Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/064e35-8814-43f6-b48b-a26de313b34d/1/Pb8HZ5lk3xBl3TYIMKNn4Rtrpf4.roa
File: Pb8HZ5lk3xBl3TYIMKNn4Rtrpf4.roa (raw, json)
Hash identifier: 0DJ5jyla04UFCcK62PY/IfmfIQO8/3Ofr4UX0bU4wwk=
Subject key identifier: 3D:BF:07:67:99:64:DF:10:65:DD:36:08:30:A3:67:E1:1B:6B:A5:FE
Certificate issuer: /CN=2d86956ccd7e3abb4291dd54dbd8b4342bf957cc
Certificate serial: 0188B8D715D2739852EB76D83D7B7A8F50BF
Authority key identifier: 2D:86:95:6C:CD:7E:3A:BB:42:91:DD:54:DB:D8:B4:34:2B:F9:57:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LYaVbM1-OrtCkd1U29i0NCv5V8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/064e35-8814-43f6-b48b-a26de313b34d/1/Pb8HZ5lk3xBl3TYIMKNn4Rtrpf4.roa
Signing time: Wed 14 Jun 2023 07:38:03 +0000
ROA not before: Wed 14 Jun 2023 07:38:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41714
IP address blocks: 185.163.148.0/23 maxlen: 24
185.225.172.0/22 maxlen: 24
2a06:e300::/29 maxlen: 36
Validation: Failed, certificate revoked on Thu 27 Jul 2023 06:42:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b8:d7:15:d2:73:98:52:eb:76:d8:3d:7b:7a:8f:50:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d86956ccd7e3abb4291dd54dbd8b4342bf957cc
Validity
Not Before: Jun 14 07:38:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3dbf07679964df1065dd360830a367e11b6ba5fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:05:4a:fc:a0:24:ce:ba:43:1e:dd:26:a1:48:
56:64:70:3f:d7:fd:0a:87:b5:ea:e6:4a:41:2e:0d:
4f:9a:e8:de:0e:44:e9:48:32:c2:e3:44:63:f4:ab:
44:73:32:b3:76:b9:a3:23:9d:c5:35:4c:54:ae:29:
27:26:f2:52:e9:52:92:ed:b7:29:98:bc:dd:27:0e:
d3:73:c5:91:b1:0f:ba:d7:d4:ce:ae:d0:01:f1:ff:
61:da:d3:05:f3:4f:f5:00:58:3b:dc:34:67:d9:d5:
75:c1:f8:24:72:6e:32:38:95:7c:e0:89:8f:40:a9:
da:92:f9:18:02:98:fd:de:74:c1:76:28:3e:58:40:
b7:a1:41:a3:e8:31:e0:a7:98:cb:8a:09:39:74:ce:
93:0c:50:de:ba:d7:e8:3c:4d:40:d9:aa:1f:ec:9e:
38:41:cb:c0:a8:aa:23:b0:52:04:1e:7a:8f:67:f3:
e9:33:ca:f6:fd:9f:e8:f9:39:5f:85:b4:8c:2b:0c:
24:22:f9:78:78:b7:1b:59:8e:21:9e:6f:08:d8:51:
71:e8:3e:9b:4c:fe:10:74:6e:18:9a:77:85:39:28:
b2:e5:79:06:46:55:00:56:03:52:2b:80:96:a3:79:
7c:fd:97:81:b1:aa:e5:7c:ba:51:7a:ea:dd:bf:d7:
75:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:BF:07:67:99:64:DF:10:65:DD:36:08:30:A3:67:E1:1B:6B:A5:FE
X509v3 Authority Key Identifier:
keyid:2D:86:95:6C:CD:7E:3A:BB:42:91:DD:54:DB:D8:B4:34:2B:F9:57:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LYaVbM1-OrtCkd1U29i0NCv5V8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/064e35-8814-43f6-b48b-a26de313b34d/1/Pb8HZ5lk3xBl3TYIMKNn4Rtrpf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/064e35-8814-43f6-b48b-a26de313b34d/1/LYaVbM1-OrtCkd1U29i0NCv5V8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.148.0/23
185.225.172.0/22
IPv6:
2a06:e300::/29
Signature Algorithm: sha256WithRSAEncryption
32:92:61:e3:e2:b0:0b:50:de:72:65:a1:94:17:b5:64:a8:c5:
25:ce:ad:f0:c6:33:7b:d6:a7:a1:92:37:b3:cd:05:57:94:19:
55:dc:4c:92:9c:48:93:c2:43:e2:8e:5f:87:00:3d:18:da:b7:
a4:c7:43:76:b7:c4:a8:02:93:09:9c:54:29:00:52:00:7a:20:
cb:38:e0:c9:62:ac:33:f4:8e:e9:7d:05:43:48:0b:6f:c1:c8:
7e:c4:b4:a4:b9:3e:af:c3:a7:b1:66:eb:ae:6d:e3:ec:72:db:
a4:48:c0:57:66:2a:67:22:ae:f7:bc:74:64:8a:ef:18:6e:f9:
db:e8:e0:4e:6b:ca:29:1f:27:40:c5:10:ff:a6:f9:3c:23:08:
00:be:23:c9:10:e7:e6:40:44:3e:1a:78:a9:bc:61:19:bb:eb:
99:bb:04:0f:2a:fa:39:aa:1c:3a:b5:dd:a9:35:47:85:53:47:
e5:3f:5f:c0:ec:dc:19:21:2e:a7:f8:ea:df:74:39:1f:c8:bd:
a3:2a:5b:b0:be:45:88:40:8e:0e:b1:b7:18:aa:99:ad:37:16:
6c:81:76:16:23:ca:a0:5e:32:b0:90:c1:da:14:00:9e:7b:7b:
12:d7:0c:e0:63:51:3a:ad:dd:a2:ac:6f:1b:59:9a:ef:ca:dd:
8a:c1:e4:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYi41xXSc5hS63bYPXt6j1C/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkODY5NTZjY2Q3ZTNhYmI0MjkxZGQ1NGRiZDhiNDM0MmJm
OTU3Y2MwHhcNMjMwNjE0MDczODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGJmMDc2Nzk5NjRkZjEwNjVkZDM2MDgzMGEzNjdlMTFiNmJhNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAVK/KAkzrpDHt0moUhWZHA/1/0K
h7Xq5kpBLg1PmujeDkTpSDLC40Rj9KtEczKzdrmjI53FNUxUriknJvJS6VKS7bcp
mLzdJw7Tc8WRsQ+619TOrtAB8f9h2tMF80/1AFg73DRn2dV1wfgkcm4yOJV84ImP
QKnakvkYApj93nTBdig+WEC3oUGj6DHgp5jLigk5dM6TDFDeutfoPE1A2aof7J44
QcvAqKojsFIEHnqPZ/PpM8r2/Z/o+TlfhbSMKwwkIvl4eLcbWY4hnm8I2FFx6D6b
TP4QdG4YmneFOSiy5XkGRlUAVgNSK4CWo3l8/ZeBsarlfLpReurdv9d15QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD2/B2eZZN8QZd02CDCjZ+Eba6X+MB8GA1UdIwQY
MBaAFC2GlWzNfjq7QpHdVNvYtDQr+VfMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFlhVmJNMS1PcnRDa2QxVTI5aTBOQ3Y1Vjh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8wNjRlMzUtODgxNC00M2Y2LWI0OGIt
YTI2ZGUzMTNiMzRkLzEvUGI4SFo1bGszeEJsM1RZSU1LTm40UnRycGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8wNjRlMzUtODgxNC00M2Y2LWI0OGItYTI2ZGUzMTNiMzRk
LzEvTFlhVmJNMS1PcnRDa2QxVTI5aTBOQ3Y1Vjh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuaOUAwQC
ueGsMA0EAgACMAcDBQMqBuMAMA0GCSqGSIb3DQEBCwUAA4IBAQAykmHj4rALUN5y
ZaGUF7VkqMUlzq3wxjN71qehkjezzQVXlBlV3EySnEiTwkPijl+HAD0Y2rekx0N2
t8SoApMJnFQpAFIAeiDLOODJYqwz9I7pfQVDSAtvwch+xLSkuT6vw6exZuuubePs
ctukSMBXZipnIq73vHRkiu8Ybvnb6OBOa8opHydAxRD/pvk8IwgAviPJEOfmQEQ+
GnipvGEZu+uZuwQPKvo5qhw6td2pNUeFU0flP1/A7NwZIS6n+OrfdDkfyL2jKluw
vkWIQI4OsbcYqpmtNxZsgXYWI8qgXjKwkMHaFACee3sS1wzgY1E6rd2irG8bWZrv
yt2KweTL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:02 2024 by rpki-client on console-ams.rpki-client.org