Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/gCx8lZWFH1cZwOmmRi9KBgWg_UI.roa
File: gCx8lZWFH1cZwOmmRi9KBgWg_UI.roa (raw, json)
Hash identifier: M5TxpY+ejCOpItKuotu1F1lHa8sI7BJB2HiaEgqnkG8=
Subject key identifier: 80:2C:7C:95:95:85:1F:57:19:C0:E9:A6:46:2F:4A:06:05:A0:FD:42
Certificate issuer: /CN=d5a085eb95ad55fb3a6b247e9678112a14d81926
Certificate serial: 01891C431A83F9EF00246AA5BBF52AA0B6CB
Authority key identifier: D5:A0:85:EB:95:AD:55:FB:3A:6B:24:7E:96:78:11:2A:14:D8:19:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1aCF65WtVfs6ayR-lngRKhTYGSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/gCx8lZWFH1cZwOmmRi9KBgWg_UI.roa
Signing time: Mon 03 Jul 2023 14:58:27 +0000
ROA not before: Mon 03 Jul 2023 14:58:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212876
IP address blocks: 185.166.108.0/22 maxlen: 22
2a0c:f880::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:43:1a:83:f9:ef:00:24:6a:a5:bb:f5:2a:a0:b6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5a085eb95ad55fb3a6b247e9678112a14d81926
Validity
Not Before: Jul 3 14:58:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=802c7c9595851f5719c0e9a6462f4a0605a0fd42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:56:5f:ca:0a:da:dc:f6:36:ee:c2:21:24:db:
e3:16:78:5b:2f:5b:98:7b:18:3b:ea:60:3d:b0:d6:
1b:1a:d6:f2:b3:1d:ca:ef:09:a4:35:93:b2:14:56:
10:c0:bc:69:fc:fd:88:cb:3e:69:8b:6b:02:92:76:
2f:fa:62:3c:bb:8e:d5:fb:bb:81:b6:d2:fc:e9:a8:
4d:6b:21:5f:96:9b:c0:0c:f6:01:43:ba:e1:b6:d2:
5c:18:21:9a:af:cf:0e:2a:24:d3:7b:bd:9b:4d:0e:
aa:02:f0:25:96:b1:9d:e9:85:40:d8:16:dd:a7:d8:
a4:ed:b3:f8:25:94:52:eb:65:b4:cf:b5:2b:1f:57:
2e:a5:82:ca:e2:c9:c0:64:2a:f8:4f:be:1b:bd:59:
f7:f2:5f:85:5e:72:11:24:e4:d8:72:30:38:16:46:
08:2b:ae:37:63:81:01:3d:16:a5:69:e8:e9:1f:4b:
1d:af:d0:2d:fb:9d:84:41:89:65:bb:57:53:50:32:
e8:cb:83:91:4f:b2:e8:b0:49:4f:44:07:05:67:1a:
b8:0e:4a:d9:9b:2b:5e:24:76:fd:11:4a:bb:4a:ed:
c7:53:a6:94:87:cf:4e:06:2e:50:ea:aa:d4:ba:3b:
15:05:db:07:bc:72:96:98:fc:51:33:be:d6:c3:81:
a3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2C:7C:95:95:85:1F:57:19:C0:E9:A6:46:2F:4A:06:05:A0:FD:42
X509v3 Authority Key Identifier:
keyid:D5:A0:85:EB:95:AD:55:FB:3A:6B:24:7E:96:78:11:2A:14:D8:19:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1aCF65WtVfs6ayR-lngRKhTYGSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/gCx8lZWFH1cZwOmmRi9KBgWg_UI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/1aCF65WtVfs6ayR-lngRKhTYGSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.108.0/22
IPv6:
2a0c:f880::/29
Signature Algorithm: sha256WithRSAEncryption
2f:56:2e:23:81:93:c9:4e:ce:3e:3d:8b:da:af:e2:bb:79:e9:
a8:2e:5a:55:64:1b:52:7a:9a:55:18:74:d9:4e:c2:5c:d4:be:
01:9e:5d:55:9d:44:8c:58:c2:f7:84:39:59:2f:09:39:0b:0e:
e5:09:a8:7d:17:fb:05:ef:1e:fb:b7:bf:a1:a3:f0:82:8e:d5:
04:55:99:3a:a5:9d:00:a0:f4:ad:e7:17:e9:e9:88:cd:12:3e:
83:82:30:45:a9:92:d8:6f:55:f1:e2:f7:b3:18:52:aa:89:32:
48:23:02:4d:cd:d8:a6:49:d8:52:1b:67:60:93:ce:95:4c:5b:
50:5e:82:61:22:d3:b3:34:89:42:6f:08:f5:fb:8d:4c:82:26:
5c:07:01:e7:7a:19:19:d5:35:23:b8:e1:d5:3d:89:40:bc:f6:
b7:c3:43:3e:9c:68:fc:dc:57:5c:35:00:89:aa:8c:18:ca:5a:
31:39:be:14:a2:06:f5:51:36:3a:c9:82:74:37:1f:86:4c:a9:
59:b6:00:f9:e3:b1:9a:e5:12:a4:4d:fb:14:87:7d:08:fd:12:
90:27:45:28:b6:37:32:c5:44:73:b9:54:8b:4f:6a:dc:cd:e8:
1e:4c:13:ca:be:66:f2:0a:09:7b:ad:49:7a:21:49:85:9b:b5:
d9:6a:17:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkcQxqD+e8AJGqlu/UqoLbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YTA4NWViOTVhZDU1ZmIzYTZiMjQ3ZTk2NzgxMTJhMTRk
ODE5MjYwHhcNMjMwNzAzMTQ1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDJjN2M5NTk1ODUxZjU3MTljMGU5YTY0NjJmNGEwNjA1YTBmZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglZfygra3PY27sIhJNvjFnhbL1uY
exg76mA9sNYbGtbysx3K7wmkNZOyFFYQwLxp/P2Iyz5pi2sCknYv+mI8u47V+7uB
ttL86ahNayFflpvADPYBQ7rhttJcGCGar88OKiTTe72bTQ6qAvAllrGd6YVA2Bbd
p9ik7bP4JZRS62W0z7UrH1cupYLK4snAZCr4T74bvVn38l+FXnIRJOTYcjA4FkYI
K643Y4EBPRalaejpH0sdr9At+52EQYllu1dTUDLoy4ORT7LosElPRAcFZxq4DkrZ
myteJHb9EUq7Su3HU6aUh89OBi5Q6qrUujsVBdsHvHKWmPxRM77Ww4GjmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIAsfJWVhR9XGcDppkYvSgYFoP1CMB8GA1UdIwQY
MBaAFNWgheuVrVX7OmskfpZ4ESoU2BkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWFDRjY1V3RWZnM2YXlSLWxuZ1JLaFRZR1NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi85NDU1OGEtMjgwMy00NGMyLWE3NzIt
Zjk0YWRjMWJiZDkwLzEvZ0N4OGxaV0ZIMWNad09tbVJpOUtCZ1dnX1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi85NDU1OGEtMjgwMy00NGMyLWE3NzItZjk0YWRjMWJiZDkw
LzEvMWFDRjY1V3RWZnM2YXlSLWxuZ1JLaFRZR1NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaZsMA0E
AgACMAcDBQMqDPiAMA0GCSqGSIb3DQEBCwUAA4IBAQAvVi4jgZPJTs4+PYvar+K7
eemoLlpVZBtSeppVGHTZTsJc1L4Bnl1VnUSMWML3hDlZLwk5Cw7lCah9F/sF7x77
t7+ho/CCjtUEVZk6pZ0AoPSt5xfp6YjNEj6DgjBFqZLYb1Xx4vezGFKqiTJIIwJN
zdimSdhSG2dgk86VTFtQXoJhItOzNIlCbwj1+41MgiZcBwHnehkZ1TUjuOHVPYlA
vPa3w0M+nGj83FdcNQCJqowYyloxOb4Uogb1UTY6yYJ0Nx+GTKlZtgD547Ga5RKk
TfsUh30I/RKQJ0UotjcyxURzuVSLT2rczegeTBPKvmbyCgl7rUl6IUmFm7XZahd6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:38 2024 by rpki-client on console-fra.rpki-client.org