Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/P7I-z6pBPB5vsHtedHSb6WuCaz4.roa
File: P7I-z6pBPB5vsHtedHSb6WuCaz4.roa (raw, json)
Hash identifier: qLlD5f/rlQ8O6DgZLZJ3JrC1W0DsOymk6eZ35kY97qM=
Subject key identifier: 3F:B2:3E:CF:AA:41:3C:1E:6F:B0:7B:5E:74:74:9B:E9:6B:82:6B:3E
Certificate issuer: /CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Certificate serial: 0188DD97D98B0F0B39DB4A60AEEC462898C3
Authority key identifier: 40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/P7I-z6pBPB5vsHtedHSb6WuCaz4.roa
Signing time: Wed 21 Jun 2023 10:54:56 +0000
ROA not before: Wed 21 Jun 2023 10:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198257
IP address blocks: 185.153.0.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:97:d9:8b:0f:0b:39:db:4a:60:ae:ec:46:28:98:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Validity
Not Before: Jun 21 10:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fb23ecfaa413c1e6fb07b5e74749be96b826b3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8a:c4:87:79:ea:d9:9e:f3:53:29:d1:c8:06:
e9:64:57:0f:df:83:56:3a:36:7a:36:fe:8a:55:6a:
77:d7:15:01:89:0d:dd:cc:7f:56:c2:85:77:5e:c5:
fd:53:aa:6b:a9:18:02:2a:de:ac:9e:55:2f:b2:2d:
c7:89:05:db:a8:ca:b0:5c:01:be:45:97:dd:9a:41:
fa:cf:00:ae:9e:13:ee:7c:df:3b:b3:76:82:29:54:
91:9b:74:a0:aa:53:ff:6e:72:fd:d1:cb:98:69:a1:
eb:d7:29:a7:2e:43:a6:78:f3:36:bc:67:3c:de:f3:
f6:8d:0a:68:2f:90:a3:10:9a:56:66:b6:89:7f:0b:
f1:20:31:58:7f:d9:e7:3d:58:22:8e:4e:99:c0:50:
39:22:52:5f:c5:23:51:dd:32:f0:00:75:f8:ee:23:
70:34:69:b1:a4:d5:28:7a:94:ed:a5:90:7a:e5:a4:
7a:9c:aa:d1:ed:de:a5:5b:9a:49:34:a4:92:e3:d2:
1c:9f:34:21:ad:46:03:65:c5:29:64:bb:b6:a2:26:
10:ed:f4:71:dd:c4:14:d6:dd:bf:70:8c:42:73:fd:
45:f4:d2:39:d9:6e:a3:72:bf:83:a2:17:9a:17:79:
a0:40:91:a6:1a:15:35:ce:9c:4a:ae:82:8f:f1:10:
a4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B2:3E:CF:AA:41:3C:1E:6F:B0:7B:5E:74:74:9B:E9:6B:82:6B:3E
X509v3 Authority Key Identifier:
keyid:40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/P7I-z6pBPB5vsHtedHSb6WuCaz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:b3:fe:65:05:b5:a1:df:35:12:9d:f0:7f:6f:eb:d2:0b:0a:
93:48:6d:be:80:e9:bf:2e:65:15:16:7a:44:99:b1:ed:5f:82:
9e:5e:39:dc:85:05:e0:3e:f6:e5:83:fc:51:f7:fb:c1:66:d8:
e3:47:3b:95:fb:1d:b7:7c:2b:26:a7:c2:60:e4:e8:8f:20:1f:
7d:ff:b9:7a:5b:bb:d7:55:0a:92:c5:db:68:cf:00:f0:d7:83:
ce:a2:de:8e:2e:18:ea:9c:a0:88:a4:01:69:0c:4d:90:c2:d9:
6c:10:ce:0c:1f:4d:83:6a:a6:33:d5:5f:f6:4f:78:93:08:bf:
b9:6a:23:f0:d8:7e:3a:e4:71:2a:26:ac:d9:14:db:91:54:7a:
27:c9:1a:3d:1a:41:81:13:52:02:da:0c:72:98:7c:3a:f6:18:
cd:61:d7:e7:7f:b1:db:69:82:b8:87:c0:93:86:38:b3:56:e1:
5c:37:8c:7b:62:24:4e:5d:a6:aa:24:bc:03:54:04:fb:8d:72:
0a:b3:c1:ab:dd:32:fd:fe:d8:b9:63:9a:01:fa:4b:e3:24:9e:
d6:3c:83:44:6b:39:71:b3:f8:dd:f4:45:4c:66:aa:28:5e:7f:
d4:4b:22:f1:a1:24:a1:27:99:97:65:3d:42:6e:30:9f:39:4e:
09:01:92:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjdl9mLDws520pgruxGKJjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM1ODFhZGRkNmI5OWRkODc0NGI5ZTI4ODZmYmIwMmFl
OTE4ZTMwHhcNMjMwNjIxMTA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmIyM2VjZmFhNDEzYzFlNmZiMDdiNWU3NDc0OWJlOTZiODI2YjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4rEh3nq2Z7zUynRyAbpZFcP34NW
OjZ6Nv6KVWp31xUBiQ3dzH9WwoV3XsX9U6prqRgCKt6snlUvsi3HiQXbqMqwXAG+
RZfdmkH6zwCunhPufN87s3aCKVSRm3SgqlP/bnL90cuYaaHr1ymnLkOmePM2vGc8
3vP2jQpoL5CjEJpWZraJfwvxIDFYf9nnPVgijk6ZwFA5IlJfxSNR3TLwAHX47iNw
NGmxpNUoepTtpZB65aR6nKrR7d6lW5pJNKSS49IcnzQhrUYDZcUpZLu2oiYQ7fRx
3cQU1t2/cIxCc/1F9NI52W6jcr+DoheaF3mgQJGmGhU1zpxKroKP8RCkdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD+yPs+qQTweb7B7XnR0m+lrgms+MB8GA1UdIwQY
MBaAFEDjWBrd1rmd2HRLniiG+7Aq6RjjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYt
ZmM1OWRlZGIxZDJiLzEvUDdJLXo2cEJQQjV2c0h0ZWRIU2I2V3VDYXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYtZmM1OWRlZGIxZDJi
LzEvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZkAMA0G
CSqGSIb3DQEBCwUAA4IBAQCls/5lBbWh3zUSnfB/b+vSCwqTSG2+gOm/LmUVFnpE
mbHtX4KeXjnchQXgPvblg/xR9/vBZtjjRzuV+x23fCsmp8Jg5OiPIB99/7l6W7vX
VQqSxdtozwDw14POot6OLhjqnKCIpAFpDE2QwtlsEM4MH02DaqYz1V/2T3iTCL+5
aiPw2H465HEqJqzZFNuRVHonyRo9GkGBE1IC2gxymHw69hjNYdfnf7HbaYK4h8CT
hjizVuFcN4x7YiROXaaqJLwDVAT7jXIKs8Gr3TL9/ti5Y5oB+kvjJJ7WPINEazlx
s/jd9EVMZqooXn/USyLxoSShJ5mXZT1CbjCfOU4JAZJM
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:46 2024 by rpki-client on console-ams.rpki-client.org