Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/A2bRmf0dbFjkokKGPECheS4FRvQ.roa
File: A2bRmf0dbFjkokKGPECheS4FRvQ.roa (raw, json)
Hash identifier: bUAR/8q7CMPgO4BRIk2LgHdkCuO9qm6H0Z2D/U87iig=
Subject key identifier: 03:66:D1:99:FD:1D:6C:58:E4:A2:42:86:3C:40:A1:79:2E:05:46:F4
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0187DBB2D78099A03EF66972CD2650EE96C0
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/A2bRmf0dbFjkokKGPECheS4FRvQ.roa
Signing time: Tue 02 May 2023 09:02:23 +0000
ROA not before: Tue 02 May 2023 09:02:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28546
IP address blocks: 85.92.124.0/22 maxlen: 22
85.92.124.0/24 maxlen: 24
85.92.125.0/24 maxlen: 24
85.92.126.0/23 maxlen: 23
85.92.126.0/24 maxlen: 24
85.92.127.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:b2:d7:80:99:a0:3e:f6:69:72:cd:26:50:ee:96:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: May 2 09:02:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0366d199fd1d6c58e4a242863c40a1792e0546f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f3:ed:b4:2d:cc:5d:ab:b8:3f:2b:b5:78:76:
16:c5:b5:41:35:f1:b0:61:e3:63:4e:a2:88:9d:76:
66:f0:a8:79:d9:fc:c2:8f:53:d2:8f:bf:69:29:17:
09:98:f4:52:33:d9:21:e2:dd:81:f1:14:d5:7b:26:
77:2f:16:4e:6b:7a:5d:1c:79:68:5c:49:54:a7:30:
89:a9:17:b4:e7:ce:28:f5:be:1d:49:f3:75:14:85:
3b:2b:d3:6b:ad:15:62:35:63:b4:18:f1:13:0f:7f:
ef:02:68:9f:3e:e7:90:44:11:ab:0e:da:04:f1:db:
1e:35:a1:32:ab:45:73:93:d7:0a:19:bc:64:96:8f:
7f:a9:eb:19:bd:ad:89:81:7a:a4:a4:f4:8b:c6:1b:
d0:36:91:62:6a:cf:91:b6:ef:1d:5e:1d:3a:8f:57:
9a:f7:15:f1:f5:89:5f:c4:fb:70:2e:27:75:9a:0e:
6a:43:91:87:6c:aa:07:33:b6:0a:2f:07:40:c1:4c:
9b:16:41:91:34:92:f5:3e:76:af:ce:e4:e3:d3:41:
cc:66:e6:fd:a8:e8:31:16:f4:80:c6:54:91:47:c7:
4c:67:2c:73:34:f6:7a:a7:08:6a:e3:17:9d:62:e8:
1c:b2:ad:25:b3:ca:77:4b:bb:4c:6e:cd:6e:87:49:
b7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:66:D1:99:FD:1D:6C:58:E4:A2:42:86:3C:40:A1:79:2E:05:46:F4
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/A2bRmf0dbFjkokKGPECheS4FRvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.124.0/22
Signature Algorithm: sha256WithRSAEncryption
60:f6:55:85:8b:0a:67:75:a5:48:b1:b2:81:21:a5:7f:49:b2:
65:d3:14:8f:14:15:e2:01:e8:bb:5f:54:4d:ac:52:67:d7:70:
db:03:bd:91:12:7d:20:85:ec:0f:ad:6d:ce:2f:af:a7:77:19:
0d:db:c6:94:b9:87:05:8a:c0:7f:69:6b:da:55:a2:62:bd:f0:
54:a3:c7:e8:4c:3f:64:2d:db:25:64:e2:dc:ae:5e:42:67:ea:
b7:1c:f3:0a:30:79:95:cf:ba:cb:ae:b8:6f:22:19:39:9c:fe:
a5:bc:46:21:cb:d5:7d:5b:55:2a:74:86:91:81:89:b9:5d:f6:
16:70:5c:b5:c4:61:b5:96:84:71:95:98:99:cc:cf:94:29:dd:
03:ff:0f:32:a7:73:1d:ae:ae:d3:b9:3b:71:0c:e0:fc:c7:c4:
83:3b:79:0e:b1:66:1d:c0:25:05:9d:d9:63:a4:b5:e1:d8:6b:
f9:12:59:c8:0c:cc:8e:09:6f:88:c8:23:8a:e6:b6:13:4e:28:
12:34:a6:d0:88:5f:eb:fd:f7:f8:69:55:2b:75:19:f7:f8:4e:
c0:14:0a:b9:d9:46:c5:29:93:6b:67:7d:0b:95:c1:9f:42:39:
cb:42:74:86:4e:f4:de:b0:fc:e5:ed:68:45:76:a2:5a:66:17:
99:d0:c0:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfbsteAmaA+9mlyzSZQ7pbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwNTAyMDkwMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzY2ZDE5OWZkMWQ2YzU4ZTRhMjQyODYzYzQwYTE3OTJlMDU0NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvPttC3MXau4Pyu1eHYWxbVBNfGw
YeNjTqKInXZm8Kh52fzCj1PSj79pKRcJmPRSM9kh4t2B8RTVeyZ3LxZOa3pdHHlo
XElUpzCJqRe0584o9b4dSfN1FIU7K9NrrRViNWO0GPETD3/vAmifPueQRBGrDtoE
8dseNaEyq0Vzk9cKGbxklo9/qesZva2JgXqkpPSLxhvQNpFias+Rtu8dXh06j1ea
9xXx9YlfxPtwLid1mg5qQ5GHbKoHM7YKLwdAwUybFkGRNJL1PnavzuTj00HMZub9
qOgxFvSAxlSRR8dMZyxzNPZ6pwhq4xedYugcsq0ls8p3S7tMbs1uh0m3uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANm0Zn9HWxY5KJChjxAoXkuBUb0MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvQTJiUm1mMGRiRmprb2tLR1BFQ2hlUzRGUnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVVx8MA0G
CSqGSIb3DQEBCwUAA4IBAQBg9lWFiwpndaVIsbKBIaV/SbJl0xSPFBXiAei7X1RN
rFJn13DbA72REn0ghewPrW3OL6+ndxkN28aUuYcFisB/aWvaVaJivfBUo8foTD9k
LdslZOLcrl5CZ+q3HPMKMHmVz7rLrrhvIhk5nP6lvEYhy9V9W1UqdIaRgYm5XfYW
cFy1xGG1loRxlZiZzM+UKd0D/w8yp3Mdrq7TuTtxDOD8x8SDO3kOsWYdwCUFndlj
pLXh2Gv5ElnIDMyOCW+IyCOK5rYTTigSNKbQiF/r/ff4aVUrdRn3+E7AFAq52UbF
KZNrZ30LlcGfQjnLQnSGTvTesPzl7WhFdqJaZheZ0MBL
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:47 2024 by rpki-client on console-fra.rpki-client.org