Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/0EJ5oUsMjmEK1NjkKS3nIiBEbww.roa
File: 0EJ5oUsMjmEK1NjkKS3nIiBEbww.roa (raw, json)
Hash identifier: k3HOry/I7ImRgUpUjQkkOCAuKeTKfRyMltSDdmvWwBg=
Subject key identifier: D0:42:79:A1:4B:0C:8E:61:0A:D4:D8:E4:29:2D:E7:22:20:44:6F:0C
Certificate issuer: /CN=3af1507fda4e704828c7e03caf626456aafc5b1a
Certificate serial: 01856E01D6764719F4E8DFCCFE999ED4C08A
Authority key identifier: 3A:F1:50:7F:DA:4E:70:48:28:C7:E0:3C:AF:62:64:56:AA:FC:5B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvFQf9pOcEgox-A8r2JkVqr8Wxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/0EJ5oUsMjmEK1NjkKS3nIiBEbww.roa
Signing time: Sun 01 Jan 2023 15:44:52 +0000
ROA not before: Sun 01 Jan 2023 15:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199536
IP address blocks: 185.148.100.0/22 maxlen: 22
2a0f:57c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:d6:76:47:19:f4:e8:df:cc:fe:99:9e:d4:c0:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af1507fda4e704828c7e03caf626456aafc5b1a
Validity
Not Before: Jan 1 15:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d04279a14b0c8e610ad4d8e4292de72220446f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bf:78:b2:13:b7:c9:72:38:b7:26:6b:0f:03:
c9:3f:a7:25:ef:df:d7:0f:46:db:09:58:69:92:bf:
5a:8c:24:9f:9d:b7:52:e1:9b:c9:b2:f8:2c:75:a4:
15:76:3f:ce:6f:81:36:8a:89:aa:32:c9:0d:b1:e9:
45:5f:4a:dd:7f:98:d5:29:c2:99:8e:2d:ce:de:6c:
35:a2:a1:bf:a5:32:07:6f:71:24:af:02:bb:de:f1:
af:d0:44:54:51:2d:06:5b:33:2d:62:39:2b:d9:01:
70:22:c4:b6:0d:49:69:c8:19:15:10:49:91:2a:16:
35:97:fa:38:2a:03:ab:ef:a1:5d:0b:94:aa:7c:a4:
e8:cd:95:75:67:57:68:89:4b:fe:e5:de:71:44:6d:
96:78:de:a6:d4:89:9e:4c:db:69:58:50:e7:3e:31:
99:c1:a0:77:a9:6c:cb:20:cc:29:b4:35:b5:7b:08:
70:f3:3c:e4:a8:60:99:07:85:5a:c5:f8:af:74:43:
e7:9d:fb:7e:82:eb:9e:fc:8b:8b:2e:62:0c:21:67:
1e:de:a5:8e:89:53:eb:3f:cb:a2:cc:09:55:7c:78:
53:06:ce:58:79:b9:28:42:e4:dc:77:f3:4a:7d:a3:
c3:8f:12:e3:9d:7c:35:29:05:bb:05:df:8a:b3:c8:
cc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:42:79:A1:4B:0C:8E:61:0A:D4:D8:E4:29:2D:E7:22:20:44:6F:0C
X509v3 Authority Key Identifier:
keyid:3A:F1:50:7F:DA:4E:70:48:28:C7:E0:3C:AF:62:64:56:AA:FC:5B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvFQf9pOcEgox-A8r2JkVqr8Wxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/0EJ5oUsMjmEK1NjkKS3nIiBEbww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/OvFQf9pOcEgox-A8r2JkVqr8Wxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.100.0/22
IPv6:
2a0f:57c0::/32
Signature Algorithm: sha256WithRSAEncryption
20:13:ef:b1:7d:b2:5d:87:fc:f8:1c:85:0c:82:f3:b1:4d:5a:
06:b0:9e:d2:2a:7c:69:e1:55:4c:c7:40:96:ea:58:65:e7:45:
89:f1:2c:ee:0a:08:5b:66:e3:0e:92:3d:63:c0:f2:70:44:d4:
82:1b:a5:a4:7f:e0:85:3e:61:ce:fd:6c:28:04:60:fe:cd:36:
7f:cb:e2:91:16:98:16:70:f5:7c:d6:70:8a:da:70:9d:d1:b6:
14:a8:75:56:3a:e6:8a:57:59:f2:d9:9a:5f:9d:23:9b:db:41:
e2:0e:03:6d:37:8a:94:38:16:87:c6:d7:14:2e:12:6f:c0:72:
fc:04:cd:76:7a:e3:c1:83:9a:08:a2:4a:03:ab:19:13:9f:41:
ce:7e:bf:48:02:74:d8:ef:b3:51:49:c7:17:ea:66:cb:74:6b:
50:9e:6e:29:27:2d:ff:a5:7a:fb:ad:88:d5:66:2e:69:fd:27:
68:f5:a0:a1:3e:70:80:3c:66:c6:c5:b5:2a:7a:2c:22:4f:2e:
e7:e6:63:1d:66:ff:45:89:f6:89:6e:a8:4f:b5:9b:be:5c:69:
a5:82:98:85:74:17:40:00:c1:fa:7a:4d:ad:1c:4b:4d:1f:04:
f2:8a:9a:a1:51:df:40:08:0d:ce:c0:ff:e9:6a:72:7e:25:f0:
b9:be:ef:f6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuAdZ2Rxn06N/M/pme1MCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjE1MDdmZGE0ZTcwNDgyOGM3ZTAzY2FmNjI2NDU2YWFm
YzViMWEwHhcNMjMwMTAxMTU0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDQyNzlhMTRiMGM4ZTYxMGFkNGQ4ZTQyOTJkZTcyMjIwNDQ2ZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj794shO3yXI4tyZrDwPJP6cl79/X
D0bbCVhpkr9ajCSfnbdS4ZvJsvgsdaQVdj/Ob4E2iomqMskNselFX0rdf5jVKcKZ
ji3O3mw1oqG/pTIHb3EkrwK73vGv0ERUUS0GWzMtYjkr2QFwIsS2DUlpyBkVEEmR
KhY1l/o4KgOr76FdC5SqfKTozZV1Z1doiUv+5d5xRG2WeN6m1ImeTNtpWFDnPjGZ
waB3qWzLIMwptDW1ewhw8zzkqGCZB4VaxfivdEPnnft+guue/IuLLmIMIWce3qWO
iVPrP8uizAlVfHhTBs5YebkoQuTcd/NKfaPDjxLjnXw1KQW7Bd+Ks8jMIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNBCeaFLDI5hCtTY5Ckt5yIgRG8MMB8GA1UdIwQY
MBaAFDrxUH/aTnBIKMfgPK9iZFaq/FsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZGUWY5cE9jRWdveC1BOHIySmtWcXI4V3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85ZjUwZTEtM2VjNC00NmRjLWI0Zjct
ODc0MjM0ZWQxZTVlLzEvMEVKNW9Vc01qbUVLMU5qa0tTM25JaUJFYnd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85ZjUwZTEtM2VjNC00NmRjLWI0ZjctODc0MjM0ZWQxZTVl
LzEvT3ZGUWY5cE9jRWdveC1BOHIySmtWcXI4V3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZRkMA0E
AgACMAcDBQAqD1fAMA0GCSqGSIb3DQEBCwUAA4IBAQAgE++xfbJdh/z4HIUMgvOx
TVoGsJ7SKnxp4VVMx0CW6lhl50WJ8SzuCghbZuMOkj1jwPJwRNSCG6Wkf+CFPmHO
/WwoBGD+zTZ/y+KRFpgWcPV81nCK2nCd0bYUqHVWOuaKV1ny2ZpfnSOb20HiDgNt
N4qUOBaHxtcULhJvwHL8BM12euPBg5oIokoDqxkTn0HOfr9IAnTY77NRSccX6mbL
dGtQnm4pJy3/pXr7rYjVZi5p/Sdo9aChPnCAPGbGxbUqeiwiTy7n5mMdZv9FifaJ
bqhPtZu+XGmlgpiFdBdAAMH6ek2tHEtNHwTyipqhUd9ACA3OwP/panJ+JfC5vu/2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:27 2024 by rpki-client on console-ams.rpki-client.org