c5:26:9d:bf:
fa:cb:ba:b8:a3:ee:1d:f9:16:a6:7a:0b:64:21:e0:
89:de:cf:2a:fb:93:42:d8:6f:a7:15:6d:78:a7:7d:
10:b1:ff:10:9e:05:48:be:66:78:2e:67:0b:09:31:
8a:b8:48:1b:8c:70:94:08:6e:5e:49:4b:55:cd:73:
b7:33:e5:6f:62:e3:6a:97:35:0a:d5:94:bd:da:00:
1c:ac:cc:b2:ec:1a:7b:05:35:ea:56:62:60:f4:9e:
62:6b:f0:88:89:41:7f:d1:8b:01:1b:6e:c9:f4:a1:
9c:84:71:a7:a1:03:1b:83:7c:26:b7:28:0f:68:78:
fa:b8:dc:88:60:82:8e:6a:97:ff:44:ae:1b:03:72:
10:f3:e1:99:6c:f5:00:ea:57:cc:ce:cb:fc:f9:24:
fa:c0:15:85:94:03:04:c6:05:8d:93:67:2d:b9:aa:
fc:3d:f4:59:0e:fc:09:97:04:cb:90:a1:26:c8:51:
d5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:5C:2D:CE:D2:F9:89:31:B9:37:43:C4:C9:07:1D:80:69:9C:01:FE
X509v3 Authority Key Identifier:
keyid:AB:9F:84:C6:A4:8D:5C:6D:FE:64:14:98:73:B1:48:D1:12:0B:00:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5-ExqSNXG3-ZBSYc7FI0RILAJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/e1wtztL5iTG5N0PEyQcdgGmcAf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/q5-ExqSNXG3-ZBSYc7FI0RILAJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.100.0/22
IPv6:
2a0a:47c0::/48
Signature Algorithm: sha256WithRSAEncryption
46:0f:c8:59:17:70:8e:3b:04:c8:bd:22:fa:eb:6e:93:12:b2:
c9:c2:cf:37:fd:a4:d6:d7:a7:a3:61:a6:f7:7c:42:d5:c8:e2:
85:7a:6d:27:ad:10:eb:44:a2:88:66:32:24:e4:03:08:13:ce:
0a:1f:87:1c:4a:26:a2:b8:4f:ba:88:d0:87:a0:cc:a5:23:20:
f4:9c:3c:ba:04:2e:f4:52:24:30:d5:4d:80:1c:14:ff:07:f9:
b0:a6:2d:3e:02:aa:6a:e6:7d:84:39:95:d6:bc:02:db:c4:62:
78:31:9a:74:62:63:d5:3d:21:0a:36:b6:d7:70:e5:84:93:de:
d1:4e:f1:46:23:15:87:68:6f:48:2d:9c:e7:5e:f6:27:91:bf:
25:c6:e2:75:21:4e:bb:e8:ea:22:93:7c:82:16:b3:e5:5e:79:
f0:dc:e0:03:f3:cb:3d:af:c7:d8:36:e0:b5:a3:ab:b1:37:32:
eb:21:69:9e:f9:0d:9b:d9:6a:9c:d9:5c:77:22:b6:d1:f7:93:
c0:16:04:e7:d4:15:e6:55:81:80:1a:c8:84:25:ff:74:a8:ed:
ad:a4:aa:90:55:2b:ce:97:f4:e8:78:e7:a3:3e:0f:d3:6b:6f:
56:18:f3:7f:d6:87:f3:9c:6e:55:ee:b6:36:95:5c:69:08:34:
22:16:de:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbGLq46DupHpY8WCD2fLQRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWY4NGM2YTQ4ZDVjNmRmZTY0MTQ5ODczYjE0OGQxMTIw
YjAwOWIwHhcNMjMwMzA5MTE0MzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjVjMmRjZWQyZjk4OTMxYjkzNzQzYzRjOTA3MWQ4MDY5OWMwMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaY8h3KL3AMwB0Bfytpfu3fYODzX
BhPn36l22qhpBNhFo9idTWZyOD10G9ixnjI5fnzDIS6fFWvkgtC+9MyHswJoaztD
0sUmnb/6y7q4o+4d+RamegtkIeCJ3s8q+5NC2G+nFW14p30Qsf8QngVIvmZ4LmcL
CTGKuEgbjHCUCG5eSUtVzXO3M+VvYuNqlzUK1ZS92gAcrMyy7Bp7BTXqVmJg9J5i
a/CIiUF/0YsBG27J9KGchHGnoQMbg3wmtygPaHj6uNyIYIKOapf/RK4bA3IQ8+GZ
bPUA6lfMzsv8+ST6wBWFlAMExgWNk2ctuar8PfRZDvwJlwTLkKEmyFHVnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHtcLc7S+YkxuTdDxMkHHYBpnAH+MB8GA1UdIwQY
MBaAFKufhMakjVxt/mQUmHOxSNESCwCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUtRXhxU05YRzMtWkJTWWM3RkkwUklMQUpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNjE3N2YtN2NkOC00YmQzLTg2ODkt
MjEzZDY0YmVmZjcxLzEvZTF3dHp0TDVpVEc1TjBQRXlRY2RnR21jQWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zNjE3N2YtN2NkOC00YmQzLTg2ODktMjEzZDY0YmVmZjcx
LzEvcTUtRXhxU05YRzMtWkJTWWM3RkkwUklMQUpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCubtkMA8E
AgACMAkDBwAqCkfAAAAwDQYJKoZIhvcNAQELBQADggEBAEYPyFkXcI47BMi9Ivrr
bpMSssnCzzf9pNbXp6Nhpvd8QtXI4oV6bSetEOtEoohmMiTkAwgTzgofhxxKJqK4
T7qI0IegzKUjIPScPLoELvRSJDDVTYAcFP8H+bCmLT4CqmrmfYQ5lda8AtvEYngx
mnRiY9U9IQo2ttdw5YST3tFO8UYjFYdob0gtnOde9ieRvyXG4nUhTrvo6iKTfIIW
s+VeefDc4APzyz2vx9g24LWjq7E3MushaZ75DZvZapzZXHcittH3k8AWBOfUFeZV
gYAayIQl/3So7a2kqpBVK86X9Oh456M+D9Nrb1YY83/Wh/OcblXutjaVXGkINCIW
3m0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:00 2024 by rpki-client on console-ams.rpki-client.org