Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/0e3d64-f290-4893-9a40-c9e141333d58/1/10cTX1DGXhuGaln2D9LHzDWsWAY.roa
File: 10cTX1DGXhuGaln2D9LHzDWsWAY.roa (raw, json)
Hash identifier: Hsd6aVgaZaBsIzseIaWbIYkk0MvL7OdfECO88uM/rCA=
Subject key identifier: D7:47:13:5F:50:C6:5E:1B:86:6A:59:F6:0F:D2:C7:CC:35:AC:58:06
Certificate issuer: /CN=b53d9f1bc3f0d90b6dcd1e9f6fd1e506188ea7c2
Certificate serial: 0187E20EA42719ABBE4BF7C20A0497A6D549
Authority key identifier: B5:3D:9F:1B:C3:F0:D9:0B:6D:CD:1E:9F:6F:D1:E5:06:18:8E:A7:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tT2fG8Pw2QttzR6fb9HlBhiOp8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/0e3d64-f290-4893-9a40-c9e141333d58/1/10cTX1DGXhuGaln2D9LHzDWsWAY.roa
Signing time: Wed 03 May 2023 14:40:22 +0000
ROA not before: Wed 03 May 2023 14:40:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200798
IP address blocks: 185.95.208.0/22 maxlen: 24
2a05:fc00::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e2:0e:a4:27:19:ab:be:4b:f7:c2:0a:04:97:a6:d5:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b53d9f1bc3f0d90b6dcd1e9f6fd1e506188ea7c2
Validity
Not Before: May 3 14:40:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d747135f50c65e1b866a59f60fd2c7cc35ac5806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8d:9c:50:09:75:5e:96:28:bd:c0:ed:36:e0:
86:68:0f:61:d2:90:ba:8c:28:b5:82:50:66:ea:88:
2e:f3:27:2b:41:bd:ad:86:70:7b:34:a5:3e:c9:af:
f6:15:2e:f9:7c:72:77:e1:11:fd:9a:d3:71:91:c7:
90:c8:f4:11:8a:49:ee:6b:47:f8:89:73:97:5d:8a:
b3:82:ee:f4:1a:92:df:9f:19:12:ab:fb:66:13:d9:
76:a2:14:e5:cb:86:6f:7a:67:1d:10:fa:4a:d9:76:
44:4d:0a:68:f8:8a:f3:54:ad:bb:23:24:44:75:09:
8e:53:48:10:74:20:9c:64:63:ba:c5:85:dd:c4:ee:
f2:09:64:0e:6e:a5:8c:30:53:33:39:58:ca:da:c0:
21:03:de:47:e1:b2:c8:7a:7f:ba:15:09:da:fc:9a:
0b:5f:fa:3f:a8:f5:ff:de:07:36:bc:ea:2d:d8:f6:
c0:00:ab:91:d4:f3:e8:fd:9d:48:4f:ba:7d:e3:44:
14:66:8e:c7:66:52:29:06:a8:24:03:4d:b6:00:a9:
a7:10:ee:a1:0a:68:02:e4:c9:f9:20:d3:79:22:cb:
6c:cc:dc:48:37:76:c1:e8:eb:6b:85:6c:06:55:7f:
70:42:03:83:3c:f3:64:ed:01:40:82:08:4e:64:5f:
2b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:47:13:5F:50:C6:5E:1B:86:6A:59:F6:0F:D2:C7:CC:35:AC:58:06
X509v3 Authority Key Identifier:
keyid:B5:3D:9F:1B:C3:F0:D9:0B:6D:CD:1E:9F:6F:D1:E5:06:18:8E:A7:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tT2fG8Pw2QttzR6fb9HlBhiOp8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0e3d64-f290-4893-9a40-c9e141333d58/1/10cTX1DGXhuGaln2D9LHzDWsWAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0e3d64-f290-4893-9a40-c9e141333d58/1/tT2fG8Pw2QttzR6fb9HlBhiOp8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.208.0/22
IPv6:
2a05:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
61:3f:38:63:66:49:27:1e:1e:68:d8:1e:9b:66:3f:a2:df:e9:
c1:04:48:76:4d:2e:dd:37:b0:84:ed:aa:4a:cd:73:eb:6e:51:
86:05:57:a0:b0:59:5f:c8:fa:f9:91:cc:a4:87:0e:98:f7:da:
22:40:82:89:56:58:5e:bf:30:b8:ce:57:6d:44:fa:05:7c:24:
33:21:3b:32:ff:05:d4:19:76:56:a4:05:3d:6b:f2:2f:7c:00:
76:04:26:d2:25:7c:48:82:c6:4f:c7:88:a2:11:6d:90:c9:7e:
53:9b:dd:55:df:94:b1:4d:54:c7:7e:dc:69:f0:3b:57:d4:52:
19:2e:19:dc:34:68:af:b3:af:38:e0:c9:6b:da:83:4d:40:9d:
f9:23:8f:c5:06:8a:c2:b0:e6:48:d3:1a:9d:cf:e1:f2:09:fb:
d4:f3:9f:95:c6:ee:1b:10:de:ff:7c:87:d6:c0:b4:49:32:9c:
f3:fb:2b:94:62:7b:48:ac:d2:dc:bc:ec:e0:b1:21:f4:3f:85:
c9:cb:ec:ca:a9:5f:a1:53:3c:59:26:3a:1e:ef:90:f6:ae:78:
19:76:ce:c0:4f:fe:1d:10:e0:fe:06:ac:ca:fd:5b:30:0e:9e:
e7:9a:32:fb:67:bb:66:15:d6:7e:8e:9c:d8:fb:07:21:f0:01:
84:be:22:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfiDqQnGau+S/fCCgSXptVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1M2Q5ZjFiYzNmMGQ5MGI2ZGNkMWU5ZjZmZDFlNTA2MTg4
ZWE3YzIwHhcNMjMwNTAzMTQ0MDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQ3MTM1ZjUwYzY1ZTFiODY2YTU5ZjYwZmQyYzdjYzM1YWM1ODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzI2cUAl1XpYovcDtNuCGaA9h0pC6
jCi1glBm6ogu8ycrQb2thnB7NKU+ya/2FS75fHJ34RH9mtNxkceQyPQRiknua0f4
iXOXXYqzgu70GpLfnxkSq/tmE9l2ohTly4ZvemcdEPpK2XZETQpo+IrzVK27IyRE
dQmOU0gQdCCcZGO6xYXdxO7yCWQObqWMMFMzOVjK2sAhA95H4bLIen+6FQna/JoL
X/o/qPX/3gc2vOot2PbAAKuR1PPo/Z1IT7p940QUZo7HZlIpBqgkA022AKmnEO6h
CmgC5Mn5INN5IstszNxIN3bB6OtrhWwGVX9wQgODPPNk7QFAgghOZF8rgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNdHE19Qxl4bhmpZ9g/Sx8w1rFgGMB8GA1UdIwQY
MBaAFLU9nxvD8NkLbc0en2/R5QYYjqfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFQyZkc4UHcyUXR0elI2ZmI5SGxCaGlPcDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wZTNkNjQtZjI5MC00ODkzLTlhNDAt
YzllMTQxMzMzZDU4LzEvMTBjVFgxREdYaHVHYWxuMkQ5TEh6RFdzV0FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wZTNkNjQtZjI5MC00ODkzLTlhNDAtYzllMTQxMzMzZDU4
LzEvdFQyZkc4UHcyUXR0elI2ZmI5SGxCaGlPcDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV/QMA0E
AgACMAcDBQMqBfwAMA0GCSqGSIb3DQEBCwUAA4IBAQBhPzhjZkknHh5o2B6bZj+i
3+nBBEh2TS7dN7CE7apKzXPrblGGBVegsFlfyPr5kcykhw6Y99oiQIKJVlhevzC4
zldtRPoFfCQzITsy/wXUGXZWpAU9a/IvfAB2BCbSJXxIgsZPx4iiEW2QyX5Tm91V
35SxTVTHftxp8DtX1FIZLhncNGivs6844Mlr2oNNQJ35I4/FBorCsOZI0xqdz+Hy
CfvU85+Vxu4bEN7/fIfWwLRJMpzz+yuUYntIrNLcvOzgsSH0P4XJy+zKqV+hUzxZ
Jjoe75D2rngZds7AT/4dEOD+BqzK/VswDp7nmjL7Z7tmFdZ+jpzY+wch8AGEviJN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:59 2024 by rpki-client on console-ams.rpki-client.org