Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/apYsobB8Np3XxuJ40PPjTN2iOmk.roa
File: apYsobB8Np3XxuJ40PPjTN2iOmk.roa (raw, json)
Hash identifier: w3GO3oHf6hCFAZGKKrQYQudUHO7CpuUWRjmk1V818vA=
Subject key identifier: 6A:96:2C:A1:B0:7C:36:9D:D7:C6:E2:78:D0:F3:E3:4C:DD:A2:3A:69
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01856EA6BC41EE998345C2B7694A3A297126
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/apYsobB8Np3XxuJ40PPjTN2iOmk.roa
Signing time: Sun 01 Jan 2023 18:44:58 +0000
ROA not before: Sun 01 Jan 2023 18:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41494
IP address blocks: 185.1.36.0/24 maxlen: 24
185.86.67.0/24 maxlen: 24
195.95.178.0/24 maxlen: 24
2a05:b680:11::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:bc:41:ee:99:83:45:c2:b7:69:4a:3a:29:71:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 1 18:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a962ca1b07c369dd7c6e278d0f3e34cdda23a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ea:ca:8b:96:e1:e8:62:01:da:b1:06:11:6b:
2a:9f:29:77:8d:82:95:5d:c5:e3:1e:81:00:7c:33:
a1:64:01:f3:c9:3d:c5:b4:79:e2:00:89:f5:de:62:
08:40:9d:f7:9b:22:54:a9:e9:3e:b0:75:3e:ae:c7:
38:15:78:0a:53:a9:34:ff:41:39:26:5f:71:65:f1:
3e:e1:ce:61:34:7a:8f:e4:d4:8c:3c:bc:dd:2d:c6:
0d:e3:a3:79:78:1e:44:8d:a8:3d:99:09:bc:f8:fc:
3b:bc:09:75:c2:9c:c3:82:d6:16:62:a1:fe:c9:58:
87:44:85:ea:5f:ba:af:a1:92:3f:c5:c3:cf:98:28:
aa:e9:d1:be:e8:f3:f3:9f:cf:d8:91:5a:da:38:58:
de:3b:46:f6:cc:77:b6:b7:fe:da:ac:a9:f5:80:52:
ed:a6:96:c2:fe:56:65:2e:38:7d:8b:c9:06:93:c4:
4d:f3:ee:2e:57:8b:74:8f:32:08:db:26:56:a8:bb:
86:2c:94:dc:6e:3b:b3:ff:28:fe:7e:67:34:41:b1:
c5:fe:8d:0d:00:31:3d:c7:1b:c2:d5:d9:9f:16:59:
3c:e5:f6:dd:7f:3d:af:e4:21:2c:91:8a:1e:0c:e0:
9a:f9:28:2f:2a:55:3c:91:e1:6e:55:f9:61:05:d5:
c7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:96:2C:A1:B0:7C:36:9D:D7:C6:E2:78:D0:F3:E3:4C:DD:A2:3A:69
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/apYsobB8Np3XxuJ40PPjTN2iOmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.36.0/24
185.86.67.0/24
195.95.178.0/24
IPv6:
2a05:b680:11::/48
Signature Algorithm: sha256WithRSAEncryption
26:ca:92:b1:f0:0f:e5:55:d9:4f:41:16:57:e5:64:48:86:06:
39:7e:9f:d0:56:c6:cf:c8:ef:d4:41:ee:02:97:9e:f4:a9:6e:
4c:68:43:36:5b:ca:b5:24:29:af:0b:7c:41:1d:30:6a:39:6e:
99:af:15:90:a7:f3:0d:c6:ef:29:03:40:79:0d:53:c2:3c:98:
27:73:13:3c:75:39:aa:9e:b3:3b:c5:68:92:01:b9:6c:97:30:
03:36:a5:2b:ca:0b:b6:42:8e:93:55:51:d0:bf:30:1a:c3:5c:
ad:4b:f9:b3:d9:a4:d7:db:b5:90:f7:ef:2c:2b:4a:aa:9f:bc:
4a:c1:19:f5:0c:90:93:4d:58:32:d0:3c:e0:b2:e1:1c:3c:47:
34:72:ee:81:5e:5a:46:cb:37:c0:66:e3:29:04:5b:d4:74:ea:
ce:f2:12:ac:b9:0f:50:65:cf:ac:28:56:36:58:38:99:74:c7:
a5:d6:2b:c7:a9:d4:3c:ff:a2:d8:4b:e7:eb:33:95:11:23:61:
bf:09:2c:2f:4b:b9:fa:db:1f:46:dd:b3:2f:82:8d:16:71:01:
91:d8:62:76:ea:24:84:bf:04:79:73:81:27:49:46:9f:8a:1e:
ae:bf:fa:84:0c:09:ef:91:fc:df:bb:b7:8f:cb:9f:5f:cd:72:
76:03:fc:17
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVuprxB7pmDRcK3aUo6KXEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTAxMTg0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTk2MmNhMWIwN2MzNjlkZDdjNmUyNzhkMGYzZTM0Y2RkYTIzYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkurKi5bh6GIB2rEGEWsqnyl3jYKV
XcXjHoEAfDOhZAHzyT3FtHniAIn13mIIQJ33myJUqek+sHU+rsc4FXgKU6k0/0E5
Jl9xZfE+4c5hNHqP5NSMPLzdLcYN46N5eB5Ejag9mQm8+Pw7vAl1wpzDgtYWYqH+
yViHRIXqX7qvoZI/xcPPmCiq6dG+6PPzn8/YkVraOFjeO0b2zHe2t/7arKn1gFLt
ppbC/lZlLjh9i8kGk8RN8+4uV4t0jzII2yZWqLuGLJTcbjuz/yj+fmc0QbHF/o0N
ADE9xxvC1dmfFlk85fbdfz2v5CEskYoeDOCa+SgvKlU8keFuVflhBdXHcwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGqWLKGwfDad18bieNDz40zdojppMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvYXBZc29iQjhOcDNYeHVKNDBQUGpUTjJpT21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAuQEkAwQA
uVZDAwQAw1+yMA8EAgACMAkDBwAqBbaAABEwDQYJKoZIhvcNAQELBQADggEBACbK
krHwD+VV2U9BFlflZEiGBjl+n9BWxs/I79RB7gKXnvSpbkxoQzZbyrUkKa8LfEEd
MGo5bpmvFZCn8w3G7ykDQHkNU8I8mCdzEzx1OaqeszvFaJIBuWyXMAM2pSvKC7ZC
jpNVUdC/MBrDXK1L+bPZpNfbtZD37ywrSqqfvErBGfUMkJNNWDLQPOCy4Rw8RzRy
7oFeWkbLN8Bm4ykEW9R06s7yEqy5D1Blz6woVjZYOJl0x6XWK8ep1Dz/othL5+sz
lREjYb8JLC9LufrbH0bdsy+CjRZxAZHYYnbqJIS/BHlzgSdJRp+KHq6/+oQMCe+R
/N+7t4/Ln1/NcnYD/Bc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org