Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/a1OyXnNAQjY1I5kDCyLVz1aDTuc.roa
File: a1OyXnNAQjY1I5kDCyLVz1aDTuc.roa (raw, json)
Hash identifier: nRXKUSXevhzi1HFqw4dPFJj4AwOJ207vZU1is6d2ySo=
Subject key identifier: 6B:53:B2:5E:73:40:42:36:35:23:99:03:0B:22:D5:CF:56:83:4E:E7
Certificate issuer: /CN=8fbc7f1707b6d0b22bcd8180f4fbb1b63efc99f9
Certificate serial: 01857015174958A56F2344DF8D1FF5634B23
Authority key identifier: 8F:BC:7F:17:07:B6:D0:B2:2B:CD:81:80:F4:FB:B1:B6:3E:FC:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/a1OyXnNAQjY1I5kDCyLVz1aDTuc.roa
Signing time: Mon 02 Jan 2023 01:25:08 +0000
ROA not before: Mon 02 Jan 2023 01:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42000
IP address blocks: 185.99.68.0/22 maxlen: 22
2a00:1790::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:17:49:58:a5:6f:23:44:df:8d:1f:f5:63:4b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fbc7f1707b6d0b22bcd8180f4fbb1b63efc99f9
Validity
Not Before: Jan 2 01:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b53b25e73404236352399030b22d5cf56834ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6e:28:8d:e6:06:7e:13:e6:a3:9d:35:a0:72:
27:47:12:ab:08:cb:be:42:97:e0:b8:3f:c6:93:bb:
90:a1:40:0a:1c:ac:97:1f:9e:4f:29:fa:a5:3d:eb:
a4:3e:48:8f:73:1c:d1:9a:62:92:5b:b9:ef:5e:8d:
56:44:a5:d2:16:d7:28:ec:a2:3c:9b:a7:00:cf:e3:
a0:2b:45:6f:fd:24:1b:c2:51:02:16:b5:26:13:0a:
7d:f6:da:f2:3c:33:41:b1:23:a3:8a:0b:00:f0:d1:
44:a0:ee:da:7c:68:da:f2:87:0b:6f:6a:aa:96:1f:
60:6e:2a:0d:f6:69:1a:db:96:fa:27:fb:17:32:4b:
ae:5b:2b:41:aa:24:38:ca:df:64:8e:c8:19:25:14:
ba:7d:b7:12:a5:ff:93:a7:99:cf:76:2e:e4:06:28:
1d:22:1b:2e:a5:98:3d:14:8c:1b:45:b0:03:a5:fb:
80:9d:60:a6:eb:b3:5d:67:92:4e:a7:6c:69:3a:fd:
70:06:d9:47:03:2e:08:c0:c3:80:78:ae:e7:15:19:
b2:00:e1:83:a9:cf:06:8c:6a:cb:ba:ac:96:39:8d:
87:ee:d2:a6:6f:b1:4b:1d:83:17:f8:39:b7:47:87:
49:5f:ef:df:f2:37:eb:7e:df:bc:89:55:c8:2d:1f:
ee:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:53:B2:5E:73:40:42:36:35:23:99:03:0B:22:D5:CF:56:83:4E:E7
X509v3 Authority Key Identifier:
keyid:8F:BC:7F:17:07:B6:D0:B2:2B:CD:81:80:F4:FB:B1:B6:3E:FC:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/a1OyXnNAQjY1I5kDCyLVz1aDTuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.68.0/22
IPv6:
2a00:1790::/29
Signature Algorithm: sha256WithRSAEncryption
41:2d:7b:e1:bb:8a:11:52:ff:2f:7e:28:41:f9:ab:51:70:dc:
8b:18:a8:41:b6:c2:60:28:8a:f0:55:34:dd:99:21:97:09:37:
3c:d7:57:62:8b:98:9b:50:2c:16:78:c3:60:d9:97:f8:cb:48:
4f:bc:9f:d2:b7:07:be:a5:a1:64:84:8e:8a:75:45:89:fd:2b:
57:f4:81:cb:c2:1c:8b:f8:43:be:69:81:df:b9:27:20:3d:e6:
30:77:ca:38:9e:e4:bd:cb:3f:ad:e3:f5:9e:36:01:09:09:fa:
63:00:32:1c:29:bb:45:23:22:c0:6b:ef:fe:71:c8:27:4c:6c:
b7:5d:93:9d:53:a0:28:be:9f:69:eb:f8:28:e6:f9:60:fc:fd:
df:39:78:23:52:48:37:0a:00:97:f4:94:6d:86:70:48:bb:a1:
33:e9:c2:6e:c6:b5:63:a6:82:29:1f:b3:04:d4:98:cb:85:e0:
af:d8:b7:4b:08:fc:c5:d2:48:98:29:f8:94:a5:24:84:69:cf:
fe:25:5c:7c:74:7c:90:85:f9:eb:9e:69:e3:a9:6a:c5:ef:25:
05:dd:81:e1:67:d6:4f:1f:2f:b9:36:03:f4:3f:96:cd:19:9f:
b7:9b:d6:20:48:0c:94:51:f9:8d:c2:9d:be:74:f8:78:ca:5d:
cf:01:74:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwFRdJWKVvI0TfjR/1Y0sjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYmM3ZjE3MDdiNmQwYjIyYmNkODE4MGY0ZmJiMWI2M2Vm
Yzk5ZjkwHhcNMjMwMTAyMDEyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjUzYjI1ZTczNDA0MjM2MzUyMzk5MDMwYjIyZDVjZjU2ODM0ZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm4ojeYGfhPmo501oHInRxKrCMu+
QpfguD/Gk7uQoUAKHKyXH55PKfqlPeukPkiPcxzRmmKSW7nvXo1WRKXSFtco7KI8
m6cAz+OgK0Vv/SQbwlECFrUmEwp99tryPDNBsSOjigsA8NFEoO7afGja8ocLb2qq
lh9gbioN9mka25b6J/sXMkuuWytBqiQ4yt9kjsgZJRS6fbcSpf+Tp5nPdi7kBigd
IhsupZg9FIwbRbADpfuAnWCm67NdZ5JOp2xpOv1wBtlHAy4IwMOAeK7nFRmyAOGD
qc8GjGrLuqyWOY2H7tKmb7FLHYMX+Dm3R4dJX+/f8jfrft+8iVXILR/umQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGtTsl5zQEI2NSOZAwsi1c9Wg07nMB8GA1UdIwQY
MBaAFI+8fxcHttCyK82BgPT7sbY+/Jn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajd4X0Z3ZTIwTElyellHQTlQdXh0ajc4bWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS85MzU1ZWYtZTBiZi00YzYzLTk5YTct
Nzg1MjIwNjIxM2UwLzEvYTFPeVhuTkFRalkxSTVrREN5TFZ6MWFEVHVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS85MzU1ZWYtZTBiZi00YzYzLTk5YTctNzg1MjIwNjIxM2Uw
LzEvajd4X0Z3ZTIwTElyellHQTlQdXh0ajc4bWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWNEMA0E
AgACMAcDBQMqABeQMA0GCSqGSIb3DQEBCwUAA4IBAQBBLXvhu4oRUv8vfihB+atR
cNyLGKhBtsJgKIrwVTTdmSGXCTc811dii5ibUCwWeMNg2Zf4y0hPvJ/Stwe+paFk
hI6KdUWJ/StX9IHLwhyL+EO+aYHfuScgPeYwd8o4nuS9yz+t4/WeNgEJCfpjADIc
KbtFIyLAa+/+ccgnTGy3XZOdU6Aovp9p6/go5vlg/P3fOXgjUkg3CgCX9JRthnBI
u6Ez6cJuxrVjpoIpH7ME1JjLheCv2LdLCPzF0kiYKfiUpSSEac/+JVx8dHyQhfnr
nmnjqWrF7yUF3YHhZ9ZPHy+5NgP0P5bNGZ+3m9YgSAyUUfmNwp2+dPh4yl3PAXRc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:47 2024 by rpki-client on console-fra.rpki-client.org