Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/oCoILTUe5VKH_7TPGYesA8cBtXg.roa
File: oCoILTUe5VKH_7TPGYesA8cBtXg.roa (raw, json)
Hash identifier: YJIKB64Q50ckul9I7ianf2fX0DyYhzPXEuIiNrZ3d/M=
Subject key identifier: A0:2A:08:2D:35:1E:E5:52:87:FF:B4:CF:19:87:AC:03:C7:01:B5:78
Certificate issuer: /CN=6bba6d0f0f9b19f7f43ceb43e7359a3d84e99d99
Certificate serial: 01856F7965EB9A6A51C29F7BA682DF097F86
Authority key identifier: 6B:BA:6D:0F:0F:9B:19:F7:F4:3C:EB:43:E7:35:9A:3D:84:E9:9D:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a7ptDw-bGff0POtD5zWaPYTpnZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/oCoILTUe5VKH_7TPGYesA8cBtXg.roa
Signing time: Sun 01 Jan 2023 22:35:04 +0000
ROA not before: Sun 01 Jan 2023 22:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201502
IP address blocks: 185.253.80.0/22 maxlen: 24
185.13.220.0/22 maxlen: 24
2a03:a6c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 Jun 2023 13:39:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:65:eb:9a:6a:51:c2:9f:7b:a6:82:df:09:7f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bba6d0f0f9b19f7f43ceb43e7359a3d84e99d99
Validity
Not Before: Jan 1 22:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a02a082d351ee55287ffb4cf1987ac03c701b578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:10:69:4b:eb:9d:ec:3f:e3:cb:ae:e4:d4:b3:
be:e9:dc:6e:45:03:c4:9a:e2:9f:22:ec:0a:2f:be:
24:e4:b6:b3:d5:bb:17:2f:e7:2e:51:3e:96:98:3e:
fc:43:64:82:7a:05:da:fe:e2:15:d7:21:4b:16:cb:
2d:c5:f3:d9:88:c8:dd:4e:d8:16:d0:bd:ec:d1:f6:
0d:a0:8a:8c:ec:b5:48:ee:d4:50:d2:a6:bd:17:a3:
f9:01:77:62:14:cf:e2:cc:d3:4d:1f:c6:d0:8d:bc:
bb:a9:33:6a:10:f5:12:42:ca:c8:81:d8:19:e3:bb:
dc:81:aa:41:eb:4f:02:28:34:14:79:c2:bf:43:ee:
e2:5c:1f:1d:f7:8b:65:5e:2e:0c:51:e0:59:01:8e:
38:c9:6b:83:5c:3d:f3:ca:42:b5:47:e8:c5:8f:a5:
fa:5d:6a:38:d2:5b:4f:48:74:51:15:5e:ca:c2:b3:
56:c3:64:fb:cb:af:e5:fd:03:06:db:df:36:74:b9:
74:6d:3c:12:05:8a:05:83:6f:bb:c0:d2:42:cc:1e:
3c:4d:78:77:16:7d:e8:38:92:dc:88:34:72:f6:fe:
42:a4:ec:21:4b:7a:76:56:00:1c:79:02:0f:01:ba:
01:c8:91:ab:37:b3:65:88:99:47:34:1d:fc:58:bf:
48:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2A:08:2D:35:1E:E5:52:87:FF:B4:CF:19:87:AC:03:C7:01:B5:78
X509v3 Authority Key Identifier:
keyid:6B:BA:6D:0F:0F:9B:19:F7:F4:3C:EB:43:E7:35:9A:3D:84:E9:9D:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7ptDw-bGff0POtD5zWaPYTpnZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/oCoILTUe5VKH_7TPGYesA8cBtXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/a7ptDw-bGff0POtD5zWaPYTpnZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.220.0/22
185.253.80.0/22
IPv6:
2a03:a6c0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:21:fb:67:f6:f7:86:d2:8f:a6:4c:c4:62:3e:dd:55:5f:4b:
8d:51:aa:42:b8:23:c7:bb:da:54:69:32:72:a8:cb:f5:ef:d8:
7f:f2:04:3b:37:03:af:1f:74:0b:09:3a:0d:97:e2:d0:08:c5:
60:22:4f:00:3b:af:3e:29:3c:ac:50:48:bc:59:8d:18:27:c2:
c3:45:2c:1c:a7:70:e9:f9:1d:db:8f:08:da:25:e2:6e:ac:0e:
32:76:8e:ec:14:22:e5:a0:b1:0c:fc:f5:7f:72:b7:53:97:89:
6a:9c:3c:8d:c1:02:62:54:e7:e8:18:67:0b:f1:2b:68:9c:e4:
10:71:32:06:73:2a:94:8a:3a:56:43:c7:97:64:70:06:e9:68:
c5:e8:9f:da:31:5d:5a:d5:5f:15:a9:8e:9a:ba:f8:e3:6a:55:
e6:70:2b:d9:68:26:55:af:6a:a2:29:a1:a1:e3:7f:96:e7:bd:
e5:51:4b:04:cb:e2:87:46:f1:c4:1a:c4:27:28:49:88:ea:50:
d4:c8:63:10:e4:de:a0:0f:67:44:37:58:77:ca:ce:ac:90:46:
d8:29:29:29:8d:22:7a:66:6c:f9:79:99:1e:00:28:06:30:02:
8b:41:25:b4:b8:9f:29:19:6c:ee:41:93:5d:59:3a:e7:f4:0a:
63:07:e1:25
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVveWXrmmpRwp97poLfCX+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYmE2ZDBmMGY5YjE5ZjdmNDNjZWI0M2U3MzU5YTNkODRl
OTlkOTkwHhcNMjMwMTAxMjIzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDJhMDgyZDM1MWVlNTUyODdmZmI0Y2YxOTg3YWMwM2M3MDFiNTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBBpS+ud7D/jy67k1LO+6dxuRQPE
muKfIuwKL74k5Laz1bsXL+cuUT6WmD78Q2SCegXa/uIV1yFLFsstxfPZiMjdTtgW
0L3s0fYNoIqM7LVI7tRQ0qa9F6P5AXdiFM/izNNNH8bQjby7qTNqEPUSQsrIgdgZ
47vcgapB608CKDQUecK/Q+7iXB8d94tlXi4MUeBZAY44yWuDXD3zykK1R+jFj6X6
XWo40ltPSHRRFV7KwrNWw2T7y6/l/QMG2982dLl0bTwSBYoFg2+7wNJCzB48TXh3
Fn3oOJLciDRy9v5CpOwhS3p2VgAceQIPAboByJGrN7NliJlHNB38WL9InwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKAqCC01HuVSh/+0zxmHrAPHAbV4MB8GA1UdIwQY
MBaAFGu6bQ8Pmxn39DzrQ+c1mj2E6Z2ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTdwdER3LWJHZmYwUE90RDV6V2FQWVRwblprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MzJlODktODg0Mi00OGIxLTlkY2Yt
MmFlYWRiOTY2Yjc2LzEvb0NvSUxUVWU1VktIXzdUUEdZZXNBOGNCdFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MzJlODktODg0Mi00OGIxLTlkY2YtMmFlYWRiOTY2Yjc2
LzEvYTdwdER3LWJHZmYwUE90RDV6V2FQWVRwblprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQ3cAwQC
uf1QMA0EAgACMAcDBQAqA6bAMA0GCSqGSIb3DQEBCwUAA4IBAQCLIftn9veG0o+m
TMRiPt1VX0uNUapCuCPHu9pUaTJyqMv179h/8gQ7NwOvH3QLCToNl+LQCMVgIk8A
O68+KTysUEi8WY0YJ8LDRSwcp3Dp+R3bjwjaJeJurA4ydo7sFCLloLEM/PV/crdT
l4lqnDyNwQJiVOfoGGcL8StonOQQcTIGcyqUijpWQ8eXZHAG6WjF6J/aMV1a1V8V
qY6auvjjalXmcCvZaCZVr2qiKaGh43+W573lUUsEy+KHRvHEGsQnKEmI6lDUyGMQ
5N6gD2dEN1h3ys6skEbYKSkpjSJ6Zmz5eZkeACgGMAKLQSW0uJ8pGWzuQZNdWTrn
9ApjB+El
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:14 2024 by rpki-client on console-ams.rpki-client.org