Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/363ba7-89e3-495f-aa2e-c1eb73ffd416/1/A4eHu96TSu3hPnrIMRTWXp9XDoE.roa
File: A4eHu96TSu3hPnrIMRTWXp9XDoE.roa (raw, json)
Hash identifier: e2ExeZdfQgshTAfutxX2mgA0iyjCPqH5c7rQRnis9qk=
Subject key identifier: 03:87:87:BB:DE:93:4A:ED:E1:3E:7A:C8:31:14:D6:5E:9F:57:0E:81
Certificate issuer: /CN=c36806ea062f6053841288b446e2e0ded5b2f2e7
Certificate serial: 01856C415B44D88522F820B65792FAE9F08C
Authority key identifier: C3:68:06:EA:06:2F:60:53:84:12:88:B4:46:E2:E0:DE:D5:B2:F2:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w2gG6gYvYFOEEoi0RuLg3tWy8uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/363ba7-89e3-495f-aa2e-c1eb73ffd416/1/A4eHu96TSu3hPnrIMRTWXp9XDoE.roa
Signing time: Sun 01 Jan 2023 07:35:00 +0000
ROA not before: Sun 01 Jan 2023 07:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202605
IP address blocks: 185.156.36.0/22 maxlen: 22
2a07:9a00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:5b:44:d8:85:22:f8:20:b6:57:92:fa:e9:f0:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c36806ea062f6053841288b446e2e0ded5b2f2e7
Validity
Not Before: Jan 1 07:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=038787bbde934aede13e7ac83114d65e9f570e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:03:f5:3f:3f:a3:44:bc:c3:36:33:0b:dc:61:
5c:d8:7d:c4:36:c8:7a:a2:48:32:ff:31:9b:da:66:
35:ea:b5:82:50:07:f6:52:72:15:03:a4:c7:71:a7:
0f:85:5a:ea:73:4b:3b:22:aa:ab:26:86:0a:e5:df:
7e:2e:bf:3e:f3:e9:36:d5:e1:d2:24:05:aa:43:b2:
d3:76:2c:89:d7:4d:92:6f:db:94:e6:68:f7:fe:d2:
5e:02:bf:d3:c6:49:93:ee:e2:94:1d:de:38:4e:39:
60:21:53:a9:2e:4e:c4:2d:f9:d2:f9:ee:54:92:c1:
38:33:a2:35:f1:1f:36:5b:d2:52:50:71:17:12:69:
07:de:77:7e:41:40:7f:6f:d8:bc:41:24:ca:a8:51:
f4:da:25:cd:ce:39:a1:44:12:4e:43:5a:99:3f:79:
15:0d:18:d6:92:53:0b:c3:a9:80:67:b9:33:6e:63:
26:92:83:76:61:43:ed:1b:4b:96:ed:63:45:74:38:
20:bd:77:d6:a6:93:1b:84:4c:f6:a8:4a:12:07:81:
ca:f0:d4:d4:29:f1:8f:8b:f1:d7:e6:49:de:90:8f:
cc:80:b2:2c:b1:be:7f:e3:2e:3d:12:f7:35:6a:93:
9d:74:c0:88:69:bc:29:03:ca:b3:04:cc:91:ce:4f:
12:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:87:87:BB:DE:93:4A:ED:E1:3E:7A:C8:31:14:D6:5E:9F:57:0E:81
X509v3 Authority Key Identifier:
keyid:C3:68:06:EA:06:2F:60:53:84:12:88:B4:46:E2:E0:DE:D5:B2:F2:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w2gG6gYvYFOEEoi0RuLg3tWy8uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/363ba7-89e3-495f-aa2e-c1eb73ffd416/1/A4eHu96TSu3hPnrIMRTWXp9XDoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/363ba7-89e3-495f-aa2e-c1eb73ffd416/1/w2gG6gYvYFOEEoi0RuLg3tWy8uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.36.0/22
IPv6:
2a07:9a00::/29
Signature Algorithm: sha256WithRSAEncryption
08:80:a8:16:95:c2:6b:fc:10:0e:4b:7d:e4:06:3c:0b:ae:b2:
a5:9a:62:b9:ad:f6:12:f3:e1:01:48:e7:e0:ea:3b:13:3c:a7:
fe:d6:0d:11:9e:cc:66:b0:7b:b1:c6:1c:e4:0f:5f:c9:ef:63:
44:5d:a4:bf:3f:92:76:74:8d:99:44:9a:f4:d4:80:2a:00:5f:
a6:5e:33:e9:20:f1:d3:71:d8:97:f1:4c:23:6e:7f:ca:57:9a:
16:7b:0b:79:e0:70:16:5f:8d:18:38:7d:42:40:2a:75:db:5e:
be:5d:61:93:62:84:00:e3:ee:72:7d:e2:fc:e8:1b:3e:9e:c3:
c7:e1:10:27:6e:f2:bf:69:1e:87:cf:0c:54:64:96:a9:d0:b4:
0a:e9:88:72:c6:65:aa:43:49:4f:f5:02:5e:10:4c:ec:fa:c8:
c5:50:b1:de:93:1f:40:b3:21:b6:11:14:0f:5a:45:2f:35:4a:
a6:5e:83:38:74:a4:a7:b3:cf:fb:fd:b6:21:1e:f0:aa:76:c2:
f6:d5:bb:d1:1e:6f:fc:5d:b2:6d:ae:1b:c3:59:65:44:53:00:
02:4c:04:2a:64:10:a3:7f:51:99:7b:e0:5d:df:a0:cb:be:83:
5a:69:e3:1a:84:93:2c:29:4f:de:03:47:a6:2b:ff:b0:8d:67:
a3:1a:ab:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsQVtE2IUi+CC2V5L66fCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNjgwNmVhMDYyZjYwNTM4NDEyODhiNDQ2ZTJlMGRlZDVi
MmYyZTcwHhcNMjMwMTAxMDczNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzg3ODdiYmRlOTM0YWVkZTEzZTdhYzgzMTE0ZDY1ZTlmNTcwZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQP1Pz+jRLzDNjML3GFc2H3ENsh6
okgy/zGb2mY16rWCUAf2UnIVA6THcacPhVrqc0s7IqqrJoYK5d9+Lr8+8+k21eHS
JAWqQ7LTdiyJ102Sb9uU5mj3/tJeAr/TxkmT7uKUHd44TjlgIVOpLk7ELfnS+e5U
ksE4M6I18R82W9JSUHEXEmkH3nd+QUB/b9i8QSTKqFH02iXNzjmhRBJOQ1qZP3kV
DRjWklMLw6mAZ7kzbmMmkoN2YUPtG0uW7WNFdDggvXfWppMbhEz2qEoSB4HK8NTU
KfGPi/HX5knekI/MgLIssb5/4y49Evc1apOddMCIabwpA8qzBMyRzk8S2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAOHh7vek0rt4T56yDEU1l6fVw6BMB8GA1UdIwQY
MBaAFMNoBuoGL2BThBKItEbi4N7VsvLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzJnRzZnWXZZRk9FRW9pMFJ1TGczdFd5OHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zNjNiYTctODllMy00OTVmLWFhMmUt
YzFlYjczZmZkNDE2LzEvQTRlSHU5NlRTdTNoUG5ySU1SVFdYcDlYRG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zNjNiYTctODllMy00OTVmLWFhMmUtYzFlYjczZmZkNDE2
LzEvdzJnRzZnWXZZRk9FRW9pMFJ1TGczdFd5OHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZwkMA0E
AgACMAcDBQMqB5oAMA0GCSqGSIb3DQEBCwUAA4IBAQAIgKgWlcJr/BAOS33kBjwL
rrKlmmK5rfYS8+EBSOfg6jsTPKf+1g0RnsxmsHuxxhzkD1/J72NEXaS/P5J2dI2Z
RJr01IAqAF+mXjPpIPHTcdiX8Uwjbn/KV5oWewt54HAWX40YOH1CQCp1216+XWGT
YoQA4+5yfeL86Bs+nsPH4RAnbvK/aR6HzwxUZJap0LQK6YhyxmWqQ0lP9QJeEEzs
+sjFULHekx9AsyG2ERQPWkUvNUqmXoM4dKSns8/7/bYhHvCqdsL21bvRHm/8XbJt
rhvDWWVEUwACTAQqZBCjf1GZe+Bd36DLvoNaaeMahJMsKU/eA0emK/+wjWejGqtZ
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:36 2024 by rpki-client on console-fra.rpki-client.org