Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/acfd98-b736-49f4-a660-f908d21718f7/1/xzG5ikLbfo-1bOUG941kDE9vudY.roa
File: xzG5ikLbfo-1bOUG941kDE9vudY.roa (raw, json)
Hash identifier: oP4eZ6c5palaRXunlC4YgpCcn7oosqM049jx/y/1110=
Subject key identifier: C7:31:B9:8A:42:DB:7E:8F:B5:6C:E5:06:F7:8D:64:0C:4F:6F:B9:D6
Certificate issuer: /CN=07bb5bfa64b0d5d18a3061a9869b1ca57172eaba
Certificate serial: 0185723A2A94D4FF37EBA00029B955DDEEDE
Authority key identifier: 07:BB:5B:FA:64:B0:D5:D1:8A:30:61:A9:86:9B:1C:A5:71:72:EA:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B7tb-mSw1dGKMGGphpscpXFy6ro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/acfd98-b736-49f4-a660-f908d21718f7/1/xzG5ikLbfo-1bOUG941kDE9vudY.roa
Signing time: Mon 02 Jan 2023 11:24:52 +0000
ROA not before: Mon 02 Jan 2023 11:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203815
IP address blocks: 185.155.76.0/22 maxlen: 22
2a05:b8c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:2a:94:d4:ff:37:eb:a0:00:29:b9:55:dd:ee:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07bb5bfa64b0d5d18a3061a9869b1ca57172eaba
Validity
Not Before: Jan 2 11:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c731b98a42db7e8fb56ce506f78d640c4f6fb9d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:4b:c7:78:81:12:c2:d5:4c:31:1c:7e:ed:a1:
bf:2e:52:9c:16:45:69:c4:4d:36:01:de:58:d7:c5:
bd:71:2f:11:65:e5:6c:f2:47:13:df:cc:89:00:d3:
1d:4a:55:9b:16:c6:e6:ee:4b:36:40:42:5f:53:d9:
79:26:f7:a0:ee:f5:71:79:dd:19:81:2c:fe:f5:fd:
6c:a4:dc:85:72:7b:57:b9:b3:87:a2:f5:fa:ab:a4:
fb:fd:c7:96:fc:d0:6e:d1:04:c0:b6:b0:b0:ae:9c:
3f:a8:0a:15:24:1c:9f:a9:92:99:65:1e:d6:7f:4b:
b6:41:ab:46:9a:04:e1:2e:2f:1a:f1:a0:f9:cf:2f:
01:c2:95:0f:03:1c:b1:0a:91:cb:49:25:5e:53:d4:
86:03:62:d4:bd:a3:d7:9a:ca:b2:3c:18:a3:bc:ce:
68:75:09:13:93:66:46:67:75:fe:ff:de:df:d6:30:
64:57:6d:84:dc:24:6a:4d:a2:1e:b1:6b:b4:7d:bb:
1a:72:99:44:26:26:05:02:24:50:46:06:1e:9e:00:
d3:13:f4:51:e2:5b:24:26:ac:c1:3c:dd:01:2b:55:
59:1c:e2:cf:2f:ba:67:3b:4b:80:3c:6f:34:c8:4d:
ee:43:ca:f0:4f:ba:50:17:9a:13:bc:93:17:14:40:
e6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:31:B9:8A:42:DB:7E:8F:B5:6C:E5:06:F7:8D:64:0C:4F:6F:B9:D6
X509v3 Authority Key Identifier:
keyid:07:BB:5B:FA:64:B0:D5:D1:8A:30:61:A9:86:9B:1C:A5:71:72:EA:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B7tb-mSw1dGKMGGphpscpXFy6ro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/acfd98-b736-49f4-a660-f908d21718f7/1/xzG5ikLbfo-1bOUG941kDE9vudY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/acfd98-b736-49f4-a660-f908d21718f7/1/B7tb-mSw1dGKMGGphpscpXFy6ro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.76.0/22
IPv6:
2a05:b8c0::/29
Signature Algorithm: sha256WithRSAEncryption
55:2c:42:6a:f3:aa:bf:9f:2e:a5:02:be:db:6a:a2:93:19:70:
6b:1f:2d:5a:e2:7f:79:79:c8:2d:33:2b:a4:b6:6d:c1:7d:d9:
ce:ba:d7:55:53:cf:12:86:45:eb:18:d1:ee:2e:d3:49:73:06:
67:90:1e:71:9d:0d:fd:98:e8:af:4e:32:46:9d:d7:cb:39:3d:
99:31:14:4d:57:cf:d8:80:75:27:fb:92:90:c1:b9:54:e8:e0:
e2:ef:80:ed:a9:de:94:9d:7a:6d:9c:77:2e:75:f1:5c:28:b9:
0f:5b:29:99:3b:88:f3:1e:d1:73:c8:71:79:8f:42:4e:1b:73:
46:a8:36:35:eb:ed:5f:a2:62:30:c4:de:c0:21:d0:fd:1d:ba:
69:67:88:43:0b:17:bd:12:58:7a:01:73:1a:f6:28:72:6a:20:
25:bc:3a:a5:c4:42:0e:5c:e0:9b:cb:2b:86:1e:51:f8:20:2d:
02:96:3d:cd:60:fe:e6:c3:70:c8:01:83:cd:a2:17:df:0f:7d:
07:4d:8a:5e:83:74:86:76:fb:02:34:12:3b:60:24:38:eb:6d:
37:f1:ec:8f:23:9c:81:9b:05:ae:f1:5c:5d:91:05:67:e7:23:
6c:48:d3:fc:de:ca:56:67:b4:c7:0f:1b:21:cc:45:32:99:6c:
24:6e:6f:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyOiqU1P8366AAKblV3e7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YmI1YmZhNjRiMGQ1ZDE4YTMwNjFhOTg2OWIxY2E1NzE3
MmVhYmEwHhcNMjMwMTAyMTEyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzMxYjk4YTQyZGI3ZThmYjU2Y2U1MDZmNzhkNjQwYzRmNmZiOWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5EvHeIESwtVMMRx+7aG/LlKcFkVp
xE02Ad5Y18W9cS8RZeVs8kcT38yJANMdSlWbFsbm7ks2QEJfU9l5Jveg7vVxed0Z
gSz+9f1spNyFcntXubOHovX6q6T7/ceW/NBu0QTAtrCwrpw/qAoVJByfqZKZZR7W
f0u2QatGmgThLi8a8aD5zy8BwpUPAxyxCpHLSSVeU9SGA2LUvaPXmsqyPBijvM5o
dQkTk2ZGZ3X+/97f1jBkV22E3CRqTaIesWu0fbsacplEJiYFAiRQRgYengDTE/RR
4lskJqzBPN0BK1VZHOLPL7pnO0uAPG80yE3uQ8rwT7pQF5oTvJMXFEDmxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMcxuYpC236PtWzlBveNZAxPb7nWMB8GA1UdIwQY
MBaAFAe7W/pksNXRijBhqYabHKVxcuq6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjd0Yi1tU3cxZEdLTUdHcGhwc2NwWEZ5NnJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hY2ZkOTgtYjczNi00OWY0LWE2NjAt
ZjkwOGQyMTcxOGY3LzEveHpHNWlrTGJmby0xYk9VRzk0MWtERTl2dWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hY2ZkOTgtYjczNi00OWY0LWE2NjAtZjkwOGQyMTcxOGY3
LzEvQjd0Yi1tU3cxZEdLTUdHcGhwc2NwWEZ5NnJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZtMMA0E
AgACMAcDBQMqBbjAMA0GCSqGSIb3DQEBCwUAA4IBAQBVLEJq86q/ny6lAr7baqKT
GXBrHy1a4n95ecgtMyuktm3BfdnOutdVU88ShkXrGNHuLtNJcwZnkB5xnQ39mOiv
TjJGndfLOT2ZMRRNV8/YgHUn+5KQwblU6ODi74Dtqd6UnXptnHcudfFcKLkPWymZ
O4jzHtFzyHF5j0JOG3NGqDY16+1fomIwxN7AIdD9HbppZ4hDCxe9Elh6AXMa9ihy
aiAlvDqlxEIOXOCbyyuGHlH4IC0Clj3NYP7mw3DIAYPNohffD30HTYpeg3SGdvsC
NBI7YCQ462038eyPI5yBmwWu8VxdkQVn5yNsSNP83spWZ7THDxshzEUymWwkbm96
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:27 2024 by rpki-client on console-fra.rpki-client.org