Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/d809b3-3675-4fd8-8821-b367ebdf302b/1/AHtH3rkw773epG7jZYK6F3ga1dg.roa
File: AHtH3rkw773epG7jZYK6F3ga1dg.roa (raw, json)
Hash identifier: kFilxoP5jkyR5EUG8K7znciZ1JMStIJl96ff+AhG1KE=
Subject key identifier: 00:7B:47:DE:B9:30:EF:BD:DE:A4:6E:E3:65:82:BA:17:78:1A:D5:D8
Certificate issuer: /CN=a45002022b7a3e4790b8b4e2f6d5b7a3dabddce1
Certificate serial: 01856CCABA4713013937939783F9FF6A7AE2
Authority key identifier: A4:50:02:02:2B:7A:3E:47:90:B8:B4:E2:F6:D5:B7:A3:DA:BD:DC:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pFACAit6PkeQuLTi9tW3o9q93OE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/d809b3-3675-4fd8-8821-b367ebdf302b/1/AHtH3rkw773epG7jZYK6F3ga1dg.roa
Signing time: Sun 01 Jan 2023 10:05:03 +0000
ROA not before: Sun 01 Jan 2023 10:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205816
IP address blocks: 185.245.20.0/24 maxlen: 24
2a0c:9b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:ba:47:13:01:39:37:93:97:83:f9:ff:6a:7a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a45002022b7a3e4790b8b4e2f6d5b7a3dabddce1
Validity
Not Before: Jan 1 10:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=007b47deb930efbddea46ee36582ba17781ad5d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bd:59:05:86:9f:f7:a0:06:fe:0a:2a:20:dd:
6b:1c:1b:30:05:e9:94:9f:4f:c7:99:bb:4a:08:e3:
34:99:6e:5d:b8:06:9f:b2:59:c1:11:7c:89:c9:17:
86:e4:be:ec:b7:60:8a:3a:e9:27:a3:76:96:47:8b:
a6:93:a2:b5:db:c8:32:41:51:4d:e5:41:7b:34:b5:
00:31:23:0b:e4:46:69:93:c5:5f:e9:51:82:93:ba:
6a:3d:57:8b:ea:32:69:6d:82:e3:9c:f5:e9:86:01:
40:90:04:71:03:fe:00:0c:b9:7c:88:67:bc:1f:47:
cd:0e:53:e0:29:5b:16:5c:aa:5f:4e:e9:5f:06:58:
01:15:ea:73:7f:8e:97:1c:3f:4c:ee:9f:51:7a:59:
dd:a8:54:4c:b6:7c:7d:7c:0d:61:ec:68:aa:12:8e:
0a:11:2f:0a:eb:70:e0:19:be:05:33:65:04:dc:90:
a1:ea:ea:67:80:f7:04:88:8b:b3:b7:00:e9:55:de:
a4:82:c4:5d:41:3c:f9:19:94:1b:70:74:bf:d8:ec:
97:89:47:3b:83:9f:c8:cf:d8:e2:12:b7:17:cd:50:
0c:87:21:76:5a:4a:6d:0d:a9:6e:7c:d1:ea:4a:71:
f3:ab:c3:98:01:94:48:d5:c4:6e:df:26:0b:c2:61:
61:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:7B:47:DE:B9:30:EF:BD:DE:A4:6E:E3:65:82:BA:17:78:1A:D5:D8
X509v3 Authority Key Identifier:
keyid:A4:50:02:02:2B:7A:3E:47:90:B8:B4:E2:F6:D5:B7:A3:DA:BD:DC:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pFACAit6PkeQuLTi9tW3o9q93OE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/d809b3-3675-4fd8-8821-b367ebdf302b/1/AHtH3rkw773epG7jZYK6F3ga1dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/d809b3-3675-4fd8-8821-b367ebdf302b/1/pFACAit6PkeQuLTi9tW3o9q93OE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.20.0/24
IPv6:
2a0c:9b80::/29
Signature Algorithm: sha256WithRSAEncryption
55:a9:b1:6a:a5:e7:10:84:b4:d7:3e:bd:8a:89:e3:02:90:de:
34:67:06:22:aa:ed:40:ae:ec:26:56:d0:fc:4d:29:1c:76:67:
d5:89:e1:dd:78:57:6a:cc:ee:7e:4d:eb:ca:18:39:30:a1:2b:
96:3b:de:06:f5:19:7e:5a:e0:4b:f4:09:e0:a3:13:be:7d:7c:
6b:6f:58:ab:fa:bd:f0:0e:08:11:6b:40:4d:8a:d8:1a:06:bb:
83:4f:8b:cc:69:97:d5:6d:4a:0b:13:ca:76:b8:00:98:7a:19:
6f:53:4a:27:41:5c:8a:c3:e1:a3:bd:4e:7e:1b:1b:df:7c:ee:
19:84:89:22:8c:c3:d7:61:28:63:c8:02:02:e9:03:71:4e:15:
f7:65:63:9d:35:fe:ea:3c:bc:5e:8b:51:a4:76:4f:28:87:6b:
bc:81:ba:3a:15:9f:59:29:86:a1:63:94:99:00:db:7b:68:d9:
3d:08:56:d3:89:83:43:87:45:1c:f0:30:52:5a:20:e0:b1:b8:
a1:5b:55:5c:ba:38:25:77:ef:c6:d3:1b:06:8a:23:7f:4f:c4:
c4:2d:6e:d0:3f:4d:0c:4a:36:f1:09:eb:24:a5:58:21:d4:28:
5d:d9:ba:33:75:13:3a:40:b8:50:02:b4:de:97:8e:46:ad:a3:
08:6d:af:e7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsyrpHEwE5N5OXg/n/anriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NTAwMjAyMmI3YTNlNDc5MGI4YjRlMmY2ZDViN2EzZGFi
ZGRjZTEwHhcNMjMwMTAxMTAwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDdiNDdkZWI5MzBlZmJkZGVhNDZlZTM2NTgyYmExNzc4MWFkNWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL1ZBYaf96AG/goqIN1rHBswBemU
n0/HmbtKCOM0mW5duAafslnBEXyJyReG5L7st2CKOukno3aWR4umk6K128gyQVFN
5UF7NLUAMSML5EZpk8Vf6VGCk7pqPVeL6jJpbYLjnPXphgFAkARxA/4ADLl8iGe8
H0fNDlPgKVsWXKpfTulfBlgBFepzf46XHD9M7p9RelndqFRMtnx9fA1h7GiqEo4K
ES8K63DgGb4FM2UE3JCh6upngPcEiIuztwDpVd6kgsRdQTz5GZQbcHS/2OyXiUc7
g5/Iz9jiErcXzVAMhyF2WkptDalufNHqSnHzq8OYAZRI1cRu3yYLwmFhhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAB7R965MO+93qRu42WCuhd4GtXYMB8GA1UdIwQY
MBaAFKRQAgIrej5HkLi04vbVt6PavdzhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEZBQ0FpdDZQa2VRdUxUaTl0VzNvOXE5M09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kODA5YjMtMzY3NS00ZmQ4LTg4MjEt
YjM2N2ViZGYzMDJiLzEvQUh0SDNya3c3NzNlcEc3alpZSzZGM2dhMWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kODA5YjMtMzY3NS00ZmQ4LTg4MjEtYjM2N2ViZGYzMDJi
LzEvcEZBQ0FpdDZQa2VRdUxUaTl0VzNvOXE5M09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufUUMA0E
AgACMAcDBQMqDJuAMA0GCSqGSIb3DQEBCwUAA4IBAQBVqbFqpecQhLTXPr2KieMC
kN40ZwYiqu1AruwmVtD8TSkcdmfVieHdeFdqzO5+TevKGDkwoSuWO94G9Rl+WuBL
9AngoxO+fXxrb1ir+r3wDggRa0BNitgaBruDT4vMaZfVbUoLE8p2uACYehlvU0on
QVyKw+GjvU5+GxvffO4ZhIkijMPXYShjyAIC6QNxThX3ZWOdNf7qPLxei1Gkdk8o
h2u8gbo6FZ9ZKYahY5SZANt7aNk9CFbTiYNDh0Uc8DBSWiDgsbihW1Vcujgld+/G
0xsGiiN/T8TELW7QP00MSjbxCeskpVgh1Chd2bozdRM6QLhQArTel45GraMIba/n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:44 2024 by rpki-client on console-fra.rpki-client.org