Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/T1HHfW_i8lfeEuODON5Gen5QGo0.roa
File: T1HHfW_i8lfeEuODON5Gen5QGo0.roa (raw, json)
Hash identifier: kPVjx3EW8iP12xhrh1Obqx/xWV2/QtNEg3RYQ8gOOTM=
Subject key identifier: 4F:51:C7:7D:6F:E2:F2:57:DE:12:E3:83:38:DE:46:7A:7E:50:1A:8D
Certificate issuer: /CN=6d2203ec1e5a6c266cca39b9af1abe2cb20b195a
Certificate serial: 018CC56EB09AFA17A9C2B4104EEF1A43699C
Authority key identifier: 6D:22:03:EC:1E:5A:6C:26:6C:CA:39:B9:AF:1A:BE:2C:B2:0B:19:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSID7B5abCZsyjm5rxq-LLILGVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/T1HHfW_i8lfeEuODON5Gen5QGo0.roa
Signing time: Mon 01 Jan 2024 14:30:14 +0000
ROA not before: Mon 01 Jan 2024 14:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203200
IP address blocks: 185.122.76.0/22 maxlen: 22
2a10:d340:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Aug 2024 11:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b0:9a:fa:17:a9:c2:b4:10:4e:ef:1a:43:69:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d2203ec1e5a6c266cca39b9af1abe2cb20b195a
Validity
Not Before: Jan 1 14:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f51c77d6fe2f257de12e38338de467a7e501a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:93:95:4a:76:9d:9a:d4:65:55:5c:dd:d9:5c:
22:a0:6a:8a:d3:c4:5a:26:98:21:11:6e:74:84:29:
e6:12:1a:bb:72:bd:2e:a5:47:d9:09:a4:91:ac:14:
8c:86:53:56:de:c7:37:84:4a:40:76:b6:ad:cf:36:
76:3a:e1:e4:59:c3:20:23:5f:60:86:7f:de:8c:75:
50:89:76:56:0e:1d:c3:68:4b:48:a4:d1:7f:40:a6:
5e:f4:85:d2:e1:7f:ff:cb:45:bf:6b:9f:a7:aa:9a:
d5:38:ed:d5:8a:08:9e:ec:ed:6d:5c:97:76:82:cf:
e8:ce:2b:81:af:b6:07:f3:ab:e8:0c:ce:b5:83:98:
37:7a:8e:64:3b:5c:82:a8:f2:5f:78:6c:3c:d5:88:
0b:9c:2c:14:57:7d:ae:e4:12:5f:d2:c3:f5:31:bd:
f9:15:b7:b2:08:d7:29:1d:72:bf:d4:ef:74:e7:02:
5c:9f:f4:bc:49:6b:78:1d:a7:c5:3d:0a:8a:0a:ac:
0b:15:11:9c:20:5e:7a:5e:d1:8c:45:10:93:ed:e2:
6b:ed:9d:f2:42:96:35:bc:72:37:75:43:88:91:24:
59:13:e1:c2:cd:b2:b6:33:06:ee:3e:22:d4:64:85:
ab:a0:5a:10:ef:ca:35:ef:7e:4d:1f:35:4e:b5:1a:
9a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:51:C7:7D:6F:E2:F2:57:DE:12:E3:83:38:DE:46:7A:7E:50:1A:8D
X509v3 Authority Key Identifier:
keyid:6D:22:03:EC:1E:5A:6C:26:6C:CA:39:B9:AF:1A:BE:2C:B2:0B:19:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSID7B5abCZsyjm5rxq-LLILGVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/T1HHfW_i8lfeEuODON5Gen5QGo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/fc522f-b20f-47af-80c6-1a97944c91ca/1/bSID7B5abCZsyjm5rxq-LLILGVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.76.0/22
IPv6:
2a10:d340:1::/48
Signature Algorithm: sha256WithRSAEncryption
a1:18:2d:64:24:0b:c8:b9:43:ca:cf:7f:1a:48:79:a0:7f:59:
0d:3b:1a:84:f5:04:d8:52:0f:14:c3:7d:24:2e:54:4c:bf:7b:
7e:73:2f:d5:4f:a5:c9:1c:aa:6b:b4:73:6d:38:8f:48:6e:01:
16:47:77:cd:bc:d4:6d:9f:06:45:f7:de:77:1f:b0:34:ba:6e:
ec:71:91:de:7f:de:f7:51:f3:76:fe:5b:82:d8:f7:2c:4e:ee:
0a:1f:fe:08:1f:98:79:b2:10:41:e6:66:62:6e:00:67:17:90:
4d:6c:1a:a2:95:79:eb:16:42:7f:e4:9d:ed:77:dc:73:5b:49:
7c:8b:c1:a5:bc:f0:62:3d:20:81:91:d7:8f:6d:f0:f6:d5:77:
44:48:17:8e:57:3c:06:3c:b4:15:53:61:a5:f8:48:fc:ed:fb:
83:d1:ab:f7:24:a4:ec:8d:59:5e:80:d5:28:3a:a1:1a:32:de:
42:fe:02:b7:45:50:1f:a3:16:82:51:70:a0:68:97:8f:41:55:
7e:9f:01:7f:e5:15:de:8c:99:f8:0d:fb:3c:1c:8b:64:b9:56:
8d:e8:82:95:14:b5:df:26:45:7d:c8:98:7b:6b:35:91:d2:7a:
f4:b9:0d:f6:6c:61:e7:a3:a5:c7:1c:16:f4:62:6a:4c:49:68:
be:ee:62:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFbrCa+hepwrQQTu8aQ2mcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjIwM2VjMWU1YTZjMjY2Y2NhMzliOWFmMWFiZTJjYjIw
YjE5NWEwHhcNMjQwMTAxMTQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjUxYzc3ZDZmZTJmMjU3ZGUxMmUzODMzOGRlNDY3YTdlNTAxYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pOVSnadmtRlVVzd2VwioGqK08Ra
JpghEW50hCnmEhq7cr0upUfZCaSRrBSMhlNW3sc3hEpAdratzzZ2OuHkWcMgI19g
hn/ejHVQiXZWDh3DaEtIpNF/QKZe9IXS4X//y0W/a5+nqprVOO3Vigie7O1tXJd2
gs/oziuBr7YH86voDM61g5g3eo5kO1yCqPJfeGw81YgLnCwUV32u5BJf0sP1Mb35
FbeyCNcpHXK/1O905wJcn/S8SWt4HafFPQqKCqwLFRGcIF56XtGMRRCT7eJr7Z3y
QpY1vHI3dUOIkSRZE+HCzbK2MwbuPiLUZIWroFoQ78o1735NHzVOtRqaiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE9Rx31v4vJX3hLjgzjeRnp+UBqNMB8GA1UdIwQY
MBaAFG0iA+weWmwmbMo5ua8aviyyCxlaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNJRDdCNWFiQ1pzeWptNXJ4cS1MTElMR1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9mYzUyMmYtYjIwZi00N2FmLTgwYzYt
MWE5Nzk0NGM5MWNhLzEvVDFISGZXX2k4bGZlRXVPRE9ONUdlbjVRR28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9mYzUyMmYtYjIwZi00N2FmLTgwYzYtMWE5Nzk0NGM5MWNh
LzEvYlNJRDdCNWFiQ1pzeWptNXJ4cS1MTElMR1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuXpMMA8E
AgACMAkDBwAqENNAAAEwDQYJKoZIhvcNAQELBQADggEBAKEYLWQkC8i5Q8rPfxpI
eaB/WQ07GoT1BNhSDxTDfSQuVEy/e35zL9VPpckcqmu0c204j0huARZHd8281G2f
BkX33ncfsDS6buxxkd5/3vdR83b+W4LY9yxO7gof/ggfmHmyEEHmZmJuAGcXkE1s
GqKVeesWQn/kne133HNbSXyLwaW88GI9IIGR149t8PbVd0RIF45XPAY8tBVTYaX4
SPzt+4PRq/ckpOyNWV6A1Sg6oRoy3kL+ArdFUB+jFoJRcKBol49BVX6fAX/lFd6M
mfgN+zwci2S5Vo3ogpUUtd8mRX3ImHtrNZHSevS5DfZsYeejpcccFvRiakxJaL7u
YpI=
-----END CERTIFICATE-----
Generated at Mon Aug 19 15:41:46 2024 by rpki-client on console-ams.rpki-client.org