Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/CXxja2iRv5Y2ruzAGPGHvhyv7FQ.roa
File: CXxja2iRv5Y2ruzAGPGHvhyv7FQ.roa (raw, json)
Hash identifier: kvGze8OdWPW50M46cCOh1JnIq0yn43MmFj75cOQ+rlM=
Subject key identifier: 09:7C:63:6B:68:91:BF:96:36:AE:EC:C0:18:F1:87:BE:1C:AF:EC:54
Certificate issuer: /CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Certificate serial: 0185701527AA5EA71496F0B3651B8F1A0722
Authority key identifier: 29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/CXxja2iRv5Y2ruzAGPGHvhyv7FQ.roa
Signing time: Mon 02 Jan 2023 01:25:12 +0000
ROA not before: Mon 02 Jan 2023 01:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3491
IP address blocks: 185.152.51.0/24 maxlen: 24
185.152.48.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:27:aa:5e:a7:14:96:f0:b3:65:1b:8f:1a:07:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Validity
Not Before: Jan 2 01:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=097c636b6891bf9636aeecc018f187be1cafec54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9d:6d:07:9d:e4:bf:53:ab:c5:f8:d1:6b:35:
b5:d2:d6:fc:5e:77:0e:51:2b:57:b9:67:42:c7:4f:
44:1f:8d:03:75:fb:86:ff:e2:9e:55:2b:ef:5a:e1:
89:c1:db:a5:d5:e4:94:56:ba:6e:0f:52:f6:d5:ab:
e9:82:d1:03:05:b6:d8:d1:09:f5:81:f6:44:c0:3f:
f7:cf:78:e0:15:b6:2c:cc:36:17:1f:6d:f2:7a:f2:
8f:95:34:e8:cb:2b:97:85:e2:ef:a2:62:07:f7:03:
17:21:91:29:df:5e:33:e5:67:36:0e:22:02:6c:77:
95:df:2a:18:f5:10:0f:70:c9:80:c6:5c:ac:f3:fe:
ba:e4:ce:9d:be:32:97:9a:87:8f:4c:75:d9:6a:61:
e8:26:23:67:de:ab:93:c2:9c:5c:d3:d2:de:1e:88:
38:45:09:12:8c:6d:2e:b5:6b:87:2d:c4:91:59:b9:
d3:5d:ff:bd:f1:0d:a7:1e:59:8b:5c:60:e1:9d:53:
7a:30:fa:01:09:f5:29:88:cd:74:11:8c:8e:bd:9d:
3e:45:35:48:b8:d9:4c:7b:fd:a4:38:b8:0b:76:ff:
f2:46:cd:12:41:74:23:39:72:de:b1:b5:9c:27:c8:
de:be:a3:7a:7f:c6:dc:a7:8e:7c:6b:a4:5b:55:6f:
d5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:7C:63:6B:68:91:BF:96:36:AE:EC:C0:18:F1:87:BE:1C:AF:EC:54
X509v3 Authority Key Identifier:
keyid:29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/CXxja2iRv5Y2ruzAGPGHvhyv7FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/KQbwJrH-Y2yaXaAR3H_WnFgdArg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.48.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:e8:8b:15:a3:db:7f:17:1d:9b:27:9a:be:5d:19:0d:7b:ba:
e9:41:d4:fe:35:1c:22:e4:97:4a:c0:7a:3d:46:4b:7e:c2:19:
a1:f9:55:02:e5:30:1b:cd:f8:67:d0:c6:58:48:be:1a:78:97:
51:79:b0:d1:99:36:e8:ae:af:c9:76:4d:7c:ea:f8:43:bd:52:
ca:c3:b8:dc:39:a2:5a:40:83:70:f6:6c:36:f8:5c:e7:fc:84:
85:e0:69:30:53:c3:c7:65:e3:e3:c5:9c:29:56:c8:54:e4:9a:
87:67:7d:4c:13:81:bd:28:67:d6:64:cc:71:6a:2c:4e:aa:00:
e1:c2:83:db:7b:25:db:19:b4:d2:93:35:ad:0c:1c:9c:2e:0d:
a0:67:5c:15:82:df:64:0d:de:18:dd:b5:7a:99:3e:5f:20:c0:
28:9f:51:0b:f4:79:06:32:2d:c6:e8:a1:d8:8a:2a:4d:cf:ec:
97:e6:66:9c:4a:1c:34:5e:dd:9a:4f:09:ea:82:32:3d:16:85:
77:e0:c6:b1:b4:68:a4:fc:46:3c:a5:01:1c:65:53:c0:3e:0f:
7e:27:c8:26:5b:24:68:a7:54:81:a8:2c:68:f0:36:2d:25:9a:
f2:15:96:d7:b2:df:9a:54:09:ea:5b:f0:e9:f9:b8:97:02:e7:
60:62:e5:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFSeqXqcUlvCzZRuPGgciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDZmMDI2YjFmZTYzNmM5YTVkYTAxMWRjN2ZkNjljNTgx
ZDAyYjgwHhcNMjMwMTAyMDEyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTdjNjM2YjY4OTFiZjk2MzZhZWVjYzAxOGYxODdiZTFjYWZlYzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ1tB53kv1OrxfjRazW10tb8XncO
UStXuWdCx09EH40DdfuG/+KeVSvvWuGJwdul1eSUVrpuD1L21avpgtEDBbbY0Qn1
gfZEwD/3z3jgFbYszDYXH23yevKPlTToyyuXheLvomIH9wMXIZEp314z5Wc2DiIC
bHeV3yoY9RAPcMmAxlys8/665M6dvjKXmoePTHXZamHoJiNn3quTwpxc09LeHog4
RQkSjG0utWuHLcSRWbnTXf+98Q2nHlmLXGDhnVN6MPoBCfUpiM10EYyOvZ0+RTVI
uNlMe/2kOLgLdv/yRs0SQXQjOXLesbWcJ8jevqN6f8bcp458a6RbVW/VrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAl8Y2tokb+WNq7swBjxh74cr+xUMB8GA1UdIwQY
MBaAFCkG8Cax/mNsml2gEdx/1pxYHQK4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Fid0pySC1ZMnlhWGFBUjNIX1duRmdkQXJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82N2EzMmQtN2JmOC00YjA0LWFhMDUt
ODBhOTFiZTgzZTRiLzEvQ1h4amEyaVJ2NVkycnV6QUdQR0h2aHl2N0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82N2EzMmQtN2JmOC00YjA0LWFhMDUtODBhOTFiZTgzZTRi
LzEvS1Fid0pySC1ZMnlhWGFBUjNIX1duRmdkQXJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZgwMA0G
CSqGSIb3DQEBCwUAA4IBAQDF6IsVo9t/Fx2bJ5q+XRkNe7rpQdT+NRwi5JdKwHo9
Rkt+whmh+VUC5TAbzfhn0MZYSL4aeJdRebDRmTborq/Jdk186vhDvVLKw7jcOaJa
QINw9mw2+Fzn/ISF4GkwU8PHZePjxZwpVshU5JqHZ31ME4G9KGfWZMxxaixOqgDh
woPbeyXbGbTSkzWtDBycLg2gZ1wVgt9kDd4Y3bV6mT5fIMAon1EL9HkGMi3G6KHY
iipNz+yX5macShw0Xt2aTwnqgjI9FoV34MaxtGik/EY8pQEcZVPAPg9+J8gmWyRo
p1SBqCxo8DYtJZryFZbXst+aVAnqW/Dp+biXAudgYuU0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:14 2024 by rpki-client on console-fra.rpki-client.org