Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/06AoKiANfk2OcNcKhAbJ8-wS_lc.roa
File: 06AoKiANfk2OcNcKhAbJ8-wS_lc.roa (raw, json)
Hash identifier: O5fLtuz0EMEoKtlzHOx0QxH/wnLA1vpFojlVK1Ne5bs=
Subject key identifier: D3:A0:28:2A:20:0D:7E:4D:8E:70:D7:0A:84:06:C9:F3:EC:12:FE:57
Certificate issuer: /CN=a366f35bac61a0abf71d18d6b1063d5c933a24ab
Certificate serial: 018CC5000674AEAD20EA8BA8BA7E9DE95147
Authority key identifier: A3:66:F3:5B:AC:61:A0:AB:F7:1D:18:D6:B1:06:3D:5C:93:3A:24:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2bzW6xhoKv3HRjWsQY9XJM6JKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/06AoKiANfk2OcNcKhAbJ8-wS_lc.roa
Signing time: Mon 01 Jan 2024 12:29:22 +0000
ROA not before: Mon 01 Jan 2024 12:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201535
IP address blocks: 185.71.164.0/22 maxlen: 22
2a05:34c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:06:74:ae:ad:20:ea:8b:a8:ba:7e:9d:e9:51:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a366f35bac61a0abf71d18d6b1063d5c933a24ab
Validity
Not Before: Jan 1 12:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3a0282a200d7e4d8e70d70a8406c9f3ec12fe57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e8:fc:bd:7f:92:39:4e:04:f1:30:a7:ad:65:
8d:86:d0:6b:02:46:8e:c7:84:99:bf:21:5f:3a:a8:
3b:55:62:f3:af:d3:99:ae:cd:44:69:dc:a7:f1:71:
31:54:4c:94:92:66:8a:29:d8:c8:7c:31:62:bf:2e:
3e:8a:73:a0:f3:5c:ad:69:da:24:94:f4:91:14:04:
94:48:b3:32:6e:9f:c1:a8:bd:78:e4:6f:71:ab:cf:
45:8b:60:fe:fd:0e:7a:7a:1c:36:6d:4d:1c:b4:3c:
ea:5a:87:a8:d4:b0:d3:81:8b:e3:37:16:41:95:72:
56:95:48:48:9d:dc:29:90:33:bf:2e:23:3d:66:d6:
7f:0a:44:8c:12:50:aa:b8:38:af:d8:1f:d6:4c:bc:
28:14:1f:38:d3:43:ec:26:22:ca:f2:0f:99:91:a7:
ed:c6:cc:38:6c:3f:db:25:f3:f2:a4:ef:f7:87:2e:
67:9f:56:38:06:74:de:5e:5f:5b:64:e4:9e:45:12:
6f:0a:46:41:53:98:2a:06:79:70:ef:70:e6:c2:22:
cd:69:75:de:77:8c:29:6d:c4:a1:16:1c:f5:fa:df:
3a:9a:b6:2b:06:8c:03:f7:3e:c7:7b:3f:1b:9c:94:
4c:9c:6e:44:f5:b0:5a:17:91:b7:5e:ed:85:76:5f:
62:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A0:28:2A:20:0D:7E:4D:8E:70:D7:0A:84:06:C9:F3:EC:12:FE:57
X509v3 Authority Key Identifier:
keyid:A3:66:F3:5B:AC:61:A0:AB:F7:1D:18:D6:B1:06:3D:5C:93:3A:24:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2bzW6xhoKv3HRjWsQY9XJM6JKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/06AoKiANfk2OcNcKhAbJ8-wS_lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4cf814-79b5-4786-ac51-3190795e863b/1/o2bzW6xhoKv3HRjWsQY9XJM6JKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.164.0/22
IPv6:
2a05:34c0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:1c:71:2e:67:c1:6d:c9:84:34:a7:aa:e9:08:10:64:62:55:
eb:f6:67:4e:63:9a:56:00:70:49:da:8b:cf:0e:72:1a:b1:5d:
cb:d9:e6:1b:fb:bf:bd:cb:39:3c:00:d2:58:22:bf:8f:bd:ca:
c2:8e:e7:1c:0c:46:37:63:ec:5d:6f:52:d0:55:79:ea:9c:ad:
d7:83:a3:0e:b5:01:6f:3f:ef:41:c0:34:23:ac:72:46:f3:92:
3a:9e:08:3c:65:4a:dc:2b:ed:ef:09:62:7a:86:7d:74:15:e1:
a4:76:ca:d1:81:59:ab:8d:68:69:92:47:07:37:57:52:96:43:
52:00:a0:19:6b:91:17:34:c3:62:07:8f:c9:73:63:57:c6:0b:
fa:1a:55:9a:5d:03:36:b7:d3:b1:91:60:9d:9d:ed:a2:43:61:
8b:9e:e4:ca:18:9a:a7:a9:a1:0d:68:aa:a6:88:8a:ce:8e:69:
24:67:0c:20:0b:b5:9c:b1:fc:e4:dc:66:ef:e3:23:a2:cd:81:
31:15:2b:92:68:89:e6:96:82:b2:fe:fd:e5:a7:2b:9f:bb:8d:
67:8f:73:dc:52:66:ca:18:93:19:2f:06:ab:f4:01:c0:23:13:
66:c3:b3:46:aa:a6:fb:24:a9:5d:93:60:1d:75:7f:24:b0:b7:
b0:8e:9b:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAAZ0rq0g6ououn6d6VFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjZmMzViYWM2MWEwYWJmNzFkMThkNmIxMDYzZDVjOTMz
YTI0YWIwHhcNMjQwMTAxMTIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2EwMjgyYTIwMGQ3ZTRkOGU3MGQ3MGE4NDA2YzlmM2VjMTJmZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+j8vX+SOU4E8TCnrWWNhtBrAkaO
x4SZvyFfOqg7VWLzr9OZrs1Eadyn8XExVEyUkmaKKdjIfDFivy4+inOg81ytadok
lPSRFASUSLMybp/BqL145G9xq89Fi2D+/Q56ehw2bU0ctDzqWoeo1LDTgYvjNxZB
lXJWlUhIndwpkDO/LiM9ZtZ/CkSMElCquDiv2B/WTLwoFB8400PsJiLK8g+Zkaft
xsw4bD/bJfPypO/3hy5nn1Y4BnTeXl9bZOSeRRJvCkZBU5gqBnlw73DmwiLNaXXe
d4wpbcShFhz1+t86mrYrBowD9z7Hez8bnJRMnG5E9bBaF5G3Xu2Fdl9iFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNOgKCogDX5NjnDXCoQGyfPsEv5XMB8GA1UdIwQY
MBaAFKNm81usYaCr9x0Y1rEGPVyTOiSrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJielc2eGhvS3YzSFJqV3NRWTlYSk02SktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80Y2Y4MTQtNzliNS00Nzg2LWFjNTEt
MzE5MDc5NWU4NjNiLzEvMDZBb0tpQU5mazJPY05jS2hBYko4LXdTX2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80Y2Y4MTQtNzliNS00Nzg2LWFjNTEtMzE5MDc5NWU4NjNi
LzEvbzJielc2eGhvS3YzSFJqV3NRWTlYSk02SktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUekMA0E
AgACMAcDBQMqBTTAMA0GCSqGSIb3DQEBCwUAA4IBAQCjHHEuZ8FtyYQ0p6rpCBBk
YlXr9mdOY5pWAHBJ2ovPDnIasV3L2eYb+7+9yzk8ANJYIr+PvcrCjuccDEY3Y+xd
b1LQVXnqnK3Xg6MOtQFvP+9BwDQjrHJG85I6ngg8ZUrcK+3vCWJ6hn10FeGkdsrR
gVmrjWhpkkcHN1dSlkNSAKAZa5EXNMNiB4/Jc2NXxgv6GlWaXQM2t9OxkWCdne2i
Q2GLnuTKGJqnqaENaKqmiIrOjmkkZwwgC7Wcsfzk3Gbv4yOizYExFSuSaInmloKy
/v3lpyufu41nj3PcUmbKGJMZLwar9AHAIxNmw7NGqqb7JKldk2AddX8ksLewjpu8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:41 2025 by rpki-client