Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/CvPDqFq-s2en7l2wAoXTmOoak8A.roa
File: CvPDqFq-s2en7l2wAoXTmOoak8A.roa (raw, json)
Hash identifier: UGEB8ss8mMh1II6lft9Wr40x/0eNz3QwUom/BbZ8Kk8=
Subject key identifier: 0A:F3:C3:A8:5A:BE:B3:67:A7:EE:5D:B0:02:85:D3:98:EA:1A:93:C0
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 018867D88B0C5CE655AD910F265DFB79D720
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/CvPDqFq-s2en7l2wAoXTmOoak8A.roa
Signing time: Mon 29 May 2023 14:10:24 +0000
ROA not before: Mon 29 May 2023 14:10:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51115
IP address blocks: 185.65.148.0/22 maxlen: 24
195.43.92.0/23 maxlen: 24
178.248.232.0/21 maxlen: 24
185.94.108.0/22 maxlen: 24
2a03:70c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:67:d8:8b:0c:5c:e6:55:ad:91:0f:26:5d:fb:79:d7:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: May 29 14:10:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0af3c3a85abeb367a7ee5db00285d398ea1a93c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:dd:e0:a1:7a:d7:0c:75:17:43:f6:57:eb:08:
67:5a:b3:2e:7b:be:fb:e9:58:33:b9:22:74:25:1a:
2f:4d:4a:c3:df:e5:0f:ec:92:5d:7f:78:08:da:5a:
ef:50:0f:7a:3e:be:9e:58:eb:c4:f6:dd:03:00:5b:
0e:d4:04:8e:a2:e5:77:a8:d1:e9:2f:7f:0b:c4:b3:
8b:1a:0d:a3:28:84:c4:d4:de:4d:ec:94:04:a7:46:
3e:a1:54:f3:66:d7:65:ec:a6:63:b9:11:6a:02:5e:
6b:7c:78:6e:94:09:8c:fe:b5:5b:f6:03:1e:0f:13:
21:6f:d0:34:0b:a3:92:60:a2:2d:cc:8f:42:61:ac:
b0:52:58:e6:56:88:12:ec:35:25:8d:4b:38:3f:9d:
04:29:ec:b0:3f:37:ec:e9:1c:33:9c:c3:9c:bb:ca:
ba:70:2f:f2:ed:56:f7:78:d4:aa:12:a0:a7:ec:ec:
ac:38:24:48:47:4a:3e:4a:5e:8e:60:11:aa:17:0a:
d1:9a:92:a3:ec:5b:fa:5f:f5:38:58:3b:3f:88:0f:
08:3c:cc:47:2b:69:91:be:f2:fb:46:6c:75:c8:5e:
df:17:3a:15:1c:0c:44:76:89:3e:f5:fc:eb:1c:c7:
6d:e1:c3:d4:95:cf:22:c6:13:58:d8:02:06:1d:6f:
b7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F3:C3:A8:5A:BE:B3:67:A7:EE:5D:B0:02:85:D3:98:EA:1A:93:C0
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/CvPDqFq-s2en7l2wAoXTmOoak8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.232.0/21
185.65.148.0/22
185.94.108.0/22
195.43.92.0/23
IPv6:
2a03:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:78:16:72:3d:72:e0:23:6b:1c:3f:15:fa:c0:bf:53:23:94:
80:5f:ec:cc:d8:a8:b5:b9:64:8d:b6:9c:cf:6c:aa:fd:1c:ee:
28:b4:a8:ab:38:16:0d:36:a7:56:8e:37:41:78:c9:52:e8:14:
2f:5e:91:cc:f1:c3:9c:b8:69:9a:fd:10:43:67:41:76:9d:9c:
bb:a8:30:36:cd:34:59:2d:a9:e2:b9:d3:d9:e7:19:98:80:46:
2c:15:05:8b:33:d0:5f:ba:82:c4:ec:70:fa:c9:ab:dd:79:72:
3f:a7:94:00:91:f1:41:bd:ff:41:d6:bf:32:be:b5:62:0b:1a:
f8:62:2f:0e:69:6a:ea:59:e7:fb:3e:7c:f9:7e:ea:32:29:76:
75:3c:df:3b:e4:04:f9:39:85:8c:f3:ac:de:55:20:ba:65:30:
7a:f6:3b:39:5e:e8:50:13:af:06:d1:e3:3d:f8:ff:7c:82:3d:
9e:98:9e:8c:98:d5:20:82:51:d2:a3:fb:8b:3e:5d:9d:00:12:
75:6e:3c:cc:c6:a9:6c:38:a4:d8:f0:69:6c:fa:72:c3:6b:2e:
a1:82:eb:56:73:7a:7f:1d:20:cc:17:40:c2:de:a8:dd:ed:cf:
3f:a9:5f:a9:89:62:3b:b9:a7:f9:5e:49:b1:0f:7a:45:25:f4:
34:75:f4:e7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYhn2IsMXOZVrZEPJl37edcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjYxMGNkNDNiYWZjZWQ5MTQ4MGZhYmZkY2FhZTgyMDQ5
ZmJmNzEwHhcNMjMwNTI5MTQxMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWYzYzNhODVhYmViMzY3YTdlZTVkYjAwMjg1ZDM5OGVhMWE5M2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh93goXrXDHUXQ/ZX6whnWrMue777
6VgzuSJ0JRovTUrD3+UP7JJdf3gI2lrvUA96Pr6eWOvE9t0DAFsO1ASOouV3qNHp
L38LxLOLGg2jKITE1N5N7JQEp0Y+oVTzZtdl7KZjuRFqAl5rfHhulAmM/rVb9gMe
DxMhb9A0C6OSYKItzI9CYaywUljmVogS7DUljUs4P50EKeywPzfs6RwznMOcu8q6
cC/y7Vb3eNSqEqCn7OysOCRIR0o+Sl6OYBGqFwrRmpKj7Fv6X/U4WDs/iA8IPMxH
K2mRvvL7Rmx1yF7fFzoVHAxEdok+9fzrHMdt4cPUlc8ixhNY2AIGHW+3uQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFArzw6havrNnp+5dsAKF05jqGpPAMB8GA1UdIwQY
MBaAFAK2EM1DuvztkUgPq/3KroIEn79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEt
OTAxM2NhOTk2YjE2LzEvQ3ZQRHFGcS1zMmVuN2wyd0FvWFRtT29hazhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEtOTAxM2NhOTk2YjE2
LzEvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDsvjoAwQC
uUGUAwQCuV5sAwQBwytcMA0EAgACMAcDBQAqA3DAMA0GCSqGSIb3DQEBCwUAA4IB
AQBaeBZyPXLgI2scPxX6wL9TI5SAX+zM2Ki1uWSNtpzPbKr9HO4otKirOBYNNqdW
jjdBeMlS6BQvXpHM8cOcuGma/RBDZ0F2nZy7qDA2zTRZLaniudPZ5xmYgEYsFQWL
M9BfuoLE7HD6yavdeXI/p5QAkfFBvf9B1r8yvrViCxr4Yi8OaWrqWef7Pnz5fuoy
KXZ1PN875AT5OYWM86zeVSC6ZTB69js5XuhQE68G0eM9+P98gj2emJ6MmNUgglHS
o/uLPl2dABJ1bjzMxqlsOKTY8Gls+nLDay6hgutWc3p/HSDMF0DC3qjd7c8/qV+p
iWI7uaf5XkmxD3pFJfQ0dfTn
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:42 2024 by rpki-client on console-ams.rpki-client.org