Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/384d03-f479-4bb2-a8ad-ad510e05da92/1/cUMsXgCUOQkCxH9L12_9AhhFf3s.roa
File: cUMsXgCUOQkCxH9L12_9AhhFf3s.roa (raw, json)
Hash identifier: jTdtIngdC3MV5U3kXzg8tfqtCqqLUj9qvauW35nm4I4=
Subject key identifier: 71:43:2C:5E:00:94:39:09:02:C4:7F:4B:D7:6F:FD:02:18:45:7F:7B
Certificate issuer: /CN=66729f9d0786f68a1ecd5c5a92bc392d8691975e
Certificate serial: 01856F54A862F79326EFD6F384AD3CECB10C
Authority key identifier: 66:72:9F:9D:07:86:F6:8A:1E:CD:5C:5A:92:BC:39:2D:86:91:97:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZnKfnQeG9ooezVxakrw5LYaRl14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/384d03-f479-4bb2-a8ad-ad510e05da92/1/cUMsXgCUOQkCxH9L12_9AhhFf3s.roa
Signing time: Sun 01 Jan 2023 21:54:57 +0000
ROA not before: Sun 01 Jan 2023 21:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205718
IP address blocks: 185.226.168.0/22 maxlen: 22
2a09:fbc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a8:62:f7:93:26:ef:d6:f3:84:ad:3c:ec:b1:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66729f9d0786f68a1ecd5c5a92bc392d8691975e
Validity
Not Before: Jan 1 21:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71432c5e0094390902c47f4bd76ffd0218457f7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9e:1c:6e:27:a0:1f:9c:ab:6a:37:d7:c2:86:
13:6f:51:db:8c:b1:de:5f:79:79:40:07:07:47:2d:
68:3b:a5:ca:0d:d4:d2:fe:2a:2f:96:49:82:b4:0d:
96:2f:ef:49:02:75:0a:f3:c5:7f:66:b2:69:46:32:
f1:7f:96:e9:e4:0e:2a:7c:a7:15:ee:35:bd:c1:6d:
59:73:27:2a:1b:51:a1:77:f1:76:b0:a1:e3:f6:95:
87:7c:a0:e6:83:c1:fd:52:4d:e7:bc:de:d0:6e:cd:
79:ee:c4:ce:a4:13:e7:d4:24:12:42:f1:d1:be:11:
e5:31:f6:c3:a0:88:bd:d0:e9:04:db:d8:71:59:a2:
92:4c:dc:ad:50:8e:51:f8:fa:f7:37:6b:6c:ff:4c:
8f:75:77:d5:e9:e5:f8:7c:67:d1:0d:03:45:a9:8d:
84:28:a3:49:84:97:ec:2f:4b:35:92:15:52:de:f6:
a1:6e:8c:37:f3:ec:b8:08:0e:50:3e:6c:9f:9e:e2:
01:58:c2:ed:80:7c:cd:20:b0:c6:18:5c:5c:6f:34:
47:d8:4c:40:3b:61:16:10:0d:f6:c0:28:e4:ba:6b:
9d:a6:c3:3a:8d:0f:a9:8e:b9:dd:51:87:bf:c4:b8:
56:eb:93:b6:f2:fa:19:66:74:ca:d6:23:d1:ef:35:
63:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:43:2C:5E:00:94:39:09:02:C4:7F:4B:D7:6F:FD:02:18:45:7F:7B
X509v3 Authority Key Identifier:
keyid:66:72:9F:9D:07:86:F6:8A:1E:CD:5C:5A:92:BC:39:2D:86:91:97:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZnKfnQeG9ooezVxakrw5LYaRl14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/384d03-f479-4bb2-a8ad-ad510e05da92/1/cUMsXgCUOQkCxH9L12_9AhhFf3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/384d03-f479-4bb2-a8ad-ad510e05da92/1/ZnKfnQeG9ooezVxakrw5LYaRl14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.168.0/22
IPv6:
2a09:fbc0::/32
Signature Algorithm: sha256WithRSAEncryption
43:58:98:bb:ef:e0:89:0c:91:b4:27:99:b5:39:eb:58:fc:bf:
eb:e4:05:eb:63:fb:bf:94:c6:4f:d7:2b:8c:0e:e7:6d:b7:39:
f7:31:4f:a2:69:20:51:aa:63:3e:0a:5f:be:f7:d4:b4:de:57:
a2:1c:b4:75:2f:6f:e7:05:a0:25:99:fd:b1:39:b7:a5:3d:af:
46:29:0a:ab:87:0b:be:23:cf:bf:75:b1:d3:9c:ed:c8:6e:04:
44:d4:24:9c:1a:81:c1:e9:31:09:88:79:2c:36:fe:00:80:00:
ac:54:05:0c:6e:fe:69:a7:ad:fc:13:e5:15:05:3b:0b:d5:f8:
2a:e1:79:e3:eb:41:3e:9e:e4:31:d2:1c:c3:e6:34:85:a1:70:
00:90:6f:7b:52:f9:ce:ec:cc:0c:d5:05:38:de:05:08:55:67:
9b:20:24:72:0b:f6:f6:a6:65:fd:45:4b:ed:01:cf:fb:e2:62:
34:ec:98:28:43:11:83:f5:19:34:da:53:d3:d7:54:c2:1d:10:
3b:23:24:97:8d:df:33:d5:18:df:da:3f:2e:94:2c:76:5b:e3:
35:a3:1e:12:39:65:5b:1d:5b:fb:20:6d:74:49:60:e4:56:96:
23:c1:cf:ad:e4:b5:0f:44:4a:78:b0:24:37:2f:ad:43:85:ed:
55:1f:c8:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvVKhi95Mm79bzhK087LEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NzI5ZjlkMDc4NmY2OGExZWNkNWM1YTkyYmMzOTJkODY5
MTk3NWUwHhcNMjMwMTAxMjE1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQzMmM1ZTAwOTQzOTA5MDJjNDdmNGJkNzZmZmQwMjE4NDU3ZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ4cbiegH5yrajfXwoYTb1HbjLHe
X3l5QAcHRy1oO6XKDdTS/iovlkmCtA2WL+9JAnUK88V/ZrJpRjLxf5bp5A4qfKcV
7jW9wW1ZcycqG1Ghd/F2sKHj9pWHfKDmg8H9Uk3nvN7Qbs157sTOpBPn1CQSQvHR
vhHlMfbDoIi90OkE29hxWaKSTNytUI5R+Pr3N2ts/0yPdXfV6eX4fGfRDQNFqY2E
KKNJhJfsL0s1khVS3vahbow38+y4CA5QPmyfnuIBWMLtgHzNILDGGFxcbzRH2ExA
O2EWEA32wCjkumudpsM6jQ+pjrndUYe/xLhW65O28voZZnTK1iPR7zVjewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHFDLF4AlDkJAsR/S9dv/QIYRX97MB8GA1UdIwQY
MBaAFGZyn50HhvaKHs1cWpK8OS2GkZdeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm5LZm5RZUc5b29lelZ4YWtydzVMWWFSbDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8zODRkMDMtZjQ3OS00YmIyLWE4YWQt
YWQ1MTBlMDVkYTkyLzEvY1VNc1hnQ1VPUWtDeEg5TDEyXzlBaGhGZjNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8zODRkMDMtZjQ3OS00YmIyLWE4YWQtYWQ1MTBlMDVkYTky
LzEvWm5LZm5RZUc5b29lelZ4YWtydzVMWWFSbDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueKoMA0E
AgACMAcDBQAqCfvAMA0GCSqGSIb3DQEBCwUAA4IBAQBDWJi77+CJDJG0J5m1OetY
/L/r5AXrY/u/lMZP1yuMDudttzn3MU+iaSBRqmM+Cl++99S03leiHLR1L2/nBaAl
mf2xObelPa9GKQqrhwu+I8+/dbHTnO3IbgRE1CScGoHB6TEJiHksNv4AgACsVAUM
bv5pp638E+UVBTsL1fgq4Xnj60E+nuQx0hzD5jSFoXAAkG97UvnO7MwM1QU43gUI
VWebICRyC/b2pmX9RUvtAc/74mI07JgoQxGD9Rk02lPT11TCHRA7IySXjd8z1Rjf
2j8ulCx2W+M1ox4SOWVbHVv7IG10SWDkVpYjwc+t5LUPREp4sCQ3L61Dhe1VH8ht
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:31 2024 by rpki-client on console-ams.rpki-client.org