Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/aAbDXKEHo3rfWXy7VhPzt3dkSik.roa
File: aAbDXKEHo3rfWXy7VhPzt3dkSik.roa (raw, json)
Hash identifier: DFmYpsxxCZqlRMy4auDQNZiJTueLj1DXDQfj7Qo+Ii8=
Subject key identifier: 68:06:C3:5C:A1:07:A3:7A:DF:59:7C:BB:56:13:F3:B7:77:64:4A:29
Certificate issuer: /CN=b14658fcab37032dfea96ef0ae68dc9deff6d705
Certificate serial: 01856F9DFEBB861F10F8A251245EFC8D2098
Authority key identifier: B1:46:58:FC:AB:37:03:2D:FE:A9:6E:F0:AE:68:DC:9D:EF:F6:D7:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUZY_Ks3Ay3-qW7wrmjcne_21wU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/aAbDXKEHo3rfWXy7VhPzt3dkSik.roa
Signing time: Sun 01 Jan 2023 23:15:03 +0000
ROA not before: Sun 01 Jan 2023 23:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38919
IP address blocks: 185.132.108.0/22 maxlen: 22
89.190.140.0/22 maxlen: 22
185.92.68.0/22 maxlen: 22
2a05:f080::/29 maxlen: 29
2a0e:f800::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:fe:bb:86:1f:10:f8:a2:51:24:5e:fc:8d:20:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14658fcab37032dfea96ef0ae68dc9deff6d705
Validity
Not Before: Jan 1 23:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6806c35ca107a37adf597cbb5613f3b777644a29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8e:a3:3c:c3:82:c9:c7:54:95:c0:ed:61:71:
54:08:cf:df:df:d1:42:46:11:96:74:d8:24:ae:f5:
de:25:f8:41:58:f5:5f:57:77:bd:9b:7f:e0:df:cb:
58:c0:49:a8:d8:3b:bc:41:5f:b9:31:10:44:9c:87:
76:f0:9b:07:c0:80:4f:59:db:25:18:6d:66:8a:7b:
ab:1a:8d:73:6d:4a:89:7d:91:5a:15:8d:61:db:f6:
0a:e3:7b:c2:b3:b1:bb:46:f5:04:dc:78:ea:ee:ec:
a9:da:50:f0:ae:16:f9:e1:1a:71:72:8e:a8:73:95:
41:8e:27:a0:23:08:0c:34:4f:97:6e:0b:8c:8a:24:
5b:f2:12:1d:b9:1d:74:d9:0d:14:f8:02:b8:92:d2:
8b:d0:e3:40:96:de:d0:34:5d:7b:d9:40:a7:38:79:
05:38:d3:3a:9d:cd:d6:d2:2e:dc:d6:81:51:06:d5:
69:bd:1a:da:61:38:b8:fb:e8:0e:62:9b:9e:b4:b7:
2a:63:54:8d:8c:87:bc:8c:ad:25:96:c3:e5:79:e0:
2d:9a:8b:cc:11:9c:97:05:eb:33:1e:9d:66:f1:71:
34:71:69:74:3d:de:0b:33:26:01:c7:5e:6c:cf:a4:
00:31:69:f3:75:1e:1c:07:ec:a2:7c:a5:4c:2c:a3:
0d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:06:C3:5C:A1:07:A3:7A:DF:59:7C:BB:56:13:F3:B7:77:64:4A:29
X509v3 Authority Key Identifier:
keyid:B1:46:58:FC:AB:37:03:2D:FE:A9:6E:F0:AE:68:DC:9D:EF:F6:D7:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUZY_Ks3Ay3-qW7wrmjcne_21wU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/aAbDXKEHo3rfWXy7VhPzt3dkSik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/sUZY_Ks3Ay3-qW7wrmjcne_21wU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.140.0/22
185.92.68.0/22
185.132.108.0/22
IPv6:
2a05:f080::/29
2a0e:f800::/29
Signature Algorithm: sha256WithRSAEncryption
39:96:16:36:2f:34:64:69:47:85:62:39:df:59:5f:16:8f:2a:
aa:8f:8b:59:18:41:6f:a4:01:e1:86:97:2e:7c:47:a7:7f:a0:
fe:47:7c:8a:5c:db:8c:c4:a2:61:94:6b:71:b8:c1:62:02:da:
20:b7:1e:dc:f3:55:de:3f:54:68:c7:8d:2c:66:da:e0:e2:00:
7a:27:33:27:8e:93:40:d9:c4:d5:a5:d5:28:9c:bc:73:e1:0e:
07:1e:a9:66:91:7d:2d:14:e3:51:b7:18:6f:fa:06:b2:38:c3:
3a:1a:95:c2:00:93:b8:3a:91:1c:18:a7:dd:ce:7b:63:6e:4f:
b3:b3:ec:d9:ca:5a:9b:3e:f1:c3:c8:b6:f2:94:f8:e3:15:e8:
b8:b0:ae:a0:71:95:82:c2:ff:c9:6c:c9:3e:5d:59:d6:a6:18:
fe:63:fb:ce:57:58:da:0c:45:87:55:3c:c7:bb:52:36:4d:e5:
3f:5a:a1:af:ac:27:05:7d:d5:e8:82:9a:77:29:7b:65:99:bb:
21:28:bf:d8:8a:c6:07:3d:18:89:aa:32:c4:5a:b4:ac:4b:46:
36:ec:c6:f6:cd:f5:aa:85:5c:77:6b:b8:6d:fc:1f:c6:86:de:
9e:7e:93:15:95:1b:44:60:c4:7b:c6:67:82:5d:e2:65:57:07:
00:b2:83:eb
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVvnf67hh8Q+KJRJF78jSCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDY1OGZjYWIzNzAzMmRmZWE5NmVmMGFlNjhkYzlkZWZm
NmQ3MDUwHhcNMjMwMTAxMjMxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODA2YzM1Y2ExMDdhMzdhZGY1OTdjYmI1NjEzZjNiNzc3NjQ0YTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm46jPMOCycdUlcDtYXFUCM/f39FC
RhGWdNgkrvXeJfhBWPVfV3e9m3/g38tYwEmo2Du8QV+5MRBEnId28JsHwIBPWdsl
GG1minurGo1zbUqJfZFaFY1h2/YK43vCs7G7RvUE3Hjq7uyp2lDwrhb54Rpxco6o
c5VBjiegIwgMNE+XbguMiiRb8hIduR102Q0U+AK4ktKL0ONAlt7QNF172UCnOHkF
ONM6nc3W0i7c1oFRBtVpvRraYTi4++gOYpuetLcqY1SNjIe8jK0llsPleeAtmovM
EZyXBeszHp1m8XE0cWl0Pd4LMyYBx15sz6QAMWnzdR4cB+yifKVMLKMNDwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGgGw1yhB6N631l8u1YT87d3ZEopMB8GA1UdIwQY
MBaAFLFGWPyrNwMt/qlu8K5o3J3v9tcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VaWV9LczNBeTMtcVc3d3JtamNuZV8yMXdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS81ZjY1NjYtODE2MC00Mzk0LTg3NWYt
YTdlYWQ4YWIxMjczLzEvYUFiRFhLRUhvM3JmV1h5N1ZoUHp0M2RrU2lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS81ZjY1NjYtODE2MC00Mzk0LTg3NWYtYTdlYWQ4YWIxMjcz
LzEvc1VaWV9LczNBeTMtcVc3d3JtamNuZV8yMXdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCWb6MAwQC
uVxEAwQCuYRsMBQEAgACMA4DBQMqBfCAAwUDKg74ADANBgkqhkiG9w0BAQsFAAOC
AQEAOZYWNi80ZGlHhWI531lfFo8qqo+LWRhBb6QB4YaXLnxHp3+g/kd8ilzbjMSi
YZRrcbjBYgLaILce3PNV3j9UaMeNLGba4OIAeiczJ46TQNnE1aXVKJy8c+EOBx6p
ZpF9LRTjUbcYb/oGsjjDOhqVwgCTuDqRHBin3c57Y25Ps7Ps2cpamz7xw8i28pT4
4xXouLCuoHGVgsL/yWzJPl1Z1qYY/mP7zldY2gxFh1U8x7tSNk3lP1qhr6wnBX3V
6IKadyl7ZZm7ISi/2IrGBz0YiaoyxFq0rEtGNuzG9s31qoVcd2u4bfwfxobenn6T
FZUbRGDEe8Zngl3iZVcHALKD6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:11 2024 by rpki-client on console-fra.rpki-client.org