Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f8a0a5-b185-49a5-85ad-133eff78442b/1/b7aEmeUH48wyuSwRTeWUF1PHTQg.roa
File: b7aEmeUH48wyuSwRTeWUF1PHTQg.roa (raw, json)
Hash identifier: EBtZtZu3YXOO/Yhxtt7BJgo53vIhEvTW8oOThlb5BT4=
Subject key identifier: 6F:B6:84:99:E5:07:E3:CC:32:B9:2C:11:4D:E5:94:17:53:C7:4D:08
Certificate issuer: /CN=ff80b7710b139844275c9de9c8e764eb642e18c3
Certificate serial: 01856CAF21EE6E7915FB24E30F6959F6534B
Authority key identifier: FF:80:B7:71:0B:13:98:44:27:5C:9D:E9:C8:E7:64:EB:64:2E:18:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4C3cQsTmEQnXJ3pyOdk62QuGMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f8a0a5-b185-49a5-85ad-133eff78442b/1/b7aEmeUH48wyuSwRTeWUF1PHTQg.roa
Signing time: Sun 01 Jan 2023 09:34:54 +0000
ROA not before: Sun 01 Jan 2023 09:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205718
IP address blocks: 185.229.156.0/22 maxlen: 22
2a09:eb40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:21:ee:6e:79:15:fb:24:e3:0f:69:59:f6:53:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff80b7710b139844275c9de9c8e764eb642e18c3
Validity
Not Before: Jan 1 09:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fb68499e507e3cc32b92c114de5941753c74d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:58:ce:19:37:f9:e7:d4:10:8e:eb:7f:3e:e4:
2e:d3:c5:fb:d7:3a:d6:8d:38:8b:b2:01:46:1a:2c:
87:5c:81:67:24:eb:61:d9:33:e6:fa:66:1c:64:09:
0a:0c:36:87:d9:77:85:e6:ed:10:1c:6c:47:32:35:
1a:9f:2b:bc:e1:75:71:a4:06:9a:51:48:03:1a:06:
23:77:4d:96:2e:24:d6:ee:e5:f6:8b:a6:20:da:4c:
28:17:61:e4:ea:87:58:4f:7d:32:c7:62:e0:3a:32:
24:52:80:64:f5:96:1c:8e:a2:d1:f6:cb:43:8f:bf:
70:e6:0f:e0:41:b0:31:ca:71:32:99:3a:3a:08:57:
a9:b5:d6:fe:a3:28:56:01:1b:05:87:38:e7:dd:80:
61:28:f7:0c:b1:ec:98:12:ba:60:62:61:87:92:78:
3c:a4:97:60:4e:56:c1:6e:66:d4:e8:80:23:8d:e3:
b6:ba:36:e9:ca:75:a5:2c:4f:12:03:39:e6:ba:8d:
b2:fc:5e:01:5c:8f:4e:3c:09:b1:e2:e0:6f:3f:b2:
fe:d1:61:fe:2a:eb:81:ee:3c:2a:cf:ef:72:90:d8:
2b:e2:a3:8a:ab:bb:37:54:d4:89:f8:5f:b1:de:b1:
aa:56:20:85:f9:75:fc:c2:90:24:2d:3c:b6:93:09:
db:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B6:84:99:E5:07:E3:CC:32:B9:2C:11:4D:E5:94:17:53:C7:4D:08
X509v3 Authority Key Identifier:
keyid:FF:80:B7:71:0B:13:98:44:27:5C:9D:E9:C8:E7:64:EB:64:2E:18:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4C3cQsTmEQnXJ3pyOdk62QuGMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f8a0a5-b185-49a5-85ad-133eff78442b/1/b7aEmeUH48wyuSwRTeWUF1PHTQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f8a0a5-b185-49a5-85ad-133eff78442b/1/_4C3cQsTmEQnXJ3pyOdk62QuGMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.156.0/22
IPv6:
2a09:eb40::/32
Signature Algorithm: sha256WithRSAEncryption
55:c4:97:5f:5c:e9:a0:c9:59:88:df:0d:af:e5:84:0f:28:63:
cb:97:7b:0e:9d:ab:ea:7d:93:08:45:38:2d:cb:a3:10:d3:ef:
c7:7f:c1:89:ff:f2:a8:a7:3b:d8:88:14:d1:6b:e6:9a:4b:3b:
72:a5:91:aa:dc:4d:dd:d2:33:a9:df:7a:dc:6e:66:5f:a5:58:
ec:76:48:54:71:20:ba:be:95:23:1f:47:99:c0:40:90:d2:e5:
f4:14:c1:c7:ae:d1:df:a6:1d:dd:7f:23:7b:a3:12:5e:2e:da:
e0:dd:8b:22:66:3c:9d:f7:3f:1d:f9:02:07:d5:6f:11:8f:66:
c7:0d:7d:fa:af:58:9b:8d:f9:76:91:51:18:75:5d:85:d8:0c:
e5:c0:fa:2c:3c:e1:c0:f9:58:8f:7e:74:b1:79:0f:69:02:69:
fa:fc:74:28:81:9d:59:f5:58:f9:3c:66:7f:5a:9a:50:70:d6:
35:7a:23:7b:eb:c9:fb:49:73:b0:4a:53:36:63:fb:c5:12:8b:
28:72:5a:5a:f2:8e:2d:08:98:e0:fe:41:83:d1:c9:39:8a:d3:
66:fd:4f:93:5c:96:68:79:9f:83:b4:6b:87:a6:ab:dd:8a:d9:
f7:f0:46:d5:1e:cf:03:69:4f:51:70:3c:a1:3a:c9:6e:c8:a3:
43:21:96:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsryHubnkV+yTjD2lZ9lNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODBiNzcxMGIxMzk4NDQyNzVjOWRlOWM4ZTc2NGViNjQy
ZTE4YzMwHhcNMjMwMTAxMDkzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmI2ODQ5OWU1MDdlM2NjMzJiOTJjMTE0ZGU1OTQxNzUzYzc0ZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFjOGTf559QQjut/PuQu08X71zrW
jTiLsgFGGiyHXIFnJOth2TPm+mYcZAkKDDaH2XeF5u0QHGxHMjUanyu84XVxpAaa
UUgDGgYjd02WLiTW7uX2i6Yg2kwoF2Hk6odYT30yx2LgOjIkUoBk9ZYcjqLR9stD
j79w5g/gQbAxynEymTo6CFeptdb+oyhWARsFhzjn3YBhKPcMseyYErpgYmGHkng8
pJdgTlbBbmbU6IAjjeO2ujbpynWlLE8SAznmuo2y/F4BXI9OPAmx4uBvP7L+0WH+
KuuB7jwqz+9ykNgr4qOKq7s3VNSJ+F+x3rGqViCF+XX8wpAkLTy2kwnbAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG+2hJnlB+PMMrksEU3llBdTx00IMB8GA1UdIwQY
MBaAFP+At3ELE5hEJ1yd6cjnZOtkLhjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRDM2NRc1RtRVFuWEozcHlPZGs2MlF1R01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOGEwYTUtYjE4NS00OWE1LTg1YWQt
MTMzZWZmNzg0NDJiLzEvYjdhRW1lVUg0OHd5dVN3UlRlV1VGMVBIVFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOGEwYTUtYjE4NS00OWE1LTg1YWQtMTMzZWZmNzg0NDJi
LzEvXzRDM2NRc1RtRVFuWEozcHlPZGs2MlF1R01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueWcMA0E
AgACMAcDBQAqCetAMA0GCSqGSIb3DQEBCwUAA4IBAQBVxJdfXOmgyVmI3w2v5YQP
KGPLl3sOnavqfZMIRTgty6MQ0+/Hf8GJ//KopzvYiBTRa+aaSztypZGq3E3d0jOp
33rcbmZfpVjsdkhUcSC6vpUjH0eZwECQ0uX0FMHHrtHfph3dfyN7oxJeLtrg3Ysi
Zjyd9z8d+QIH1W8Rj2bHDX36r1ibjfl2kVEYdV2F2AzlwPosPOHA+ViPfnSxeQ9p
Amn6/HQogZ1Z9Vj5PGZ/WppQcNY1eiN768n7SXOwSlM2Y/vFEosoclpa8o4tCJjg
/kGD0ck5itNm/U+TXJZoeZ+DtGuHpqvditn38EbVHs8DaU9RcDyhOsluyKNDIZYx
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:57 2024 by rpki-client on console-ams.rpki-client.org