Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/DjQzS-kQI1P23RZwc4ln4HItpGo.roa
File: DjQzS-kQI1P23RZwc4ln4HItpGo.roa (raw, json)
Hash identifier: pVbN3RYzL17I+BlRjlZEF4eKiyttmgxgSkq6JTQDYp8=
Subject key identifier: 0E:34:33:4B:E9:10:23:53:F6:DD:16:70:73:89:67:E0:72:2D:A4:6A
Certificate issuer: /CN=36b55fb34d29f962545132a025b52644fdffbf6f
Certificate serial: 01856F8B72C3222DA786B9120E56203DD5E8
Authority key identifier: 36:B5:5F:B3:4D:29:F9:62:54:51:32:A0:25:B5:26:44:FD:FF:BF:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/DjQzS-kQI1P23RZwc4ln4HItpGo.roa
Signing time: Sun 01 Jan 2023 22:54:47 +0000
ROA not before: Sun 01 Jan 2023 22:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.206.123.0/24 maxlen: 24
2a10:ca00:4::/48 maxlen: 48
2a10:ca00:2::/48 maxlen: 48
2a10:ca00:3::/48 maxlen: 48
2a10:ca00:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:72:c3:22:2d:a7:86:b9:12:0e:56:20:3d:d5:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36b55fb34d29f962545132a025b52644fdffbf6f
Validity
Not Before: Jan 1 22:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e34334be9102353f6dd1670738967e0722da46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3a:83:18:03:52:a0:a9:bb:16:42:cf:65:34:
f7:bf:4b:5a:61:2f:0b:c0:e1:c1:19:ce:25:50:63:
38:6a:54:13:4d:19:ac:7b:72:0a:6a:0c:be:57:0b:
19:83:bd:40:0c:65:b7:4c:b7:5f:3c:0b:e0:e7:f6:
5f:de:93:5a:bf:59:29:8d:84:fb:aa:50:92:7d:cc:
48:e9:00:62:93:61:08:fe:52:6d:a8:4d:88:9a:bf:
c7:6a:58:19:18:ae:f3:dc:0b:38:19:e9:63:bd:1e:
37:bf:ed:21:58:4b:d8:65:80:c5:ad:ad:38:1b:ed:
b5:fe:8e:42:26:22:e9:49:15:bf:95:58:1a:4b:ea:
7b:bc:0f:fe:0e:c7:5e:3e:d9:bc:45:58:b5:f6:a9:
66:28:78:9e:a2:c9:08:56:35:27:2e:68:8f:ef:6e:
10:63:75:fb:cb:f4:13:78:3e:f9:7d:6e:54:66:1e:
27:c9:aa:ec:31:66:aa:de:6b:7d:36:73:61:51:0f:
e1:bb:dc:b0:17:fc:ec:6d:b6:ab:1e:cd:62:45:d3:
49:57:ce:3f:61:76:84:d1:e9:bc:85:78:fe:bf:6c:
78:e2:fd:00:07:43:34:d8:df:70:71:3f:4d:bd:94:
69:cf:1a:e7:72:a3:16:57:cb:e8:d3:6b:49:ff:ff:
0f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:34:33:4B:E9:10:23:53:F6:DD:16:70:73:89:67:E0:72:2D:A4:6A
X509v3 Authority Key Identifier:
keyid:36:B5:5F:B3:4D:29:F9:62:54:51:32:A0:25:B5:26:44:FD:FF:BF:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/DjQzS-kQI1P23RZwc4ln4HItpGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/NrVfs00p-WJUUTKgJbUmRP3_v28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.123.0/24
IPv6:
2a10:ca00:1::-2a10:ca00:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
27:e5:85:98:65:eb:ac:4c:b2:a3:8d:d1:bd:08:3f:a5:8a:73:
01:02:22:69:ac:db:09:48:a0:74:1b:c6:5a:3a:d2:89:78:2d:
9d:b0:9a:39:8a:a5:82:07:05:23:07:ae:1c:ae:7c:80:86:fe:
9a:7f:6d:3c:e9:80:30:2b:8c:95:3d:d6:a3:64:26:e8:cd:e2:
78:4d:a1:74:23:80:69:60:d6:0f:58:4c:43:f3:3f:a2:ba:b3:
c0:91:fd:06:4c:1b:0f:7a:db:a9:b3:8b:45:a3:da:5b:73:e7:
fc:d2:3c:f7:5b:88:28:33:e0:b4:ea:b3:77:32:dc:27:d0:2d:
74:18:92:33:b9:71:9b:49:22:37:34:f8:74:d4:83:76:cc:57:
d2:6c:b0:a8:4d:8b:b5:0f:7f:8d:e8:d9:ce:82:d1:4e:b3:b1:
3d:91:41:f2:c7:e0:a9:17:0d:ea:68:a3:ad:79:55:1f:ce:c4:
b0:69:0f:b4:ed:fd:de:fa:11:f6:58:4b:c4:8c:f9:d4:4c:50:
7a:03:c6:92:3d:9b:af:72:c1:67:8b:2b:cb:61:4a:98:89:8a:
47:66:32:a8:fb:e6:d9:6f:1d:1a:54:55:c4:7c:f8:06:64:24:
f7:cc:aa:a9:c6:54:b4:ff:e2:c9:fb:d5:58:8d:07:89:b7:f0:
6a:35:22:aa
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVvi3LDIi2nhrkSDlYgPdXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YjU1ZmIzNGQyOWY5NjI1NDUxMzJhMDI1YjUyNjQ0ZmRm
ZmJmNmYwHhcNMjMwMTAxMjI1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTM0MzM0YmU5MTAyMzUzZjZkZDE2NzA3Mzg5NjdlMDcyMmRhNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDqDGANSoKm7FkLPZTT3v0taYS8L
wOHBGc4lUGM4alQTTRmse3IKagy+VwsZg71ADGW3TLdfPAvg5/Zf3pNav1kpjYT7
qlCSfcxI6QBik2EI/lJtqE2Imr/HalgZGK7z3As4GeljvR43v+0hWEvYZYDFra04
G+21/o5CJiLpSRW/lVgaS+p7vA/+DsdePtm8RVi19qlmKHieoskIVjUnLmiP724Q
Y3X7y/QTeD75fW5UZh4nyarsMWaq3mt9NnNhUQ/hu9ywF/zsbbarHs1iRdNJV84/
YXaE0em8hXj+v2x44v0AB0M02N9wcT9NvZRpzxrncqMWV8vo02tJ//8P2wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA40M0vpECNT9t0WcHOJZ+ByLaRqMB8GA1UdIwQY
MBaAFDa1X7NNKfliVFEyoCW1JkT9/79vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnJWZnMwMHAtV0pVVVRLZ0piVW1SUDNfdjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8yYmYwMGItYmZiYy00ZjZiLWExM2Ut
ZjEwZjczYTllY2IzLzEvRGpRelMta1FJMVAyM1Jad2M0bG40SEl0cEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8yYmYwMGItYmZiYy00ZjZiLWExM2UtZjEwZjczYTllY2Iz
LzEvTnJWZnMwMHAtV0pVVVRLZ0piVW1SUDNfdjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAuc57MBoE
AgACMBQwEgMHACoQygAAAQMHACoQygAABDANBgkqhkiG9w0BAQsFAAOCAQEAJ+WF
mGXrrEyyo43RvQg/pYpzAQIiaazbCUigdBvGWjrSiXgtnbCaOYqlggcFIweuHK58
gIb+mn9tPOmAMCuMlT3Wo2Qm6M3ieE2hdCOAaWDWD1hMQ/M/orqzwJH9BkwbD3rb
qbOLRaPaW3Pn/NI891uIKDPgtOqzdzLcJ9AtdBiSM7lxm0kiNzT4dNSDdsxX0myw
qE2LtQ9/jejZzoLRTrOxPZFB8sfgqRcN6mijrXlVH87EsGkPtO393voR9lhLxIz5
1ExQegPGkj2br3LBZ4sry2FKmImKR2YyqPvm2W8dGlRVxHz4BmQk98yqqcZUtP/i
yfvVWI0HibfwajUiqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:14 2024 by rpki-client on console-fra.rpki-client.org