Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/blL2V5SQKC3C3Bw3d1qls9qbmkw.roa
File: blL2V5SQKC3C3Bw3d1qls9qbmkw.roa (raw, json)
Hash identifier: 1UQuyUjO1N5Y3CMNqWDMwOF9Pd63l1U1WnQoWAOHXog=
Subject key identifier: 6E:52:F6:57:94:90:28:2D:C2:DC:1C:37:77:5A:A5:B3:DA:9B:9A:4C
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0186CC92BA239C6E6EB7FB9BD582B314EBD9
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/blL2V5SQKC3C3Bw3d1qls9qbmkw.roa
Signing time: Fri 10 Mar 2023 17:30:13 +0000
ROA not before: Fri 10 Mar 2023 17:30:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34866
IP address blocks: 146.185.254.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cc:92:ba:23:9c:6e:6e:b7:fb:9b:d5:82:b3:14:eb:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Mar 10 17:30:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e52f6579490282dc2dc1c37775aa5b3da9b9a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:11:3f:74:1a:c7:e3:88:76:ff:5f:e0:5f:a8:
c8:47:7d:91:c2:d8:0a:af:71:ac:27:30:02:23:db:
77:7b:3c:15:92:80:43:08:2f:dc:de:86:53:cb:26:
24:5a:1c:78:30:d5:30:0f:9a:83:f9:ad:d3:a4:3c:
09:49:f2:5c:4e:ce:7c:73:d8:94:93:84:36:d8:96:
32:75:3c:2f:7b:14:d3:8e:10:cc:45:2f:1f:0b:15:
3a:2f:82:87:a5:ba:db:7a:0f:7e:e2:c6:67:89:33:
0b:dd:7a:8e:95:eb:d5:b3:6c:cf:45:82:d4:46:7e:
40:3b:74:af:b3:b1:7f:06:2b:f6:b3:13:6a:21:fc:
e8:f5:ea:f6:a4:77:a7:70:32:a0:19:cf:e5:dc:48:
36:bd:58:ba:83:93:93:bd:b3:1d:70:08:43:4c:0f:
06:50:fe:50:e9:b2:19:69:5c:df:e9:e6:1d:ff:43:
34:78:97:d5:77:a3:35:3b:f9:47:63:fd:47:3a:6f:
7c:0c:39:e6:05:9d:68:dd:9c:6a:68:a9:2b:14:b5:
aa:e4:a9:59:51:56:3f:db:13:d2:70:e5:30:94:8e:
62:66:b3:47:bd:3e:e8:a2:0c:93:72:70:6d:c4:ed:
ab:2c:74:11:95:fa:17:a1:40:59:f8:11:bb:3d:4c:
c8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:52:F6:57:94:90:28:2D:C2:DC:1C:37:77:5A:A5:B3:DA:9B:9A:4C
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/blL2V5SQKC3C3Bw3d1qls9qbmkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.185.254.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:58:70:bb:81:ea:8b:6f:39:21:30:f2:e3:8d:6e:5e:2f:db:
33:3c:84:30:9c:f8:be:f4:74:eb:a8:bc:79:a3:84:cf:1e:67:
d0:6b:f3:85:49:59:0c:b4:dc:01:fb:8b:5b:53:5c:e9:43:83:
aa:af:c9:6c:7b:61:53:db:a1:42:d4:de:88:b3:4e:f2:5f:0e:
9f:c1:04:2e:3c:b1:55:e7:6e:93:00:af:40:17:6e:90:09:04:
5f:51:ee:71:e6:28:67:8f:d5:74:17:e9:36:51:e8:2b:a1:4e:
f6:cb:84:4a:50:6f:df:4a:a3:35:07:f2:91:52:dc:09:57:70:
a9:52:70:a4:e9:2e:22:9c:1a:3e:00:c2:52:8b:1c:f6:d4:fa:
90:91:00:4f:f7:84:db:a4:31:78:fd:b2:1b:9e:8d:cb:ea:a0:
28:4b:c6:a3:74:80:48:8a:d6:3e:8e:6e:1d:ef:51:ef:44:a9:
35:9f:67:35:62:2b:4e:af:10:16:30:6d:b8:ce:36:f2:8e:8a:
99:38:7c:36:a7:02:67:63:cb:70:b9:b8:67:f7:70:38:a4:94:
94:f4:ef:ac:dc:9c:aa:cd:08:80:2e:d6:b6:d0:8e:aa:1e:9d:
22:9c:19:3a:c7:10:14:92:5b:99:72:24:ac:e6:c7:3f:19:b4:
56:18:e0:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbMkrojnG5ut/ub1YKzFOvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMzEwMTczMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTUyZjY1Nzk0OTAyODJkYzJkYzFjMzc3NzVhYTViM2RhOWI5YTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxE/dBrH44h2/1/gX6jIR32RwtgK
r3GsJzACI9t3ezwVkoBDCC/c3oZTyyYkWhx4MNUwD5qD+a3TpDwJSfJcTs58c9iU
k4Q22JYydTwvexTTjhDMRS8fCxU6L4KHpbrbeg9+4sZniTML3XqOlevVs2zPRYLU
Rn5AO3Svs7F/Biv2sxNqIfzo9er2pHencDKgGc/l3Eg2vVi6g5OTvbMdcAhDTA8G
UP5Q6bIZaVzf6eYd/0M0eJfVd6M1O/lHY/1HOm98DDnmBZ1o3ZxqaKkrFLWq5KlZ
UVY/2xPScOUwlI5iZrNHvT7oogyTcnBtxO2rLHQRlfoXoUBZ+BG7PUzI7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5S9leUkCgtwtwcN3dapbPam5pMMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvYmxMMlY1U1FLQzNDM0J3M2QxcWxzOXFibWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBkrn+MA0G
CSqGSIb3DQEBCwUAA4IBAQDOWHC7geqLbzkhMPLjjW5eL9szPIQwnPi+9HTrqLx5
o4TPHmfQa/OFSVkMtNwB+4tbU1zpQ4Oqr8lse2FT26FC1N6Is07yXw6fwQQuPLFV
526TAK9AF26QCQRfUe5x5ihnj9V0F+k2UegroU72y4RKUG/fSqM1B/KRUtwJV3Cp
UnCk6S4inBo+AMJSixz21PqQkQBP94TbpDF4/bIbno3L6qAoS8ajdIBIitY+jm4d
71HvRKk1n2c1YitOrxAWMG24zjbyjoqZOHw2pwJnY8twubhn93A4pJSU9O+s3Jyq
zQiALta20I6qHp0inBk6xxAUkluZciSs5sc/GbRWGOBu
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:25 2024 by rpki-client on console-fra.rpki-client.org