Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d38767-2fc5-4c50-a27f-7429b22772c3/1/bNw6YxX2b_05S2oeN7F8PW-HbUs.roa
File: bNw6YxX2b_05S2oeN7F8PW-HbUs.roa (raw, json)
Hash identifier: RPQai8KeL7alzszI4kx80SYDyElGC0r1SEZ/cJ3sdTo=
Subject key identifier: 6C:DC:3A:63:15:F6:6F:FD:39:4B:6A:1E:37:B1:7C:3D:6F:87:6D:4B
Certificate issuer: /CN=50480549481968d43406127653f780abbf9a117b
Certificate serial: 01856CCAF188DDB2FAAE5AC4B84EE2F0DBB0
Authority key identifier: 50:48:05:49:48:19:68:D4:34:06:12:76:53:F7:80:AB:BF:9A:11:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UEgFSUgZaNQ0BhJ2U_eAq7-aEXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/d38767-2fc5-4c50-a27f-7429b22772c3/1/bNw6YxX2b_05S2oeN7F8PW-HbUs.roa
Signing time: Sun 01 Jan 2023 10:05:17 +0000
ROA not before: Sun 01 Jan 2023 10:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34971
IP address blocks: 185.136.177.0/24 maxlen: 24
185.136.176.0/24 maxlen: 24
185.136.176.0/22 maxlen: 24
2a06:fdc0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:f1:88:dd:b2:fa:ae:5a:c4:b8:4e:e2:f0:db:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50480549481968d43406127653f780abbf9a117b
Validity
Not Before: Jan 1 10:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cdc3a6315f66ffd394b6a1e37b17c3d6f876d4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f7:0a:b2:32:eb:d9:cc:7e:4a:bc:0c:3f:48:
28:e0:01:5b:a8:0b:d6:a3:fa:bd:78:29:4a:42:94:
d8:7a:97:5d:1d:ff:e2:91:fc:b5:fb:bd:99:09:1e:
47:7d:57:20:de:e9:c4:6e:b5:1f:33:86:43:d2:e6:
d4:70:29:9b:46:fc:ee:79:f7:a3:3c:df:7b:c0:33:
21:70:40:17:2f:60:b3:22:43:b1:9a:5a:50:27:17:
48:f2:ac:0d:90:fd:a2:b2:a1:ef:4b:b9:da:67:6b:
20:2c:c2:81:e6:a3:8c:cf:d4:02:0d:5b:ba:47:ab:
c7:84:df:0c:9c:12:9d:ef:8a:79:e7:b5:86:18:80:
c9:c8:2c:c7:18:f3:65:0b:02:c3:d4:0d:6c:fa:40:
a3:d3:19:6a:4a:f4:e2:2b:cf:49:ec:a1:c5:48:bd:
b2:e2:de:43:4f:e4:21:75:73:ab:bf:5a:ac:1e:e9:
24:96:a9:81:f3:2a:d7:29:9b:23:e1:76:b1:0d:29:
2e:7b:9e:9f:79:88:a4:e6:49:73:b2:71:39:e0:8a:
78:ee:68:cb:db:19:a1:09:1f:1f:80:e3:ca:ec:31:
73:2c:fe:5c:50:08:3d:96:f2:66:21:11:93:2c:fb:
08:6e:a0:dd:06:37:0e:11:56:a4:1c:e5:fb:f0:fb:
4b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:DC:3A:63:15:F6:6F:FD:39:4B:6A:1E:37:B1:7C:3D:6F:87:6D:4B
X509v3 Authority Key Identifier:
keyid:50:48:05:49:48:19:68:D4:34:06:12:76:53:F7:80:AB:BF:9A:11:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UEgFSUgZaNQ0BhJ2U_eAq7-aEXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d38767-2fc5-4c50-a27f-7429b22772c3/1/bNw6YxX2b_05S2oeN7F8PW-HbUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d38767-2fc5-4c50-a27f-7429b22772c3/1/UEgFSUgZaNQ0BhJ2U_eAq7-aEXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.176.0/22
IPv6:
2a06:fdc0::/32
Signature Algorithm: sha256WithRSAEncryption
8e:c7:7c:3e:1f:03:6a:fe:b2:9e:58:45:0a:b8:43:28:7f:f7:
ff:e5:b0:d8:ae:19:cb:86:98:f3:9b:ac:c0:fe:ce:ca:b7:b8:
fb:1c:62:7f:d0:93:82:92:8b:21:76:fb:7b:40:37:a5:1c:d8:
9c:61:9b:e4:18:5b:d2:36:10:e5:c5:9a:fd:04:aa:21:74:c0:
f7:40:74:6e:78:95:5a:d6:4c:af:46:31:4f:b6:4f:47:43:20:
76:a3:69:79:7e:fa:19:c6:3d:00:df:ad:1f:a5:ce:e5:af:6a:
93:8d:5b:de:ff:b2:0b:9b:27:00:46:87:1d:ab:a9:dd:ae:a7:
12:8c:63:77:bd:e4:e5:53:8f:e7:45:33:77:57:d7:b9:a7:5b:
73:28:61:84:cf:77:d7:40:83:ac:0d:e5:2c:f9:30:04:9a:d2:
64:06:8e:d7:f6:66:f9:bc:0f:2f:ca:a2:55:60:23:12:12:5d:
5e:78:17:1a:10:4d:36:81:31:d2:aa:04:89:ff:bf:52:83:04:
33:77:85:cc:0f:8e:49:62:9e:83:b4:60:06:92:e5:67:91:81:
c9:4b:7a:7d:ee:97:c3:b8:46:b4:65:71:56:95:56:60:3f:c4:
4c:13:48:8a:02:ef:20:f5:f5:5b:38:7b:77:1e:e3:fc:53:ef:
fc:da:af:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsyvGI3bL6rlrEuE7i8NuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNDgwNTQ5NDgxOTY4ZDQzNDA2MTI3NjUzZjc4MGFiYmY5
YTExN2IwHhcNMjMwMTAxMTAwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2RjM2E2MzE1ZjY2ZmZkMzk0YjZhMWUzN2IxN2MzZDZmODc2ZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvcKsjLr2cx+SrwMP0go4AFbqAvW
o/q9eClKQpTYepddHf/ikfy1+72ZCR5HfVcg3unEbrUfM4ZD0ubUcCmbRvzuefej
PN97wDMhcEAXL2CzIkOxmlpQJxdI8qwNkP2isqHvS7naZ2sgLMKB5qOMz9QCDVu6
R6vHhN8MnBKd74p557WGGIDJyCzHGPNlCwLD1A1s+kCj0xlqSvTiK89J7KHFSL2y
4t5DT+QhdXOrv1qsHukklqmB8yrXKZsj4XaxDSkue56feYik5klzsnE54Ip47mjL
2xmhCR8fgOPK7DFzLP5cUAg9lvJmIRGTLPsIbqDdBjcOEVakHOX78PtLTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGzcOmMV9m/9OUtqHjexfD1vh21LMB8GA1UdIwQY
MBaAFFBIBUlIGWjUNAYSdlP3gKu/mhF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUVnRlNVZ1phTlEwQmhKMlVfZUFxNy1hRVhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kMzg3NjctMmZjNS00YzUwLWEyN2Yt
NzQyOWIyMjc3MmMzLzEvYk53Nll4WDJiXzA1UzJvZU43RjhQVy1IYlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kMzg3NjctMmZjNS00YzUwLWEyN2YtNzQyOWIyMjc3MmMz
LzEvVUVnRlNVZ1phTlEwQmhKMlVfZUFxNy1hRVhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYiwMA0E
AgACMAcDBQAqBv3AMA0GCSqGSIb3DQEBCwUAA4IBAQCOx3w+HwNq/rKeWEUKuEMo
f/f/5bDYrhnLhpjzm6zA/s7Kt7j7HGJ/0JOCkoshdvt7QDelHNicYZvkGFvSNhDl
xZr9BKohdMD3QHRueJVa1kyvRjFPtk9HQyB2o2l5fvoZxj0A360fpc7lr2qTjVve
/7ILmycARocdq6ndrqcSjGN3veTlU4/nRTN3V9e5p1tzKGGEz3fXQIOsDeUs+TAE
mtJkBo7X9mb5vA8vyqJVYCMSEl1eeBcaEE02gTHSqgSJ/79SgwQzd4XMD45JYp6D
tGAGkuVnkYHJS3p97pfDuEa0ZXFWlVZgP8RME0iKAu8g9fVbOHt3HuP8U+/82q/A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:27 2024 by rpki-client on console-fra.rpki-client.org