Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/jUiYFCGMdHh21n50XZ6bptwh21Q.roa
File: jUiYFCGMdHh21n50XZ6bptwh21Q.roa (raw, json)
Hash identifier: hgRf+DXcXJG96GNhb2pElD03CXwRP4TCAj8cUO5ZhlY=
Subject key identifier: 8D:48:98:14:21:8C:74:78:76:D6:7E:74:5D:9E:9B:A6:DC:21:DB:54
Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534
Certificate serial: 01856D53CC8385E76333D922135AA566FBE0
Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/jUiYFCGMdHh21n50XZ6bptwh21Q.roa
Signing time: Sun 01 Jan 2023 12:34:46 +0000
ROA not before: Sun 01 Jan 2023 12:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202042
IP address blocks: 185.6.76.0/22 maxlen: 24
2a03:e40::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:cc:83:85:e7:63:33:d9:22:13:5a:a5:66:fb:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534
Validity
Not Before: Jan 1 12:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d489814218c747876d67e745d9e9ba6dc21db54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5a:97:ee:a2:13:81:17:39:ff:76:df:20:ad:
62:d4:4b:2c:56:92:cd:d1:b3:ad:b4:d7:24:b6:a6:
8f:22:52:ca:31:e4:ea:33:0c:94:75:4d:78:84:77:
57:b7:a9:91:e1:b0:f4:6e:7d:44:03:07:88:e0:7f:
4a:ce:ac:8b:32:54:c2:ff:62:c5:ec:e8:a8:58:af:
d4:f8:d3:51:95:3f:2c:3c:d5:27:88:3d:0b:5b:85:
ff:78:9f:61:71:d9:25:46:7e:1c:60:7c:e5:96:87:
8e:e8:ab:89:14:98:0f:33:c7:12:99:b2:99:4c:55:
70:eb:7a:1c:ab:94:c2:95:71:e3:49:a7:b4:9c:90:
72:8e:60:91:0f:14:80:01:d7:1e:c0:5e:6b:85:e6:
94:fb:ae:11:d6:b4:b9:ab:35:df:01:79:a1:3f:0f:
6f:96:76:7d:05:8f:6d:f2:68:8f:eb:b4:ab:6d:ba:
36:9a:40:d0:bf:0e:54:3d:f4:f6:70:34:2a:dc:93:
e7:02:7d:b3:c9:e0:41:4b:da:e1:ef:d7:b0:be:b9:
22:88:f1:b1:f3:76:08:ec:0e:32:80:6d:4e:64:da:
62:1b:ec:e2:9d:fc:f9:a7:bc:bd:fd:05:fb:d0:04:
77:a2:33:dd:2a:67:09:b9:ae:b3:f2:b7:a2:78:10:
46:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:48:98:14:21:8C:74:78:76:D6:7E:74:5D:9E:9B:A6:DC:21:DB:54
X509v3 Authority Key Identifier:
keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/jUiYFCGMdHh21n50XZ6bptwh21Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.76.0/22
IPv6:
2a03:e40::/32
Signature Algorithm: sha256WithRSAEncryption
0d:29:9f:b9:03:97:69:01:6d:8f:45:fa:ce:fb:3e:a6:b0:bf:
8a:49:ec:d5:5e:45:38:4e:4e:15:b8:a1:90:4c:f5:b6:60:0b:
60:1e:85:e3:11:4b:53:b7:54:7b:ae:5e:c9:13:71:42:6e:a4:
8e:f4:7b:a3:b6:8c:5a:9c:49:c1:60:a1:2f:e8:db:6e:09:6a:
a8:5a:43:f2:c1:2c:fd:7c:02:1b:6b:9b:49:60:56:62:03:bb:
ef:ad:09:8e:2f:16:08:0b:4d:1e:73:48:b6:16:fe:2b:f3:11:
81:3c:ae:c7:c5:fb:21:1b:18:4a:44:eb:27:58:6f:00:25:8a:
7c:52:ba:25:23:ec:94:2b:95:38:7e:a6:91:59:37:26:23:b9:
41:e0:b4:94:d8:d7:69:a8:56:5b:5f:ef:9d:3f:e2:8d:f3:3b:
27:eb:6b:aa:72:c5:dd:7e:95:4c:44:6a:5e:74:8f:0c:8c:19:
db:6e:7e:f4:71:1a:fc:5f:d2:b3:2a:13:c6:51:12:a3:6f:f4:
4b:d2:eb:28:49:00:b6:fe:74:70:9f:e5:b4:20:b1:82:2d:a1:
f2:f7:76:a1:95:49:d0:c1:20:3d:cf:ca:2c:c0:e6:07:a1:cd:
f3:39:a6:71:17:f3:fb:91:de:5f:a6:22:8e:23:2e:6b:98:e5:
73:4d:1c:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtU8yDhedjM9kiE1qlZvvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk
MTM1MzQwHhcNMjMwMTAxMTIzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDQ4OTgxNDIxOGM3NDc4NzZkNjdlNzQ1ZDllOWJhNmRjMjFkYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFqX7qITgRc5/3bfIK1i1EssVpLN
0bOttNcktqaPIlLKMeTqMwyUdU14hHdXt6mR4bD0bn1EAweI4H9KzqyLMlTC/2LF
7OioWK/U+NNRlT8sPNUniD0LW4X/eJ9hcdklRn4cYHzlloeO6KuJFJgPM8cSmbKZ
TFVw63ocq5TClXHjSae0nJByjmCRDxSAAdcewF5rheaU+64R1rS5qzXfAXmhPw9v
lnZ9BY9t8miP67Srbbo2mkDQvw5UPfT2cDQq3JPnAn2zyeBBS9rh79ewvrkiiPGx
83YI7A4ygG1OZNpiG+zinfz5p7y9/QX70AR3ojPdKmcJua6z8reieBBGBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI1ImBQhjHR4dtZ+dF2em6bcIdtUMB8GA1UdIwQY
MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt
YTRjMGFiYTliYmViLzEvalVpWUZDR01kSGgyMW41MFhaNmJwdHdoMjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi
LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQZMMA0E
AgACMAcDBQAqAw5AMA0GCSqGSIb3DQEBCwUAA4IBAQANKZ+5A5dpAW2PRfrO+z6m
sL+KSezVXkU4Tk4VuKGQTPW2YAtgHoXjEUtTt1R7rl7JE3FCbqSO9HujtoxanEnB
YKEv6NtuCWqoWkPywSz9fAIba5tJYFZiA7vvrQmOLxYIC00ec0i2Fv4r8xGBPK7H
xfshGxhKROsnWG8AJYp8UrolI+yUK5U4fqaRWTcmI7lB4LSU2NdpqFZbX++dP+KN
8zsn62uqcsXdfpVMRGpedI8MjBnbbn70cRr8X9KzKhPGURKjb/RL0usoSQC2/nRw
n+W0ILGCLaHy93ahlUnQwSA9z8oswOYHoc3zOaZxF/P7kd5fpiKOIy5rmOVzTRzA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:53 2024 by rpki-client on console-ams.rpki-client.org