Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/IU74Yo8g0vJyyr5Mif_sBPrzXLM.roa
File: IU74Yo8g0vJyyr5Mif_sBPrzXLM.roa (raw, json)
Hash identifier: st9YWkimplxAB83aboI2P9dKR5QOoggUtGouNRmJkqQ=
Subject key identifier: 21:4E:F8:62:8F:20:D2:F2:72:CA:BE:4C:89:FF:EC:04:FA:F3:5C:B3
Certificate issuer: /CN=2b976275547b75df2b04c4f9b291c0710c507740
Certificate serial: 01856DDD67DCA320F2AF96780FFFBFB6B054
Authority key identifier: 2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/IU74Yo8g0vJyyr5Mif_sBPrzXLM.roa
Signing time: Sun 01 Jan 2023 15:05:04 +0000
ROA not before: Sun 01 Jan 2023 15:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202975
IP address blocks: 185.135.100.0/23 maxlen: 23
185.135.102.0/24 maxlen: 24
85.116.132.0/22 maxlen: 22
2a06:f2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 22 Apr 2023 07:16:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:67:dc:a3:20:f2:af:96:78:0f:ff:bf:b6:b0:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b976275547b75df2b04c4f9b291c0710c507740
Validity
Not Before: Jan 1 15:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=214ef8628f20d2f272cabe4c89ffec04faf35cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:76:b8:ef:cd:1a:7d:db:e8:28:a6:c5:5a:42:
91:e1:b0:34:d1:66:f1:fe:73:0c:c0:a8:2b:e3:c0:
09:92:14:58:c9:e4:d0:11:e4:5b:62:c2:14:1f:6e:
15:7b:bd:32:00:c1:48:11:32:d9:ab:64:61:02:b5:
eb:aa:07:6c:fe:67:13:e3:79:2d:5d:cf:ec:ac:15:
00:82:9b:af:b6:30:4e:4a:55:0f:7b:0a:d8:1a:98:
6d:51:cb:99:c8:28:78:fb:84:0a:82:a1:4e:72:ce:
9b:67:b5:e4:96:dd:41:f6:e6:9a:1a:af:d9:a5:5a:
87:2d:a4:89:55:89:8d:71:e0:e7:1c:83:b4:da:a6:
eb:61:c6:ac:7b:2d:65:a5:62:99:4b:f8:4c:bb:ac:
3a:b7:96:a4:90:81:00:49:02:4b:67:c5:ac:3f:eb:
d7:ad:16:0e:a8:68:75:25:bc:5d:4f:ee:1c:fc:98:
8b:08:5d:7f:30:3d:be:fb:3b:85:6b:22:39:08:88:
e6:2b:04:86:c7:f2:61:a5:60:d4:0a:53:e4:e2:1f:
b3:e0:02:41:15:60:7e:1a:43:90:e6:b4:54:20:f4:
ac:e2:9d:f0:55:c0:88:43:2f:b4:b7:05:0a:d4:c1:
03:11:67:b4:eb:d1:16:42:43:ea:f9:f9:b9:cc:10:
c5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4E:F8:62:8F:20:D2:F2:72:CA:BE:4C:89:FF:EC:04:FA:F3:5C:B3
X509v3 Authority Key Identifier:
keyid:2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/IU74Yo8g0vJyyr5Mif_sBPrzXLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.132.0/22
185.135.100.0-185.135.102.255
IPv6:
2a06:f2c0::/29
Signature Algorithm: sha256WithRSAEncryption
46:3e:91:72:fc:8c:9d:a8:09:20:9a:69:ee:de:95:7f:7d:61:
5d:7c:55:c2:e6:d8:da:3a:3a:8b:61:b7:dc:b9:61:e5:26:79:
95:b3:a5:c1:b8:bf:fb:d6:32:5a:33:03:09:7a:cc:45:4f:5b:
01:3a:f5:cd:5b:d8:0e:74:93:af:04:f6:30:6f:29:00:73:a8:
31:32:28:a9:a3:6e:00:e3:8d:ff:fd:73:54:d7:03:30:55:70:
02:d9:6d:70:b6:ad:36:09:ca:9c:98:85:13:cd:4c:e0:c0:b8:
66:23:45:92:bb:b0:af:d5:4a:11:6a:7e:49:ab:d6:2f:95:61:
89:3b:5b:2a:85:33:aa:f8:c6:be:4c:5d:b6:a3:86:b7:4f:7e:
e0:7a:31:28:7d:4b:5c:aa:14:ac:33:5c:3f:57:ef:71:c8:9e:
0a:7f:6a:5c:a9:92:3c:b6:42:5e:b8:68:5b:eb:91:b7:a8:cb:
7f:6c:44:b7:95:6e:8c:4a:64:d2:90:3c:84:d7:71:94:8a:ed:
d4:45:ce:4b:22:b5:f1:93:56:c2:fb:2b:0d:e5:90:ce:20:71:
59:a2:e0:bb:92:96:02:6d:ab:68:71:d5:a0:3f:ad:74:c0:4f:
d8:52:a4:27:d7:95:8d:7e:3b:51:48:91:a4:ec:d3:9d:ae:9f:
e5:6a:21:10
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVt3WfcoyDyr5Z4D/+/trBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTc2Mjc1NTQ3Yjc1ZGYyYjA0YzRmOWIyOTFjMDcxMGM1
MDc3NDAwHhcNMjMwMTAxMTUwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTRlZjg2MjhmMjBkMmYyNzJjYWJlNGM4OWZmZWMwNGZhZjM1Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3a4780afdvoKKbFWkKR4bA00Wbx
/nMMwKgr48AJkhRYyeTQEeRbYsIUH24Ve70yAMFIETLZq2RhArXrqgds/mcT43kt
Xc/srBUAgpuvtjBOSlUPewrYGphtUcuZyCh4+4QKgqFOcs6bZ7Xklt1B9uaaGq/Z
pVqHLaSJVYmNceDnHIO02qbrYcasey1lpWKZS/hMu6w6t5akkIEASQJLZ8WsP+vX
rRYOqGh1JbxdT+4c/JiLCF1/MD2++zuFayI5CIjmKwSGx/JhpWDUClPk4h+z4AJB
FWB+GkOQ5rRUIPSs4p3wVcCIQy+0twUK1MEDEWe069EWQkPq+fm5zBDFzwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCFO+GKPINLycsq+TIn/7AT681yzMB8GA1UdIwQY
MBaAFCuXYnVUe3XfKwTE+bKRwHEMUHdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgt
ZDViMGY5MWQ5N2MyLzEvSVU3NFlvOGcwdkp5eXI1TWlmX3NCUHJ6WExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgtZDViMGY5MWQ5N2My
LzEvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCVXSEMAwD
BAK5h2QDBAC5h2YwDQQCAAIwBwMFAyoG8sAwDQYJKoZIhvcNAQELBQADggEBAEY+
kXL8jJ2oCSCaae7elX99YV18VcLm2No6Ootht9y5YeUmeZWzpcG4v/vWMlozAwl6
zEVPWwE69c1b2A50k68E9jBvKQBzqDEyKKmjbgDjjf/9c1TXAzBVcALZbXC2rTYJ
ypyYhRPNTODAuGYjRZK7sK/VShFqfkmr1i+VYYk7WyqFM6r4xr5MXbajhrdPfuB6
MSh9S1yqFKwzXD9X73HIngp/alypkjy2Ql64aFvrkbeoy39sRLeVboxKZNKQPITX
cZSK7dRFzksitfGTVsL7Kw3lkM4gcVmi4LuSlgJtq2hx1aA/rXTAT9hSpCfXlY1+
O1FIkaTs052un+VqIRA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:05 2024 by rpki-client on console-fra.rpki-client.org