Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/7MLr6rj8Nhr6uo67sJiEVgB9wVg.roa
File: 7MLr6rj8Nhr6uo67sJiEVgB9wVg.roa (raw, json)
Hash identifier: oEwLJRVRCXRd+UlPy0IfEWzjD71sUL1XbKjEo+APeNM=
Subject key identifier: EC:C2:EB:EA:B8:FC:36:1A:FA:BA:8E:BB:B0:98:84:56:00:7D:C1:58
Certificate issuer: /CN=09fb3bc0f4626e188cc5836dcf9f4921dda1921e
Certificate serial: 01856D385F42DDB308B292E17F0304CD7D6A
Authority key identifier: 09:FB:3B:C0:F4:62:6E:18:8C:C5:83:6D:CF:9F:49:21:DD:A1:92:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cfs7wPRibhiMxYNtz59JId2hkh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/7MLr6rj8Nhr6uo67sJiEVgB9wVg.roa
Signing time: Sun 01 Jan 2023 12:04:48 +0000
ROA not before: Sun 01 Jan 2023 12:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201654
IP address blocks: 185.67.188.0/22 maxlen: 32
185.151.168.0/22 maxlen: 32
2a05:1200::/30 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:5f:42:dd:b3:08:b2:92:e1:7f:03:04:cd:7d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09fb3bc0f4626e188cc5836dcf9f4921dda1921e
Validity
Not Before: Jan 1 12:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecc2ebeab8fc361afaba8ebbb0988456007dc158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bc:04:54:5a:fb:ef:0f:f5:cb:23:14:2c:21:
d9:c5:9c:1d:03:3b:c6:cf:29:1d:f4:99:b0:f9:ae:
e0:9f:03:b4:e5:32:cc:9e:2a:a5:f4:25:99:45:84:
58:70:d6:d0:3e:91:22:ff:42:7e:8c:d0:da:55:78:
18:d1:ed:45:48:03:42:4b:f5:cf:fa:36:45:cd:c2:
04:45:48:81:02:22:f4:a3:7f:4a:e1:5b:fd:b1:9d:
bf:94:7d:0d:9b:99:d9:eb:c4:95:6a:97:f8:ea:2d:
d1:28:68:75:02:a0:ac:a9:b9:cb:c7:7f:48:66:28:
55:6b:d1:41:aa:11:25:e4:b3:8b:e4:3b:2c:db:47:
d2:ed:21:98:41:d3:78:82:df:55:5f:e8:0a:c8:f1:
d6:ac:c8:35:c9:2b:38:1c:e1:85:71:5e:db:55:c5:
e1:88:25:0b:97:12:5f:7c:65:f9:83:e9:f6:d0:e5:
ba:2c:c1:32:0b:e0:10:8f:3f:62:de:c8:9a:ca:7c:
6f:b0:17:b6:49:d1:87:78:2f:7a:38:a9:f7:c9:08:
32:72:59:2c:23:36:33:32:c4:8f:c3:ca:08:63:70:
13:15:da:66:9f:00:02:ef:f6:b1:d5:37:de:bd:0c:
c0:ad:dc:db:08:b5:71:3b:11:19:5f:6b:7f:dc:8d:
5f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C2:EB:EA:B8:FC:36:1A:FA:BA:8E:BB:B0:98:84:56:00:7D:C1:58
X509v3 Authority Key Identifier:
keyid:09:FB:3B:C0:F4:62:6E:18:8C:C5:83:6D:CF:9F:49:21:DD:A1:92:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cfs7wPRibhiMxYNtz59JId2hkh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/7MLr6rj8Nhr6uo67sJiEVgB9wVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/Cfs7wPRibhiMxYNtz59JId2hkh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.188.0/22
185.151.168.0/22
IPv6:
2a05:1200::/30
Signature Algorithm: sha256WithRSAEncryption
7d:1b:da:88:bc:18:7b:de:c2:d3:6e:87:0f:6a:55:61:49:d2:
61:46:fb:0a:1f:e0:d5:4a:fa:a4:32:b2:3e:8a:0d:13:e4:d0:
f4:2a:e0:97:ec:13:1b:64:2b:96:cb:92:09:5d:a6:f3:ca:3b:
f2:60:6f:35:45:e8:90:3c:7d:b8:b4:0d:79:76:23:c6:86:40:
bb:1b:8d:8d:58:c2:6e:05:87:1d:d1:fe:71:de:30:9b:c3:24:
c0:51:ac:e9:ea:45:eb:fa:7f:ea:65:1b:a7:8b:8a:f5:51:89:
8c:21:ef:0f:f7:99:ed:8e:e2:1f:24:ce:01:70:e3:dc:9d:7a:
80:5a:a0:92:b2:5d:9b:ac:dc:5a:ea:60:d1:01:81:5e:cf:60:
40:fb:a1:23:fb:da:3c:90:24:dc:e4:79:44:64:5d:2b:c8:11:
07:e8:1f:0c:7d:87:0d:45:48:76:39:d2:b4:2b:56:d8:60:07:
2c:ff:96:ce:2d:e1:70:54:63:7e:21:ed:0c:cd:ac:68:ed:56:
95:b0:aa:49:cb:de:a8:68:88:44:fb:14:80:aa:f3:ff:6d:37:
3e:fd:61:51:41:28:53:be:52:a1:03:93:a8:58:26:2b:41:7a:
65:88:52:09:d3:1c:d0:b7:66:f7:dd:21:50:4a:d3:1f:8d:19:
e1:ae:da:65
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtOF9C3bMIspLhfwMEzX1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZmIzYmMwZjQ2MjZlMTg4Y2M1ODM2ZGNmOWY0OTIxZGRh
MTkyMWUwHhcNMjMwMTAxMTIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2MyZWJlYWI4ZmMzNjFhZmFiYThlYmJiMDk4ODQ1NjAwN2RjMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7wEVFr77w/1yyMULCHZxZwdAzvG
zykd9Jmw+a7gnwO05TLMniql9CWZRYRYcNbQPpEi/0J+jNDaVXgY0e1FSANCS/XP
+jZFzcIERUiBAiL0o39K4Vv9sZ2/lH0Nm5nZ68SVapf46i3RKGh1AqCsqbnLx39I
ZihVa9FBqhEl5LOL5Dss20fS7SGYQdN4gt9VX+gKyPHWrMg1ySs4HOGFcV7bVcXh
iCULlxJffGX5g+n20OW6LMEyC+AQjz9i3siaynxvsBe2SdGHeC96OKn3yQgyclks
IzYzMsSPw8oIY3ATFdpmnwAC7/ax1TfevQzArdzbCLVxOxEZX2t/3I1fcwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOzC6+q4/DYa+rqOu7CYhFYAfcFYMB8GA1UdIwQY
MBaAFAn7O8D0Ym4YjMWDbc+fSSHdoZIeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZzN3dQUmliaGlNeFlOdHo1OUpJZDJoa2g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMDVjNWQtYTBmNy00NmQwLTgxOGMt
OWIyMzcxNzcwZGY1LzEvN01McjZyajhOaHI2dW82N3NKaUVWZ0I5d1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMDVjNWQtYTBmNy00NmQwLTgxOGMtOWIyMzcxNzcwZGY1
LzEvQ2ZzN3dQUmliaGlNeFlOdHo1OUpJZDJoa2g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUO8AwQC
uZeoMA0EAgACMAcDBQIqBRIAMA0GCSqGSIb3DQEBCwUAA4IBAQB9G9qIvBh73sLT
bocPalVhSdJhRvsKH+DVSvqkMrI+ig0T5ND0KuCX7BMbZCuWy5IJXabzyjvyYG81
ReiQPH24tA15diPGhkC7G42NWMJuBYcd0f5x3jCbwyTAUazp6kXr+n/qZRuni4r1
UYmMIe8P95ntjuIfJM4BcOPcnXqAWqCSsl2brNxa6mDRAYFez2BA+6Ej+9o8kCTc
5HlEZF0ryBEH6B8MfYcNRUh2OdK0K1bYYAcs/5bOLeFwVGN+Ie0Mzaxo7VaVsKpJ
y96oaIhE+xSAqvP/bTc+/WFRQShTvlKhA5OoWCYrQXpliFIJ0xzQt2b33SFQStMf
jRnhrtpl
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:10 2024 by rpki-client on console-fra.rpki-client.org