Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/f7977e-ad30-4cb7-8ed3-29f4cd0ba804/1/cGBpZtEwtQdhvjxtz2cVLC4hogE.roa
File: cGBpZtEwtQdhvjxtz2cVLC4hogE.roa (raw, json)
Hash identifier: iZuqfm2txP7xIqz/Mw/k3wlqTy25WWesv/Ow1zpp86Y=
Subject key identifier: 70:60:69:66:D1:30:B5:07:61:BE:3C:6D:CF:67:15:2C:2E:21:A2:01
Certificate issuer: /CN=13cd87027d7d3a3b9f7c4ba4495e49e21ad5a4bb
Certificate serial: 018570D50ADDE4FFBAA1C6E8F3FFD1A14D70
Authority key identifier: 13:CD:87:02:7D:7D:3A:3B:9F:7C:4B:A4:49:5E:49:E2:1A:D5:A4:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E82HAn19OjuffEukSV5J4hrVpLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/f7977e-ad30-4cb7-8ed3-29f4cd0ba804/1/cGBpZtEwtQdhvjxtz2cVLC4hogE.roa
Signing time: Mon 02 Jan 2023 04:54:48 +0000
ROA not before: Mon 02 Jan 2023 04:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202709
IP address blocks: 185.242.178.0/24 maxlen: 24
2a10:98c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:0a:dd:e4:ff:ba:a1:c6:e8:f3:ff:d1:a1:4d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13cd87027d7d3a3b9f7c4ba4495e49e21ad5a4bb
Validity
Not Before: Jan 2 04:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70606966d130b50761be3c6dcf67152c2e21a201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:56:7c:87:43:81:a7:6a:68:82:6a:94:b5:dd:
18:13:31:ab:c5:fb:ac:7e:7d:24:2b:0a:10:5b:90:
a6:f9:c6:f3:b6:0a:2e:98:6b:a2:c4:8d:87:0e:26:
ce:13:6e:13:e9:7b:ea:ca:ac:79:3c:84:4d:09:91:
32:fb:a9:d6:1a:3c:60:e3:15:ac:39:e7:b4:44:25:
3e:cf:92:78:f6:58:cb:56:71:58:69:09:00:94:7b:
ae:6d:95:3c:91:80:3f:1b:5d:aa:d0:12:6d:31:c9:
40:0c:cb:bf:54:8b:21:64:64:a5:c1:48:5a:da:42:
38:89:b4:44:15:3c:be:d7:47:8e:d2:0f:de:e9:be:
f9:61:06:b1:2e:fa:d2:1b:34:1a:0d:f1:2f:2f:3d:
95:9e:1c:f3:05:89:29:b4:a0:88:66:a7:6a:f2:21:
9b:c1:c2:4d:4e:81:aa:60:d1:d4:4b:eb:30:24:bf:
c1:23:25:45:e7:c0:26:d7:ea:86:b3:c3:53:6b:73:
6c:29:92:7d:15:3d:b1:40:25:42:b1:e9:f6:42:43:
3d:c1:e7:e6:0d:e9:d2:82:0d:7d:3c:7c:99:ee:3d:
7c:db:b2:e9:c3:6b:4d:af:85:a7:0d:2c:0a:95:f5:
4d:9a:a7:22:0c:3a:42:1e:87:07:5a:92:a1:ea:eb:
b1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:60:69:66:D1:30:B5:07:61:BE:3C:6D:CF:67:15:2C:2E:21:A2:01
X509v3 Authority Key Identifier:
keyid:13:CD:87:02:7D:7D:3A:3B:9F:7C:4B:A4:49:5E:49:E2:1A:D5:A4:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E82HAn19OjuffEukSV5J4hrVpLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/f7977e-ad30-4cb7-8ed3-29f4cd0ba804/1/cGBpZtEwtQdhvjxtz2cVLC4hogE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/f7977e-ad30-4cb7-8ed3-29f4cd0ba804/1/E82HAn19OjuffEukSV5J4hrVpLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.178.0/24
IPv6:
2a10:98c0::/29
Signature Algorithm: sha256WithRSAEncryption
9d:c7:39:b7:67:e7:b0:ed:7d:27:e5:b7:23:c2:44:8e:89:ee:
a8:65:39:3f:64:df:95:76:a5:f7:fa:55:dc:14:23:f0:87:2d:
e9:3f:99:d5:e1:66:a7:78:6c:a2:ae:b3:ae:95:40:5c:fa:a9:
3a:7c:0f:e9:e0:2e:3a:36:c2:e2:85:01:13:43:30:8e:07:0f:
a3:fc:a9:5f:43:68:79:b1:03:81:c5:b7:38:d4:23:77:d4:7b:
2a:a1:af:cf:26:ed:6d:db:53:2f:77:57:7b:14:c0:11:7e:cb:
b6:9b:61:ed:dd:f4:35:f1:e2:53:96:fa:91:7c:12:f6:38:40:
e1:af:86:c7:1d:54:d3:66:b2:22:7b:72:2f:38:64:e2:db:bf:
f7:29:2a:16:e2:e8:7b:2e:9d:11:fe:a5:31:dd:56:af:b8:9c:
5d:6b:30:f8:3a:3c:8c:e3:bc:bb:9a:3d:7e:e6:f1:2d:b7:dc:
d2:bb:82:7d:52:3c:6a:4b:3f:43:ac:92:9c:d7:13:91:79:aa:
c4:a9:db:c3:cd:ff:e3:52:0a:28:96:a5:90:50:76:af:c4:20:
bf:a4:66:d2:3e:de:93:48:28:99:ef:4e:80:f9:9a:22:49:d6:
bd:db:7b:93:9e:03:e6:2d:ce:3f:9c:5a:05:ee:8b:8f:76:c0:
21:75:31:55
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw1Qrd5P+6ocbo8//RoU1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzY2Q4NzAyN2Q3ZDNhM2I5ZjdjNGJhNDQ5NWU0OWUyMWFk
NWE0YmIwHhcNMjMwMTAyMDQ1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDYwNjk2NmQxMzBiNTA3NjFiZTNjNmRjZjY3MTUyYzJlMjFhMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslZ8h0OBp2pogmqUtd0YEzGrxfus
fn0kKwoQW5Cm+cbztgoumGuixI2HDibOE24T6Xvqyqx5PIRNCZEy+6nWGjxg4xWs
Oee0RCU+z5J49ljLVnFYaQkAlHuubZU8kYA/G12q0BJtMclADMu/VIshZGSlwUha
2kI4ibREFTy+10eO0g/e6b75YQaxLvrSGzQaDfEvLz2VnhzzBYkptKCIZqdq8iGb
wcJNToGqYNHUS+swJL/BIyVF58Am1+qGs8NTa3NsKZJ9FT2xQCVCsen2QkM9wefm
DenSgg19PHyZ7j1827Lpw2tNr4WnDSwKlfVNmqciDDpCHocHWpKh6uuxKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHBgaWbRMLUHYb48bc9nFSwuIaIBMB8GA1UdIwQY
MBaAFBPNhwJ9fTo7n3xLpEleSeIa1aS7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTgySEFuMTlPanVmZkV1a1NWNUo0aHJWcExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9mNzk3N2UtYWQzMC00Y2I3LThlZDMt
MjlmNGNkMGJhODA0LzEvY0dCcFp0RXd0UWRodmp4dHoyY1ZMQzRob2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9mNzk3N2UtYWQzMC00Y2I3LThlZDMtMjlmNGNkMGJhODA0
LzEvRTgySEFuMTlPanVmZkV1a1NWNUo0aHJWcExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufKyMA0E
AgACMAcDBQMqEJjAMA0GCSqGSIb3DQEBCwUAA4IBAQCdxzm3Z+ew7X0n5bcjwkSO
ie6oZTk/ZN+VdqX3+lXcFCPwhy3pP5nV4WaneGyirrOulUBc+qk6fA/p4C46NsLi
hQETQzCOBw+j/KlfQ2h5sQOBxbc41CN31Hsqoa/PJu1t21Mvd1d7FMARfsu2m2Ht
3fQ18eJTlvqRfBL2OEDhr4bHHVTTZrIie3IvOGTi27/3KSoW4uh7Lp0R/qUx3Vav
uJxdazD4OjyM47y7mj1+5vEtt9zSu4J9UjxqSz9DrJKc1xORearEqdvDzf/jUgoo
lqWQUHavxCC/pGbSPt6TSCiZ706A+ZoiSda923uTngPmLc4/nFoF7ouPdsAhdTFV
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:52 2024 by rpki-client on console-ams.rpki-client.org