Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/2UJqMpKp1vBMBdSYa1x0ObkY54E.roa
File: 2UJqMpKp1vBMBdSYa1x0ObkY54E.roa (raw, json)
Hash identifier: 6yNQl7Ls+aEDPEhT6klXgQagz3I8gUvtW4WPww/b8H0=
Subject key identifier: D9:42:6A:32:92:A9:D6:F0:4C:05:D4:98:6B:5C:74:39:B9:18:E7:81
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018C0BD86AD7F84E9BF116817EC0E1AD4570
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/2UJqMpKp1vBMBdSYa1x0ObkY54E.roa
Signing time: Sun 26 Nov 2023 13:36:21 +0000
ROA not before: Sun 26 Nov 2023 13:36:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201813
IP address blocks: 185.147.48.0/24 maxlen: 24
45.67.196.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0b:d8:6a:d7:f8:4e:9b:f1:16:81:7e:c0:e1:ad:45:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 26 13:36:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9426a3292a9d6f04c05d4986b5c7439b918e781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:44:e7:72:89:4b:86:59:69:52:e8:25:1c:dc:
fa:18:4a:2f:98:2d:cd:93:45:6d:4e:cf:ab:5d:f0:
78:2a:95:0a:79:95:15:5e:aa:30:01:99:90:5c:1f:
c0:d7:8d:2d:33:0e:b8:b3:09:a9:5a:aa:65:bf:8e:
73:77:c9:f9:0d:d6:33:7a:38:7a:0b:c6:96:ce:9c:
78:35:4c:c7:79:81:de:ec:26:28:ed:9c:da:9a:6a:
53:75:5c:8d:3c:1a:9f:b6:9f:ba:e2:1f:8c:43:12:
5b:b2:bd:32:ce:24:77:57:27:7b:d0:56:b5:21:2a:
8f:18:72:d6:06:0b:27:e1:c8:38:39:c1:75:7a:21:
c1:47:b0:c7:51:a6:0b:a8:4d:6f:81:2d:ed:e3:0d:
f9:9f:50:94:c4:3b:5c:36:88:b2:32:7e:1c:cb:85:
b5:b2:7e:7a:3d:fb:9d:3a:7e:c6:c1:39:b1:40:35:
44:3f:d6:b6:64:75:df:3a:35:0b:92:f1:eb:dc:9a:
43:da:b9:7b:eb:33:46:53:ff:30:b2:eb:3b:f4:23:
75:15:a1:91:43:46:b9:41:fe:1c:09:b2:59:a6:34:
ea:ab:94:6c:c0:e0:6a:81:22:a0:fc:cb:d8:ef:c6:
77:e7:df:d7:f6:bb:28:a0:f1:65:68:ab:fa:b9:32:
81:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:42:6A:32:92:A9:D6:F0:4C:05:D4:98:6B:5C:74:39:B9:18:E7:81
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/2UJqMpKp1vBMBdSYa1x0ObkY54E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.196.0/22
185.147.48.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:76:23:5e:88:37:00:09:3e:96:1c:55:e1:46:3c:e1:d1:d3:
fa:b3:08:67:a0:0b:55:ba:55:d5:88:67:6d:3a:40:cc:cc:5a:
9d:fd:c0:90:21:85:3a:51:da:68:64:3b:7c:fe:49:53:af:59:
2e:f3:5d:94:41:c5:c9:d9:b3:39:c7:3f:7e:14:60:e6:16:34:
86:5b:54:f1:bc:cb:84:ee:2d:bf:51:48:eb:8e:a1:5d:2f:2a:
f0:33:4e:8c:cd:57:39:ce:46:76:ee:c5:ae:2c:1d:66:6b:b4:
2b:2e:3d:e4:2c:b0:02:8e:ce:15:0f:2e:2d:e8:4c:26:51:7d:
97:c5:dc:06:29:ab:df:ac:b3:d4:42:38:de:7f:98:c1:96:8a:
16:a7:01:94:fb:0a:a7:89:1f:44:c7:5d:aa:a2:37:b3:0e:d4:
42:71:20:93:35:80:9f:d3:78:5d:8f:88:cb:5b:e6:ea:2d:2c:
67:0a:9f:1f:bf:04:57:1d:4b:63:de:71:65:aa:32:74:f8:cc:
83:8e:f2:ff:57:7e:d8:64:d8:0a:94:f8:09:24:0f:ce:69:e3:
57:a6:42:88:8a:6b:f0:c5:98:80:61:3e:52:a8:f7:1a:89:5c:
69:61:b4:cf:1d:50:5a:24:13:a1:b8:85:7c:4a:c8:1a:01:7c:
0a:3d:32:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwL2GrX+E6b8RaBfsDhrUVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMTI2MTMzNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQyNmEzMjkyYTlkNmYwNGMwNWQ0OTg2YjVjNzQzOWI5MThlNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0TncolLhllpUuglHNz6GEovmC3N
k0VtTs+rXfB4KpUKeZUVXqowAZmQXB/A140tMw64swmpWqplv45zd8n5DdYzejh6
C8aWzpx4NUzHeYHe7CYo7ZzammpTdVyNPBqftp+64h+MQxJbsr0yziR3Vyd70Fa1
ISqPGHLWBgsn4cg4OcF1eiHBR7DHUaYLqE1vgS3t4w35n1CUxDtcNoiyMn4cy4W1
sn56PfudOn7GwTmxQDVEP9a2ZHXfOjULkvHr3JpD2rl76zNGU/8wsus79CN1FaGR
Q0a5Qf4cCbJZpjTqq5RswOBqgSKg/MvY78Z359/X9rsooPFlaKv6uTKBfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNlCajKSqdbwTAXUmGtcdDm5GOeBMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvMlVKcU1wS3AxdkJNQmRTWWExeDBPYmtZNTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLUPEAwQA
uZMwMA0GCSqGSIb3DQEBCwUAA4IBAQAudiNeiDcACT6WHFXhRjzh0dP6swhnoAtV
ulXViGdtOkDMzFqd/cCQIYU6UdpoZDt8/klTr1ku812UQcXJ2bM5xz9+FGDmFjSG
W1TxvMuE7i2/UUjrjqFdLyrwM06MzVc5zkZ27sWuLB1ma7QrLj3kLLACjs4VDy4t
6EwmUX2XxdwGKavfrLPUQjjef5jBlooWpwGU+wqniR9Ex12qojezDtRCcSCTNYCf
03hdj4jLW+bqLSxnCp8fvwRXHUtj3nFlqjJ0+MyDjvL/V37YZNgKlPgJJA/OaeNX
pkKIimvwxZiAYT5SqPcaiVxpYbTPHVBaJBOhuIV8SsgaAXwKPTIz
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org