Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/ee71c6-1bae-4858-af3a-bc289dc17d20/1/STxZoImen6VRSL1nKdqOQTzKsZ8.roa
File: STxZoImen6VRSL1nKdqOQTzKsZ8.roa (raw, json)
Hash identifier: fCX2c/tpnGWltc5kmApy+Li+ZSDV90N8ZFFmpG80NoQ=
Subject key identifier: 49:3C:59:A0:89:9E:9F:A5:51:48:BD:67:29:DA:8E:41:3C:CA:B1:9F
Certificate issuer: /CN=4c07f69d602b7ebb7f6330d715c9ec3e5aba30fa
Certificate serial: 0187944549622E518CF1171FEAA9BB2CE7DF
Authority key identifier: 4C:07:F6:9D:60:2B:7E:BB:7F:63:30:D7:15:C9:EC:3E:5A:BA:30:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TAf2nWArfrt_YzDXFcnsPlq6MPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/ee71c6-1bae-4858-af3a-bc289dc17d20/1/STxZoImen6VRSL1nKdqOQTzKsZ8.roa
Signing time: Tue 18 Apr 2023 12:09:41 +0000
ROA not before: Tue 18 Apr 2023 12:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206423
IP address blocks: 185.156.252.0/22 maxlen: 22
2a07:a1c0::/29 maxlen: 32
2a13:6dc0::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 01 Aug 2023 14:50:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:45:49:62:2e:51:8c:f1:17:1f:ea:a9:bb:2c:e7:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c07f69d602b7ebb7f6330d715c9ec3e5aba30fa
Validity
Not Before: Apr 18 12:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=493c59a0899e9fa55148bd6729da8e413ccab19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:29:4c:e3:e3:5c:b4:03:fc:57:b4:b4:f1:25:
d2:f1:fa:87:20:2b:d2:f2:5d:75:1a:cd:cb:92:bf:
8c:c3:2c:46:c8:66:a9:6f:98:7d:9b:13:8a:1d:99:
f6:bf:a2:8f:1e:61:c2:af:83:53:6f:00:6a:e5:8d:
d3:34:49:d2:dc:93:fe:c9:85:4e:3c:c1:d1:8a:35:
c0:8e:ba:be:cf:2f:4d:e4:67:aa:48:d0:7f:bc:61:
68:e4:18:93:83:af:6c:75:62:7e:d0:e8:d6:3a:e9:
d8:b9:85:6d:d2:23:d3:20:5a:16:b3:90:f7:52:8f:
59:de:38:89:21:1e:ef:18:f5:c7:df:e7:87:ac:32:
5d:53:b0:78:48:d1:3e:85:0b:af:08:5b:cc:43:19:
c6:31:a7:5a:5a:ed:19:4d:e2:ed:58:84:2d:7c:de:
08:66:c4:b6:9b:ca:0d:5c:e4:7e:71:44:f2:a7:2f:
17:bb:dc:10:7e:bc:d3:d7:7c:2d:68:26:a4:dd:e5:
42:e6:6d:ad:e9:f3:7c:7e:62:20:95:ff:90:c8:e8:
4d:5b:b5:24:ad:6e:fe:4c:0e:c3:c0:9f:f8:23:16:
c5:12:00:6e:29:ff:06:46:93:db:a4:70:a4:8e:55:
df:0b:ec:31:6c:f0:ef:8e:d6:b0:c5:7f:b4:8d:14:
1f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:3C:59:A0:89:9E:9F:A5:51:48:BD:67:29:DA:8E:41:3C:CA:B1:9F
X509v3 Authority Key Identifier:
keyid:4C:07:F6:9D:60:2B:7E:BB:7F:63:30:D7:15:C9:EC:3E:5A:BA:30:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TAf2nWArfrt_YzDXFcnsPlq6MPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ee71c6-1bae-4858-af3a-bc289dc17d20/1/STxZoImen6VRSL1nKdqOQTzKsZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ee71c6-1bae-4858-af3a-bc289dc17d20/1/TAf2nWArfrt_YzDXFcnsPlq6MPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.252.0/22
IPv6:
2a07:a1c0::/29
2a13:6dc0::/29
Signature Algorithm: sha256WithRSAEncryption
89:6a:ae:27:36:d2:65:1e:68:fc:77:8b:11:f3:76:58:87:7d:
f6:bf:23:ef:70:f3:6c:70:b8:25:22:a5:8c:a9:6a:7a:17:6a:
73:e1:c5:c4:dc:c9:69:e5:58:7a:80:6f:e5:e3:1b:3f:d0:a8:
53:eb:49:11:99:1d:e7:f0:c7:c4:04:37:0a:24:20:5a:fa:1e:
b5:7f:fb:9b:dd:b1:97:c5:5f:50:3c:a5:73:96:c4:e0:5d:36:
3a:f5:9b:81:b7:01:d4:49:26:4c:46:e0:23:1d:19:0d:fc:21:
ef:96:22:41:3d:4e:d9:b5:13:42:ac:13:97:51:86:ac:1d:69:
56:ab:b6:67:a0:85:48:8f:ea:a4:89:c9:a8:a5:67:cf:98:20:
b6:e8:7b:6e:c5:ea:af:c3:6b:3c:41:ea:32:70:63:43:17:e5:
28:d5:da:aa:72:96:20:1e:73:a2:3d:cb:70:b0:af:13:d2:2b:
0d:6e:f7:b1:e4:0b:42:d0:1a:c6:73:be:36:aa:6f:76:8d:ab:
c0:e7:a6:6a:39:44:5b:bd:e7:9b:58:14:30:fd:df:cc:1f:5f:
db:0b:ff:ea:43:02:d8:f2:3f:ce:fd:65:3b:c3:f9:32:57:d8:
3d:9f:06:c3:fb:20:3d:29:87:50:3c:fc:ff:b4:77:38:98:88:
7d:9b:e5:2c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYeURUliLlGM8Rcf6qm7LOffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMDdmNjlkNjAyYjdlYmI3ZjYzMzBkNzE1YzllYzNlNWFi
YTMwZmEwHhcNMjMwNDE4MTIwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTNjNTlhMDg5OWU5ZmE1NTE0OGJkNjcyOWRhOGU0MTNjY2FiMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlClM4+NctAP8V7S08SXS8fqHICvS
8l11Gs3Lkr+MwyxGyGapb5h9mxOKHZn2v6KPHmHCr4NTbwBq5Y3TNEnS3JP+yYVO
PMHRijXAjrq+zy9N5GeqSNB/vGFo5BiTg69sdWJ+0OjWOunYuYVt0iPTIFoWs5D3
Uo9Z3jiJIR7vGPXH3+eHrDJdU7B4SNE+hQuvCFvMQxnGMadaWu0ZTeLtWIQtfN4I
ZsS2m8oNXOR+cUTypy8Xu9wQfrzT13wtaCak3eVC5m2t6fN8fmIglf+QyOhNW7Uk
rW7+TA7DwJ/4IxbFEgBuKf8GRpPbpHCkjlXfC+wxbPDvjtawxX+0jRQfjQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEk8WaCJnp+lUUi9ZynajkE8yrGfMB8GA1UdIwQY
MBaAFEwH9p1gK367f2Mw1xXJ7D5aujD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEFmMm5XQXJmcnRfWXpEWEZjbnNQbHE2TVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9lZTcxYzYtMWJhZS00ODU4LWFmM2Et
YmMyODlkYzE3ZDIwLzEvU1R4Wm9JbWVuNlZSU0wxbktkcU9RVHpLc1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9lZTcxYzYtMWJhZS00ODU4LWFmM2EtYmMyODlkYzE3ZDIw
LzEvVEFmMm5XQXJmcnRfWXpEWEZjbnNQbHE2TVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCuZz8MBQE
AgACMA4DBQMqB6HAAwUDKhNtwDANBgkqhkiG9w0BAQsFAAOCAQEAiWquJzbSZR5o
/HeLEfN2WId99r8j73DzbHC4JSKljKlqehdqc+HFxNzJaeVYeoBv5eMbP9CoU+tJ
EZkd5/DHxAQ3CiQgWvoetX/7m92xl8VfUDylc5bE4F02OvWbgbcB1EkmTEbgIx0Z
Dfwh75YiQT1O2bUTQqwTl1GGrB1pVqu2Z6CFSI/qpInJqKVnz5ggtuh7bsXqr8Nr
PEHqMnBjQxflKNXaqnKWIB5zoj3LcLCvE9IrDW73seQLQtAaxnO+Nqpvdo2rwOem
ajlEW73nm1gUMP3fzB9f2wv/6kMC2PI/zv1lO8P5MlfYPZ8Gw/sgPSmHUDz8/7R3
OJiIfZvlLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:42 2024 by rpki-client on console-ams.rpki-client.org