Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/C0U1jl5AFUdmGoStJJGwhNRLTyQ.roa
File: C0U1jl5AFUdmGoStJJGwhNRLTyQ.roa (raw, json)
Hash identifier: v8TThRaxWyKXtYReS7yKnSSpLilNQH0JA8d2RmmjgOE=
Subject key identifier: 0B:45:35:8E:5E:40:15:47:66:1A:84:AD:24:91:B0:84:D4:4B:4F:24
Certificate issuer: /CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Certificate serial: 0185710BEE7FEB36D6FC42AC5AA6DFFDFAFE
Authority key identifier: AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/C0U1jl5AFUdmGoStJJGwhNRLTyQ.roa
Signing time: Mon 02 Jan 2023 05:54:45 +0000
ROA not before: Mon 02 Jan 2023 05:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21182
IP address blocks: 217.173.192.0/21 maxlen: 21
217.173.200.0/23 maxlen: 23
217.173.206.0/23 maxlen: 23
185.178.156.0/22 maxlen: 22
2a04:9440::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 17 Jul 2023 12:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:ee:7f:eb:36:d6:fc:42:ac:5a:a6:df:fd:fa:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Validity
Not Before: Jan 2 05:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b45358e5e401547661a84ad2491b084d44b4f24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ea:29:48:b3:25:99:e2:57:5a:31:35:c0:a4:
90:a9:31:79:5d:3a:da:36:38:6e:85:71:43:03:52:
93:d5:79:0d:f4:7e:04:e8:d6:ac:48:35:1b:05:45:
32:b6:a7:69:aa:1e:2d:bf:a8:28:92:4c:55:b0:ea:
9e:34:07:82:a1:e5:91:75:51:bf:e2:36:3b:f6:a7:
a6:38:8c:47:2e:71:9b:02:00:da:f9:bb:15:57:c6:
30:76:64:a7:4b:f8:bf:3c:80:89:b9:7f:3c:76:07:
9a:c4:87:d5:1a:b0:65:0a:62:ef:85:2b:2a:f6:2e:
97:d3:7a:bf:32:e0:b5:2c:43:cf:c8:8d:11:e3:53:
b2:f8:61:d9:46:b6:ba:ab:bb:75:75:76:a5:fd:f2:
52:29:f1:3c:06:47:af:5d:74:90:fc:83:73:bc:2b:
d8:84:92:f5:2a:ff:4e:a9:58:79:e9:48:eb:fc:11:
f3:58:7f:18:65:f4:3f:69:ed:cb:b6:59:15:79:a9:
65:83:c4:1b:87:34:d2:77:b6:af:c4:fb:fa:41:7b:
6a:bf:28:98:9a:5b:ee:0d:0b:57:4a:2c:0b:a2:6b:
0d:69:91:53:0b:da:4d:35:28:56:01:87:9a:c0:04:
32:07:db:18:df:3f:53:58:11:0e:45:87:c0:5e:04:
2e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:45:35:8E:5E:40:15:47:66:1A:84:AD:24:91:B0:84:D4:4B:4F:24
X509v3 Authority Key Identifier:
keyid:AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/C0U1jl5AFUdmGoStJJGwhNRLTyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.156.0/22
217.173.192.0-217.173.201.255
217.173.206.0/23
IPv6:
2a04:9440::/30
Signature Algorithm: sha256WithRSAEncryption
55:be:ce:f6:2b:9d:10:73:69:10:ca:5d:c5:8c:18:37:46:b4:
d3:4f:61:d0:22:e6:36:09:5c:20:f1:ac:dd:c5:3c:22:8c:ba:
bb:3c:e6:e5:2c:ea:de:17:aa:81:e5:a4:a7:ff:f9:85:be:6e:
dc:51:8f:44:f9:5f:cf:a7:fb:6f:bf:d0:38:eb:84:75:90:77:
8b:ee:4b:22:ce:f6:ba:02:2e:8d:32:fe:16:60:36:d8:01:64:
b1:2d:62:96:45:14:64:c1:aa:53:78:9a:d2:ac:ee:71:21:ba:
56:9d:63:69:97:2c:d9:35:d5:18:4d:98:e8:97:6a:b6:13:a6:
94:55:f7:9f:81:30:f3:39:69:df:7e:e3:82:9a:a3:8a:e0:d7:
7f:89:5a:5f:a6:b8:a6:08:1d:3e:c7:5b:76:b7:bc:4b:17:cf:
79:67:a8:c6:73:6b:45:e0:f1:43:99:b8:dd:7f:3d:c7:d9:60:
6c:ed:c8:c2:18:fb:ca:45:44:e1:c9:7d:2e:21:47:22:a5:3c:
7f:dd:de:3a:01:6e:88:b7:dd:58:e5:88:55:f9:8a:de:35:bb:
d7:31:30:b7:a4:b1:df:33:c7:62:f8:31:5f:1e:fc:b5:d0:c2:
7a:42:f6:02:10:dc:30:2c:a4:e6:8e:5e:0f:01:4e:0c:1d:6b:
cd:dd:6e:33
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVxC+5/6zbW/EKsWqbf/fr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWM4MDBhYTFiNzhhMTdhNDNlMTlmZDk5MzgzNTVkMDQx
MWU5NGEwHhcNMjMwMTAyMDU1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjQ1MzU4ZTVlNDAxNTQ3NjYxYTg0YWQyNDkxYjA4NGQ0NGI0ZjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOopSLMlmeJXWjE1wKSQqTF5XTra
NjhuhXFDA1KT1XkN9H4E6NasSDUbBUUytqdpqh4tv6gokkxVsOqeNAeCoeWRdVG/
4jY79qemOIxHLnGbAgDa+bsVV8YwdmSnS/i/PICJuX88dgeaxIfVGrBlCmLvhSsq
9i6X03q/MuC1LEPPyI0R41Oy+GHZRra6q7t1dXal/fJSKfE8BkevXXSQ/INzvCvY
hJL1Kv9OqVh56Ujr/BHzWH8YZfQ/ae3LtlkVeallg8QbhzTSd7avxPv6QXtqvyiY
mlvuDQtXSiwLomsNaZFTC9pNNShWAYeawAQyB9sY3z9TWBEORYfAXgQuMwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAtFNY5eQBVHZhqErSSRsITUS08kMB8GA1UdIwQY
MBaAFKscgAqht4oXpD4Z/Zk4NV0EEelKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMt
NTBjYmNiNWIxOWMyLzEvQzBVMWpsNUFGVWRtR29TdEpKR3doTlJMVHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMtNTBjYmNiNWIxOWMy
LzEvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCubKcMAwD
BAbZrcADBAHZrcgDBAHZrc4wDQQCAAIwBwMFAioElEAwDQYJKoZIhvcNAQELBQAD
ggEBAFW+zvYrnRBzaRDKXcWMGDdGtNNPYdAi5jYJXCDxrN3FPCKMurs85uUs6t4X
qoHlpKf/+YW+btxRj0T5X8+n+2+/0DjrhHWQd4vuSyLO9roCLo0y/hZgNtgBZLEt
YpZFFGTBqlN4mtKs7nEhuladY2mXLNk11RhNmOiXarYTppRV95+BMPM5ad9+44Ka
o4rg13+JWl+muKYIHT7HW3a3vEsXz3lnqMZza0Xg8UOZuN1/PcfZYGztyMIY+8pF
ROHJfS4hRyKlPH/d3joBboi33VjliFX5it41u9cxMLeksd8zx2L4MV8e/LXQwnpC
9gIQ3DAspOaOXg8BTgwda83dbjM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:42 2024 by rpki-client on console-fra.rpki-client.org