Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/7e47d7-6137-4300-936b-46925c5249e6/1/rBWVhgIdI5yVcl-SogHQwkSF5ug.roa
File: rBWVhgIdI5yVcl-SogHQwkSF5ug.roa (raw, json)
Hash identifier: 1vvX5J2Z4wczj6Jl4z804lls6Vq4C1iDqE7M6SYYGLo=
Subject key identifier: AC:15:95:86:02:1D:23:9C:95:72:5F:92:A2:01:D0:C2:44:85:E6:E8
Certificate issuer: /CN=0b083808763c262541020d2e81da34aaa38283b7
Certificate serial: 0187092A6B703AEA528FEC11059FFDB7059C
Authority key identifier: 0B:08:38:08:76:3C:26:25:41:02:0D:2E:81:DA:34:AA:A3:82:83:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cwg4CHY8JiVBAg0ugdo0qqOCg7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/7e47d7-6137-4300-936b-46925c5249e6/1/rBWVhgIdI5yVcl-SogHQwkSF5ug.roa
Signing time: Wed 22 Mar 2023 11:53:07 +0000
ROA not before: Wed 22 Mar 2023 11:53:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24749
IP address blocks: 86.106.188.0/22 maxlen: 22
185.70.148.0/22 maxlen: 22
2a03:35a0::/29 maxlen: 29
2a03:35a0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:2a:6b:70:3a:ea:52:8f:ec:11:05:9f:fd:b7:05:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b083808763c262541020d2e81da34aaa38283b7
Validity
Not Before: Mar 22 11:53:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac159586021d239c95725f92a201d0c24485e6e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:71:be:a8:e6:a6:93:9e:be:2d:4a:37:ba:9f:
63:7c:89:ef:e5:0b:e8:df:90:70:90:bd:bf:09:bd:
d8:be:37:52:1a:f3:ac:13:5e:8c:e7:e9:99:b6:10:
77:ba:5e:be:63:47:e9:6e:66:40:59:89:d0:8e:c4:
9a:fa:3e:3b:b9:47:c3:8b:c0:b1:98:39:de:99:6d:
1d:14:99:47:43:46:b6:aa:14:31:b8:bd:42:8b:5d:
ab:85:f3:6f:5b:0b:3c:e2:62:75:69:a2:57:69:c0:
a6:c9:17:0b:ce:bf:c4:6c:21:df:88:80:3e:66:88:
45:95:9a:49:44:37:01:30:f9:df:9f:06:d8:d0:df:
d6:0b:59:91:9a:f9:53:66:e9:45:ac:cf:62:91:c0:
6c:a2:e6:09:d6:ea:23:04:90:17:46:50:37:28:22:
ff:1f:e7:78:a8:e5:ed:69:11:c9:25:56:4f:b2:83:
97:40:2d:16:1c:42:89:ad:f4:3e:27:3a:9d:9e:16:
97:06:e7:58:ff:c9:5e:aa:bb:ab:3b:d6:a7:98:11:
7c:f3:10:3d:85:e7:d0:65:4a:c7:cd:bd:24:61:5d:
a9:dc:3d:bc:99:02:41:2e:3c:bf:f3:41:46:7f:8f:
37:4f:fe:45:ee:e6:e8:cf:1e:db:7b:33:20:d8:8f:
f8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:15:95:86:02:1D:23:9C:95:72:5F:92:A2:01:D0:C2:44:85:E6:E8
X509v3 Authority Key Identifier:
keyid:0B:08:38:08:76:3C:26:25:41:02:0D:2E:81:DA:34:AA:A3:82:83:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cwg4CHY8JiVBAg0ugdo0qqOCg7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/7e47d7-6137-4300-936b-46925c5249e6/1/rBWVhgIdI5yVcl-SogHQwkSF5ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/7e47d7-6137-4300-936b-46925c5249e6/1/Cwg4CHY8JiVBAg0ugdo0qqOCg7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.188.0/22
185.70.148.0/22
IPv6:
2a03:35a0::/29
Signature Algorithm: sha256WithRSAEncryption
07:6d:af:49:b6:2a:2f:ed:88:48:e2:a1:fe:fe:9b:0e:2a:1f:
bd:81:e4:4c:11:b4:e0:01:98:07:23:34:92:dd:d1:eb:3f:19:
55:ef:84:ca:fc:c1:de:30:43:66:21:b0:87:4d:53:1a:0e:b4:
46:cf:c9:6b:a5:48:fb:d2:52:48:d4:33:fa:06:4a:24:b4:c9:
19:fc:09:65:2d:69:9b:94:31:59:8a:87:9a:27:ae:8c:8e:45:
34:8e:e3:b8:fa:92:22:92:99:d8:3a:71:71:17:c4:52:1c:96:
87:08:ad:f8:20:dd:23:f8:b0:77:77:43:a8:df:09:d1:c9:b8:
77:0b:f4:8f:91:d7:07:e2:bd:4d:f4:68:a8:35:f4:7e:8f:29:
6d:8f:91:6b:7f:9b:c6:4a:4e:39:d7:9d:1b:5f:22:42:c6:2a:
0e:15:aa:79:d2:f3:6d:d5:5a:ec:84:73:8b:5a:6b:b2:4b:dd:
30:7a:5e:d3:47:66:3e:0c:9d:3c:2b:5f:f2:6a:0a:16:eb:f6:
5c:3b:fa:a6:2a:f0:e4:ed:26:e0:6a:21:fa:ac:b8:41:00:be:
e0:2b:35:b4:f2:c8:75:65:ff:c1:b5:e6:68:05:06:40:f2:55:
09:55:23:8e:81:3c:6a:94:a7:6f:4d:74:5f:7f:6c:d9:30:b1:
73:c3:b4:be
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYcJKmtwOupSj+wRBZ/9twWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMDgzODA4NzYzYzI2MjU0MTAyMGQyZTgxZGEzNGFhYTM4
MjgzYjcwHhcNMjMwMzIyMTE1MzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzE1OTU4NjAyMWQyMzljOTU3MjVmOTJhMjAxZDBjMjQ0ODVlNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHG+qOamk56+LUo3up9jfInv5Qvo
35BwkL2/Cb3YvjdSGvOsE16M5+mZthB3ul6+Y0fpbmZAWYnQjsSa+j47uUfDi8Cx
mDnemW0dFJlHQ0a2qhQxuL1Ci12rhfNvWws84mJ1aaJXacCmyRcLzr/EbCHfiIA+
ZohFlZpJRDcBMPnfnwbY0N/WC1mRmvlTZulFrM9ikcBsouYJ1uojBJAXRlA3KCL/
H+d4qOXtaRHJJVZPsoOXQC0WHEKJrfQ+JzqdnhaXBudY/8leqrurO9anmBF88xA9
hefQZUrHzb0kYV2p3D28mQJBLjy/80FGf483T/5F7ubozx7bezMg2I/4oQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKwVlYYCHSOclXJfkqIB0MJEheboMB8GA1UdIwQY
MBaAFAsIOAh2PCYlQQINLoHaNKqjgoO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3dnNENIWThKaVZCQWcwdWdkbzBxcU9DZzdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni83ZTQ3ZDctNjEzNy00MzAwLTkzNmIt
NDY5MjVjNTI0OWU2LzEvckJXVmhnSWRJNXlWY2wtU29nSFF3a1NGNXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni83ZTQ3ZDctNjEzNy00MzAwLTkzNmItNDY5MjVjNTI0OWU2
LzEvQ3dnNENIWThKaVZCQWcwdWdkbzBxcU9DZzdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCVmq8AwQC
uUaUMA0EAgACMAcDBQMqAzWgMA0GCSqGSIb3DQEBCwUAA4IBAQAHba9Jtiov7YhI
4qH+/psOKh+9geRMEbTgAZgHIzSS3dHrPxlV74TK/MHeMENmIbCHTVMaDrRGz8lr
pUj70lJI1DP6BkoktMkZ/AllLWmblDFZioeaJ66MjkU0juO4+pIikpnYOnFxF8RS
HJaHCK34IN0j+LB3d0Oo3wnRybh3C/SPkdcH4r1N9GioNfR+jyltj5Frf5vGSk45
150bXyJCxioOFap50vNt1VrshHOLWmuyS90wel7TR2Y+DJ08K1/yagoW6/ZcO/qm
KvDk7SbgaiH6rLhBAL7gKzW08sh1Zf/BteZoBQZA8lUJVSOOgTxqlKdvTXRff2zZ
MLFzw7S+
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:42 2024 by rpki-client on console-ams.rpki-client.org