Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/bL9CP7XrL_f7y98T6NkVRU1cr5Y.roa
File: bL9CP7XrL_f7y98T6NkVRU1cr5Y.roa (raw, json)
Hash identifier: 3ylS0n0tOMy7rted91L93AG36gg+7qrRGT/aEyzUs00=
Subject key identifier: 6C:BF:42:3F:B5:EB:2F:F7:FB:CB:DF:13:E8:D9:15:45:4D:5C:AF:96
Certificate issuer: /CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Certificate serial: 01856DEF659BE69F351916E46C7CF6643B45
Authority key identifier: 4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/bL9CP7XrL_f7y98T6NkVRU1cr5Y.roa
Signing time: Sun 01 Jan 2023 15:24:43 +0000
ROA not before: Sun 01 Jan 2023 15:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199551
IP address blocks: 194.29.180.0/22 maxlen: 22
185.101.188.0/23 maxlen: 23
213.5.0.0/22 maxlen: 22
185.11.108.0/22 maxlen: 22
185.11.110.0/24 maxlen: 24
2a00:c020:4000::/36 maxlen: 36
2a03:22c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:65:9b:e6:9f:35:19:16:e4:6c:7c:f6:64:3b:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Validity
Not Before: Jan 1 15:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cbf423fb5eb2ff7fbcbdf13e8d915454d5caf96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e2:05:35:a7:2d:85:28:72:71:c6:6b:a6:16:
2b:16:13:6f:5a:b4:c8:44:9c:83:ed:90:3f:43:da:
c6:a3:8c:40:95:34:a4:3a:79:33:82:86:38:e7:50:
92:d7:23:23:a9:00:db:ca:ea:5b:69:01:0e:f4:79:
98:16:37:36:ef:2d:60:45:fd:01:c3:02:c7:e7:c9:
f3:78:36:f8:1f:e3:f4:93:f7:56:66:bb:0d:ff:25:
04:72:dd:34:2e:78:c0:88:29:04:e4:61:de:54:00:
ba:93:e8:14:05:ee:87:ba:f8:9b:91:81:89:da:73:
b6:b0:b2:27:7e:f9:5e:8a:08:0d:4c:81:cd:5a:3b:
43:94:79:64:d6:85:fa:1b:fc:ae:06:ce:10:fd:d4:
34:ba:5e:8e:f9:85:27:b2:7b:07:a0:87:57:31:2d:
83:40:5a:a5:42:be:1f:81:86:af:62:40:8f:8c:0f:
a1:24:69:20:fa:1e:f2:bd:33:a6:5b:d3:02:2f:93:
3a:f0:a6:13:e0:68:f4:a9:6b:7d:cf:09:f0:cf:41:
f5:0e:69:de:2c:2e:ca:6c:61:b1:ed:6a:4b:1d:64:
c0:4c:1a:76:a8:18:6c:cc:7d:b7:1e:38:58:7d:69:
0b:32:a9:b1:1e:3b:28:b4:a9:1c:b4:e7:a5:0d:b2:
6b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BF:42:3F:B5:EB:2F:F7:FB:CB:DF:13:E8:D9:15:45:4D:5C:AF:96
X509v3 Authority Key Identifier:
keyid:4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/bL9CP7XrL_f7y98T6NkVRU1cr5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.108.0/22
185.101.188.0/23
194.29.180.0/22
213.5.0.0/22
IPv6:
2a00:c020:4000::/36
2a03:22c0::/32
Signature Algorithm: sha256WithRSAEncryption
84:74:09:d0:9b:07:0a:fe:e5:ce:ea:e3:c8:8c:2c:74:bb:78:
2a:a2:97:19:2f:f5:07:8b:12:c0:3e:8d:56:54:11:4f:a0:e4:
1b:ea:f7:46:f6:cd:d8:62:a2:1b:af:17:f2:23:a4:69:aa:40:
54:0b:29:c3:2e:0c:84:68:43:51:e7:f0:7d:28:18:53:ea:45:
ab:73:8e:d2:92:f8:2c:3c:fa:1c:cc:ae:5b:ce:af:9a:59:31:
3a:07:19:30:8e:48:eb:09:51:74:21:ae:31:c9:21:71:5d:ed:
c3:62:43:e6:b9:f9:9e:db:10:33:88:d1:f4:0a:1b:0a:f0:86:
96:52:c7:79:fc:fc:6a:38:18:21:44:cd:43:d2:32:c8:8b:5d:
58:9d:57:53:1a:42:8e:45:1b:9b:e9:b5:18:65:12:c8:66:18:
1e:ea:5c:c3:9c:9e:c5:67:fd:ce:c2:27:1e:dc:50:23:cb:50:
03:13:c8:1b:87:67:16:3c:f2:ff:a5:69:9f:92:32:5a:8a:e5:
6b:56:b3:20:95:a1:28:bc:a5:be:71:19:df:d3:66:2c:05:ea:
06:cd:fd:b7:1e:db:c7:bf:bb:db:2c:66:28:f4:10:fd:f6:30:
dd:3c:e9:0e:48:5a:06:73:50:e5:35:e0:3e:4c:0d:82:13:d7:
fe:3c:ef:fe
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVt72Wb5p81GRbkbHz2ZDtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWYwY2IwNmE1YTQ3YjRkZGFjN2Y0ZDZkZmQ0NGFiYTRk
MzFmMmUwHhcNMjMwMTAxMTUyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2JmNDIzZmI1ZWIyZmY3ZmJjYmRmMTNlOGQ5MTU0NTRkNWNhZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeIFNacthShyccZrphYrFhNvWrTI
RJyD7ZA/Q9rGo4xAlTSkOnkzgoY451CS1yMjqQDbyupbaQEO9HmYFjc27y1gRf0B
wwLH58nzeDb4H+P0k/dWZrsN/yUEct00LnjAiCkE5GHeVAC6k+gUBe6HuvibkYGJ
2nO2sLInfvleiggNTIHNWjtDlHlk1oX6G/yuBs4Q/dQ0ul6O+YUnsnsHoIdXMS2D
QFqlQr4fgYavYkCPjA+hJGkg+h7yvTOmW9MCL5M68KYT4Gj0qWt9zwnwz0H1Dmne
LC7KbGGx7WpLHWTATBp2qBhszH23HjhYfWkLMqmxHjsotKkctOelDbJr1QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGy/Qj+16y/3+8vfE+jZFUVNXK+WMB8GA1UdIwQY
MBaAFE1fDLBqWke03ax/TW39RKuk0x8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2Mt
ZGM4YjUyZTNlYTBhLzEvYkw5Q1A3WHJMX2Y3eTk4VDZOa1ZSVTFjcjVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2MtZGM4YjUyZTNlYTBh
LzEvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAeBAIAATAYAwQCuQtsAwQB
uWW8AwQCwh20AwQC1QUAMBUEAgACMA8DBgQqAMAgQAMFACoDIsAwDQYJKoZIhvcN
AQELBQADggEBAIR0CdCbBwr+5c7q48iMLHS7eCqilxkv9QeLEsA+jVZUEU+g5Bvq
90b2zdhiohuvF/IjpGmqQFQLKcMuDIRoQ1Hn8H0oGFPqRatzjtKS+Cw8+hzMrlvO
r5pZMToHGTCOSOsJUXQhrjHJIXFd7cNiQ+a5+Z7bEDOI0fQKGwrwhpZSx3n8/Go4
GCFEzUPSMsiLXVidV1MaQo5FG5vptRhlEshmGB7qXMOcnsVn/c7CJx7cUCPLUAMT
yBuHZxY88v+laZ+SMlqK5WtWsyCVoSi8pb5xGd/TZiwF6gbN/bce28e/u9ssZij0
EP32MN086Q5IWgZzUOU14D5MDYIT1/487/4=
-----END CERTIFICATE-----
Generated at Wed Jul 26 11:17:26 2023 by rpki-client on console-fra.rpki-client.org