Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c62c7f-f462-4348-b068-f049c66ef811/1/iAbLE1DUvWehGJVjvHGSWtiptPc.roa
File: iAbLE1DUvWehGJVjvHGSWtiptPc.roa (raw, json)
Hash identifier: tk0pHQK0cA+3yqY5bmuZHhVVgqsaWdiF/8AWDDExglM=
Subject key identifier: 88:06:CB:13:50:D4:BD:67:A1:18:95:63:BC:71:92:5A:D8:A9:B4:F7
Certificate issuer: /CN=ae682c4f0a2940eea872542a6215e354991deb4b
Certificate serial: 01857102E0F98FC5471A9B0BD460C43BF4F4
Authority key identifier: AE:68:2C:4F:0A:29:40:EE:A8:72:54:2A:62:15:E3:54:99:1D:EB:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rmgsTwopQO6oclQqYhXjVJkd60s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c62c7f-f462-4348-b068-f049c66ef811/1/iAbLE1DUvWehGJVjvHGSWtiptPc.roa
Signing time: Mon 02 Jan 2023 05:44:52 +0000
ROA not before: Mon 02 Jan 2023 05:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60156
IP address blocks: 185.47.76.0/22 maxlen: 22
2a04:ad40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:e0:f9:8f:c5:47:1a:9b:0b:d4:60:c4:3b:f4:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae682c4f0a2940eea872542a6215e354991deb4b
Validity
Not Before: Jan 2 05:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8806cb1350d4bd67a1189563bc71925ad8a9b4f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:41:ea:94:b8:ad:eb:5b:ac:52:5f:77:4f:42:
7d:72:0c:e6:a4:a6:40:39:69:73:cd:fa:76:e0:30:
9f:46:f7:3e:51:88:6a:8f:7d:30:a2:36:70:a1:98:
bb:26:3a:50:f2:82:39:e0:5f:5a:b2:76:bd:41:4a:
0c:bd:33:fa:ae:25:39:d1:94:04:de:12:34:3a:93:
f8:85:d3:19:c3:ad:5f:05:39:6e:d1:a3:85:41:90:
60:0e:d7:32:a6:fa:93:01:ee:71:f6:2c:b3:ed:17:
26:f1:32:63:d6:19:1f:88:80:d2:6c:49:d3:9b:46:
73:f4:cb:4d:3a:d2:ef:54:f2:8b:70:d7:58:18:cb:
d4:17:e0:d3:66:9c:a8:3e:47:2b:ac:7d:b8:28:1c:
3b:f0:dd:09:02:61:b6:d6:51:14:17:c4:ec:b6:ba:
bc:7e:04:8e:90:1d:8d:6b:96:ee:ea:79:5c:1b:66:
a9:0a:66:a0:51:d8:c4:5c:a8:13:42:8e:a7:15:d0:
a1:7c:91:e5:fa:9d:68:d0:e4:90:b8:58:9b:f6:d9:
50:37:86:2d:bb:7f:9c:65:66:22:b2:fe:0a:51:16:
d3:63:dd:b2:54:bb:f3:31:07:38:9b:44:31:49:b5:
28:2b:9a:37:25:09:4b:27:16:2a:89:63:ec:db:71:
fe:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:06:CB:13:50:D4:BD:67:A1:18:95:63:BC:71:92:5A:D8:A9:B4:F7
X509v3 Authority Key Identifier:
keyid:AE:68:2C:4F:0A:29:40:EE:A8:72:54:2A:62:15:E3:54:99:1D:EB:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rmgsTwopQO6oclQqYhXjVJkd60s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c62c7f-f462-4348-b068-f049c66ef811/1/iAbLE1DUvWehGJVjvHGSWtiptPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c62c7f-f462-4348-b068-f049c66ef811/1/rmgsTwopQO6oclQqYhXjVJkd60s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.76.0/22
IPv6:
2a04:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
09:d1:e5:2c:50:73:86:53:75:17:8c:12:b3:7a:99:fa:ba:ea:
dd:70:5b:9d:e5:14:52:57:71:f6:bb:1b:a8:21:08:bd:1b:3f:
25:a2:ec:3c:3d:03:37:57:97:ab:e1:7d:4f:cf:ba:8b:b4:20:
56:ef:ff:ec:a3:88:1f:d0:8f:20:95:94:08:21:27:19:09:be:
63:d3:57:27:d7:74:c5:4b:84:85:74:0a:f5:e8:79:f0:ce:55:
7a:0a:c6:b6:b6:34:f5:6b:08:0a:b3:d2:8d:a3:01:1a:96:d4:
bb:d1:69:26:84:73:95:1f:d6:ef:64:cf:db:c0:42:25:e6:b1:
eb:b5:9e:d5:04:7a:e9:5e:aa:b0:97:08:0d:2a:31:7a:a4:71:
23:2c:90:8a:45:e6:a3:90:d9:6c:be:9e:ae:63:ef:ac:3d:d5:
da:69:5a:43:20:34:e3:f9:66:77:40:04:b2:80:b6:0f:b7:9e:
c3:9c:9a:30:5f:72:78:c3:5e:c5:dd:62:35:4c:f7:f1:fe:d4:
79:78:2c:bd:6b:72:d1:c8:f2:74:a8:8e:cf:4d:11:1b:8c:2c:
27:d7:69:69:23:06:30:af:b9:07:71:96:dd:30:b6:ef:29:a8:
8e:8c:eb:2d:3e:47:73:9d:76:97:a6:1e:c7:e7:21:d3:f7:6a:
22:49:1c:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxAuD5j8VHGpsL1GDEO/T0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNjgyYzRmMGEyOTQwZWVhODcyNTQyYTYyMTVlMzU0OTkx
ZGViNGIwHhcNMjMwMTAyMDU0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODA2Y2IxMzUwZDRiZDY3YTExODk1NjNiYzcxOTI1YWQ4YTliNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEHqlLit61usUl93T0J9cgzmpKZA
OWlzzfp24DCfRvc+UYhqj30wojZwoZi7JjpQ8oI54F9asna9QUoMvTP6riU50ZQE
3hI0OpP4hdMZw61fBTlu0aOFQZBgDtcypvqTAe5x9iyz7Rcm8TJj1hkfiIDSbEnT
m0Zz9MtNOtLvVPKLcNdYGMvUF+DTZpyoPkcrrH24KBw78N0JAmG21lEUF8Tstrq8
fgSOkB2Na5bu6nlcG2apCmagUdjEXKgTQo6nFdChfJHl+p1o0OSQuFib9tlQN4Yt
u3+cZWYisv4KURbTY92yVLvzMQc4m0QxSbUoK5o3JQlLJxYqiWPs23H+mQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIgGyxNQ1L1noRiVY7xxklrYqbT3MB8GA1UdIwQY
MBaAFK5oLE8KKUDuqHJUKmIV41SZHetLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm1nc1R3b3BRTzZvY2xRcVloWGpWSmtkNjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jNjJjN2YtZjQ2Mi00MzQ4LWIwNjgt
ZjA0OWM2NmVmODExLzEvaUFiTEUxRFV2V2VoR0pWanZIR1NXdGlwdFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jNjJjN2YtZjQ2Mi00MzQ4LWIwNjgtZjA0OWM2NmVmODEx
LzEvcm1nc1R3b3BRTzZvY2xRcVloWGpWSmtkNjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuS9MMA0E
AgACMAcDBQMqBK1AMA0GCSqGSIb3DQEBCwUAA4IBAQAJ0eUsUHOGU3UXjBKzepn6
uurdcFud5RRSV3H2uxuoIQi9Gz8louw8PQM3V5er4X1Pz7qLtCBW7//so4gf0I8g
lZQIIScZCb5j01cn13TFS4SFdAr16HnwzlV6Csa2tjT1awgKs9KNowEaltS70Wkm
hHOVH9bvZM/bwEIl5rHrtZ7VBHrpXqqwlwgNKjF6pHEjLJCKReajkNlsvp6uY++s
PdXaaVpDIDTj+WZ3QASygLYPt57DnJowX3J4w17F3WI1TPfx/tR5eCy9a3LRyPJ0
qI7PTREbjCwn12lpIwYwr7kHcZbdMLbvKaiOjOstPkdznXaXph7H5yHT92oiSRxK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:42 2024 by rpki-client on console-ams.rpki-client.org