Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/SPs7LGgp7FMNnOobNpHbyN7w9MY.roa
File: SPs7LGgp7FMNnOobNpHbyN7w9MY.roa (raw, json)
Hash identifier: 3jqQdftQHKJ+w3wOC/pJWOHsMSkhFSpv20w4E8aPMtM=
Subject key identifier: 48:FB:3B:2C:68:29:EC:53:0D:9C:EA:1B:36:91:DB:C8:DE:F0:F4:C6
Certificate issuer: /CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Certificate serial: 018570797F529D460BD37A455923FD65D775
Authority key identifier: 1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/SPs7LGgp7FMNnOobNpHbyN7w9MY.roa
Signing time: Mon 02 Jan 2023 03:14:48 +0000
ROA not before: Mon 02 Jan 2023 03:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206637
IP address blocks: 185.180.172.0/22 maxlen: 24
2a0a:ab80::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:7f:52:9d:46:0b:d3:7a:45:59:23:fd:65:d7:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Validity
Not Before: Jan 2 03:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48fb3b2c6829ec530d9cea1b3691dbc8def0f4c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:ec:01:46:c4:ad:4d:f0:27:93:30:39:91:
a7:c8:cd:4e:04:0f:63:80:51:25:ab:ed:b0:98:0a:
e5:3b:e3:5e:82:45:a7:5b:0f:3f:c2:a1:56:7b:86:
3c:fd:1b:32:3f:e9:53:35:86:ff:66:a2:2a:2a:9b:
e1:ce:55:bf:7b:5f:bf:0b:5b:65:f0:06:ea:78:54:
e1:3b:25:bc:3c:ee:92:d7:89:3e:ed:fe:9c:13:87:
de:2a:2b:ca:11:b1:9d:29:63:43:f5:98:25:21:8d:
8a:2e:8e:a2:fb:8e:0d:3c:0e:6e:c4:ce:e7:df:b4:
bf:63:0b:5b:a7:83:4c:d7:94:bd:a6:19:b3:5b:99:
75:d7:98:a8:3e:28:bf:de:cb:7a:45:22:b3:72:27:
92:c8:5b:64:98:4c:f8:c8:45:40:ac:15:25:91:04:
ba:8c:79:1a:a6:75:80:0d:a3:e7:46:3e:bd:53:58:
c1:29:25:c2:e3:05:91:53:fc:34:ef:12:ce:5b:66:
89:4c:30:31:5e:15:6b:d7:55:cc:7a:a5:dd:c8:9d:
e8:ec:22:4f:88:02:61:c3:a2:94:47:2b:80:7b:88:
41:c6:3e:62:e8:56:4c:30:de:01:06:3c:bb:54:16:
85:e4:79:90:4e:88:b0:12:c8:ee:22:85:cc:9d:7b:
ec:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:FB:3B:2C:68:29:EC:53:0D:9C:EA:1B:36:91:DB:C8:DE:F0:F4:C6
X509v3 Authority Key Identifier:
keyid:1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/SPs7LGgp7FMNnOobNpHbyN7w9MY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.172.0/22
IPv6:
2a0a:ab80::/32
Signature Algorithm: sha256WithRSAEncryption
78:7b:eb:1e:c9:d4:09:32:4d:87:b0:f2:c0:ed:25:17:7e:bb:
e0:f5:82:f3:8a:2b:3a:a9:9b:4b:a8:a2:81:2a:3e:15:b3:5b:
c7:a9:58:36:29:ac:7b:6d:17:3c:c3:a2:44:df:96:4f:a3:b2:
fd:bb:3e:f6:30:ca:86:25:bd:99:a8:64:18:01:fc:35:1f:a0:
02:ab:c3:36:b5:6f:4f:d3:11:0f:c5:9e:ab:c5:68:18:7c:95:
45:06:48:f6:e3:56:86:b5:78:4c:2f:90:88:ab:09:77:51:ac:
94:7b:42:31:ec:ac:02:f3:34:75:df:10:52:7d:7f:47:63:4d:
c8:66:b6:d2:f3:a6:74:42:69:48:67:86:1c:a6:9f:82:87:6d:
c6:c1:c2:00:c7:d1:a3:da:16:a2:2d:20:a3:6c:d5:af:7a:cb:
10:b1:0a:fa:a9:fa:01:00:6f:27:db:f8:24:a7:3c:23:18:d0:
c2:0a:23:49:09:99:d7:9c:58:55:fe:78:68:d2:28:ac:19:1d:
e7:e8:81:4b:99:05:55:c2:e6:97:55:78:a5:71:77:c6:43:b2:
75:aa:53:bf:75:4f:74:63:30:cd:0d:70:84:99:2f:b9:51:66:
31:05:f5:18:b2:f6:43:fa:b7:ea:dc:a2:6b:c1:94:0a:77:30:
32:42:15:21
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVweX9SnUYL03pFWSP9Zdd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZTVlZmJmNjU4OTcxNjBkNTVhNTJkYzNhMjJjMDE3ODc2
Y2QwNmMwHhcNMjMwMTAyMDMxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGZiM2IyYzY4MjllYzUzMGQ5Y2VhMWIzNjkxZGJjOGRlZjBmNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta3sAUbErU3wJ5MwOZGnyM1OBA9j
gFElq+2wmArlO+NegkWnWw8/wqFWe4Y8/RsyP+lTNYb/ZqIqKpvhzlW/e1+/C1tl
8AbqeFThOyW8PO6S14k+7f6cE4feKivKEbGdKWND9ZglIY2KLo6i+44NPA5uxM7n
37S/Ywtbp4NM15S9phmzW5l115ioPii/3st6RSKzcieSyFtkmEz4yEVArBUlkQS6
jHkapnWADaPnRj69U1jBKSXC4wWRU/w07xLOW2aJTDAxXhVr11XMeqXdyJ3o7CJP
iAJhw6KURyuAe4hBxj5i6FZMMN4BBjy7VBaF5HmQToiwEsjuIoXMnXvsYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEj7OyxoKexTDZzqGzaR28je8PTGMB8GA1UdIwQY
MBaAFB7l779liXFg1VpS3DoiwBeHbNBsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUt
N2MwZGI3YmFlMTM1LzEvU1BzN0xHZ3A3Rk1Obk9vYk5wSGJ5Tjd3OU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUtN2MwZGI3YmFlMTM1
LzEvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubSsMA0E
AgACMAcDBQAqCquAMA0GCSqGSIb3DQEBCwUAA4IBAQB4e+seydQJMk2HsPLA7SUX
frvg9YLziis6qZtLqKKBKj4Vs1vHqVg2Kax7bRc8w6JE35ZPo7L9uz72MMqGJb2Z
qGQYAfw1H6ACq8M2tW9P0xEPxZ6rxWgYfJVFBkj241aGtXhML5CIqwl3UayUe0Ix
7KwC8zR13xBSfX9HY03IZrbS86Z0QmlIZ4Ycpp+Ch23GwcIAx9Gj2haiLSCjbNWv
essQsQr6qfoBAG8n2/gkpzwjGNDCCiNJCZnXnFhV/nho0iisGR3n6IFLmQVVwuaX
VXilcXfGQ7J1qlO/dU90YzDNDXCEmS+5UWYxBfUYsvZD+rfq3KJrwZQKdzAyQhUh
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:03 2024 by rpki-client on console-fra.rpki-client.org