Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/7kuJKy7gYoCtoJQlHA1FlZ0Y_hg.roa
File: 7kuJKy7gYoCtoJQlHA1FlZ0Y_hg.roa (raw, json)
Hash identifier: Xab5Mc4GbfJoq3quA5c6e+mxxWmtRxo6ZJZunWcxzMs=
Subject key identifier: EE:4B:89:2B:2E:E0:62:80:AD:A0:94:25:1C:0D:45:95:9D:18:FE:18
Certificate issuer: /CN=f5450c6376655eec1dd2da4bd21d5f104a96d904
Certificate serial: 01856F1DA5CDF0F05CF44B09D9D9E3EB6126
Authority key identifier: F5:45:0C:63:76:65:5E:EC:1D:D2:DA:4B:D2:1D:5F:10:4A:96:D9:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/7kuJKy7gYoCtoJQlHA1FlZ0Y_hg.roa
Signing time: Sun 01 Jan 2023 20:54:51 +0000
ROA not before: Sun 01 Jan 2023 20:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49832
IP address blocks: 185.88.11.0/24 maxlen: 32
167.160.20.0/24 maxlen: 32
2a06:1ec0::/29 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:a5:cd:f0:f0:5c:f4:4b:09:d9:d9:e3:eb:61:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5450c6376655eec1dd2da4bd21d5f104a96d904
Validity
Not Before: Jan 1 20:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee4b892b2ee06280ada094251c0d45959d18fe18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d3:83:2b:f0:1c:ea:64:8b:55:7f:96:41:34:
09:23:8e:94:d6:69:f9:50:d6:4a:c2:93:6c:7a:01:
dc:b4:94:25:d7:7b:4a:0c:47:8c:d9:3e:3e:06:08:
23:7f:5c:a0:a4:49:c8:ba:2c:38:46:9b:c4:06:23:
aa:b9:e7:1b:aa:b9:90:f3:7e:2c:d4:a6:b4:43:d2:
cc:0f:43:f8:7b:8f:a0:49:d7:dc:7a:95:37:5a:a5:
9a:c7:49:a8:70:28:49:11:78:ec:0c:04:e5:da:a3:
f4:8e:ca:56:40:1c:d5:08:87:f3:f9:1b:0f:36:6f:
87:2b:d5:e6:c8:35:7b:1e:8f:58:16:5a:27:8a:bf:
67:e7:43:0f:1f:c1:c8:ca:a4:4f:e6:21:d3:30:1e:
db:48:9e:eb:e6:1b:00:17:81:49:38:62:77:ce:d6:
ea:84:54:e8:c2:c2:39:ef:11:75:e9:98:4a:90:41:
e3:ab:52:85:ff:70:1d:e6:20:22:c6:f2:37:16:6b:
65:24:af:73:fc:31:6a:65:b1:5c:65:22:e9:6f:ad:
b6:51:18:52:8b:7a:d8:d3:f8:70:12:8e:25:4f:e1:
01:da:9e:e9:1b:ad:61:a5:5a:ea:bc:06:33:f8:35:
9d:9b:ed:71:a7:60:97:c5:91:f9:21:a5:a6:1a:16:
f9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:4B:89:2B:2E:E0:62:80:AD:A0:94:25:1C:0D:45:95:9D:18:FE:18
X509v3 Authority Key Identifier:
keyid:F5:45:0C:63:76:65:5E:EC:1D:D2:DA:4B:D2:1D:5F:10:4A:96:D9:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/7kuJKy7gYoCtoJQlHA1FlZ0Y_hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.20.0/24
185.88.11.0/24
IPv6:
2a06:1ec0::/29
Signature Algorithm: sha256WithRSAEncryption
39:5e:fc:c5:95:74:89:09:a2:de:8c:96:ce:dd:e6:dc:1c:1c:
44:f4:16:a6:b0:23:d0:c5:61:c9:15:9d:35:4b:18:a6:38:e4:
58:91:54:18:be:d0:59:1e:76:4e:a2:41:f4:9f:46:c7:36:84:
59:54:6d:39:03:85:ec:da:d8:b7:f8:4d:be:fa:56:e6:5b:b9:
45:3e:db:3f:d6:a7:e6:44:ad:da:9b:79:bf:83:1f:30:be:e0:
9d:e5:be:65:fc:e8:88:39:28:a6:37:39:a1:f6:70:62:3b:29:
b7:93:d4:ad:9d:6d:e9:76:14:34:69:29:df:69:fe:2a:8a:f3:
87:6c:88:78:a1:f1:bf:da:32:53:db:5f:28:0b:e9:0e:74:c3:
e6:e8:9f:bf:9a:58:a1:7c:f7:d1:0b:44:08:7d:24:33:88:b3:
ed:bc:02:31:5a:1c:d3:83:bf:3e:0a:24:df:a6:34:5c:80:30:
68:2d:d4:72:15:68:93:49:cf:00:93:bc:0a:42:1c:dc:f7:eb:
9e:7d:02:37:1f:14:65:95:b3:2b:da:66:42:05:64:e8:06:68:
76:20:39:5a:6c:e5:8f:0e:30:77:1a:f0:7f:9d:20:b4:45:00:
5e:ac:b3:a0:ff:06:a4:48:69:e2:57:12:c8:b3:1d:6a:8b:39:
ee:f7:58:21
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvHaXN8PBc9EsJ2dnj62EmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NDUwYzYzNzY2NTVlZWMxZGQyZGE0YmQyMWQ1ZjEwNGE5
NmQ5MDQwHhcNMjMwMTAxMjA1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTRiODkyYjJlZTA2MjgwYWRhMDk0MjUxYzBkNDU5NTlkMThmZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtODK/Ac6mSLVX+WQTQJI46U1mn5
UNZKwpNsegHctJQl13tKDEeM2T4+Bggjf1ygpEnIuiw4RpvEBiOquecbqrmQ834s
1Ka0Q9LMD0P4e4+gSdfcepU3WqWax0mocChJEXjsDATl2qP0jspWQBzVCIfz+RsP
Nm+HK9XmyDV7Ho9YFlonir9n50MPH8HIyqRP5iHTMB7bSJ7r5hsAF4FJOGJ3ztbq
hFTowsI57xF16ZhKkEHjq1KF/3Ad5iAixvI3FmtlJK9z/DFqZbFcZSLpb622URhS
i3rY0/hwEo4lT+EB2p7pG61hpVrqvAYz+DWdm+1xp2CXxZH5IaWmGhb5VQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO5LiSsu4GKAraCUJRwNRZWdGP4YMB8GA1UdIwQY
MBaAFPVFDGN2ZV7sHdLaS9IdXxBKltkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVVVTVkzWmxYdXdkMHRwTDBoMWZFRXFXMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9iMTIyYjAtZDQ2MS00MDlkLWJiZDgt
NmQxZjYwNTQzZTljLzEvN2t1Skt5N2dZb0N0b0pRbEhBMUZsWjBZX2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9iMTIyYjAtZDQ2MS00MDlkLWJiZDgtNmQxZjYwNTQzZTlj
LzEvOVVVTVkzWmxYdXdkMHRwTDBoMWZFRXFXMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAp6AUAwQA
uVgLMA0EAgACMAcDBQMqBh7AMA0GCSqGSIb3DQEBCwUAA4IBAQA5XvzFlXSJCaLe
jJbO3ebcHBxE9BamsCPQxWHJFZ01SximOORYkVQYvtBZHnZOokH0n0bHNoRZVG05
A4Xs2ti3+E2++lbmW7lFPts/1qfmRK3am3m/gx8wvuCd5b5l/OiIOSimNzmh9nBi
Oym3k9StnW3pdhQ0aSnfaf4qivOHbIh4ofG/2jJT218oC+kOdMPm6J+/mlihfPfR
C0QIfSQziLPtvAIxWhzTg78+CiTfpjRcgDBoLdRyFWiTSc8Ak7wKQhzc9+uefQI3
HxRllbMr2mZCBWToBmh2IDlabOWPDjB3GvB/nSC0RQBerLOg/wakSGniVxLIsx1q
iznu91gh
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:27 2024 by rpki-client on console-fra.rpki-client.org