Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d84a54-188f-4faf-9d45-6f21f4c751f3/1/a-Lff2MntZK8tTpD1CsVsiZIzbQ.roa
File: a-Lff2MntZK8tTpD1CsVsiZIzbQ.roa (raw, json)
Hash identifier: kOh+yK+XpaPC1mIhMjBDDfjw5eEzj4WTi24nPFG6AJE=
Subject key identifier: 6B:E2:DF:7F:63:27:B5:92:BC:B5:3A:43:D4:2B:15:B2:26:48:CD:B4
Certificate issuer: /CN=39a3cebb811046a0966e9554d07e5d16b36dbf04
Certificate serial: 018B4D9471EF2B30CDC52336F75312C31A2C
Authority key identifier: 39:A3:CE:BB:81:10:46:A0:96:6E:95:54:D0:7E:5D:16:B3:6D:BF:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OaPOu4EQRqCWbpVU0H5dFrNtvwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d84a54-188f-4faf-9d45-6f21f4c751f3/1/a-Lff2MntZK8tTpD1CsVsiZIzbQ.roa
Signing time: Fri 20 Oct 2023 14:54:15 +0000
ROA not before: Fri 20 Oct 2023 14:54:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8943
IP address blocks: 185.98.212.0/22 maxlen: 23
2a06:ec0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:94:71:ef:2b:30:cd:c5:23:36:f7:53:12:c3:1a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39a3cebb811046a0966e9554d07e5d16b36dbf04
Validity
Not Before: Oct 20 14:54:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6be2df7f6327b592bcb53a43d42b15b22648cdb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:76:89:f0:7a:df:13:a3:b8:81:b2:f3:96:63:
16:58:1f:c6:83:5f:63:0e:b1:06:26:7e:46:24:38:
0d:2b:f1:c3:f7:75:8e:f0:2d:c5:6b:48:80:f3:38:
2e:9d:79:c5:a0:ec:f0:8e:25:7e:ec:78:29:ab:a0:
ad:93:f3:62:62:9f:9c:c7:fc:71:e1:59:a1:10:ad:
20:7c:e3:33:f5:ea:c5:6d:2d:8a:ff:24:b3:da:50:
c8:32:9a:9b:15:5f:96:02:1a:28:16:1c:da:56:05:
ae:cb:ff:c6:c6:30:41:b3:5c:a9:ac:19:a9:5e:66:
49:b3:f2:c1:6d:0c:39:33:ef:03:d6:ff:fe:2e:9a:
e1:bf:e6:b6:00:30:91:da:a0:4e:01:79:97:26:40:
e6:29:4b:0a:62:5c:96:35:1c:3a:bd:63:a7:5c:f6:
c4:5f:26:53:e4:dc:98:d9:29:d8:b3:af:f4:eb:b1:
b4:50:22:89:68:99:cb:c2:25:4b:2d:3e:64:ea:da:
fe:47:d3:f5:bf:7a:b2:2b:93:d4:ea:97:72:70:41:
04:b1:be:c5:16:d6:45:4b:61:28:00:b1:6a:3d:f3:
a8:ee:b7:28:31:6c:df:65:de:44:2a:ff:51:10:e7:
0a:68:a0:39:0a:34:de:15:9b:6f:83:72:15:6a:95:
e5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E2:DF:7F:63:27:B5:92:BC:B5:3A:43:D4:2B:15:B2:26:48:CD:B4
X509v3 Authority Key Identifier:
keyid:39:A3:CE:BB:81:10:46:A0:96:6E:95:54:D0:7E:5D:16:B3:6D:BF:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OaPOu4EQRqCWbpVU0H5dFrNtvwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d84a54-188f-4faf-9d45-6f21f4c751f3/1/a-Lff2MntZK8tTpD1CsVsiZIzbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d84a54-188f-4faf-9d45-6f21f4c751f3/1/OaPOu4EQRqCWbpVU0H5dFrNtvwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.212.0/22
IPv6:
2a06:ec0::/32
Signature Algorithm: sha256WithRSAEncryption
04:7c:57:aa:fd:6d:2e:4b:bf:e9:99:b5:00:a3:f4:fd:47:a7:
e0:ae:b9:82:2a:c1:2c:74:76:ca:c2:31:f0:c9:af:81:ed:c0:
01:19:2c:d7:21:67:33:37:b5:95:de:9b:dc:f5:60:f8:27:54:
b8:f6:59:99:51:6c:90:3f:ae:f3:49:ae:36:35:b5:e1:18:59:
d7:ad:a1:a5:03:8d:49:83:9d:36:84:2c:58:66:ae:17:00:16:
db:b3:83:30:72:12:24:ad:30:be:63:df:7f:dd:60:c0:ae:33:
9f:5e:f0:6d:63:76:91:4f:47:bf:0b:35:5b:35:b9:55:d3:5f:
3d:6d:a9:c3:64:57:6b:25:20:d2:48:21:e8:f3:6f:81:dd:4a:
58:e0:3f:57:ca:78:8d:7c:b0:cf:6a:ff:b7:c7:b6:27:8d:0f:
cf:65:6a:f7:8b:1b:af:9e:79:bb:42:cd:47:09:bc:28:2e:8c:
c1:a8:83:09:cb:a9:38:73:d3:20:9c:dd:1d:a7:a6:31:95:a5:
68:48:1c:74:31:ec:8e:3b:b8:a8:84:dd:83:f3:09:9b:b1:fe:
09:27:37:b0:d2:f7:99:92:21:53:48:72:99:b8:19:85:28:be:
9d:11:7a:58:71:10:c1:1a:49:54:a3:67:89:12:d3:be:4b:a0:
d9:74:1c:69
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYtNlHHvKzDNxSM291MSwxosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5YTNjZWJiODExMDQ2YTA5NjZlOTU1NGQwN2U1ZDE2YjM2
ZGJmMDQwHhcNMjMxMDIwMTQ1NDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmUyZGY3ZjYzMjdiNTkyYmNiNTNhNDNkNDJiMTViMjI2NDhjZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnaJ8HrfE6O4gbLzlmMWWB/Gg19j
DrEGJn5GJDgNK/HD93WO8C3Fa0iA8zgunXnFoOzwjiV+7Hgpq6Ctk/NiYp+cx/xx
4VmhEK0gfOMz9erFbS2K/ySz2lDIMpqbFV+WAhooFhzaVgWuy//GxjBBs1yprBmp
XmZJs/LBbQw5M+8D1v/+Lprhv+a2ADCR2qBOAXmXJkDmKUsKYlyWNRw6vWOnXPbE
XyZT5NyY2SnYs6/067G0UCKJaJnLwiVLLT5k6tr+R9P1v3qyK5PU6pdycEEEsb7F
FtZFS2EoALFqPfOo7rcoMWzfZd5EKv9REOcKaKA5CjTeFZtvg3IVapXlFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGvi339jJ7WSvLU6Q9QrFbImSM20MB8GA1UdIwQY
MBaAFDmjzruBEEaglm6VVNB+XRazbb8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2FQT3U0RVFScUNXYnBWVTBINWRGck50dndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kODRhNTQtMTg4Zi00ZmFmLTlkNDUt
NmYyMWY0Yzc1MWYzLzEvYS1MZmYyTW50Wks4dFRwRDFDc1ZzaVpJemJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kODRhNTQtMTg4Zi00ZmFmLTlkNDUtNmYyMWY0Yzc1MWYz
LzEvT2FQT3U0RVFScUNXYnBWVTBINWRGck50dndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWLUMA0E
AgACMAcDBQAqBg7AMA0GCSqGSIb3DQEBCwUAA4IBAQAEfFeq/W0uS7/pmbUAo/T9
R6fgrrmCKsEsdHbKwjHwya+B7cABGSzXIWczN7WV3pvc9WD4J1S49lmZUWyQP67z
Sa42NbXhGFnXraGlA41Jg502hCxYZq4XABbbs4MwchIkrTC+Y99/3WDArjOfXvBt
Y3aRT0e/CzVbNblV0189banDZFdrJSDSSCHo82+B3UpY4D9XyniNfLDPav+3x7Yn
jQ/PZWr3ixuvnnm7Qs1HCbwoLozBqIMJy6k4c9MgnN0dp6YxlaVoSBx0MeyOO7io
hN2D8wmbsf4JJzew0veZkiFTSHKZuBmFKL6dEXpYcRDBGklUo2eJEtO+S6DZdBxp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:21 2024 by rpki-client on console-fra.rpki-client.org