Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/c27389-de12-4d13-9880-6bd844ea86c7/1/l4psFIDD8zLgU8UyVQgpIJlwOJw.roa
File: l4psFIDD8zLgU8UyVQgpIJlwOJw.roa (raw, json)
Hash identifier: S6KRzsjUD5/qzbJoNv6RmbwcaDMMwouRSEbI9mZK1og=
Subject key identifier: 97:8A:6C:14:80:C3:F3:32:E0:53:C5:32:55:08:29:20:99:70:38:9C
Certificate issuer: /CN=661e7174bf9e9ea1b64a92ba65ffcf1e931cce32
Certificate serial: 01856E2FA87A624B1CEA4A73A266A1979575
Authority key identifier: 66:1E:71:74:BF:9E:9E:A1:B6:4A:92:BA:65:FF:CF:1E:93:1C:CE:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zh5xdL-enqG2SpK6Zf_PHpMczjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/c27389-de12-4d13-9880-6bd844ea86c7/1/l4psFIDD8zLgU8UyVQgpIJlwOJw.roa
Signing time: Sun 01 Jan 2023 16:34:55 +0000
ROA not before: Sun 01 Jan 2023 16:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30875
IP address blocks: 185.101.108.0/22 maxlen: 22
185.101.111.240/28 maxlen: 28
2a06:1d00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:a8:7a:62:4b:1c:ea:4a:73:a2:66:a1:97:95:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=661e7174bf9e9ea1b64a92ba65ffcf1e931cce32
Validity
Not Before: Jan 1 16:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=978a6c1480c3f332e053c532550829209970389c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:18:24:0f:e1:ac:78:0c:45:9f:ef:bc:e5:d4:
4d:20:f1:ee:94:16:10:22:e6:a2:80:05:5e:21:16:
09:74:79:68:3d:4d:a7:84:26:4a:86:8c:ac:6a:5b:
90:39:44:3d:3d:b9:87:be:fd:bb:1e:ca:34:82:78:
1d:47:1d:76:4d:c3:be:8f:71:4b:c4:b1:c8:c7:0a:
5d:2f:22:28:23:c4:68:34:5a:e4:7b:c4:22:fb:60:
b9:cc:37:f4:97:18:38:31:2a:04:60:68:e2:52:b3:
00:b0:11:f1:7c:10:4e:e2:2f:fd:2d:78:2f:8e:10:
58:8a:73:bc:30:5f:c8:44:00:8a:00:51:63:99:3a:
91:42:c0:8d:15:0e:76:65:a3:d6:94:12:39:c7:6b:
1b:a9:87:1f:36:3c:d5:92:c0:29:f2:4f:21:24:91:
3f:ca:5e:62:4f:ad:d1:98:0c:d2:4a:18:57:8e:dc:
6c:c2:26:4d:ae:3c:bc:5a:87:3a:08:93:b5:8d:59:
1e:46:34:ba:10:77:7f:2f:f6:5f:b3:e7:21:26:ea:
c9:55:7a:4e:ec:68:4f:bb:cb:23:f7:6c:98:60:81:
b4:bc:0f:15:da:62:0f:db:c7:ce:2d:a6:55:96:84:
b4:33:36:bb:9b:c7:f6:cf:0e:ff:53:9f:63:e2:4a:
f8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:8A:6C:14:80:C3:F3:32:E0:53:C5:32:55:08:29:20:99:70:38:9C
X509v3 Authority Key Identifier:
keyid:66:1E:71:74:BF:9E:9E:A1:B6:4A:92:BA:65:FF:CF:1E:93:1C:CE:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zh5xdL-enqG2SpK6Zf_PHpMczjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c27389-de12-4d13-9880-6bd844ea86c7/1/l4psFIDD8zLgU8UyVQgpIJlwOJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c27389-de12-4d13-9880-6bd844ea86c7/1/Zh5xdL-enqG2SpK6Zf_PHpMczjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.108.0/22
IPv6:
2a06:1d00::/29
Signature Algorithm: sha256WithRSAEncryption
5a:3b:12:c7:8d:d8:90:ee:b3:e4:c4:0c:28:b6:af:00:76:ac:
3c:94:3c:e7:14:ee:de:c7:c5:ea:20:b2:d3:b5:02:d9:5b:40:
be:15:12:5f:2d:3d:b1:7b:12:5b:c0:3c:8b:fc:fe:c3:77:e2:
69:b7:9e:3d:60:6e:a9:2e:71:d8:e6:5d:ea:e5:21:d7:bc:2f:
fb:9d:fc:8b:26:5f:8d:e1:93:c3:59:ca:11:0c:cd:48:0b:24:
09:88:7b:75:84:13:d0:9c:b5:a7:f8:49:19:94:a0:79:cd:bc:
57:1c:4a:20:ec:ad:50:93:9c:d3:35:fa:c4:b5:80:5b:72:0a:
e0:a4:23:73:12:b8:32:ab:06:76:60:f3:ca:1c:60:b2:47:00:
86:85:d0:74:d2:18:05:3d:5c:24:4c:a2:e0:d5:65:7e:56:f5:
34:a1:e3:f0:03:91:63:43:bf:6b:88:54:81:f0:39:21:51:45:
23:eb:e4:97:91:96:2d:9a:3d:cc:a6:66:65:ba:3e:87:99:f1:
26:3b:4f:59:58:d9:bf:c6:05:45:e7:d5:8b:52:72:50:40:e7:
4d:f5:ca:57:2f:fc:1f:3e:f7:cb:fa:7b:c5:b0:fa:1c:94:99:
25:2d:9a:85:8d:99:8e:f4:67:6b:b2:e4:1d:58:1c:33:31:0c:
89:d8:f9:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuL6h6Yksc6kpzomahl5V1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MWU3MTc0YmY5ZTllYTFiNjRhOTJiYTY1ZmZjZjFlOTMx
Y2NlMzIwHhcNMjMwMTAxMTYzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzhhNmMxNDgwYzNmMzMyZTA1M2M1MzI1NTA4MjkyMDk5NzAzODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRgkD+GseAxFn++85dRNIPHulBYQ
IuaigAVeIRYJdHloPU2nhCZKhoysaluQOUQ9PbmHvv27Hso0gngdRx12TcO+j3FL
xLHIxwpdLyIoI8RoNFrke8Qi+2C5zDf0lxg4MSoEYGjiUrMAsBHxfBBO4i/9LXgv
jhBYinO8MF/IRACKAFFjmTqRQsCNFQ52ZaPWlBI5x2sbqYcfNjzVksAp8k8hJJE/
yl5iT63RmAzSShhXjtxswiZNrjy8Woc6CJO1jVkeRjS6EHd/L/Zfs+chJurJVXpO
7GhPu8sj92yYYIG0vA8V2mIP28fOLaZVloS0Mza7m8f2zw7/U59j4kr4EwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJeKbBSAw/My4FPFMlUIKSCZcDicMB8GA1UdIwQY
MBaAFGYecXS/np6htkqSumX/zx6THM4yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmg1eGRMLWVucUcyU3BLNlpmX1BIcE1jempJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9jMjczODktZGUxMi00ZDEzLTk4ODAt
NmJkODQ0ZWE4NmM3LzEvbDRwc0ZJREQ4ekxnVThVeVZRZ3BJSmx3T0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9jMjczODktZGUxMi00ZDEzLTk4ODAtNmJkODQ0ZWE4NmM3
LzEvWmg1eGRMLWVucUcyU3BLNlpmX1BIcE1jempJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWVsMA0E
AgACMAcDBQMqBh0AMA0GCSqGSIb3DQEBCwUAA4IBAQBaOxLHjdiQ7rPkxAwotq8A
dqw8lDznFO7ex8XqILLTtQLZW0C+FRJfLT2xexJbwDyL/P7Dd+Jpt549YG6pLnHY
5l3q5SHXvC/7nfyLJl+N4ZPDWcoRDM1ICyQJiHt1hBPQnLWn+EkZlKB5zbxXHEog
7K1Qk5zTNfrEtYBbcgrgpCNzErgyqwZ2YPPKHGCyRwCGhdB00hgFPVwkTKLg1WV+
VvU0oePwA5FjQ79riFSB8DkhUUUj6+SXkZYtmj3MpmZluj6HmfEmO09ZWNm/xgVF
59WLUnJQQOdN9cpXL/wfPvfL+nvFsPoclJklLZqFjZmO9GdrsuQdWBwzMQyJ2PlP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:37 2024 by rpki-client on console-fra.rpki-client.org