Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/sSu6GqG02fTryzNEnJ6aw-0XDOI.roa
File: sSu6GqG02fTryzNEnJ6aw-0XDOI.roa (raw, json)
Hash identifier: 6k7aGxzAZEZy3PEiMeUi2PGPlU7DkMqrbjJOWb5rrVY=
Subject key identifier: B1:2B:BA:1A:A1:B4:D9:F4:EB:CB:33:44:9C:9E:9A:C3:ED:17:0C:E2
Certificate issuer: /CN=424ab8c7cf7403b5620a1b813e6ad1da0dacb44d
Certificate serial: 01856F6FEDC4BE483D681D24E4D1E2B8B7A7
Authority key identifier: 42:4A:B8:C7:CF:74:03:B5:62:0A:1B:81:3E:6A:D1:DA:0D:AC:B4:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/sSu6GqG02fTryzNEnJ6aw-0XDOI.roa
Signing time: Sun 01 Jan 2023 22:24:44 +0000
ROA not before: Sun 01 Jan 2023 22:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60522
IP address blocks: 185.188.108.0/22 maxlen: 22
2a0b:bf80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:ed:c4:be:48:3d:68:1d:24:e4:d1:e2:b8:b7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424ab8c7cf7403b5620a1b813e6ad1da0dacb44d
Validity
Not Before: Jan 1 22:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b12bba1aa1b4d9f4ebcb33449c9e9ac3ed170ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:1b:9f:e4:07:8e:c1:c3:b5:b4:e1:f0:15:a8:
21:c7:ea:7d:31:8b:75:09:00:e8:8a:54:c4:af:2f:
a5:57:49:95:54:a9:df:67:5f:2c:b0:52:bf:fb:f7:
e3:e1:68:85:c3:4d:63:8d:7d:8a:8d:37:e1:7a:e5:
0a:25:e2:72:d1:d7:7f:d1:96:66:30:fd:4a:d4:83:
0a:c8:30:16:88:bb:5a:fe:6f:21:eb:70:ec:a1:89:
2a:b1:74:c5:a8:b6:6c:ec:c7:62:18:98:c4:94:04:
87:a9:dd:26:9a:0f:49:f1:c0:cf:de:10:4d:a7:b7:
40:28:7e:04:fb:34:23:53:a7:8d:c8:4d:4a:66:09:
ff:74:42:58:75:ac:80:58:28:f8:4e:81:fd:c2:f5:
21:2e:ab:e9:15:99:5d:f1:d8:b8:79:85:12:c7:ca:
aa:9a:02:ef:63:68:04:56:04:c7:40:59:a1:42:fd:
19:67:4f:67:fe:af:26:e9:48:d5:5a:e0:3d:7f:f3:
ef:88:0f:5c:0a:f5:59:d2:01:41:fe:0c:29:47:1f:
92:d7:4f:77:87:79:4c:44:18:9e:3f:f5:0e:ed:bd:
39:0e:57:eb:a4:a6:d9:f8:99:7b:36:32:e8:bd:6f:
8f:57:b7:12:bf:2a:a5:33:b7:93:c0:7d:55:2a:6d:
9b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:2B:BA:1A:A1:B4:D9:F4:EB:CB:33:44:9C:9E:9A:C3:ED:17:0C:E2
X509v3 Authority Key Identifier:
keyid:42:4A:B8:C7:CF:74:03:B5:62:0A:1B:81:3E:6A:D1:DA:0D:AC:B4:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/sSu6GqG02fTryzNEnJ6aw-0XDOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.108.0/22
IPv6:
2a0b:bf80::/32
Signature Algorithm: sha256WithRSAEncryption
33:14:f7:79:01:7a:0c:22:3e:93:f5:ca:66:aa:50:5c:bf:1f:
2f:7a:bc:46:d8:25:02:fe:03:5c:57:78:30:74:1c:d6:25:5f:
00:4b:41:a8:3a:e2:fa:eb:45:d9:9f:96:cc:91:05:c1:33:d2:
b2:e0:8b:32:91:39:d5:63:4e:dc:61:cc:ab:67:6d:77:06:25:
10:14:79:45:62:e5:64:ec:79:42:80:d0:89:68:a0:02:75:f2:
7c:9f:d5:8e:97:47:05:5d:dd:66:85:75:28:1f:ea:fb:d6:38:
c3:95:22:7e:17:ca:10:60:f8:3f:d7:49:1a:af:6e:e7:b4:be:
f5:6a:86:37:cb:1d:a9:db:49:52:1c:39:88:8c:36:a7:3c:20:
5e:81:8c:f0:a1:2c:33:d0:b3:5e:41:db:7f:d9:59:d5:64:ca:
41:c4:57:49:df:9f:f7:9c:8c:ad:e8:de:ee:e6:10:8c:49:c1:
aa:8a:dd:d0:49:6c:5b:ed:8d:eb:d4:cb:b0:c8:c9:92:2b:fa:
b6:85:c3:b6:35:26:ed:dc:1d:79:66:f6:cc:85:23:43:35:fc:
56:60:af:d0:fb:4a:4c:d0:46:91:1f:ac:99:96:26:6f:82:c8:
ae:89:df:05:9c:92:df:6a:c0:dc:0b:cf:11:9a:c1:95:49:7b:
0a:4a:cd:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvb+3Evkg9aB0k5NHiuLenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGFiOGM3Y2Y3NDAzYjU2MjBhMWI4MTNlNmFkMWRhMGRh
Y2I0NGQwHhcNMjMwMTAxMjIyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTJiYmExYWExYjRkOWY0ZWJjYjMzNDQ5YzllOWFjM2VkMTcwY2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ruf5AeOwcO1tOHwFaghx+p9MYt1
CQDoilTEry+lV0mVVKnfZ18ssFK/+/fj4WiFw01jjX2KjTfheuUKJeJy0dd/0ZZm
MP1K1IMKyDAWiLta/m8h63DsoYkqsXTFqLZs7MdiGJjElASHqd0mmg9J8cDP3hBN
p7dAKH4E+zQjU6eNyE1KZgn/dEJYdayAWCj4ToH9wvUhLqvpFZld8di4eYUSx8qq
mgLvY2gEVgTHQFmhQv0ZZ09n/q8m6UjVWuA9f/PviA9cCvVZ0gFB/gwpRx+S1093
h3lMRBieP/UO7b05DlfrpKbZ+Jl7NjLovW+PV7cSvyqlM7eTwH1VKm2bVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLEruhqhtNn068szRJyemsPtFwziMB8GA1UdIwQY
MBaAFEJKuMfPdAO1YgobgT5q0doNrLRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zYjMyMTUtNTcyMS00MzQ1LTg0MWIt
MmFkOTMwOGYxZjZjLzEvc1N1NkdxRzAyZlRyeXpORW5KNmF3LTBYRE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zYjMyMTUtNTcyMS00MzQ1LTg0MWItMmFkOTMwOGYxZjZj
LzEvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubxsMA0E
AgACMAcDBQAqC7+AMA0GCSqGSIb3DQEBCwUAA4IBAQAzFPd5AXoMIj6T9cpmqlBc
vx8verxG2CUC/gNcV3gwdBzWJV8AS0GoOuL660XZn5bMkQXBM9Ky4IsykTnVY07c
YcyrZ213BiUQFHlFYuVk7HlCgNCJaKACdfJ8n9WOl0cFXd1mhXUoH+r71jjDlSJ+
F8oQYPg/10kar27ntL71aoY3yx2p20lSHDmIjDanPCBegYzwoSwz0LNeQdt/2VnV
ZMpBxFdJ35/3nIyt6N7u5hCMScGqit3QSWxb7Y3r1MuwyMmSK/q2hcO2NSbt3B15
ZvbMhSNDNfxWYK/Q+0pM0EaRH6yZliZvgsiuid8FnJLfasDcC88RmsGVSXsKSs0d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:24 2024 by rpki-client on console-fra.rpki-client.org