Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/sFVvKw-mfXTJ7kuL_BIaBL_ya2Y.roa
File: sFVvKw-mfXTJ7kuL_BIaBL_ya2Y.roa (raw, json)
Hash identifier: rP6svSoSrPzoWjmO/soM9ZJ1ANdsnwWfCwuiTy7lkrs=
Subject key identifier: B0:55:6F:2B:0F:A6:7D:74:C9:EE:4B:8B:FC:12:1A:04:BF:F2:6B:66
Certificate issuer: /CN=006b06b5d0ff1000e10c4276eea0880af209d7a2
Certificate serial: 0186EAEC1B20AB8A2C8B52E3818568759BF1
Authority key identifier: 00:6B:06:B5:D0:FF:10:00:E1:0C:42:76:EE:A0:88:0A:F2:09:D7:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AGsGtdD_EADhDEJ27qCICvIJ16I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/sFVvKw-mfXTJ7kuL_BIaBL_ya2Y.roa
Signing time: Thu 16 Mar 2023 14:56:27 +0000
ROA not before: Thu 16 Mar 2023 14:56:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49477
IP address blocks: 193.169.66.0/23 maxlen: 23
185.22.116.0/22 maxlen: 22
2a04:1f40::/29 maxlen: 48
2a04:1f40::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ea:ec:1b:20:ab:8a:2c:8b:52:e3:81:85:68:75:9b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=006b06b5d0ff1000e10c4276eea0880af209d7a2
Validity
Not Before: Mar 16 14:56:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0556f2b0fa67d74c9ee4b8bfc121a04bff26b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:70:f5:60:e8:f6:7d:00:98:07:74:b5:25:ee:
a9:0e:36:0c:c3:3a:d8:d3:69:91:45:d7:43:5d:3b:
14:69:21:9d:5c:82:61:ee:a4:c0:4a:ee:a1:83:cc:
88:8f:0b:e2:ba:a7:3a:7e:65:94:74:6f:08:87:c6:
82:08:2d:33:0a:42:ad:51:0d:e4:54:94:20:5b:2f:
17:22:d9:86:72:48:9d:f4:7a:49:75:e0:70:0b:a0:
19:75:37:45:95:00:2e:6d:31:99:3f:31:88:81:b1:
53:02:4a:c9:1a:7e:81:65:95:2e:db:1d:36:c2:26:
21:70:be:5f:09:aa:4d:92:3b:07:dc:df:be:08:a2:
82:ed:38:93:44:c5:25:76:0a:d5:42:ae:1e:1d:de:
04:7b:6b:5c:be:a2:3e:54:b4:06:6f:03:ad:8f:a6:
7a:b0:21:81:e9:40:a0:7d:27:11:f6:5b:e8:b1:58:
80:93:c4:39:64:b0:f1:7c:8f:5f:ec:33:8e:45:bf:
f2:de:0b:6a:79:3f:6d:47:91:27:eb:09:2e:5d:65:
23:43:26:3c:cc:fb:2f:f8:f4:43:71:6a:12:7b:a5:
0c:c8:31:d7:b2:b9:9a:95:21:bf:0f:41:35:54:68:
db:c9:ba:65:3e:7e:06:b4:a3:3c:9b:df:a3:b4:26:
d8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:55:6F:2B:0F:A6:7D:74:C9:EE:4B:8B:FC:12:1A:04:BF:F2:6B:66
X509v3 Authority Key Identifier:
keyid:00:6B:06:B5:D0:FF:10:00:E1:0C:42:76:EE:A0:88:0A:F2:09:D7:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AGsGtdD_EADhDEJ27qCICvIJ16I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/sFVvKw-mfXTJ7kuL_BIaBL_ya2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/AGsGtdD_EADhDEJ27qCICvIJ16I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.116.0/22
193.169.66.0/23
IPv6:
2a04:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
64:a1:0c:91:27:e2:41:a7:c3:11:de:d5:5b:ce:9b:20:a1:44:
39:5c:52:c2:af:95:d6:49:92:46:3f:c6:7b:03:f4:72:0d:97:
98:08:26:39:2c:08:49:ec:d0:1a:4c:17:b3:7a:98:79:4f:13:
2a:8c:96:4b:07:67:ea:91:b8:ce:65:3c:5f:67:c6:f0:be:54:
e9:5e:e9:9d:95:88:69:4c:55:d7:8c:ff:83:54:6c:93:d5:a1:
6a:0f:5b:e3:d0:8b:5e:24:1e:d7:be:59:25:ef:9b:3a:39:c1:
e6:d0:04:1a:83:31:88:bc:93:2e:51:83:e8:ab:12:fa:a2:74:
57:fe:9c:60:07:89:51:1d:00:e4:06:c0:5b:37:35:ed:41:e6:
d1:55:aa:4a:8c:c8:86:6e:f2:83:fc:f0:0f:8b:ac:f5:d1:de:
fa:24:2f:6b:49:71:5c:98:a6:5b:2d:fe:a5:fe:d6:5a:5b:a7:
e1:86:a6:b3:77:08:b3:6c:4a:d0:73:e0:16:d5:52:d9:6d:83:
3d:8a:cd:25:9e:fe:0b:17:2e:9b:97:3f:ca:10:d9:77:9f:33:
f9:fa:24:f1:b4:2b:01:b1:33:4f:54:65:13:33:7b:1d:3f:8b:
e5:18:19:21:f5:1a:71:52:99:ac:ca:0d:19:bf:9d:4d:89:fe:
c5:10:e4:b1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbq7Bsgq4osi1LjgYVodZvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNmIwNmI1ZDBmZjEwMDBlMTBjNDI3NmVlYTA4ODBhZjIw
OWQ3YTIwHhcNMjMwMzE2MTQ1NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDU1NmYyYjBmYTY3ZDc0YzllZTRiOGJmYzEyMWEwNGJmZjI2YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXD1YOj2fQCYB3S1Je6pDjYMwzrY
02mRRddDXTsUaSGdXIJh7qTASu6hg8yIjwviuqc6fmWUdG8Ih8aCCC0zCkKtUQ3k
VJQgWy8XItmGckid9HpJdeBwC6AZdTdFlQAubTGZPzGIgbFTAkrJGn6BZZUu2x02
wiYhcL5fCapNkjsH3N++CKKC7TiTRMUldgrVQq4eHd4Ee2tcvqI+VLQGbwOtj6Z6
sCGB6UCgfScR9lvosViAk8Q5ZLDxfI9f7DOORb/y3gtqeT9tR5En6wkuXWUjQyY8
zPsv+PRDcWoSe6UMyDHXsrmalSG/D0E1VGjbybplPn4GtKM8m9+jtCbYqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLBVbysPpn10ye5Li/wSGgS/8mtmMB8GA1UdIwQY
MBaAFABrBrXQ/xAA4QxCdu6giAryCdeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUdzR3RkRF9FQURoREVKMjdxQ0lDdklKMTZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80NzM3YzktZTI2My00NGU3LThmZWQt
NTdjOTU1YzljODVkLzEvc0ZWdkt3LW1mWFRKN2t1TF9CSWFCTF95YTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80NzM3YzktZTI2My00NGU3LThmZWQtNTdjOTU1YzljODVk
LzEvQUdzR3RkRF9FQURoREVKMjdxQ0lDdklKMTZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRZ0AwQB
walCMA0EAgACMAcDBQMqBB9AMA0GCSqGSIb3DQEBCwUAA4IBAQBkoQyRJ+JBp8MR
3tVbzpsgoUQ5XFLCr5XWSZJGP8Z7A/RyDZeYCCY5LAhJ7NAaTBezeph5TxMqjJZL
B2fqkbjOZTxfZ8bwvlTpXumdlYhpTFXXjP+DVGyT1aFqD1vj0IteJB7Xvlkl75s6
OcHm0AQagzGIvJMuUYPoqxL6onRX/pxgB4lRHQDkBsBbNzXtQebRVapKjMiGbvKD
/PAPi6z10d76JC9rSXFcmKZbLf6l/tZaW6fhhqazdwizbErQc+AW1VLZbYM9is0l
nv4LFy6blz/KENl3nzP5+iTxtCsBsTNPVGUTM3sdP4vlGBkh9RpxUpmsyg0Zv51N
if7FEOSx
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:43 2023 by rpki-client on console-ams.rpki-client.org