Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/B3_H9nOIam1QTCx-h4cwDeszqxA.roa
File: B3_H9nOIam1QTCx-h4cwDeszqxA.roa (raw, json)
Hash identifier: QflvXsKAPvU+6sSlc0wuynK5p8X/B4lmdg+bgJSftoU=
Subject key identifier: 07:7F:C7:F6:73:88:6A:6D:50:4C:2C:7E:87:87:30:0D:EB:33:AB:10
Certificate issuer: /CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
Certificate serial: 01856B40D064DD6E1AD8C19A7A7491C0B2A4
Authority key identifier: 92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/B3_H9nOIam1QTCx-h4cwDeszqxA.roa
Signing time: Sun 01 Jan 2023 02:54:47 +0000
ROA not before: Sun 01 Jan 2023 02:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 185.119.10.0/24 maxlen: 24
185.119.11.0/24 maxlen: 24
2a10:80c0::/48 maxlen: 48
2a10:80c0:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:d0:64:dd:6e:1a:d8:c1:9a:7a:74:91:c0:b2:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
Validity
Not Before: Jan 1 02:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=077fc7f673886a6d504c2c7e8787300deb33ab10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ad:95:85:b3:8d:13:bb:be:a2:96:a9:e3:a8:
14:d1:5c:df:b0:8d:fd:16:6b:32:aa:f8:e2:3d:af:
dc:dd:28:ad:be:cd:89:d9:28:61:7b:23:15:16:11:
fd:f6:d6:c5:f9:fa:de:cf:5c:69:f2:03:6a:21:ad:
ba:36:d9:fe:62:f0:40:3c:e7:f6:dc:12:0a:bd:41:
df:2e:57:75:1d:cb:31:75:da:e5:77:c6:e8:25:e9:
38:1e:f8:e8:2a:20:3d:7d:6b:d5:a2:c3:55:60:57:
83:59:b9:80:47:d9:d7:ed:1a:75:db:2d:a0:42:0a:
f9:0e:49:48:4e:a9:be:b6:d6:d7:46:f2:71:0e:2e:
ba:b1:eb:b6:4d:4a:e6:17:d2:05:6e:35:be:18:8b:
c0:53:4f:a9:5d:62:c5:1e:89:43:81:0f:f0:6f:ff:
a6:56:37:69:87:85:f3:ea:33:e9:d3:32:ad:4f:d8:
e0:1a:e0:b9:8a:fb:a5:2a:c7:03:95:fe:50:dd:89:
a8:9a:4d:05:fd:9d:09:3a:a4:f8:f0:96:19:00:7b:
10:b3:f9:55:36:d4:f5:d9:d0:ed:7d:00:29:8e:2f:
b6:c3:82:60:71:ed:d1:04:f5:d0:9e:e8:bf:4f:13:
c8:8a:13:8f:86:b6:a0:11:fa:48:19:e1:93:f0:4c:
12:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:7F:C7:F6:73:88:6A:6D:50:4C:2C:7E:87:87:30:0D:EB:33:AB:10
X509v3 Authority Key Identifier:
keyid:92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/B3_H9nOIam1QTCx-h4cwDeszqxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/kvuPoQ3_NHPmU9v2HJqGQyGApcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.10.0/23
IPv6:
2a10:80c0::/48
2a10:80c0:1000::/48
Signature Algorithm: sha256WithRSAEncryption
97:a1:36:d8:97:0e:f0:47:9d:aa:b9:10:d0:c6:ba:f2:6d:db:
01:27:b8:3a:7c:f8:9a:aa:12:a8:80:1d:a9:c0:8e:0a:e4:80:
cd:8f:da:32:3f:25:3b:5a:20:70:b5:a7:71:aa:92:68:08:bb:
69:b7:19:85:8c:db:22:ae:5b:5b:0f:5d:ca:7a:d0:5d:ef:65:
77:de:2a:80:da:f4:dd:92:03:c4:70:8c:91:d8:ec:2c:1b:0f:
7e:e6:c7:c7:ed:aa:88:6c:a1:bd:60:9f:d8:0e:64:af:e9:18:
98:fd:93:85:93:f2:3c:38:7e:81:0a:c8:b6:98:ab:6b:72:32:
18:9f:04:f5:08:87:20:ae:cf:b4:7d:f0:5e:84:69:79:4e:8c:
da:ce:3f:e9:e1:f4:9b:91:5c:70:be:1a:ef:8e:3d:fa:56:3f:
bb:6d:c9:ed:ee:43:07:9d:45:0a:95:a3:6b:4b:db:11:da:49:
89:3a:90:a9:24:e6:cb:30:a2:83:f0:8a:3b:2d:ed:c8:d5:60:
5a:14:90:d0:51:8f:00:2b:29:2a:5e:d2:2f:b7:b3:26:03:12:
d8:ee:f7:fe:dc:6c:59:82:9b:33:c3:73:f7:9e:bb:93:00:8f:
b4:12:97:f0:09:5e:ec:93:43:63:82:a1:d3:48:6f:2c:75:c6:
54:84:c1:52
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVrQNBk3W4a2MGaenSRwLKkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZmI4ZmExMGRmZjM0NzNlNjUzZGJmNjFjOWE4NjQzMjE4
MGE1YzcwHhcNMjMwMTAxMDI1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzdmYzdmNjczODg2YTZkNTA0YzJjN2U4Nzg3MzAwZGViMzNhYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq2VhbONE7u+opap46gU0VzfsI39
FmsyqvjiPa/c3Sitvs2J2ShheyMVFhH99tbF+frez1xp8gNqIa26Ntn+YvBAPOf2
3BIKvUHfLld1Hcsxddrld8boJek4HvjoKiA9fWvVosNVYFeDWbmAR9nX7Rp12y2g
Qgr5DklITqm+ttbXRvJxDi66seu2TUrmF9IFbjW+GIvAU0+pXWLFHolDgQ/wb/+m
Vjdph4Xz6jPp0zKtT9jgGuC5ivulKscDlf5Q3Ymomk0F/Z0JOqT48JYZAHsQs/lV
NtT12dDtfQApji+2w4Jgce3RBPXQnui/TxPIihOPhragEfpIGeGT8EwSxQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAd/x/ZziGptUEwsfoeHMA3rM6sQMB8GA1UdIwQY
MBaAFJL7j6EN/zRz5lPb9hyahkMhgKXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3Z1UG9RM19OSFBtVTl2MkhKcUdReUdBcGNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jNjRkNTAtZmNkZC00YTlmLTkwNDct
MjkzZjYxMjJhMTlkLzEvQjNfSDluT0lhbTFRVEN4LWg0Y3dEZXN6cXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jNjRkNTAtZmNkZC00YTlmLTkwNDctMjkzZjYxMjJhMTlk
LzEva3Z1UG9RM19OSFBtVTl2MkhKcUdReUdBcGNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBuXcKMBgE
AgACMBIDBwAqEIDAAAADBwAqEIDAEAAwDQYJKoZIhvcNAQELBQADggEBAJehNtiX
DvBHnaq5ENDGuvJt2wEnuDp8+JqqEqiAHanAjgrkgM2P2jI/JTtaIHC1p3GqkmgI
u2m3GYWM2yKuW1sPXcp60F3vZXfeKoDa9N2SA8RwjJHY7CwbD37mx8ftqohsob1g
n9gOZK/pGJj9k4WT8jw4foEKyLaYq2tyMhifBPUIhyCuz7R98F6EaXlOjNrOP+nh
9JuRXHC+Gu+OPfpWP7ttye3uQwedRQqVo2tL2xHaSYk6kKkk5sswooPwijst7cjV
YFoUkNBRjwArKSpe0i+3syYDEtju9/7cbFmCmzPDc/eeu5MAj7QSl/AJXuyTQ2OC
odNIbyx1xlSEwVI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:14 2024 by rpki-client on console-fra.rpki-client.org