Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/2955fd-092a-4ecc-a92f-fbb33a54fade/1/A1oZlJHLJeqCf4SoD20LozVKQuI.roa
File: A1oZlJHLJeqCf4SoD20LozVKQuI.roa (raw, json)
Hash identifier: 4oiOJ+5xYMFfAydL6e9todrqD+SoppEpVNre7yMkzVk=
Subject key identifier: 03:5A:19:94:91:CB:25:EA:82:7F:84:A8:0F:6D:0B:A3:35:4A:42:E2
Certificate issuer: /CN=f6acb269fa8a554f5243a3abd68d5b8d76fe5ebb
Certificate serial: 01856FF04EECD8D28E2D2B8D940AC056929A
Authority key identifier: F6:AC:B2:69:FA:8A:55:4F:52:43:A3:AB:D6:8D:5B:8D:76:FE:5E:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9qyyafqKVU9SQ6Or1o1bjXb-Xrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/2955fd-092a-4ecc-a92f-fbb33a54fade/1/A1oZlJHLJeqCf4SoD20LozVKQuI.roa
Signing time: Mon 02 Jan 2023 00:44:57 +0000
ROA not before: Mon 02 Jan 2023 00:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2635
IP address blocks: 185.64.140.0/22 maxlen: 32
2a04:fa80::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:4e:ec:d8:d2:8e:2d:2b:8d:94:0a:c0:56:92:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6acb269fa8a554f5243a3abd68d5b8d76fe5ebb
Validity
Not Before: Jan 2 00:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=035a199491cb25ea827f84a80f6d0ba3354a42e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:08:9b:49:6e:5b:ce:b6:91:f3:07:16:2e:b2:
60:99:fb:01:ad:27:0e:e2:3b:b8:86:8a:94:c4:83:
9e:13:62:05:12:65:56:9d:c6:e6:06:69:39:ba:dc:
70:6c:89:13:61:ad:b3:6d:54:d7:48:f3:f7:a2:5c:
20:02:fd:a4:00:58:83:ae:de:ab:6f:14:7b:cf:8b:
71:7e:d8:38:69:e0:4b:17:a4:04:b5:29:7d:28:cb:
6d:33:f2:0c:5a:30:30:5a:d6:7b:3d:72:55:e5:13:
1b:ed:93:88:df:e7:c7:2b:8c:e9:fb:e3:95:80:5a:
7d:08:11:d9:f9:46:09:9f:76:b0:36:8d:69:da:46:
ca:f7:ee:ad:44:87:a0:32:72:67:9d:e9:cb:d5:1c:
5c:d4:60:00:9c:60:16:23:75:a0:b2:90:af:12:74:
42:1b:b6:12:d8:a8:c8:90:7a:26:c4:26:8a:71:a3:
8e:11:22:84:db:6b:7f:d0:28:26:a7:c0:a2:73:da:
42:29:92:31:73:ca:74:1f:1f:85:03:0c:ee:6d:05:
83:e8:e1:2a:c3:5b:87:4c:5c:1c:91:e6:51:fb:5d:
35:d0:2b:97:e2:d6:ed:45:29:75:4f:79:02:22:f1:
df:32:c6:07:b2:78:85:c1:cd:02:de:be:82:b8:3f:
65:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:5A:19:94:91:CB:25:EA:82:7F:84:A8:0F:6D:0B:A3:35:4A:42:E2
X509v3 Authority Key Identifier:
keyid:F6:AC:B2:69:FA:8A:55:4F:52:43:A3:AB:D6:8D:5B:8D:76:FE:5E:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9qyyafqKVU9SQ6Or1o1bjXb-Xrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2955fd-092a-4ecc-a92f-fbb33a54fade/1/A1oZlJHLJeqCf4SoD20LozVKQuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2955fd-092a-4ecc-a92f-fbb33a54fade/1/9qyyafqKVU9SQ6Or1o1bjXb-Xrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.140.0/22
IPv6:
2a04:fa80::/29
Signature Algorithm: sha256WithRSAEncryption
1f:d6:6d:96:0c:bb:7e:98:aa:33:28:00:b9:e3:47:bc:c8:15:
80:30:19:4c:69:e8:96:6a:89:25:8e:0f:18:97:42:4b:62:b5:
65:0a:34:9f:84:45:a1:14:bf:82:e3:0f:94:b2:43:8e:8b:f5:
af:99:3b:87:db:9c:f7:8b:b0:f4:de:83:72:9d:a9:fa:32:ac:
81:7f:58:49:2f:a3:1b:53:73:55:37:b2:69:1a:f6:33:e7:f6:
9c:d9:16:da:d3:82:56:9a:36:ca:5a:08:f9:69:e5:ef:76:f5:
11:1e:ee:3b:11:2c:45:d1:74:00:8f:57:bc:64:32:ac:3f:30:
42:b3:8c:da:21:80:3c:4e:2a:57:f5:89:d1:c6:51:5b:f8:a8:
19:1e:a6:f4:a1:c5:f5:8b:57:e7:fd:5b:db:ab:e2:c0:ab:36:
05:2f:ed:e1:54:d1:98:14:29:f4:e3:c4:f0:66:91:94:8b:63:
89:1e:c4:d4:26:63:20:9e:81:ae:82:02:0f:91:e1:fe:dd:1e:
e6:4e:a5:ba:0d:18:95:3d:61:9d:0d:96:a7:e8:1f:2b:be:9a:
b8:e8:13:29:2d:bb:45:e4:10:28:a3:0e:b7:33:aa:55:d2:43:
e3:c7:bf:70:8b:3d:40:9f:d2:7e:08:45:91:d3:1b:ae:f0:e6:
fc:93:3d:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv8E7s2NKOLSuNlArAVpKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWNiMjY5ZmE4YTU1NGY1MjQzYTNhYmQ2OGQ1YjhkNzZm
ZTVlYmIwHhcNMjMwMTAyMDA0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzVhMTk5NDkxY2IyNWVhODI3Zjg0YTgwZjZkMGJhMzM1NGE0MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwibSW5bzraR8wcWLrJgmfsBrScO
4ju4hoqUxIOeE2IFEmVWncbmBmk5utxwbIkTYa2zbVTXSPP3olwgAv2kAFiDrt6r
bxR7z4txftg4aeBLF6QEtSl9KMttM/IMWjAwWtZ7PXJV5RMb7ZOI3+fHK4zp++OV
gFp9CBHZ+UYJn3awNo1p2kbK9+6tRIegMnJnnenL1Rxc1GAAnGAWI3WgspCvEnRC
G7YS2KjIkHomxCaKcaOOESKE22t/0Cgmp8Cic9pCKZIxc8p0Hx+FAwzubQWD6OEq
w1uHTFwckeZR+1010CuX4tbtRSl1T3kCIvHfMsYHsniFwc0C3r6CuD9l8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFANaGZSRyyXqgn+EqA9tC6M1SkLiMB8GA1UdIwQY
MBaAFPassmn6ilVPUkOjq9aNW412/l67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXF5eWFmcUtWVTlTUTZPcjFvMWJqWGItWHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8yOTU1ZmQtMDkyYS00ZWNjLWE5MmYt
ZmJiMzNhNTRmYWRlLzEvQTFvWmxKSExKZXFDZjRTb0QyMExvelZLUXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8yOTU1ZmQtMDkyYS00ZWNjLWE5MmYtZmJiMzNhNTRmYWRl
LzEvOXF5eWFmcUtWVTlTUTZPcjFvMWJqWGItWHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUCMMA0E
AgACMAcDBQMqBPqAMA0GCSqGSIb3DQEBCwUAA4IBAQAf1m2WDLt+mKozKAC540e8
yBWAMBlMaeiWaokljg8Yl0JLYrVlCjSfhEWhFL+C4w+UskOOi/WvmTuH25z3i7D0
3oNynan6MqyBf1hJL6MbU3NVN7JpGvYz5/ac2Rba04JWmjbKWgj5aeXvdvURHu47
ESxF0XQAj1e8ZDKsPzBCs4zaIYA8TipX9YnRxlFb+KgZHqb0ocX1i1fn/Vvbq+LA
qzYFL+3hVNGYFCn048TwZpGUi2OJHsTUJmMgnoGuggIPkeH+3R7mTqW6DRiVPWGd
DZan6B8rvpq46BMpLbtF5BAoow63M6pV0kPjx79wiz1An9J+CEWR0xuu8Ob8kz0b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:38 2024 by rpki-client on console-fra.rpki-client.org