Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/cH9C9awq2X1a77Zb2Rfe1PIHCjI.roa
File: cH9C9awq2X1a77Zb2Rfe1PIHCjI.roa (raw, json)
Hash identifier: aJSY/GVgQLXvgVeUit9kPHDQLvpwDdY2O9+Yh3n71Ak=
Subject key identifier: 70:7F:42:F5:AC:2A:D9:7D:5A:EF:B6:5B:D9:17:DE:D4:F2:07:0A:32
Certificate issuer: /CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Certificate serial: 01856C78390C5D11753473FFBEB11028DBD7
Authority key identifier: 0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/cH9C9awq2X1a77Zb2Rfe1PIHCjI.roa
Signing time: Sun 01 Jan 2023 08:34:56 +0000
ROA not before: Sun 01 Jan 2023 08:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39605
IP address blocks: 185.159.104.0/22 maxlen: 24
185.159.104.0/23 maxlen: 23
2a07:b880::/41 maxlen: 41
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:39:0c:5d:11:75:34:73:ff:be:b1:10:28:db:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Validity
Not Before: Jan 1 08:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=707f42f5ac2ad97d5aefb65bd917ded4f2070a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ee:ac:54:a9:04:4f:22:7b:c3:20:b5:7c:d2:
77:e3:3e:bf:5e:f9:0b:df:34:6f:ee:39:ad:26:07:
2e:03:09:4f:f5:52:9e:d9:ce:93:06:9c:a0:28:5c:
61:47:a4:bc:44:2e:70:fc:26:cc:a3:0a:5c:10:e3:
43:ad:03:d7:6f:63:36:fd:04:59:94:a2:b7:b5:63:
a9:c5:cb:b3:ed:b7:c8:72:b5:a2:ce:5c:8e:83:61:
f4:e9:a1:8f:df:0f:25:73:05:73:28:80:9c:57:5a:
01:f0:0f:40:57:b0:86:7d:3b:99:70:70:dc:34:12:
01:3a:ec:b0:d2:a2:48:77:ac:da:40:a7:15:1d:43:
2a:38:a8:15:74:77:04:3c:76:8b:01:e3:6c:76:cc:
88:c9:c7:24:3c:8a:69:6b:75:43:f4:92:ec:1b:7c:
27:17:c7:c3:2f:6f:59:b3:e3:c2:b8:46:45:f8:c5:
38:72:fc:17:0b:c5:f2:b1:da:d1:0a:3c:54:35:35:
ed:b9:a4:2b:a2:28:73:22:2c:51:26:76:be:6a:db:
7e:25:c8:e4:b2:e0:47:b4:2b:d5:99:8b:6a:e4:06:
09:26:7a:a6:4e:ce:22:79:6d:a5:70:fc:05:03:63:
8a:86:12:35:72:1d:24:c2:a5:8c:8b:9e:4f:1f:b6:
87:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7F:42:F5:AC:2A:D9:7D:5A:EF:B6:5B:D9:17:DE:D4:F2:07:0A:32
X509v3 Authority Key Identifier:
keyid:0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/cH9C9awq2X1a77Zb2Rfe1PIHCjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.104.0/22
IPv6:
2a07:b880::/41
Signature Algorithm: sha256WithRSAEncryption
d2:37:e6:75:10:f5:46:06:7d:75:a4:16:0b:03:74:b3:4e:7a:
a5:2c:00:ea:1d:61:e5:36:2c:5c:20:78:9d:07:9b:e3:7c:90:
17:67:a6:ef:02:8a:4a:fd:a0:e4:5f:62:ec:c7:e6:95:95:cd:
23:d8:96:bb:ab:64:ad:aa:70:0e:ea:73:89:9e:60:8d:a5:c8:
c6:a3:70:d6:80:22:3e:24:9c:42:18:ef:34:29:0d:d8:ce:e9:
ee:b1:1b:21:30:70:c6:34:77:ca:af:bd:89:f8:07:ff:40:63:
00:2a:f2:61:73:8d:eb:1b:ff:60:f3:0e:f3:4c:07:bd:e6:df:
98:b9:e0:c3:29:0d:9c:1a:cc:02:e5:15:fc:9a:72:93:7e:07:
0d:7c:93:83:88:4f:35:c1:ff:d9:ba:65:0f:10:c9:be:d4:4f:
29:a6:32:bc:ff:4f:58:f5:f2:37:13:90:9b:be:4e:02:ef:f7:
ce:2d:71:3a:c8:46:35:68:c6:bd:20:33:17:e9:09:bb:50:6e:
b2:4c:71:d6:85:26:06:dd:f0:7d:67:08:ef:43:3a:84:76:13:
a2:84:31:43:44:7a:0a:62:21:9f:8d:47:3d:12:cb:55:d7:c7:
3d:9f:7b:67:0b:17:90:f4:65:c1:64:47:58:27:78:e7:f1:68:
c5:2b:62:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVseDkMXRF1NHP/vrEQKNvXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDNhMGRmMDU5YTUyNTFhNDAwYjVhMWYxMzIxYmEwMGQz
MTIwZDIwHhcNMjMwMTAxMDgzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDdmNDJmNWFjMmFkOTdkNWFlZmI2NWJkOTE3ZGVkNGYyMDcwYTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+6sVKkETyJ7wyC1fNJ34z6/XvkL
3zRv7jmtJgcuAwlP9VKe2c6TBpygKFxhR6S8RC5w/CbMowpcEONDrQPXb2M2/QRZ
lKK3tWOpxcuz7bfIcrWizlyOg2H06aGP3w8lcwVzKICcV1oB8A9AV7CGfTuZcHDc
NBIBOuyw0qJId6zaQKcVHUMqOKgVdHcEPHaLAeNsdsyIycckPIppa3VD9JLsG3wn
F8fDL29Zs+PCuEZF+MU4cvwXC8XysdrRCjxUNTXtuaQroihzIixRJna+att+Jcjk
suBHtCvVmYtq5AYJJnqmTs4ieW2lcPwFA2OKhhI1ch0kwqWMi55PH7aHfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHB/QvWsKtl9Wu+2W9kX3tTyBwoyMB8GA1UdIwQY
MBaAFA5DoN8FmlJRpAC1ofEyG6ANMSDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMt
MDA0ZmU0MzNjN2M4LzEvY0g5Qzlhd3EyWDFhNzdaYjJSZmUxUElIQ2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMtMDA0ZmU0MzNjN2M4
LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuZ9oMA8E
AgACMAkDBwcqB7iAAAAwDQYJKoZIhvcNAQELBQADggEBANI35nUQ9UYGfXWkFgsD
dLNOeqUsAOodYeU2LFwgeJ0Hm+N8kBdnpu8Cikr9oORfYuzH5pWVzSPYlrurZK2q
cA7qc4meYI2lyMajcNaAIj4knEIY7zQpDdjO6e6xGyEwcMY0d8qvvYn4B/9AYwAq
8mFzjesb/2DzDvNMB73m35i54MMpDZwazALlFfyacpN+Bw18k4OITzXB/9m6ZQ8Q
yb7UTymmMrz/T1j18jcTkJu+TgLv984tcTrIRjVoxr0gMxfpCbtQbrJMcdaFJgbd
8H1nCO9DOoR2E6KEMUNEegpiIZ+NRz0Sy1XXxz2fe2cLF5D0ZcFkR1gneOfxaMUr
Yqs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:04 2024 by rpki-client on console-fra.rpki-client.org