Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/vRkGxRs5-XhIaBqair6Nb0FpUlQ.roa
File: vRkGxRs5-XhIaBqair6Nb0FpUlQ.roa (raw, json)
Hash identifier: DOujyoUaeZYXqLv2liTRHHp2dQTnzqrnEGZMRv8ePWc=
Subject key identifier: BD:19:06:C5:1B:39:F9:78:48:68:1A:9A:8A:BE:8D:6F:41:69:52:54
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0185720362265A5CA2601866818E4E1A4D42
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/vRkGxRs5-XhIaBqair6Nb0FpUlQ.roa
Signing time: Mon 02 Jan 2023 10:25:02 +0000
ROA not before: Mon 02 Jan 2023 10:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48430
IP address blocks: 185.139.212.0/22 maxlen: 22
2a07:1840::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:62:26:5a:5c:a2:60:18:66:81:8e:4e:1a:4d:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 2 10:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd1906c51b39f97848681a9a8abe8d6f41695254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e9:91:ee:af:22:2f:61:7b:8a:84:40:b4:cf:
e3:bd:8b:62:f7:9a:c1:73:80:ae:83:b7:4c:5a:6b:
5d:52:63:1f:03:10:b6:ce:56:5a:b0:b7:26:77:f8:
a0:d0:ce:c6:f5:99:59:f4:34:fa:c3:1e:da:40:de:
b0:5c:ad:ef:ef:22:f2:59:61:b0:fb:9c:9a:12:4a:
e7:91:66:a6:6c:10:ad:b3:b7:f7:63:6d:ec:cb:d8:
7d:9b:a5:2e:50:45:7e:2b:18:52:6c:71:b2:19:a0:
30:6d:48:a9:e5:25:98:55:69:a1:8f:90:93:9d:23:
8e:4a:ca:22:b1:c0:98:7b:f1:74:6e:26:32:57:67:
ae:36:a0:e3:6a:47:81:ab:6a:f6:9c:8b:07:e8:20:
61:44:fe:de:77:93:bb:ff:f1:e2:af:98:2e:c4:40:
3d:70:90:6c:19:25:2f:bf:62:cd:29:19:a3:69:05:
a6:31:7a:0e:f4:83:fd:15:b6:d1:60:70:41:a8:81:
32:1e:b5:8a:6a:60:7e:2c:47:9b:50:0a:b2:06:63:
9b:ac:88:43:ca:e4:6e:1a:93:38:31:87:70:6d:12:
00:e0:54:2e:c0:8c:46:7f:74:37:ed:f5:ee:cb:12:
2d:1c:2a:fe:76:88:c6:a5:5c:23:35:a6:ba:08:b8:
36:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:19:06:C5:1B:39:F9:78:48:68:1A:9A:8A:BE:8D:6F:41:69:52:54
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/vRkGxRs5-XhIaBqair6Nb0FpUlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.212.0/22
IPv6:
2a07:1840::/32
Signature Algorithm: sha256WithRSAEncryption
56:77:d6:9d:52:ab:24:6a:72:5c:85:91:fb:02:1f:54:db:55:
e1:84:da:97:bc:a2:c0:e3:ea:73:aa:57:aa:bf:34:8e:c8:03:
ac:8b:ad:21:1c:f8:f1:99:c0:f3:d1:10:84:bc:59:22:7a:f6:
8b:b0:79:59:5d:6d:ec:81:8e:82:0b:9b:d1:f2:4d:2f:5d:cf:
de:54:07:f0:21:6e:7d:24:82:b9:b9:7b:f1:e5:05:03:1e:07:
bd:54:56:be:18:9e:cd:7f:c1:f0:50:5f:bd:09:be:99:91:f0:
22:0e:de:06:d4:29:cd:e0:d4:73:2c:57:0e:40:93:4e:cc:36:
d6:a9:cd:b9:17:98:41:bc:46:fb:9c:9a:42:87:bd:4a:fa:50:
e5:2d:23:e6:f4:59:44:38:21:8d:ac:37:68:e8:d9:69:2d:54:
ea:99:e2:12:43:ca:24:f3:d7:c0:6c:77:cd:c9:f3:1b:f9:78:
24:9e:6c:64:6f:69:05:4d:b0:4d:e7:53:c8:55:4e:3c:cc:79:
ed:d2:13:9b:26:a3:93:fc:0c:6c:79:f7:a7:85:d3:00:21:cf:
dd:ab:90:7f:06:9f:de:9e:1a:30:ff:82:7e:b8:c3:12:63:39:
98:c9:57:c7:f8:ac:59:d4:b4:1d:43:e7:f1:ac:4f:e0:4c:4f:
82:ef:5f:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyA2ImWlyiYBhmgY5OGk1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMTAyMTAyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDE5MDZjNTFiMzlmOTc4NDg2ODFhOWE4YWJlOGQ2ZjQxNjk1MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjumR7q8iL2F7ioRAtM/jvYti95rB
c4Cug7dMWmtdUmMfAxC2zlZasLcmd/ig0M7G9ZlZ9DT6wx7aQN6wXK3v7yLyWWGw
+5yaEkrnkWambBCts7f3Y23sy9h9m6UuUEV+KxhSbHGyGaAwbUip5SWYVWmhj5CT
nSOOSsoiscCYe/F0biYyV2euNqDjakeBq2r2nIsH6CBhRP7ed5O7//Hir5guxEA9
cJBsGSUvv2LNKRmjaQWmMXoO9IP9FbbRYHBBqIEyHrWKamB+LEebUAqyBmObrIhD
yuRuGpM4MYdwbRIA4FQuwIxGf3Q37fXuyxItHCr+dojGpVwjNaa6CLg2IQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL0ZBsUbOfl4SGgamoq+jW9BaVJUMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvdlJrR3hSczUtWGhJYUJxYWlyNk5iMEZwVWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYvUMA0E
AgACMAcDBQAqBxhAMA0GCSqGSIb3DQEBCwUAA4IBAQBWd9adUqskanJchZH7Ah9U
21XhhNqXvKLA4+pzqleqvzSOyAOsi60hHPjxmcDz0RCEvFkievaLsHlZXW3sgY6C
C5vR8k0vXc/eVAfwIW59JIK5uXvx5QUDHge9VFa+GJ7Nf8HwUF+9Cb6ZkfAiDt4G
1CnN4NRzLFcOQJNOzDbWqc25F5hBvEb7nJpCh71K+lDlLSPm9FlEOCGNrDdo6Nlp
LVTqmeISQ8ok89fAbHfNyfMb+Xgknmxkb2kFTbBN51PIVU48zHnt0hObJqOT/Axs
efenhdMAIc/dq5B/Bp/enhow/4J+uMMSYzmYyVfH+KxZ1LQdQ+fxrE/gTE+C71+Q
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:38 2024 by rpki-client on console-fra.rpki-client.org