Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/4cda47-384a-4354-bcb4-bef35605bcd4/1/u7Z763XEzZHaEE3G_Zw-K57vd-o.roa
File: u7Z763XEzZHaEE3G_Zw-K57vd-o.roa (raw, json)
Hash identifier: OrnJ5/C/5BhRagdw7NBWX/+3/sbUkGD8XfG8Q9Vipk0=
Subject key identifier: BB:B6:7B:EB:75:C4:CD:91:DA:10:4D:C6:FD:9C:3E:2B:9E:EF:77:EA
Certificate issuer: /CN=3ec6fd91d2a4365d3dc16721fedf692172bb3073
Certificate serial: 0185710BFD6B22C890C9D82C3B998B209245
Authority key identifier: 3E:C6:FD:91:D2:A4:36:5D:3D:C1:67:21:FE:DF:69:21:72:BB:30:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Psb9kdKkNl09wWch_t9pIXK7MHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/4cda47-384a-4354-bcb4-bef35605bcd4/1/u7Z763XEzZHaEE3G_Zw-K57vd-o.roa
Signing time: Mon 02 Jan 2023 05:54:49 +0000
ROA not before: Mon 02 Jan 2023 05:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44322
IP address blocks: 185.162.12.0/22 maxlen: 22
2a07:c940::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:fd:6b:22:c8:90:c9:d8:2c:3b:99:8b:20:92:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec6fd91d2a4365d3dc16721fedf692172bb3073
Validity
Not Before: Jan 2 05:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbb67beb75c4cd91da104dc6fd9c3e2b9eef77ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:5a:a9:61:9d:26:c8:28:49:53:6b:38:bf:f7:
02:09:4f:ca:9e:82:2a:9e:cc:42:fd:5c:a8:0c:82:
d5:e2:d4:6d:86:68:6d:7b:02:1c:fa:ce:07:72:d9:
be:72:7c:73:10:c9:36:61:18:02:2a:de:fe:b1:c4:
a7:c1:18:81:46:30:97:b9:ba:b4:76:8f:30:28:bd:
d4:49:f5:9f:00:57:d4:c3:9d:8f:2c:93:48:ca:79:
d9:0a:f1:88:0f:24:29:52:6d:2c:5d:1c:07:44:7f:
98:24:9e:d7:81:17:e3:c9:f3:bc:f2:9d:de:a9:13:
54:d8:cd:33:b3:97:c9:76:fa:3b:d5:5c:fb:fa:66:
32:48:67:5f:41:bf:8e:a5:b6:ef:ac:b8:dd:7f:f7:
14:ae:08:64:ca:ac:4c:db:28:32:63:6a:26:79:05:
aa:f1:a2:ed:4a:08:93:e1:1d:59:55:6c:f0:7d:c3:
fb:ad:2f:46:45:5f:62:15:14:06:f5:42:c1:52:73:
eb:e7:f6:2a:5c:23:ce:51:e2:e2:7e:15:2d:7e:b5:
d4:34:79:6a:b3:dc:b9:30:8c:1a:55:98:23:47:70:
0f:7b:81:ad:a6:3a:c8:01:98:f7:e7:ed:05:d9:30:
c2:8c:ad:04:5e:80:97:51:e2:99:e7:77:cf:7e:e3:
af:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B6:7B:EB:75:C4:CD:91:DA:10:4D:C6:FD:9C:3E:2B:9E:EF:77:EA
X509v3 Authority Key Identifier:
keyid:3E:C6:FD:91:D2:A4:36:5D:3D:C1:67:21:FE:DF:69:21:72:BB:30:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Psb9kdKkNl09wWch_t9pIXK7MHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/4cda47-384a-4354-bcb4-bef35605bcd4/1/u7Z763XEzZHaEE3G_Zw-K57vd-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/4cda47-384a-4354-bcb4-bef35605bcd4/1/Psb9kdKkNl09wWch_t9pIXK7MHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.12.0/22
IPv6:
2a07:c940::/29
Signature Algorithm: sha256WithRSAEncryption
2a:2d:60:07:95:aa:f9:ae:ec:86:91:8a:35:13:72:bc:c0:02:
bf:f7:6e:f3:d9:5b:0e:00:4f:aa:51:7c:4c:b7:75:34:f2:48:
18:ea:ee:6f:a6:d0:27:77:d2:7b:31:e8:c7:f3:39:a8:db:3c:
c3:b8:30:3a:2c:40:2b:64:d1:91:e9:31:83:9f:87:db:c1:51:
34:b9:19:c0:c0:07:4d:19:e6:c7:06:b1:b7:83:fa:12:4c:72:
8c:ca:fd:19:3d:f0:ee:85:b6:db:59:39:9c:96:67:ff:74:19:
3c:d4:7d:0a:f2:c5:4a:0c:a2:01:29:75:1f:bf:24:b4:a6:34:
45:64:78:ca:ac:41:fb:06:67:21:0d:78:6b:d0:55:93:db:77:
a3:de:e1:fd:d5:26:c4:5c:0c:99:16:88:a7:6f:f9:bd:5b:a9:
7a:37:21:95:5b:f0:c5:21:6b:b9:ab:0a:f7:6e:c8:a7:65:00:
61:c0:c7:4a:49:c4:58:76:b3:2e:36:48:17:18:b3:d4:79:89:
4e:9e:13:4e:ba:36:e6:cd:c7:f3:c1:59:20:b4:83:07:38:44:
41:72:09:4c:fc:10:86:f7:c5:45:5b:51:36:05:54:3b:ac:4b:
92:cd:3c:60:e9:f8:ad:e9:76:28:4d:74:9e:6e:4a:a8:f9:57:
1f:37:93:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxC/1rIsiQydgsO5mLIJJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzZmZDkxZDJhNDM2NWQzZGMxNjcyMWZlZGY2OTIxNzJi
YjMwNzMwHhcNMjMwMTAyMDU1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmI2N2JlYjc1YzRjZDkxZGExMDRkYzZmZDljM2UyYjllZWY3N2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA61qpYZ0myChJU2s4v/cCCU/KnoIq
nsxC/VyoDILV4tRthmhtewIc+s4Hctm+cnxzEMk2YRgCKt7+scSnwRiBRjCXubq0
do8wKL3USfWfAFfUw52PLJNIynnZCvGIDyQpUm0sXRwHRH+YJJ7XgRfjyfO88p3e
qRNU2M0zs5fJdvo71Vz7+mYySGdfQb+OpbbvrLjdf/cUrghkyqxM2ygyY2omeQWq
8aLtSgiT4R1ZVWzwfcP7rS9GRV9iFRQG9ULBUnPr5/YqXCPOUeLifhUtfrXUNHlq
s9y5MIwaVZgjR3APe4GtpjrIAZj35+0F2TDCjK0EXoCXUeKZ53fPfuOvLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLu2e+t1xM2R2hBNxv2cPiue73fqMB8GA1UdIwQY
MBaAFD7G/ZHSpDZdPcFnIf7faSFyuzBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNiOWtkS2tObDA5d1djaF90OXBJWEs3TUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC80Y2RhNDctMzg0YS00MzU0LWJjYjQt
YmVmMzU2MDViY2Q0LzEvdTdaNzYzWEV6WkhhRUUzR19ady1LNTd2ZC1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC80Y2RhNDctMzg0YS00MzU0LWJjYjQtYmVmMzU2MDViY2Q0
LzEvUHNiOWtkS2tObDA5d1djaF90OXBJWEs3TUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaIMMA0E
AgACMAcDBQMqB8lAMA0GCSqGSIb3DQEBCwUAA4IBAQAqLWAHlar5ruyGkYo1E3K8
wAK/927z2VsOAE+qUXxMt3U08kgY6u5vptAnd9J7MejH8zmo2zzDuDA6LEArZNGR
6TGDn4fbwVE0uRnAwAdNGebHBrG3g/oSTHKMyv0ZPfDuhbbbWTmclmf/dBk81H0K
8sVKDKIBKXUfvyS0pjRFZHjKrEH7BmchDXhr0FWT23ej3uH91SbEXAyZFoinb/m9
W6l6NyGVW/DFIWu5qwr3bsinZQBhwMdKScRYdrMuNkgXGLPUeYlOnhNOujbmzcfz
wVkgtIMHOERBcglM/BCG98VFW1E2BVQ7rEuSzTxg6fit6XYoTXSebkqo+VcfN5NB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:52 2024 by rpki-client on console-fra.rpki-client.org