Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/D1rAeysD7_2IGOAjHlqV83yLBWc.roa
File: D1rAeysD7_2IGOAjHlqV83yLBWc.roa (raw, json)
Hash identifier: lxqgiw9nq5FUqZVV9zFUVwJQJ+kIQOOuWNMJVX05vHE=
Subject key identifier: 0F:5A:C0:7B:2B:03:EF:FD:88:18:E0:23:1E:5A:95:F3:7C:8B:05:67
Certificate issuer: /CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Certificate serial: 018570DE328A21EBF714679EF646392ECC9D
Authority key identifier: F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/D1rAeysD7_2IGOAjHlqV83yLBWc.roa
Signing time: Mon 02 Jan 2023 05:04:48 +0000
ROA not before: Mon 02 Jan 2023 05:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30893
IP address blocks: 185.231.100.0/22 maxlen: 24
195.47.238.0/24 maxlen: 24
2a0c:5700:3133::/48 maxlen: 48
2a0c:5700:5353::/48 maxlen: 48
2a0c:5700::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 19 Apr 2023 18:41:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:32:8a:21:eb:f7:14:67:9e:f6:46:39:2e:cc:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Validity
Not Before: Jan 2 05:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f5ac07b2b03effd8818e0231e5a95f37c8b0567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d3:bf:3d:b8:00:c0:97:fd:d5:42:88:fb:3c:
6d:5c:36:79:a4:f4:ec:9e:59:9c:92:2a:b0:c3:16:
be:47:5a:b6:ba:86:27:05:4a:7e:ef:f8:c4:f9:58:
90:88:74:61:79:55:d2:04:35:fe:d3:76:f4:a1:65:
79:1f:cc:ee:a9:5f:80:87:b3:ef:4a:7a:f9:8c:89:
1f:f6:c9:88:30:68:7d:2f:82:dc:5f:d6:04:08:bd:
be:a0:fa:bb:86:b6:4b:22:e2:c1:cc:28:00:4b:92:
7a:61:5b:1e:27:62:9b:f4:34:f6:58:2c:3d:af:b0:
ad:a3:64:82:8b:c8:c2:88:5c:32:39:af:bc:88:60:
f1:43:08:dd:0b:e7:42:ba:5a:ac:d0:28:25:e0:3b:
b5:d7:37:8b:64:55:aa:11:5e:6d:11:51:04:04:cb:
b9:dd:8d:4a:26:a0:0f:48:9c:23:ea:6c:5f:5f:8d:
a2:9f:44:2d:35:46:8d:95:93:ed:4b:fd:7f:5d:1e:
a1:d9:e4:74:56:8c:51:61:e4:f3:95:f8:32:b2:8a:
3e:6f:94:6c:ff:ca:98:4c:5a:f4:e3:9e:95:96:c9:
8f:c2:87:6d:94:ad:19:b8:85:0e:04:72:1f:3f:3a:
0e:93:f4:ef:89:f8:e9:a5:9f:3a:e5:f6:64:52:19:
d7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:5A:C0:7B:2B:03:EF:FD:88:18:E0:23:1E:5A:95:F3:7C:8B:05:67
X509v3 Authority Key Identifier:
keyid:F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/D1rAeysD7_2IGOAjHlqV83yLBWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.100.0/22
195.47.238.0/24
IPv6:
2a0c:5700::/29
Signature Algorithm: sha256WithRSAEncryption
60:6b:4f:ee:ca:14:c3:11:5b:d4:86:a3:15:b5:c9:8b:d2:56:
82:00:f7:0a:ba:ca:9c:2b:4e:e5:37:76:5b:ff:48:3c:15:2c:
dd:ba:30:81:49:50:94:b6:6d:44:64:4d:91:5f:65:33:39:38:
ff:fd:cd:eb:c8:a2:9b:45:f5:d4:ce:dd:bc:3d:ed:e0:8d:a6:
5f:fb:0d:78:2d:4e:be:ef:d1:09:9e:13:2e:2b:5d:49:ad:4d:
52:08:e5:3e:a4:ae:83:b6:6f:98:eb:3e:7d:c7:c4:ed:3d:2c:
0e:51:98:e8:c9:a6:35:61:26:a6:8c:f2:d7:e8:0e:65:82:81:
ac:33:9f:91:ee:f4:a4:69:e0:a8:b2:01:6b:af:1b:ea:d6:e9:
d6:91:3d:cd:34:51:b5:c8:86:0d:95:7f:5b:fa:a7:80:e8:4b:
ec:cb:df:57:10:62:4e:ae:87:ec:b0:de:05:95:84:a9:4d:f4:
6c:cc:7c:c8:cb:37:a5:86:09:e0:9f:8e:de:62:e7:02:2a:b3:
6f:d7:84:c6:b7:70:96:fe:68:87:21:49:23:85:cb:25:54:56:
22:86:53:c6:86:e2:15:2c:32:64:f0:32:bb:4d:f6:94:7f:fc:
61:c5:20:64:bb:2a:5d:d7:67:d8:11:33:6f:75:5b:ae:c8:42:
ce:42:97:af
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw3jKKIev3FGee9kY5LsydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MDg0NmYyMWM1NmE4NTEzZDMxYzE1NWRkMTk5MTk3YTNm
ZmM3YzAwHhcNMjMwMTAyMDUwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjVhYzA3YjJiMDNlZmZkODgxOGUwMjMxZTVhOTVmMzdjOGIwNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtO/PbgAwJf91UKI+zxtXDZ5pPTs
nlmckiqwwxa+R1q2uoYnBUp+7/jE+ViQiHRheVXSBDX+03b0oWV5H8zuqV+Ah7Pv
Snr5jIkf9smIMGh9L4LcX9YECL2+oPq7hrZLIuLBzCgAS5J6YVseJ2Kb9DT2WCw9
r7Cto2SCi8jCiFwyOa+8iGDxQwjdC+dCulqs0Cgl4Du11zeLZFWqEV5tEVEEBMu5
3Y1KJqAPSJwj6mxfX42in0QtNUaNlZPtS/1/XR6h2eR0VoxRYeTzlfgysoo+b5Rs
/8qYTFr0456VlsmPwodtlK0ZuIUOBHIfPzoOk/TvifjppZ865fZkUhnXiQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA9awHsrA+/9iBjgIx5alfN8iwVnMB8GA1UdIwQY
MBaAFPYIRvIcVqhRPTHBVd0ZkZej/8fAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYt
YTZkNDVlZjdkMjI3LzEvRDFyQWV5c0Q3XzJJR09BakhscVY4M3lMQldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYtYTZkNDVlZjdkMjI3
LzEvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuedkAwQA
wy/uMA0EAgACMAcDBQMqDFcAMA0GCSqGSIb3DQEBCwUAA4IBAQBga0/uyhTDEVvU
hqMVtcmL0laCAPcKusqcK07lN3Zb/0g8FSzdujCBSVCUtm1EZE2RX2UzOTj//c3r
yKKbRfXUzt28Pe3gjaZf+w14LU6+79EJnhMuK11JrU1SCOU+pK6Dtm+Y6z59x8Tt
PSwOUZjoyaY1YSamjPLX6A5lgoGsM5+R7vSkaeCosgFrrxvq1unWkT3NNFG1yIYN
lX9b+qeA6Evsy99XEGJOrofssN4FlYSpTfRszHzIyzelhgngn47eYucCKrNv14TG
t3CW/miHIUkjhcslVFYihlPGhuIVLDJk8DK7TfaUf/xhxSBkuypd12fYETNvdVuu
yELOQpev
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:14 2024 by rpki-client on console-ams.rpki-client.org