Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/oJBqqdS18br4AGGhgUf8HC_d0GA.roa
File: oJBqqdS18br4AGGhgUf8HC_d0GA.roa (raw, json)
Hash identifier: C8xhbwDOuyMs5MPDTenqOXbk9WogSyINohIBGHbpvKc=
Subject key identifier: A0:90:6A:A9:D4:B5:F1:BA:F8:00:61:A1:81:47:FC:1C:2F:DD:D0:60
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018CC50095538D5A9894B14E86CCC28A2EEF
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/oJBqqdS18br4AGGhgUf8HC_d0GA.roa
Signing time: Mon 01 Jan 2024 12:29:58 +0000
ROA not before: Mon 01 Jan 2024 12:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216271
IP address blocks: 185.201.136.0/22 maxlen: 22
2a0f:e000::/29 maxlen: 29
2a0e:7780::/29 maxlen: 29
2a0a:e2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 17:42:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:95:53:8d:5a:98:94:b1:4e:86:cc:c2:8a:2e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jan 1 12:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0906aa9d4b5f1baf80061a18147fc1c2fddd060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:87:e7:95:16:43:a2:fc:23:58:7e:de:c5:28:
c5:5c:9e:a3:16:d9:c8:f5:fe:9e:83:54:16:96:c5:
d2:c2:7d:14:f0:3f:cf:e3:1d:5e:48:bf:11:6f:46:
bf:24:cf:d8:04:91:c1:01:31:05:f2:2b:fd:8b:15:
8f:84:78:ee:24:14:d9:68:3b:dc:32:0e:19:dd:af:
c9:02:79:c1:61:de:4d:07:0f:da:0f:cf:f2:72:0d:
54:77:ae:95:da:4d:eb:91:41:b6:4f:6c:56:8b:04:
28:d1:dc:cd:77:80:5f:3b:00:dd:23:08:25:fa:59:
96:d2:48:7a:a6:d1:ed:3a:1a:e5:72:53:d1:81:99:
dc:19:94:4d:62:fd:2c:46:84:f4:0b:41:c7:2a:8f:
a2:2a:78:d8:6a:6b:48:e6:fa:e2:3f:67:f5:da:53:
4f:24:75:ef:5d:ac:51:d4:36:f4:2c:be:59:40:70:
1b:0c:d4:ad:1f:c5:93:7d:8e:02:9b:0b:e3:cd:6e:
81:09:ad:ed:85:4d:9b:2e:ac:72:59:ec:b1:79:6c:
ac:a3:40:2b:c0:a3:39:e8:0c:9b:d7:0a:e1:a3:46:
29:91:2f:10:de:fd:29:dd:78:1b:06:b9:f4:2e:73:
8e:3c:37:aa:ca:59:b3:40:6b:e9:05:aa:fa:2a:82:
cd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:90:6A:A9:D4:B5:F1:BA:F8:00:61:A1:81:47:FC:1C:2F:DD:D0:60
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/oJBqqdS18br4AGGhgUf8HC_d0GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.136.0/22
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:e000::/29
Signature Algorithm: sha256WithRSAEncryption
63:1a:77:6c:72:a1:4e:9c:ce:d2:10:da:44:2f:3e:6b:65:66:
a0:f8:89:83:7d:1b:53:b8:c9:c2:d8:c0:24:86:6d:47:c5:63:
ff:fa:08:d0:5f:ec:23:46:ad:c8:c5:33:f3:da:d8:6a:af:07:
6c:b1:9b:79:43:67:be:33:e6:a6:82:8b:b5:e3:75:e5:75:84:
cc:a8:34:4d:36:29:83:b3:08:8e:3a:36:6e:4c:2d:c5:ae:be:
3c:95:4d:bc:3f:0c:f2:f7:0c:ad:2b:20:8b:8c:49:dc:51:ff:
e3:6a:ce:68:e0:f6:2a:d4:ac:97:1b:40:a7:6e:89:32:13:dd:
a0:fb:54:88:f8:34:b9:7a:55:c9:ee:29:41:e1:df:2f:94:34:
22:92:b0:0b:23:42:f1:5e:5f:88:99:e8:36:b4:5a:50:96:a5:
bc:47:eb:e5:74:35:53:34:6d:50:4b:fb:3f:1f:0f:5c:40:96:
98:5c:05:a6:02:9c:47:99:7b:51:ab:d4:8a:da:78:37:6f:ec:
f4:1a:0e:28:99:f5:01:7f:5e:ea:6d:aa:42:fa:5d:9e:a1:ea:
94:76:f3:e1:09:8f:bb:45:73:44:e5:ed:db:22:a5:d4:e6:4f:
23:91:f4:86:07:66:22:7a:38:20:a5:62:2c:64:38:56:61:21:
33:f9:dd:97
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzFAJVTjVqYlLFOhszCii7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMTAxMTIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkwNmFhOWQ0YjVmMWJhZjgwMDYxYTE4MTQ3ZmMxYzJmZGRkMDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwofnlRZDovwjWH7exSjFXJ6jFtnI
9f6eg1QWlsXSwn0U8D/P4x1eSL8Rb0a/JM/YBJHBATEF8iv9ixWPhHjuJBTZaDvc
Mg4Z3a/JAnnBYd5NBw/aD8/ycg1Ud66V2k3rkUG2T2xWiwQo0dzNd4BfOwDdIwgl
+lmW0kh6ptHtOhrlclPRgZncGZRNYv0sRoT0C0HHKo+iKnjYamtI5vriP2f12lNP
JHXvXaxR1Db0LL5ZQHAbDNStH8WTfY4CmwvjzW6BCa3thU2bLqxyWeyxeWyso0Ar
wKM56Ayb1wrho0YpkS8Q3v0p3XgbBrn0LnOOPDeqylmzQGvpBar6KoLNwQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKCQaqnUtfG6+ABhoYFH/Bwv3dBgMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvb0pCcXFkUzE4YnI0QUdHaGdVZjhIQ19kMEdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQCucmIMBsE
AgACMBUDBQMqCuLAAwUDKg53gAMFAyoP4AAwDQYJKoZIhvcNAQELBQADggEBAGMa
d2xyoU6cztIQ2kQvPmtlZqD4iYN9G1O4ycLYwCSGbUfFY//6CNBf7CNGrcjFM/Pa
2GqvB2yxm3lDZ74z5qaCi7XjdeV1hMyoNE02KYOzCI46Nm5MLcWuvjyVTbw/DPL3
DK0rIIuMSdxR/+Nqzmjg9irUrJcbQKduiTIT3aD7VIj4NLl6VcnuKUHh3y+UNCKS
sAsjQvFeX4iZ6Da0WlCWpbxH6+V0NVM0bVBL+z8fD1xAlphcBaYCnEeZe1Gr1Ira
eDdv7PQaDiiZ9QF/XuptqkL6XZ6h6pR28+EJj7tFc0Tl7dsipdTmTyOR9IYHZiJ6
OCClYixkOFZhITP53Zc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org