Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/ooAzlcFaE7Uflb3wdG3mBrsrlIE.roa
File: ooAzlcFaE7Uflb3wdG3mBrsrlIE.roa (raw, json)
Hash identifier: k8FgcdOXo60R7h/AbuRPYKix6y4x+PZcJG8p37L2Bnc=
Subject key identifier: A2:80:33:95:C1:5A:13:B5:1F:95:BD:F0:74:6D:E6:06:BB:2B:94:81
Certificate issuer: /CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Certificate serial: 01856F8B92986B39091EF87902B6FCEF88FA
Authority key identifier: 12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/ooAzlcFaE7Uflb3wdG3mBrsrlIE.roa
Signing time: Sun 01 Jan 2023 22:54:56 +0000
ROA not before: Sun 01 Jan 2023 22:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59791
IP address blocks: 185.67.200.0/22 maxlen: 24
185.88.148.0/22 maxlen: 22
2a05:1180::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:92:98:6b:39:09:1e:f8:79:02:b6:fc:ef:88:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Validity
Not Before: Jan 1 22:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2803395c15a13b51f95bdf0746de606bb2b9481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1b:b3:e2:8d:c3:e5:0f:dd:e0:bf:8b:02:05:
4a:f8:96:b2:f8:10:a5:47:50:de:19:5c:49:6d:ee:
d9:0b:86:37:60:38:2b:c2:a5:5f:cf:6f:f5:09:6a:
04:8c:50:bf:6e:b4:8b:e2:67:cc:b0:fb:2d:95:e2:
34:01:09:c1:59:a8:5e:16:5a:4f:bb:0d:2c:f9:0a:
c6:4f:99:8c:96:62:ff:e7:8e:fd:8c:b2:d7:d9:8e:
2c:bb:b4:2e:ec:fb:3d:5a:54:2e:2e:97:f4:10:01:
38:3a:58:5f:5d:48:fd:f7:0c:93:cb:64:39:33:ed:
cd:59:f0:e3:d6:c8:7e:d7:b9:d7:f1:3a:56:4b:68:
7a:93:0c:81:20:3c:1f:60:22:30:3d:41:c1:a9:e8:
76:8c:5d:4d:cc:c3:6f:d0:19:34:09:53:b2:8b:2f:
9d:5e:81:a7:11:e0:e6:20:c1:03:33:cd:d5:05:99:
00:86:7c:2a:f2:3a:6e:d0:e3:eb:69:e0:a3:4a:70:
01:93:b4:47:01:bc:c5:56:bd:8e:f5:0f:49:ef:0d:
d7:57:da:4f:9e:38:c5:aa:88:67:0e:1e:7c:53:fb:
4a:31:ba:95:db:3c:ab:f4:e2:63:dd:b3:68:04:1e:
f2:1a:39:56:5b:02:84:9f:ca:47:50:a8:8e:88:60:
57:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:80:33:95:C1:5A:13:B5:1F:95:BD:F0:74:6D:E6:06:BB:2B:94:81
X509v3 Authority Key Identifier:
keyid:12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/ooAzlcFaE7Uflb3wdG3mBrsrlIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/EjDNjhPIbY74NcGqx9X5U0VcA1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.200.0/22
185.88.148.0/22
IPv6:
2a05:1180::/29
Signature Algorithm: sha256WithRSAEncryption
1d:f7:fc:2d:97:85:b2:7d:40:24:3f:43:45:1c:20:1c:c7:9b:
71:c4:51:70:ca:53:80:e2:94:b5:1c:7a:6e:49:15:45:75:c2:
a2:f3:3b:f9:bc:71:e5:c0:5b:80:9f:8e:3d:53:48:6e:6c:69:
89:a3:ef:07:a4:ac:21:c7:8f:3b:79:62:e3:36:a6:ce:45:b4:
69:ef:0a:72:0d:a0:69:ec:09:e7:60:af:24:d7:12:56:37:d0:
4f:99:34:00:b3:4a:cb:95:89:ad:61:5e:4f:83:a5:34:d6:41:
56:2b:f9:57:2b:40:1f:d9:b6:20:d7:81:a2:15:58:3c:48:47:
b4:ce:f1:fa:72:91:4c:c6:07:e6:36:ff:9c:78:c6:ca:48:a6:
d8:43:99:6e:5f:31:10:6d:8e:fe:fa:e4:9b:09:bf:21:d4:be:
08:20:b7:59:ef:53:27:03:48:3d:bd:71:66:a1:a3:a3:ae:64:
5b:d8:a4:6c:c0:ec:2b:67:97:17:8f:57:68:f6:bd:f2:40:41:
c1:ff:0a:6c:2c:9a:c0:2d:e5:58:39:6d:5f:01:cd:1c:e9:2d:
dc:9b:7d:16:f0:29:64:6d:87:c5:58:c7:80:a1:55:45:52:3d:
fd:92:c3:eb:46:ff:6d:33:6c:36:3b:20:ca:13:8d:91:a8:2b:
90:23:e8:c1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvi5KYazkJHvh5Arb874j6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMzBjZDhlMTNjODZkOGVmODM1YzFhYWM3ZDVmOTUzNDU1
YzAzNWMwHhcNMjMwMTAxMjI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjgwMzM5NWMxNWExM2I1MWY5NWJkZjA3NDZkZTYwNmJiMmI5NDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBuz4o3D5Q/d4L+LAgVK+Jay+BCl
R1DeGVxJbe7ZC4Y3YDgrwqVfz2/1CWoEjFC/brSL4mfMsPstleI0AQnBWaheFlpP
uw0s+QrGT5mMlmL/5479jLLX2Y4su7Qu7Ps9WlQuLpf0EAE4OlhfXUj99wyTy2Q5
M+3NWfDj1sh+17nX8TpWS2h6kwyBIDwfYCIwPUHBqeh2jF1NzMNv0Bk0CVOyiy+d
XoGnEeDmIMEDM83VBZkAhnwq8jpu0OPraeCjSnABk7RHAbzFVr2O9Q9J7w3XV9pP
njjFqohnDh58U/tKMbqV2zyr9OJj3bNoBB7yGjlWWwKEn8pHUKiOiGBXZwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKKAM5XBWhO1H5W98HRt5ga7K5SBMB8GA1UdIwQY
MBaAFBIwzY4TyG2O+DXBqsfV+VNFXANcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQt
MDFmYjQ2YTQzM2UxLzEvb29BemxjRmFFN1VmbGIzd2RHM21CcnNybElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQtMDFmYjQ2YTQzM2Ux
LzEvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUPIAwQC
uViUMA0EAgACMAcDBQMqBRGAMA0GCSqGSIb3DQEBCwUAA4IBAQAd9/wtl4WyfUAk
P0NFHCAcx5txxFFwylOA4pS1HHpuSRVFdcKi8zv5vHHlwFuAn449U0hubGmJo+8H
pKwhx487eWLjNqbORbRp7wpyDaBp7AnnYK8k1xJWN9BPmTQAs0rLlYmtYV5Pg6U0
1kFWK/lXK0Af2bYg14GiFVg8SEe0zvH6cpFMxgfmNv+ceMbKSKbYQ5luXzEQbY7+
+uSbCb8h1L4IILdZ71MnA0g9vXFmoaOjrmRb2KRswOwrZ5cXj1do9r3yQEHB/wps
LJrALeVYOW1fAc0c6S3cm30W8ClkbYfFWMeAoVVFUj39ksPrRv9tM2w2OyDKE42R
qCuQI+jB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:27 2024 by rpki-client on console-fra.rpki-client.org