Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/2Fbk2YcNC19nWm1Ug753Qs_VTaw.roa
File: 2Fbk2YcNC19nWm1Ug753Qs_VTaw.roa (raw, json)
Hash identifier: luRDtbelE1cnR23Srocc1w6Pwhf3y0RMx12rD8Y3Vg0=
Subject key identifier: D8:56:E4:D9:87:0D:0B:5F:67:5A:6D:54:83:BE:77:42:CF:D5:4D:AC
Certificate issuer: /CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Certificate serial: 018571D79B82A19D2BF3E6484FE995F4D206
Authority key identifier: 3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/2Fbk2YcNC19nWm1Ug753Qs_VTaw.roa
Signing time: Mon 02 Jan 2023 09:37:13 +0000
ROA not before: Mon 02 Jan 2023 09:37:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31027
IP address blocks: 185.197.136.0/22 maxlen: 22
2a0a:7a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:9b:82:a1:9d:2b:f3:e6:48:4f:e9:95:f4:d2:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a41b155aab6d1229fd348eaa03d0f7903f1267a
Validity
Not Before: Jan 2 09:37:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d856e4d9870d0b5f675a6d5483be7742cfd54dac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e7:f2:d1:4f:6e:09:15:ca:c1:76:43:05:55:
57:d5:6d:ba:71:b6:b0:b5:ba:25:4f:7e:32:8c:73:
fd:d9:92:fd:03:cc:58:a5:05:68:3e:d5:a5:f8:1b:
ff:fc:18:81:7b:f0:2e:97:95:76:7c:db:23:7c:88:
67:50:82:f7:39:ea:30:34:6e:73:10:5f:7e:cb:e6:
51:6a:52:9e:eb:3e:53:55:55:db:94:6d:b4:e4:64:
ec:0c:27:cf:2d:dd:d2:5c:61:f0:37:68:f6:c3:88:
95:65:12:6e:8b:3a:34:f9:a8:3e:ee:cb:14:5f:14:
36:bc:93:ab:61:8e:fa:55:74:04:ad:db:12:4b:27:
f8:35:ad:2c:51:c8:ac:03:b8:62:76:29:87:40:b2:
3b:7e:6d:fa:47:e8:bd:ab:22:4a:5d:08:aa:92:5f:
bd:ad:40:06:34:4d:dc:1f:53:d3:7d:b2:b6:05:4f:
fc:b4:e8:2e:71:6b:a7:8e:fa:08:da:1e:70:75:aa:
94:49:42:11:26:b5:13:00:c4:f0:a1:bc:bf:ac:d1:
85:d7:e8:64:db:ca:f7:96:6c:ef:e4:31:de:89:7c:
74:9d:86:84:59:94:40:fb:d0:fa:12:3b:f4:2a:69:
1b:12:c2:c4:5f:b6:8f:d4:03:02:c7:40:7d:26:06:
ee:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:56:E4:D9:87:0D:0B:5F:67:5A:6D:54:83:BE:77:42:CF:D5:4D:AC
X509v3 Authority Key Identifier:
keyid:3A:41:B1:55:AA:B6:D1:22:9F:D3:48:EA:A0:3D:0F:79:03:F1:26:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkGxVaq20SKf00jqoD0PeQPxJno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/2Fbk2YcNC19nWm1Ug753Qs_VTaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bccaea-68ce-4224-97a5-2b3b4c780419/1/OkGxVaq20SKf00jqoD0PeQPxJno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.136.0/22
IPv6:
2a0a:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
9c:e7:3c:e2:c9:7b:df:94:ed:92:a5:6c:dc:4e:ec:bf:50:94:
d4:7f:cb:1c:b4:8e:f6:01:ab:25:44:77:64:6b:ca:be:05:39:
6c:8b:8f:fd:bb:d4:29:e4:7d:e7:c8:95:67:26:cd:81:cf:55:
c1:7d:d7:e3:b1:d7:4b:0b:f4:96:a1:ce:9a:77:67:67:5a:c9:
6e:b6:b0:2d:2d:39:20:75:09:31:a8:e7:95:b9:5c:c1:4a:88:
cf:5a:91:36:9b:52:78:40:74:f1:d1:87:d7:ce:e6:1f:43:b3:
eb:ae:b9:d6:99:7f:c8:de:0a:d4:ec:49:24:d0:46:05:b0:5e:
3c:2e:6b:ac:87:76:f2:d3:a4:2a:c9:f0:26:b4:39:6b:b9:3c:
86:2b:f3:0d:86:9a:5c:ac:91:c2:4b:58:53:82:19:6a:c0:ab:
8c:40:60:12:8b:a9:b6:08:a2:f3:d1:1c:0f:5c:71:ba:3b:89:
7d:e0:10:73:39:bf:73:68:b4:46:a4:44:2f:f6:4e:20:2d:ce:
aa:07:63:32:6f:18:26:6f:b2:de:18:c1:8b:e9:f3:5f:db:bb:
b0:30:0a:3a:49:0d:6f:7b:e5:66:ae:f3:cb:a0:12:8d:bb:af:
05:63:56:94:95:63:fe:87:5c:1f:6b:56:be:32:2f:e7:b4:ec:
99:46:33:75
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx15uCoZ0r8+ZIT+mV9NIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDFiMTU1YWFiNmQxMjI5ZmQzNDhlYWEwM2QwZjc5MDNm
MTI2N2EwHhcNMjMwMTAyMDkzNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODU2ZTRkOTg3MGQwYjVmNjc1YTZkNTQ4M2JlNzc0MmNmZDU0ZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+fy0U9uCRXKwXZDBVVX1W26cbaw
tbolT34yjHP92ZL9A8xYpQVoPtWl+Bv//BiBe/Aul5V2fNsjfIhnUIL3OeowNG5z
EF9+y+ZRalKe6z5TVVXblG205GTsDCfPLd3SXGHwN2j2w4iVZRJuizo0+ag+7ssU
XxQ2vJOrYY76VXQErdsSSyf4Na0sUcisA7hidimHQLI7fm36R+i9qyJKXQiqkl+9
rUAGNE3cH1PTfbK2BU/8tOgucWunjvoI2h5wdaqUSUIRJrUTAMTwoby/rNGF1+hk
28r3lmzv5DHeiXx0nYaEWZRA+9D6Ejv0KmkbEsLEX7aP1AMCx0B9JgbuNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNhW5NmHDQtfZ1ptVIO+d0LP1U2sMB8GA1UdIwQY
MBaAFDpBsVWqttEin9NI6qA9D3kD8SZ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUt
MmIzYjRjNzgwNDE5LzEvMkZiazJZY05DMTluV20xVWc3NTNRc19WVGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iY2NhZWEtNjhjZS00MjI0LTk3YTUtMmIzYjRjNzgwNDE5
LzEvT2tHeFZhcTIwU0tmMDBqcW9EMFBlUVB4Sm5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucWIMA0E
AgACMAcDBQMqCnpAMA0GCSqGSIb3DQEBCwUAA4IBAQCc5zziyXvflO2SpWzcTuy/
UJTUf8sctI72AaslRHdka8q+BTlsi4/9u9Qp5H3nyJVnJs2Bz1XBfdfjsddLC/SW
oc6ad2dnWslutrAtLTkgdQkxqOeVuVzBSojPWpE2m1J4QHTx0YfXzuYfQ7PrrrnW
mX/I3grU7Ekk0EYFsF48Lmush3by06QqyfAmtDlruTyGK/MNhppcrJHCS1hTghlq
wKuMQGASi6m2CKLz0RwPXHG6O4l94BBzOb9zaLRGpEQv9k4gLc6qB2Mybxgmb7Le
GMGL6fNf27uwMAo6SQ1ve+VmrvPLoBKNu68FY1aUlWP+h1wfa1a+Mi/ntOyZRjN1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:21 2024 by rpki-client on console-fra.rpki-client.org