Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8a707a-5ced-4c75-ae38-56596beed1c7/1/0UmIbggoB8yuxiNxTvvZSskLwtE.roa
File: 0UmIbggoB8yuxiNxTvvZSskLwtE.roa (raw, json)
Hash identifier: L1PFZU93zcyYb5QVKp9UQdQFx/Qw4eKXBuUr6WKPpeo=
Subject key identifier: D1:49:88:6E:08:28:07:CC:AE:C6:23:71:4E:FB:D9:4A:C9:0B:C2:D1
Certificate issuer: /CN=940b9e18eeb094d912deb595dc7aac8661b0d6c7
Certificate serial: 01856B80E2BB039FE941201609EF73A7B128
Authority key identifier: 94:0B:9E:18:EE:B0:94:D9:12:DE:B5:95:DC:7A:AC:86:61:B0:D6:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lAueGO6wlNkS3rWV3HqshmGw1sc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8a707a-5ced-4c75-ae38-56596beed1c7/1/0UmIbggoB8yuxiNxTvvZSskLwtE.roa
Signing time: Sun 01 Jan 2023 04:04:46 +0000
ROA not before: Sun 01 Jan 2023 04:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204861
IP address blocks: 185.121.106.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:80:e2:bb:03:9f:e9:41:20:16:09:ef:73:a7:b1:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940b9e18eeb094d912deb595dc7aac8661b0d6c7
Validity
Not Before: Jan 1 04:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d149886e082807ccaec623714efbd94ac90bc2d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2b:8e:f5:aa:30:20:e0:d4:a8:f6:63:b9:11:
30:92:68:cc:ee:bc:a2:37:29:e6:e8:e7:65:0f:e9:
c8:d7:d4:7a:70:88:f5:c8:a3:55:c1:fe:14:cc:6a:
3c:30:58:06:35:47:17:3f:af:13:9d:77:ee:1f:bd:
06:12:9d:40:cd:19:39:b1:6a:12:3a:5e:04:88:81:
c8:57:63:1d:61:dd:d3:4e:a9:3e:c2:f6:d2:37:3a:
23:49:ef:c7:ed:f3:bc:55:9a:e0:5a:00:d3:e5:d6:
53:82:b7:92:64:eb:05:6f:b4:47:54:78:07:a4:09:
40:24:3f:2c:24:ce:cd:7d:6f:d3:de:1b:7b:d4:bb:
a9:3b:b1:e0:75:a7:b4:fa:b0:98:0e:69:87:1c:5b:
b8:cc:de:92:85:1a:4b:01:70:df:4e:da:ff:f5:d8:
33:4a:78:fe:e8:bc:47:7f:1e:29:0f:e1:35:32:dc:
02:1e:30:54:14:8c:ff:4b:63:dc:c7:c7:42:a6:b1:
df:7c:2b:8b:41:be:b3:1d:44:ec:25:e5:2e:c4:01:
f5:eb:3d:ae:d4:a4:bd:82:83:33:5c:c9:36:7e:9f:
d5:e9:fd:bd:9b:e8:21:49:c1:2c:34:aa:c3:9e:16:
89:c4:00:7a:ff:39:c5:77:dc:ba:ab:cd:1f:32:44:
be:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:49:88:6E:08:28:07:CC:AE:C6:23:71:4E:FB:D9:4A:C9:0B:C2:D1
X509v3 Authority Key Identifier:
keyid:94:0B:9E:18:EE:B0:94:D9:12:DE:B5:95:DC:7A:AC:86:61:B0:D6:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAueGO6wlNkS3rWV3HqshmGw1sc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8a707a-5ced-4c75-ae38-56596beed1c7/1/0UmIbggoB8yuxiNxTvvZSskLwtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8a707a-5ced-4c75-ae38-56596beed1c7/1/lAueGO6wlNkS3rWV3HqshmGw1sc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.106.0/23
Signature Algorithm: sha256WithRSAEncryption
29:21:91:29:de:85:00:c4:88:f5:51:53:3d:57:0c:1f:1e:f7:
f1:79:dd:c8:34:a4:d0:fe:70:a9:b2:21:2f:15:76:70:7c:d9:
c5:db:d2:cd:44:31:24:6b:8b:b2:6e:42:61:a0:23:af:9d:27:
fa:66:92:a9:4a:66:99:24:6b:21:92:70:45:3b:53:13:4c:67:
5c:c0:b2:12:8b:ff:94:1c:00:d7:78:d3:01:e0:4e:ac:7b:aa:
be:3b:43:ea:40:3d:83:ca:86:a8:a2:7c:cf:07:37:ff:74:48:
d9:47:a6:e5:47:3f:a7:9a:b5:32:06:21:0b:96:95:88:8a:4f:
c0:4d:0d:99:d4:cf:16:1f:a4:d9:59:a2:d6:00:09:28:76:36:
14:2a:10:a1:ef:34:3c:ee:eb:4c:34:62:ea:09:43:de:b3:16:
3f:d6:ef:56:1e:b9:ab:28:36:ef:26:ed:b9:e4:06:b1:68:d0:
86:8e:55:c6:b3:fe:bb:50:9b:3b:e1:ca:aa:35:21:1c:1f:3d:
5a:34:39:77:f5:be:08:6f:a7:7e:73:44:ef:9d:f9:55:fa:8c:
a6:58:be:23:86:1e:7e:41:c4:9d:47:75:ec:5f:3e:1a:74:52:
57:c4:75:a1:20:80:4f:5a:53:3d:90:7f:ea:a3:6f:da:d3:4f:
fb:c7:24:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgOK7A5/pQSAWCe9zp7EoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGI5ZTE4ZWViMDk0ZDkxMmRlYjU5NWRjN2FhYzg2NjFi
MGQ2YzcwHhcNMjMwMTAxMDQwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQ5ODg2ZTA4MjgwN2NjYWVjNjIzNzE0ZWZiZDk0YWM5MGJjMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySuO9aowIODUqPZjuREwkmjM7ryi
Nynm6OdlD+nI19R6cIj1yKNVwf4UzGo8MFgGNUcXP68TnXfuH70GEp1AzRk5sWoS
Ol4EiIHIV2MdYd3TTqk+wvbSNzojSe/H7fO8VZrgWgDT5dZTgreSZOsFb7RHVHgH
pAlAJD8sJM7NfW/T3ht71LupO7Hgdae0+rCYDmmHHFu4zN6ShRpLAXDfTtr/9dgz
Snj+6LxHfx4pD+E1MtwCHjBUFIz/S2Pcx8dCprHffCuLQb6zHUTsJeUuxAH16z2u
1KS9goMzXMk2fp/V6f29m+ghScEsNKrDnhaJxAB6/znFd9y6q80fMkS+2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFJiG4IKAfMrsYjcU772UrJC8LRMB8GA1UdIwQY
MBaAFJQLnhjusJTZEt61ldx6rIZhsNbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEF1ZUdPNndsTmtTM3JXVjNIcXNobUd3MXNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84YTcwN2EtNWNlZC00Yzc1LWFlMzgt
NTY1OTZiZWVkMWM3LzEvMFVtSWJnZ29COHl1eGlOeFR2dlpTc2tMd3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84YTcwN2EtNWNlZC00Yzc1LWFlMzgtNTY1OTZiZWVkMWM3
LzEvbEF1ZUdPNndsTmtTM3JXVjNIcXNobUd3MXNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuXlqMA0G
CSqGSIb3DQEBCwUAA4IBAQApIZEp3oUAxIj1UVM9VwwfHvfxed3INKTQ/nCpsiEv
FXZwfNnF29LNRDEka4uybkJhoCOvnSf6ZpKpSmaZJGshknBFO1MTTGdcwLISi/+U
HADXeNMB4E6se6q+O0PqQD2DyoaoonzPBzf/dEjZR6blRz+nmrUyBiELlpWIik/A
TQ2Z1M8WH6TZWaLWAAkodjYUKhCh7zQ87utMNGLqCUPesxY/1u9WHrmrKDbvJu25
5AaxaNCGjlXGs/67UJs74cqqNSEcHz1aNDl39b4Ib6d+c0TvnflV+oymWL4jhh5+
QcSdR3XsXz4adFJXxHWhIIBPWlM9kH/qo2/a00/7xyTS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:31 2024 by rpki-client on console-ams.rpki-client.org