Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/aH3l9GW_H0bpPP-_cMcoSCG_UBQ.roa
File: aH3l9GW_H0bpPP-_cMcoSCG_UBQ.roa (raw, json)
Hash identifier: Ok3z3IGjERsVHIEFtcVQNKPz31imCbHD3hE4wjZfg0I=
Subject key identifier: 68:7D:E5:F4:65:BF:1F:46:E9:3C:FF:BF:70:C7:28:48:21:BF:50:14
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 0188672A97BB750DB786812C211A395E8BBB
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/aH3l9GW_H0bpPP-_cMcoSCG_UBQ.roa
Signing time: Mon 29 May 2023 11:00:24 +0000
ROA not before: Mon 29 May 2023 11:00:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51115
IP address blocks: 185.65.148.0/22 maxlen: 24
195.43.92.0/23 maxlen: 24
178.248.232.0/21 maxlen: 24
2a03:70c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 May 2023 14:10:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:67:2a:97:bb:75:0d:b7:86:81:2c:21:1a:39:5e:8b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: May 29 11:00:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=687de5f465bf1f46e93cffbf70c7284821bf5014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fe:80:25:eb:aa:24:c2:55:4b:39:08:43:9f:
5f:81:d5:e2:5e:2b:0f:33:5c:fb:e5:a8:ab:72:79:
d6:03:a0:8a:d0:e7:89:1b:93:01:4a:89:cc:d2:f0:
94:6f:3a:67:b5:16:90:89:ab:d2:fe:38:6c:01:7a:
d5:d8:b7:04:a2:c5:de:99:10:35:14:d9:eb:bd:92:
df:f5:16:f9:74:aa:3a:cf:62:b6:ab:41:ad:70:a4:
90:69:52:31:71:33:54:13:9f:fc:bb:c5:73:d3:a5:
19:ee:f3:21:13:f0:0a:c9:42:6b:fe:55:87:ee:a7:
b3:e1:d2:f5:5c:0b:b6:ac:ff:5d:cf:25:9c:7e:be:
4e:7f:6e:08:55:96:ba:79:1d:48:d1:65:15:d3:a4:
1f:0e:57:92:dd:5f:f0:9d:3b:9f:25:a9:12:2f:dc:
25:6d:48:c4:3e:84:6d:cd:b4:66:c2:ae:37:80:90:
0b:6b:b8:b1:4a:81:4a:95:b8:51:41:f2:2e:7e:21:
0d:54:da:7f:b8:ef:c5:81:9b:98:f3:6f:c4:24:eb:
41:ba:c4:7b:e0:5e:8f:ed:aa:19:9e:c3:50:08:a1:
9f:d4:12:bf:c6:67:8f:38:43:0a:a4:5a:50:2b:bf:
9f:67:50:e2:86:7b:e4:44:68:a1:ed:61:34:5c:3e:
44:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7D:E5:F4:65:BF:1F:46:E9:3C:FF:BF:70:C7:28:48:21:BF:50:14
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/aH3l9GW_H0bpPP-_cMcoSCG_UBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.232.0/21
185.65.148.0/22
195.43.92.0/23
IPv6:
2a03:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
3e:50:68:c3:06:1e:9e:d7:fe:65:42:86:11:13:46:6c:22:a4:
81:5b:36:a5:04:7c:cf:9b:8e:12:66:44:7f:4d:44:6b:84:33:
76:ce:ea:d7:e5:b5:65:ca:79:5a:d5:63:e3:0a:7b:05:52:00:
1f:fc:c3:36:e4:4b:d1:dc:b3:6d:87:c1:ef:58:4d:2c:26:67:
ef:a0:f9:20:28:da:7d:a8:9a:ac:c1:1f:9c:13:50:3b:5f:58:
d1:bc:bf:11:59:74:8d:3b:a7:1b:92:96:e6:0d:4f:dd:05:2c:
49:8a:c8:ba:13:07:35:83:43:91:25:54:30:36:c1:7e:37:15:
80:5b:dd:29:76:a9:3d:8e:5f:83:f2:b3:b0:84:89:3b:4e:64:
76:a3:7e:fc:6b:81:6f:50:a5:bc:c7:7d:83:a7:ec:c6:eb:70:
cc:31:8e:1d:53:66:6f:63:7c:62:a9:e9:b8:d4:ec:08:6a:6d:
81:7a:3d:08:16:27:66:0d:9b:56:57:00:40:b7:d2:9a:1d:5b:
84:ab:24:ee:b6:7b:57:05:ac:7b:59:ec:6f:31:12:cb:86:1b:
77:cc:75:67:23:cf:c8:b6:41:ab:cd:91:98:03:20:22:7a:bd:
9b:ec:7f:84:94:cd:b4:0f:44:82:93:e0:0e:90:8e:f4:db:b1:
91:05:a7:25
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYhnKpe7dQ23hoEsIRo5Xou7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjYxMGNkNDNiYWZjZWQ5MTQ4MGZhYmZkY2FhZTgyMDQ5
ZmJmNzEwHhcNMjMwNTI5MTEwMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODdkZTVmNDY1YmYxZjQ2ZTkzY2ZmYmY3MGM3Mjg0ODIxYmY1MDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/6AJeuqJMJVSzkIQ59fgdXiXisP
M1z75aircnnWA6CK0OeJG5MBSonM0vCUbzpntRaQiavS/jhsAXrV2LcEosXemRA1
FNnrvZLf9Rb5dKo6z2K2q0GtcKSQaVIxcTNUE5/8u8Vz06UZ7vMhE/AKyUJr/lWH
7qez4dL1XAu2rP9dzyWcfr5Of24IVZa6eR1I0WUV06QfDleS3V/wnTufJakSL9wl
bUjEPoRtzbRmwq43gJALa7ixSoFKlbhRQfIufiENVNp/uO/FgZuY82/EJOtBusR7
4F6P7aoZnsNQCKGf1BK/xmePOEMKpFpQK7+fZ1DihnvkRGih7WE0XD5EhwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGh95fRlvx9G6Tz/v3DHKEghv1AUMB8GA1UdIwQY
MBaAFAK2EM1DuvztkUgPq/3KroIEn79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEt
OTAxM2NhOTk2YjE2LzEvYUgzbDlHV19IMGJwUFAtX2NNY29TQ0dfVUJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEtOTAxM2NhOTk2YjE2
LzEvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDsvjoAwQC
uUGUAwQBwytcMA0EAgACMAcDBQAqA3DAMA0GCSqGSIb3DQEBCwUAA4IBAQA+UGjD
Bh6e1/5lQoYRE0ZsIqSBWzalBHzPm44SZkR/TURrhDN2zurX5bVlynla1WPjCnsF
UgAf/MM25EvR3LNth8HvWE0sJmfvoPkgKNp9qJqswR+cE1A7X1jRvL8RWXSNO6cb
kpbmDU/dBSxJisi6Ewc1g0ORJVQwNsF+NxWAW90pdqk9jl+D8rOwhIk7TmR2o378
a4FvUKW8x32Dp+zG63DMMY4dU2ZvY3xiqem41OwIam2Bej0IFidmDZtWVwBAt9Ka
HVuEqyTutntXBax7WexvMRLLhht3zHVnI8/ItkGrzZGYAyAier2b7H+ElM20D0SC
k+AOkI7027GRBacl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:29 2024 by rpki-client on console-ams.rpki-client.org