Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/f7c636-0d1e-47f3-b05d-a7fd2f9e74cf/1/Be9QMr81cauV0Bl5YB0UAHzf6hc.roa
File: Be9QMr81cauV0Bl5YB0UAHzf6hc.roa (raw, json)
Hash identifier: 6p+fkqU9S+jxJLj+hWJ6qcL0mloRRV1mEeSGb++6Q3k=
Subject key identifier: 05:EF:50:32:BF:35:71:AB:95:D0:19:79:60:1D:14:00:7C:DF:EA:17
Certificate issuer: /CN=e54d092047dbe9a968a160f315fab9bb9c8356d7
Certificate serial: 01856E264E9A92C8C18A4700FAC7A0BDD41F
Authority key identifier: E5:4D:09:20:47:DB:E9:A9:68:A1:60:F3:15:FA:B9:BB:9C:83:56:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5U0JIEfb6alooWDzFfq5u5yDVtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/f7c636-0d1e-47f3-b05d-a7fd2f9e74cf/1/Be9QMr81cauV0Bl5YB0UAHzf6hc.roa
Signing time: Sun 01 Jan 2023 16:24:42 +0000
ROA not before: Sun 01 Jan 2023 16:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59944
IP address blocks: 185.65.96.0/22 maxlen: 24
2a03:1ae0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:4e:9a:92:c8:c1:8a:47:00:fa:c7:a0:bd:d4:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e54d092047dbe9a968a160f315fab9bb9c8356d7
Validity
Not Before: Jan 1 16:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05ef5032bf3571ab95d01979601d14007cdfea17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:db:90:d2:f2:6b:07:1d:ec:1c:a3:95:58:51:
25:3e:1c:43:cd:62:f9:96:9c:c5:0d:8b:44:49:62:
d8:2b:87:a0:91:b2:61:d3:98:8d:27:24:65:63:64:
b8:e7:55:ba:d0:47:6d:15:5b:21:13:17:cb:ca:91:
b7:b4:4a:61:06:d3:5a:92:a3:fd:6b:b2:11:c0:a6:
2c:59:65:27:70:6e:4a:82:ce:d3:c5:95:84:c4:81:
73:35:d2:41:05:54:43:9d:86:dd:7d:72:06:6f:32:
85:e7:15:65:ce:39:18:fc:c6:c0:cb:96:dc:6d:e6:
1c:57:3e:3a:52:1b:c4:62:1a:80:fa:f8:ba:6d:66:
f3:9a:d7:50:7d:22:ee:9c:56:83:b6:9c:bf:09:bc:
45:d5:dd:26:88:7e:5a:10:94:db:f4:1d:8b:4d:3e:
b2:25:db:e1:77:99:e3:1a:57:4a:30:03:77:22:68:
04:46:de:5d:7f:0d:13:61:5a:e4:41:4e:6a:29:cf:
ec:39:f0:0e:b7:b5:1c:b3:da:fb:ff:29:fe:27:38:
76:0a:86:da:73:ab:e0:c2:85:94:71:9a:50:fa:43:
33:e9:ef:ad:28:a0:dc:c0:23:9a:3b:73:f4:90:9e:
b4:33:89:8f:9d:0a:99:d2:2f:5e:83:6f:39:16:9d:
ed:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:EF:50:32:BF:35:71:AB:95:D0:19:79:60:1D:14:00:7C:DF:EA:17
X509v3 Authority Key Identifier:
keyid:E5:4D:09:20:47:DB:E9:A9:68:A1:60:F3:15:FA:B9:BB:9C:83:56:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5U0JIEfb6alooWDzFfq5u5yDVtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/f7c636-0d1e-47f3-b05d-a7fd2f9e74cf/1/Be9QMr81cauV0Bl5YB0UAHzf6hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/f7c636-0d1e-47f3-b05d-a7fd2f9e74cf/1/5U0JIEfb6alooWDzFfq5u5yDVtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.96.0/22
IPv6:
2a03:1ae0::/32
Signature Algorithm: sha256WithRSAEncryption
7d:5e:9e:bb:25:93:ce:59:1e:ca:cf:a2:d2:df:56:bc:90:57:
ef:ec:ea:53:cd:2d:96:f2:d3:91:20:4b:56:b9:79:e1:50:bd:
6a:3a:35:67:a9:b8:61:63:50:10:a3:03:4a:49:83:01:5f:99:
08:74:72:6e:ef:84:69:43:a5:ed:3d:c4:99:0f:81:b9:da:96:
9d:a2:0a:72:00:dd:56:b4:ed:a4:33:45:7c:39:f5:dc:c8:0d:
8d:4a:86:a7:82:e8:fe:65:ed:6e:e5:3d:b1:2f:ae:b9:85:58:
46:f2:4e:fc:6d:e7:df:14:0c:6b:a2:6d:27:74:56:56:c3:67:
53:ba:2f:a2:4d:73:56:0a:83:6d:cc:ab:91:2d:bd:eb:59:49:
b8:55:73:62:a2:87:23:07:71:3f:20:f8:b3:08:a2:6e:5d:30:
61:a0:d0:54:80:e5:14:0d:3f:d7:90:31:f9:9d:cf:5c:04:f4:
21:ec:8e:d9:89:0b:1f:c8:8c:69:07:ab:5d:e4:98:d7:bf:5f:
dc:14:bc:3a:30:75:64:ed:75:2d:07:03:5f:ec:e8:93:58:88:
a9:41:87:7f:b7:5c:a3:e3:ec:36:b0:83:a0:15:89:78:d8:03:
16:d0:b5:9d:af:44:f2:d2:26:9f:6d:14:36:44:ff:74:37:b5:
ac:a1:80:6e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuJk6aksjBikcA+segvdQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NGQwOTIwNDdkYmU5YTk2OGExNjBmMzE1ZmFiOWJiOWM4
MzU2ZDcwHhcNMjMwMTAxMTYyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWVmNTAzMmJmMzU3MWFiOTVkMDE5Nzk2MDFkMTQwMDdjZGZlYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNuQ0vJrBx3sHKOVWFElPhxDzWL5
lpzFDYtESWLYK4egkbJh05iNJyRlY2S451W60EdtFVshExfLypG3tEphBtNakqP9
a7IRwKYsWWUncG5Kgs7TxZWExIFzNdJBBVRDnYbdfXIGbzKF5xVlzjkY/MbAy5bc
beYcVz46UhvEYhqA+vi6bWbzmtdQfSLunFaDtpy/CbxF1d0miH5aEJTb9B2LTT6y
Jdvhd5njGldKMAN3ImgERt5dfw0TYVrkQU5qKc/sOfAOt7Ucs9r7/yn+Jzh2Coba
c6vgwoWUcZpQ+kMz6e+tKKDcwCOaO3P0kJ60M4mPnQqZ0i9eg285Fp3tfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAXvUDK/NXGrldAZeWAdFAB83+oXMB8GA1UdIwQY
MBaAFOVNCSBH2+mpaKFg8xX6ubucg1bXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVUwSklFZmI2YWxvb1dEekZmcTV1NXlEVnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9mN2M2MzYtMGQxZS00N2YzLWIwNWQt
YTdmZDJmOWU3NGNmLzEvQmU5UU1yODFjYXVWMEJsNVlCMFVBSHpmNmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9mN2M2MzYtMGQxZS00N2YzLWIwNWQtYTdmZDJmOWU3NGNm
LzEvNVUwSklFZmI2YWxvb1dEekZmcTV1NXlEVnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUFgMA0E
AgACMAcDBQAqAxrgMA0GCSqGSIb3DQEBCwUAA4IBAQB9Xp67JZPOWR7Kz6LS31a8
kFfv7OpTzS2W8tORIEtWuXnhUL1qOjVnqbhhY1AQowNKSYMBX5kIdHJu74RpQ6Xt
PcSZD4G52padogpyAN1WtO2kM0V8OfXcyA2NSoanguj+Ze1u5T2xL665hVhG8k78
beffFAxrom0ndFZWw2dTui+iTXNWCoNtzKuRLb3rWUm4VXNioocjB3E/IPizCKJu
XTBhoNBUgOUUDT/XkDH5nc9cBPQh7I7ZiQsfyIxpB6td5JjXv1/cFLw6MHVk7XUt
BwNf7OiTWIipQYd/t1yj4+w2sIOgFYl42AMW0LWdr0Ty0iafbRQ2RP90N7WsoYBu
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:14 2024 by rpki-client on console-fra.rpki-client.org