Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/e1a78b-dd36-4ee9-a260-3b1aad9fdd57/1/0fmQ9Zsc9rlIUPFzXq6NCv8-0mo.roa
File: 0fmQ9Zsc9rlIUPFzXq6NCv8-0mo.roa (raw, json)
Hash identifier: imr+nzhjH7RwYVEuyrU6vVijznjUOQKe3NPgpmI6XPw=
Subject key identifier: D1:F9:90:F5:9B:1C:F6:B9:48:50:F1:73:5E:AE:8D:0A:FF:3E:D2:6A
Certificate issuer: /CN=ad102f1af17d00fd80a3d9fe9ffe81d04ce17447
Certificate serial: 01889556C6DABEBC9F2530B5618DEA9AA579
Authority key identifier: AD:10:2F:1A:F1:7D:00:FD:80:A3:D9:FE:9F:FE:81:D0:4C:E1:74:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rRAvGvF9AP2Ao9n-n_6B0EzhdEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/e1a78b-dd36-4ee9-a260-3b1aad9fdd57/1/0fmQ9Zsc9rlIUPFzXq6NCv8-0mo.roa
Signing time: Wed 07 Jun 2023 10:11:12 +0000
ROA not before: Wed 07 Jun 2023 10:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202022
IP address blocks: 185.160.56.0/23 maxlen: 23
185.160.58.0/24 maxlen: 24
185.56.32.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:56:c6:da:be:bc:9f:25:30:b5:61:8d:ea:9a:a5:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad102f1af17d00fd80a3d9fe9ffe81d04ce17447
Validity
Not Before: Jun 7 10:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1f990f59b1cf6b94850f1735eae8d0aff3ed26a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3b:f5:09:7a:5e:80:1b:69:72:70:69:de:7d:
b7:b1:77:26:c3:95:71:47:58:ed:ac:d5:65:8d:d2:
c6:96:70:36:04:d0:92:3b:3f:74:03:2b:01:d6:e7:
e9:9c:ea:a5:58:97:73:04:58:6c:42:09:45:0d:e5:
ef:51:39:6b:d1:aa:10:84:e0:f2:78:91:e7:d0:43:
73:41:08:d4:93:27:fd:5c:ee:c6:8d:81:3d:82:a2:
63:4f:3a:e2:7e:77:bd:41:0d:9c:d6:a3:b1:60:43:
6e:e0:90:c7:bc:a0:b3:fb:9c:62:af:56:13:53:29:
7c:1a:38:87:3f:50:b1:75:17:30:8b:ef:93:56:34:
e2:cd:ec:af:dc:af:20:fc:d2:83:34:1a:86:b4:68:
9a:1a:23:60:5a:6e:65:f3:4f:11:a4:f5:38:6c:38:
66:06:7f:a7:49:da:87:20:ab:ea:f2:f5:27:1b:5e:
bd:97:80:0d:26:05:aa:b5:e0:17:76:7b:06:80:94:
2d:10:1f:74:45:54:fa:6c:15:db:7d:7e:8b:d6:10:
23:40:5f:84:ae:46:5a:3c:7d:47:ec:3f:a8:bf:24:
6a:80:b8:a6:c5:37:d2:b0:e6:d7:a7:d2:8c:b6:07:
f1:2f:9e:51:a5:b3:48:54:a3:27:c8:2a:55:22:59:
9c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F9:90:F5:9B:1C:F6:B9:48:50:F1:73:5E:AE:8D:0A:FF:3E:D2:6A
X509v3 Authority Key Identifier:
keyid:AD:10:2F:1A:F1:7D:00:FD:80:A3:D9:FE:9F:FE:81:D0:4C:E1:74:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRAvGvF9AP2Ao9n-n_6B0EzhdEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/e1a78b-dd36-4ee9-a260-3b1aad9fdd57/1/0fmQ9Zsc9rlIUPFzXq6NCv8-0mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/e1a78b-dd36-4ee9-a260-3b1aad9fdd57/1/rRAvGvF9AP2Ao9n-n_6B0EzhdEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.32.0/22
185.160.56.0-185.160.58.255
Signature Algorithm: sha256WithRSAEncryption
99:ed:97:1c:77:d4:aa:e8:03:5d:46:d5:af:21:84:23:66:5a:
92:98:11:1d:8a:09:a3:67:55:95:3a:59:bc:5f:d2:e7:47:ab:
1e:c5:7c:f8:d6:19:d5:e6:ca:f6:14:a9:d2:94:88:6e:4f:1f:
ae:57:4c:fe:af:0b:46:6d:0e:13:a4:2c:7e:da:50:f2:60:90:
c7:e6:2e:c3:fe:dd:82:2b:31:45:6c:a0:38:a8:f3:6f:51:e3:
0f:7c:fa:2b:77:76:6e:84:5f:dc:6e:b2:d6:6b:23:41:ad:b5:
94:92:a6:a2:f7:ea:f3:de:96:a8:ca:bc:79:34:62:95:50:e1:
a3:f1:4d:16:e2:c5:6b:0f:28:da:dc:9a:94:9a:d2:5e:fa:7a:
ed:65:68:48:c0:06:64:ff:95:db:75:21:44:ff:91:95:56:7b:
6f:cb:71:0e:c1:38:2b:ee:b6:a0:06:c4:bc:49:39:ff:32:76:
9b:aa:0e:de:20:5b:50:ee:8c:9a:96:0d:dc:77:c2:6c:cb:e1:
59:bf:ac:b0:bd:6f:01:04:8c:19:91:60:a7:7c:de:3c:a3:67:
0f:6e:8c:56:a2:84:4c:49:c7:5a:67:c9:8c:e8:c1:e0:a3:d1:
a5:f2:4b:5b:19:4f:7a:26:39:1f:e0:4c:14:3c:17:dc:ee:06:
94:cd:2e:b5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYiVVsbavryfJTC1YY3qmqV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMTAyZjFhZjE3ZDAwZmQ4MGEzZDlmZTlmZmU4MWQwNGNl
MTc0NDcwHhcNMjMwNjA3MTAxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWY5OTBmNTliMWNmNmI5NDg1MGYxNzM1ZWFlOGQwYWZmM2VkMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizv1CXpegBtpcnBp3n23sXcmw5Vx
R1jtrNVljdLGlnA2BNCSOz90AysB1ufpnOqlWJdzBFhsQglFDeXvUTlr0aoQhODy
eJHn0ENzQQjUkyf9XO7GjYE9gqJjTzrifne9QQ2c1qOxYENu4JDHvKCz+5xir1YT
Uyl8GjiHP1CxdRcwi++TVjTizeyv3K8g/NKDNBqGtGiaGiNgWm5l808RpPU4bDhm
Bn+nSdqHIKvq8vUnG169l4ANJgWqteAXdnsGgJQtEB90RVT6bBXbfX6L1hAjQF+E
rkZaPH1H7D+ovyRqgLimxTfSsObXp9KMtgfxL55RpbNIVKMnyCpVIlmcGwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNH5kPWbHPa5SFDxc16ujQr/PtJqMB8GA1UdIwQY
MBaAFK0QLxrxfQD9gKPZ/p/+gdBM4XRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclJBdkd2RjlBUDJBbzluLW5fNkIwRXpoZEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9lMWE3OGItZGQzNi00ZWU5LWEyNjAt
M2IxYWFkOWZkZDU3LzEvMGZtUTlac2M5cmxJVVBGelhxNk5DdjgtMG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9lMWE3OGItZGQzNi00ZWU5LWEyNjAtM2IxYWFkOWZkZDU3
LzEvclJBdkd2RjlBUDJBbzluLW5fNkIwRXpoZEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuTggMAwD
BAO5oDgDBAC5oDowDQYJKoZIhvcNAQELBQADggEBAJntlxx31KroA11G1a8hhCNm
WpKYER2KCaNnVZU6Wbxf0udHqx7FfPjWGdXmyvYUqdKUiG5PH65XTP6vC0ZtDhOk
LH7aUPJgkMfmLsP+3YIrMUVsoDio829R4w98+it3dm6EX9xustZrI0GttZSSpqL3
6vPelqjKvHk0YpVQ4aPxTRbixWsPKNrcmpSa0l76eu1laEjABmT/ldt1IUT/kZVW
e2/LcQ7BOCvutqAGxLxJOf8ydpuqDt4gW1DujJqWDdx3wmzL4Vm/rLC9bwEEjBmR
YKd83jyjZw9ujFaihExJx1pnyYzoweCj0aXyS1sZT3omOR/gTBQ8F9zuBpTNLrU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:22 2024 by rpki-client on console-fra.rpki-client.org