Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/7bb207-f471-4b67-8cb7-e15a6c3e4ea6/1/0MzWq2O0LBzhtX0ZF2ALaOt57kI.roa
File: 0MzWq2O0LBzhtX0ZF2ALaOt57kI.roa (raw, json)
Hash identifier: eeFl0cXzLe0ZfUlxvQEbCNxFUo+4q9Ru2M0F14dOMv4=
Subject key identifier: D0:CC:D6:AB:63:B4:2C:1C:E1:B5:7D:19:17:60:0B:68:EB:79:EE:42
Certificate issuer: /CN=56a022deb0928f5d1a0a5fb00e96cad4c7d911d8
Certificate serial: 01869812F94B7C74F7154B926B4EE01CAA39
Authority key identifier: 56:A0:22:DE:B0:92:8F:5D:1A:0A:5F:B0:0E:96:CA:D4:C7:D9:11:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VqAi3rCSj10aCl-wDpbK1MfZEdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/7bb207-f471-4b67-8cb7-e15a6c3e4ea6/1/0MzWq2O0LBzhtX0ZF2ALaOt57kI.roa
Signing time: Tue 28 Feb 2023 12:50:25 +0000
ROA not before: Tue 28 Feb 2023 12:50:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48374
IP address blocks: 185.168.180.0/22 maxlen: 22
185.141.144.0/22 maxlen: 22
2a07:2500::/29 maxlen: 29
2a10:abc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:12:f9:4b:7c:74:f7:15:4b:92:6b:4e:e0:1c:aa:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56a022deb0928f5d1a0a5fb00e96cad4c7d911d8
Validity
Not Before: Feb 28 12:50:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0ccd6ab63b42c1ce1b57d1917600b68eb79ee42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e6:e2:0b:55:72:e8:70:76:02:0b:f2:35:ca:
cd:29:5e:38:c9:fc:c8:47:7e:71:c0:7c:fe:95:aa:
d3:dc:2b:a7:08:88:af:8b:d6:32:37:08:cc:34:3e:
44:8f:69:e7:64:ce:26:17:b4:91:f2:4f:5f:ea:7e:
5c:51:cc:9e:6f:59:89:e6:61:c3:9b:62:66:da:6e:
b8:b0:0b:f7:e4:97:c1:94:fe:3e:a5:2a:53:ae:d7:
9f:ba:99:d0:50:4e:4e:b7:1d:17:41:72:a1:23:78:
9d:2a:f2:be:fa:33:e5:e5:3b:33:2d:86:e8:79:71:
c9:aa:39:8a:b2:51:04:ec:98:b2:00:78:a7:ac:be:
3f:7c:96:9a:6c:c1:2e:d1:e9:8b:39:f3:59:9b:1e:
75:db:f5:b4:13:03:42:2d:52:af:a0:0e:5f:a8:58:
35:3b:aa:e3:70:4a:a1:d3:ab:31:8e:39:c9:85:d9:
d8:2d:75:db:12:90:2f:00:a6:20:cd:eb:ff:02:f0:
3c:cb:43:c1:32:ec:2d:4b:56:c2:5c:40:e7:22:50:
e9:82:bf:57:cd:b7:12:89:6f:07:7e:be:21:e1:40:
23:c6:45:5b:79:c0:3b:3f:c3:37:19:bc:96:bd:7c:
0f:df:43:bd:29:7f:b8:f9:c4:90:f5:81:a2:9a:93:
d3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:CC:D6:AB:63:B4:2C:1C:E1:B5:7D:19:17:60:0B:68:EB:79:EE:42
X509v3 Authority Key Identifier:
keyid:56:A0:22:DE:B0:92:8F:5D:1A:0A:5F:B0:0E:96:CA:D4:C7:D9:11:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VqAi3rCSj10aCl-wDpbK1MfZEdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/7bb207-f471-4b67-8cb7-e15a6c3e4ea6/1/0MzWq2O0LBzhtX0ZF2ALaOt57kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/7bb207-f471-4b67-8cb7-e15a6c3e4ea6/1/VqAi3rCSj10aCl-wDpbK1MfZEdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.144.0/22
185.168.180.0/22
IPv6:
2a07:2500::/29
2a10:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:a0:36:1b:91:d2:ef:01:83:a5:5b:d6:16:90:b8:09:36:77:
05:e4:01:0c:36:bd:62:f7:e5:dd:03:0f:06:e7:3e:14:09:6e:
a0:5f:8b:15:9b:45:75:3c:83:26:f5:eb:77:52:d6:94:4f:ff:
93:87:a3:d0:be:c3:fd:0f:b2:49:e8:73:cd:9b:ab:b8:49:b3:
6b:e8:63:64:48:6d:33:ca:c7:23:ac:5e:6f:63:82:8e:2b:8e:
8a:e6:85:4a:85:ac:4d:16:71:de:e4:81:1a:b4:b3:90:3b:dd:
05:28:ec:42:75:fc:ef:9f:dd:48:4f:fa:1b:12:e0:7d:a3:e4:
16:b5:ba:7c:97:d0:13:45:12:d6:c9:3e:22:af:a7:63:77:71:
37:01:ae:cb:ad:e6:89:48:4e:45:e2:84:0a:a8:45:87:d0:21:
95:05:c3:a2:d4:39:67:a2:f6:4b:7b:6a:4a:ed:df:4a:e0:8c:
27:e1:61:01:2b:fb:d8:41:21:d8:8a:e4:0c:54:e0:69:75:6f:
73:19:a2:fe:8a:49:b4:9b:ee:5a:4a:34:a8:84:e6:af:b0:89:
ca:15:02:36:e1:36:1c:a9:c3:9f:28:ce:5f:45:e0:14:64:58:
b9:af:f1:e9:e5:5b:31:e0:c7:c1:e3:8f:f2:7e:50:40:72:ea:
e4:33:80:62
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYaYEvlLfHT3FUuSa07gHKo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YTAyMmRlYjA5MjhmNWQxYTBhNWZiMDBlOTZjYWQ0Yzdk
OTExZDgwHhcNMjMwMjI4MTI1MDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGNjZDZhYjYzYjQyYzFjZTFiNTdkMTkxNzYwMGI2OGViNzllZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+biC1Vy6HB2AgvyNcrNKV44yfzI
R35xwHz+larT3CunCIivi9YyNwjMND5Ej2nnZM4mF7SR8k9f6n5cUcyeb1mJ5mHD
m2Jm2m64sAv35JfBlP4+pSpTrtefupnQUE5Otx0XQXKhI3idKvK++jPl5TszLYbo
eXHJqjmKslEE7JiyAHinrL4/fJaabMEu0emLOfNZmx512/W0EwNCLVKvoA5fqFg1
O6rjcEqh06sxjjnJhdnYLXXbEpAvAKYgzev/AvA8y0PBMuwtS1bCXEDnIlDpgr9X
zbcSiW8Hfr4h4UAjxkVbecA7P8M3GbyWvXwP30O9KX+4+cSQ9YGimpPTEwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNDM1qtjtCwc4bV9GRdgC2jree5CMB8GA1UdIwQY
MBaAFFagIt6wko9dGgpfsA6WytTH2RHYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFBaTNyQ1NqMTBhQ2wtd0RwYksxTWZaRWRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni83YmIyMDctZjQ3MS00YjY3LThjYjct
ZTE1YTZjM2U0ZWE2LzEvME16V3EyTzBMQnpodFgwWkYyQUxhT3Q1N2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni83YmIyMDctZjQ3MS00YjY3LThjYjctZTE1YTZjM2U0ZWE2
LzEvVnFBaTNyQ1NqMTBhQ2wtd0RwYksxTWZaRWRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuY2QAwQC
uai0MBQEAgACMA4DBQMqByUAAwUDKhCrwDANBgkqhkiG9w0BAQsFAAOCAQEAn6A2
G5HS7wGDpVvWFpC4CTZ3BeQBDDa9Yvfl3QMPBuc+FAluoF+LFZtFdTyDJvXrd1LW
lE//k4ej0L7D/Q+ySehzzZuruEmza+hjZEhtM8rHI6xeb2OCjiuOiuaFSoWsTRZx
3uSBGrSzkDvdBSjsQnX875/dSE/6GxLgfaPkFrW6fJfQE0US1sk+Iq+nY3dxNwGu
y63miUhOReKECqhFh9AhlQXDotQ5Z6L2S3tqSu3fSuCMJ+FhASv72EEh2IrkDFTg
aXVvcxmi/opJtJvuWko0qITmr7CJyhUCNuE2HKnDnyjOX0XgFGRYua/x6eVbMeDH
weOP8n5QQHLq5DOAYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:30 2024 by rpki-client on console-ams.rpki-client.org