Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/213be6-ecb9-4300-8346-a647675f46b6/1/36mBMPc4SBWeAJFM3wrv-ue2r58.roa
File: 36mBMPc4SBWeAJFM3wrv-ue2r58.roa (raw, json)
Hash identifier: oYTjopznTfwToeZSNcPOXbufQ8VZC71GBt3HE0KMYps=
Subject key identifier: DF:A9:81:30:F7:38:48:15:9E:00:91:4C:DF:0A:EF:FA:E7:B6:AF:9F
Certificate issuer: /CN=6001b953c6be1f91831d68a5c0115c20e0cd7f9a
Certificate serial: 018CED87F9FCE4C62FBDCCF50AD92F6CE45F
Authority key identifier: 60:01:B9:53:C6:BE:1F:91:83:1D:68:A5:C0:11:5C:20:E0:CD:7F:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YAG5U8a-H5GDHWilwBFcIODNf5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/213be6-ecb9-4300-8346-a647675f46b6/1/36mBMPc4SBWeAJFM3wrv-ue2r58.roa
Signing time: Tue 09 Jan 2024 09:22:40 +0000
ROA not before: Tue 09 Jan 2024 09:22:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42220
IP address blocks: 185.214.176.0/22 maxlen: 24
217.18.160.0/20 maxlen: 24
2a03:9520::/32 maxlen: 64
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:87:f9:fc:e4:c6:2f:bd:cc:f5:0a:d9:2f:6c:e4:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6001b953c6be1f91831d68a5c0115c20e0cd7f9a
Validity
Not Before: Jan 9 09:22:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfa98130f73848159e00914cdf0aeffae7b6af9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:dd:6d:09:1d:89:c8:d0:b0:80:dd:74:16:48:
dd:9b:68:37:82:24:d6:a2:f7:fc:07:9c:12:bc:62:
31:00:67:a1:b4:ab:f6:e2:af:ea:7e:3b:9e:e7:c8:
3d:46:c1:08:d8:eb:c9:de:b3:3b:cc:8c:98:90:25:
a8:08:aa:07:15:27:e6:21:51:5f:e3:82:72:d0:a7:
7a:9b:c1:3e:30:e3:f7:c3:86:3b:78:52:57:28:76:
2a:00:37:e6:9f:9d:29:3b:5b:f2:6a:2d:bd:d3:1b:
28:a6:95:35:b7:1b:00:25:23:48:fe:58:1e:8f:f0:
bd:0f:bc:3d:ed:a5:ea:a3:13:a4:7f:a2:e1:17:03:
24:aa:ba:3d:4c:3a:3a:cd:88:86:54:5e:d7:5a:a5:
99:b9:08:ea:6a:d7:d5:18:b8:a6:bb:04:e2:29:e5:
cf:73:c2:fe:fc:d4:78:dd:17:fb:81:e6:ba:c5:5f:
e5:3f:ff:8e:e4:84:8d:fd:07:ab:59:95:38:40:ba:
7a:2a:c6:2b:92:53:3f:ba:9a:7a:39:63:f7:ec:d4:
9d:61:4f:85:d2:e9:d1:5e:70:1d:24:2f:1e:2f:0a:
e5:c8:0c:b1:72:9c:73:c2:fc:9b:9e:ac:c7:4a:1f:
22:e1:13:c0:50:53:48:fb:7d:98:80:f4:bd:ca:bd:
b7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A9:81:30:F7:38:48:15:9E:00:91:4C:DF:0A:EF:FA:E7:B6:AF:9F
X509v3 Authority Key Identifier:
keyid:60:01:B9:53:C6:BE:1F:91:83:1D:68:A5:C0:11:5C:20:E0:CD:7F:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YAG5U8a-H5GDHWilwBFcIODNf5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/213be6-ecb9-4300-8346-a647675f46b6/1/36mBMPc4SBWeAJFM3wrv-ue2r58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/213be6-ecb9-4300-8346-a647675f46b6/1/YAG5U8a-H5GDHWilwBFcIODNf5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.176.0/22
217.18.160.0/20
IPv6:
2a03:9520::/32
Signature Algorithm: sha256WithRSAEncryption
b3:ef:55:58:e9:74:18:b4:a8:05:1d:cd:2f:f2:ae:a6:4b:6b:
8d:e4:8d:46:5c:4e:0e:0f:0f:4a:c4:3f:92:77:7d:37:a4:43:
29:8a:8e:3d:ae:28:2d:0a:de:c9:c1:10:97:4e:81:b7:ac:66:
ae:e5:c9:92:17:50:9b:6b:11:cd:61:91:82:85:e3:13:94:ac:
0f:53:0d:19:19:38:89:c6:d3:e0:84:bf:45:59:65:16:a6:72:
58:ae:aa:af:dd:5c:60:23:38:28:85:48:1f:bd:0d:22:5f:e3:
b2:f7:3d:6f:39:dc:8a:ac:ec:74:05:db:f7:91:77:04:7c:8c:
e8:1c:eb:8c:0f:9a:66:45:94:37:da:58:2f:db:40:e3:84:fc:
e3:34:f6:91:51:65:70:7f:a3:95:fe:82:98:dc:61:8c:46:88:
56:a6:dd:1d:51:4a:80:22:66:81:f3:2e:82:4e:55:1d:b5:6b:
55:5c:ce:8d:0a:f1:56:4e:cc:dd:62:e5:52:a6:98:7c:d6:b4:
e8:44:73:10:f7:47:ec:e3:a5:f0:32:14:3d:40:fd:bc:e1:87:
be:e0:71:3d:42:d0:96:7a:c8:21:22:37:5d:96:1b:4d:f0:5a:
ce:28:4f:20:16:0d:8e:62:8d:72:e2:a3:81:f4:18:9f:b5:a0:
58:2a:29:00
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzth/n85MYvvcz1CtkvbORfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMDFiOTUzYzZiZTFmOTE4MzFkNjhhNWMwMTE1YzIwZTBj
ZDdmOWEwHhcNMjQwMTA5MDkyMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmE5ODEzMGY3Mzg0ODE1OWUwMDkxNGNkZjBhZWZmYWU3YjZhZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd1tCR2JyNCwgN10Fkjdm2g3giTW
ovf8B5wSvGIxAGehtKv24q/qfjue58g9RsEI2OvJ3rM7zIyYkCWoCKoHFSfmIVFf
44Jy0Kd6m8E+MOP3w4Y7eFJXKHYqADfmn50pO1vyai290xsoppU1txsAJSNI/lge
j/C9D7w97aXqoxOkf6LhFwMkqro9TDo6zYiGVF7XWqWZuQjqatfVGLimuwTiKeXP
c8L+/NR43Rf7gea6xV/lP/+O5ISN/QerWZU4QLp6KsYrklM/upp6OWP37NSdYU+F
0unRXnAdJC8eLwrlyAyxcpxzwvybnqzHSh8i4RPAUFNI+32YgPS9yr23aQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN+pgTD3OEgVngCRTN8K7/rntq+fMB8GA1UdIwQY
MBaAFGABuVPGvh+Rgx1opcARXCDgzX+aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUFHNVU4YS1INUdESFdpbHdCRmNJT0ROZjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8yMTNiZTYtZWNiOS00MzAwLTgzNDYt
YTY0NzY3NWY0NmI2LzEvMzZtQk1QYzRTQldlQUpGTTN3cnYtdWUycjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8yMTNiZTYtZWNiOS00MzAwLTgzNDYtYTY0NzY3NWY0NmI2
LzEvWUFHNVU4YS1INUdESFdpbHdCRmNJT0ROZjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudawAwQE
2RKgMA0EAgACMAcDBQAqA5UgMA0GCSqGSIb3DQEBCwUAA4IBAQCz71VY6XQYtKgF
Hc0v8q6mS2uN5I1GXE4ODw9KxD+Sd303pEMpio49rigtCt7JwRCXToG3rGau5cmS
F1CbaxHNYZGCheMTlKwPUw0ZGTiJxtPghL9FWWUWpnJYrqqv3VxgIzgohUgfvQ0i
X+Oy9z1vOdyKrOx0Bdv3kXcEfIzoHOuMD5pmRZQ32lgv20DjhPzjNPaRUWVwf6OV
/oKY3GGMRohWpt0dUUqAImaB8y6CTlUdtWtVXM6NCvFWTszdYuVSpph81rToRHMQ
90fs46XwMhQ9QP284Ye+4HE9QtCWesghIjddlhtN8FrOKE8gFg2OYo1y4qOB9Bif
taBYKikA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:09 2025 by rpki-client