Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/9f3e9wRykTIfNSgrds1BbLAfRso.roa
File: 9f3e9wRykTIfNSgrds1BbLAfRso.roa (raw, json)
Hash identifier: O33JI5tkkA8fgR17unU9tNhhLmDbBQApiOqvl2zS+6I=
Subject key identifier: F5:FD:DE:F7:04:72:91:32:1F:35:28:2B:76:CD:41:6C:B0:1F:46:CA
Certificate issuer: /CN=e6688ae96323c1fcfab54b294557397b49b03bc7
Certificate serial: 01857139FA7A63DCE989F57D4353B24F62A6
Authority key identifier: E6:68:8A:E9:63:23:C1:FC:FA:B5:4B:29:45:57:39:7B:49:B0:3B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5miK6WMjwfz6tUspRVc5e0mwO8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/9f3e9wRykTIfNSgrds1BbLAfRso.roa
Signing time: Mon 02 Jan 2023 06:45:03 +0000
ROA not before: Mon 02 Jan 2023 06:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57468
IP address blocks: 185.146.40.0/24 maxlen: 24
185.146.43.0/24 maxlen: 24
185.146.40.0/22 maxlen: 22
2a07:4d40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:fa:7a:63:dc:e9:89:f5:7d:43:53:b2:4f:62:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6688ae96323c1fcfab54b294557397b49b03bc7
Validity
Not Before: Jan 2 06:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5fddef7047291321f35282b76cd416cb01f46ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:aa:99:71:12:8a:ec:9b:e8:21:07:72:08:6d:
2a:39:58:86:63:f6:66:e7:13:10:16:7d:21:26:04:
54:85:c8:f2:29:5a:0c:9b:50:3e:be:43:13:e6:e9:
0c:ea:86:60:2b:40:8f:97:52:a9:05:3d:55:31:fe:
ff:ad:61:b8:69:8a:49:6d:38:53:36:86:f5:04:88:
49:16:74:0f:8b:38:ea:c1:db:b8:ce:12:89:84:18:
63:45:aa:52:00:16:0f:9c:71:5b:ec:5b:fb:b9:20:
c3:1c:a7:58:ba:d3:75:0f:4b:c1:18:fb:dd:98:65:
a6:f1:b4:6e:69:c3:34:10:8c:f3:2b:f1:1c:8c:30:
a6:46:f9:fd:f8:4d:87:cb:12:f4:3a:b1:2d:c4:cc:
2c:c6:4f:66:9c:30:bf:68:83:90:51:c5:95:13:07:
8c:78:97:d1:93:3e:49:6b:65:eb:5a:9a:bb:28:6c:
d9:44:25:95:03:b8:bb:69:93:77:96:f4:d2:39:c8:
98:fc:d8:1e:77:f3:6f:c6:6d:0d:f3:9f:99:d3:32:
64:36:eb:ba:63:2f:68:98:96:24:ba:a2:df:e2:50:
d7:12:c1:c5:ab:d9:55:e2:8e:78:f1:e4:7a:37:83:
e4:a2:25:59:44:af:42:b5:ea:f4:61:b3:dd:42:ce:
da:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:FD:DE:F7:04:72:91:32:1F:35:28:2B:76:CD:41:6C:B0:1F:46:CA
X509v3 Authority Key Identifier:
keyid:E6:68:8A:E9:63:23:C1:FC:FA:B5:4B:29:45:57:39:7B:49:B0:3B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5miK6WMjwfz6tUspRVc5e0mwO8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/9f3e9wRykTIfNSgrds1BbLAfRso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/5miK6WMjwfz6tUspRVc5e0mwO8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.40.0/22
IPv6:
2a07:4d40::/29
Signature Algorithm: sha256WithRSAEncryption
a9:7a:4b:5b:7d:2e:57:44:7a:a6:ea:a0:47:f9:d2:71:e9:da:
f1:84:af:04:bb:58:69:d5:d8:2d:95:a6:38:f4:6e:5b:cc:1a:
8e:c9:c3:be:99:5c:4a:67:0c:02:b5:67:25:85:93:31:87:2f:
ea:39:bc:13:cf:14:f2:ad:b7:9d:b7:32:2f:23:35:49:5a:17:
35:f8:f0:16:c6:7f:4c:cc:9e:e1:68:dd:79:47:e5:3f:fc:48:
2c:c0:74:cc:15:4d:11:76:68:2f:69:09:d4:d4:22:f6:b3:e9:
b4:c1:31:a9:c9:1f:ea:d3:e4:a5:55:c5:1f:4b:6e:e0:30:d9:
81:35:13:1b:0f:35:c1:07:53:00:29:19:e5:23:df:0b:da:61:
e8:8d:f6:75:f0:72:e5:e6:97:f3:1f:70:92:5b:f7:4b:da:f9:
2e:d3:27:00:0f:a1:ad:5b:0c:54:89:b5:65:7b:16:09:28:69:
f0:ee:2e:46:ac:de:e5:3e:dc:70:65:3f:c6:53:e8:74:ca:05:
08:20:78:37:e5:32:95:b6:a7:93:ac:99:8d:48:5f:24:10:66:
45:e0:89:5f:ac:51:16:aa:74:7c:c0:e8:ac:51:df:ec:f8:13:
e9:68:e3:3b:e5:bc:de:99:f9:d4:bb:32:80:c0:71:d5:71:c6:
b7:a7:22:37
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxOfp6Y9zpifV9Q1OyT2KmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2Njg4YWU5NjMyM2MxZmNmYWI1NGIyOTQ1NTczOTdiNDli
MDNiYzcwHhcNMjMwMTAyMDY0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWZkZGVmNzA0NzI5MTMyMWYzNTI4MmI3NmNkNDE2Y2IwMWY0NmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqqZcRKK7JvoIQdyCG0qOViGY/Zm
5xMQFn0hJgRUhcjyKVoMm1A+vkMT5ukM6oZgK0CPl1KpBT1VMf7/rWG4aYpJbThT
Nob1BIhJFnQPizjqwdu4zhKJhBhjRapSABYPnHFb7Fv7uSDDHKdYutN1D0vBGPvd
mGWm8bRuacM0EIzzK/EcjDCmRvn9+E2HyxL0OrEtxMwsxk9mnDC/aIOQUcWVEweM
eJfRkz5Ja2XrWpq7KGzZRCWVA7i7aZN3lvTSOciY/Nged/Nvxm0N85+Z0zJkNuu6
Yy9omJYkuqLf4lDXEsHFq9lV4o548eR6N4PkoiVZRK9Cter0YbPdQs7aCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPX93vcEcpEyHzUoK3bNQWywH0bKMB8GA1UdIwQY
MBaAFOZoiuljI8H8+rVLKUVXOXtJsDvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNW1pSzZXTWp3Zno2dFVzcFJWYzVlMG13TzhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jZTVjYTYtZjkzOS00ZmQ3LWI5Zjgt
MGExZWYwZWMwNTc4LzEvOWYzZTl3UnlrVElmTlNncmRzMUJiTEFmUnNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jZTVjYTYtZjkzOS00ZmQ3LWI5ZjgtMGExZWYwZWMwNTc4
LzEvNW1pSzZXTWp3Zno2dFVzcFJWYzVlMG13TzhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZIoMA0E
AgACMAcDBQMqB01AMA0GCSqGSIb3DQEBCwUAA4IBAQCpektbfS5XRHqm6qBH+dJx
6drxhK8Eu1hp1dgtlaY49G5bzBqOycO+mVxKZwwCtWclhZMxhy/qObwTzxTyrbed
tzIvIzVJWhc1+PAWxn9MzJ7haN15R+U//EgswHTMFU0RdmgvaQnU1CL2s+m0wTGp
yR/q0+SlVcUfS27gMNmBNRMbDzXBB1MAKRnlI98L2mHojfZ18HLl5pfzH3CSW/dL
2vku0ycAD6GtWwxUibVlexYJKGnw7i5GrN7lPtxwZT/GU+h0ygUIIHg35TKVtqeT
rJmNSF8kEGZF4IlfrFEWqnR8wOisUd/s+BPpaOM75bzemfnUuzKAwHHVcca3pyI3
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:10 2024 by rpki-client on console-ams.rpki-client.org