Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/70496c-63b8-47c8-a769-c9a69683a8e8/1/M3uQ9yPFSdDpMIG1eg8A7sCeoNE.roa
File: M3uQ9yPFSdDpMIG1eg8A7sCeoNE.roa (raw, json)
Hash identifier: JGPUTlv+sygisKhoTaTrJzrgEd+UnjLm9w7jpw9dSbo=
Subject key identifier: 33:7B:90:F7:23:C5:49:D0:E9:30:81:B5:7A:0F:00:EE:C0:9E:A0:D1
Certificate issuer: /CN=d5f94786d036685440901a3dce5a334cf13272a0
Certificate serial: 018CBC4046DFEA32D9BEA01F316AB1101F18
Authority key identifier: D5:F9:47:86:D0:36:68:54:40:90:1A:3D:CE:5A:33:4C:F1:32:72:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1flHhtA2aFRAkBo9zlozTPEycqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/70496c-63b8-47c8-a769-c9a69683a8e8/1/M3uQ9yPFSdDpMIG1eg8A7sCeoNE.roa
Signing time: Sat 30 Dec 2023 19:42:58 +0000
ROA not before: Sat 30 Dec 2023 19:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62093
IP address blocks: 185.110.20.0/22 maxlen: 22
2a02:c540::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bc:40:46:df:ea:32:d9:be:a0:1f:31:6a:b1:10:1f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5f94786d036685440901a3dce5a334cf13272a0
Validity
Not Before: Dec 30 19:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=337b90f723c549d0e93081b57a0f00eec09ea0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fe:65:df:51:38:7b:54:a9:6d:b8:a4:96:54:
52:5b:9f:e3:99:9d:d6:74:ed:79:ae:d3:17:16:99:
cc:b7:0d:d6:0b:36:af:20:46:9c:4f:e1:7b:02:1e:
18:f4:38:ea:74:0d:f5:f9:91:01:e4:56:47:1b:f7:
58:d0:14:c9:2e:88:7b:2c:4a:57:c2:46:ff:55:a0:
0f:c8:f4:a2:15:00:c3:f1:34:92:ff:af:e6:28:dd:
3b:f1:25:94:3f:40:7f:9f:aa:89:5b:f4:45:c8:bb:
c3:49:83:5a:c9:c9:c3:61:25:44:79:9b:f4:29:4f:
27:a7:69:13:c4:e8:25:37:33:fa:4f:6d:35:eb:61:
95:28:cb:6f:93:74:73:1a:9d:da:8f:93:f8:56:1c:
bb:f5:0e:bc:8f:bd:49:be:be:8a:db:19:6e:fe:3e:
40:ab:6e:a8:61:2d:85:57:7d:2d:d7:f5:1e:81:5f:
75:19:20:c3:a0:2b:36:71:ba:8f:24:9e:aa:9a:ad:
c0:c9:f8:ee:65:94:cd:b2:1f:7f:8d:79:e1:7f:39:
75:bc:cd:ac:55:cf:92:f2:7c:b9:ad:c3:99:2c:e9:
7f:c5:f2:5c:fe:5b:fe:36:24:2b:83:d5:77:bf:ed:
c3:0b:65:9c:92:0a:32:60:02:c7:90:c0:ed:70:2b:
97:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7B:90:F7:23:C5:49:D0:E9:30:81:B5:7A:0F:00:EE:C0:9E:A0:D1
X509v3 Authority Key Identifier:
keyid:D5:F9:47:86:D0:36:68:54:40:90:1A:3D:CE:5A:33:4C:F1:32:72:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1flHhtA2aFRAkBo9zlozTPEycqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/70496c-63b8-47c8-a769-c9a69683a8e8/1/M3uQ9yPFSdDpMIG1eg8A7sCeoNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/70496c-63b8-47c8-a769-c9a69683a8e8/1/1flHhtA2aFRAkBo9zlozTPEycqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.20.0/22
IPv6:
2a02:c540::/29
Signature Algorithm: sha256WithRSAEncryption
20:8c:3d:cc:41:f6:2d:84:43:46:e0:c3:92:f6:0b:4b:85:91:
21:b4:be:6b:be:ca:41:c2:41:88:1d:8f:82:9f:b8:06:52:af:
f2:af:ec:ea:8e:d2:23:35:9c:c4:74:93:59:97:3a:d2:00:3f:
00:48:ec:31:22:41:6c:ff:cc:17:df:c9:7c:44:84:91:15:de:
ac:a8:89:ac:3e:f8:ba:6e:32:e4:cf:73:01:bb:60:31:a4:0d:
db:e0:3d:d5:e5:c7:91:22:39:d3:a7:55:8a:58:38:58:a6:35:
6a:b0:ee:3c:eb:6e:d6:0b:57:a6:b9:7f:65:92:15:bb:51:64:
5d:68:2c:58:a4:3f:92:94:cf:e7:c7:50:9b:f7:d6:42:11:ff:
e4:f3:49:3b:f9:b2:81:75:72:60:db:c3:9b:ec:4f:fb:fc:47:
84:a0:11:63:e7:ea:44:1e:8d:83:12:84:24:26:7f:4d:74:d6:
1a:a7:86:ba:e0:2a:13:f5:02:05:4e:f1:bb:5a:4a:88:07:8e:
fd:c9:e3:47:95:be:59:f7:9a:13:38:d7:93:9b:1d:23:0a:77:
2e:00:8a:27:0a:f2:2a:99:3b:95:86:c0:9e:a1:ab:cd:54:15:
bb:cb:34:d4:da:f9:a5:6e:08:2b:7d:61:68:d8:5e:d6:d6:1c:
27:22:0d:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYy8QEbf6jLZvqAfMWqxEB8YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1Zjk0Nzg2ZDAzNjY4NTQ0MDkwMWEzZGNlNWEzMzRjZjEz
MjcyYTAwHhcNMjMxMjMwMTk0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzdiOTBmNzIzYzU0OWQwZTkzMDgxYjU3YTBmMDBlZWMwOWVhMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf5l31E4e1SpbbikllRSW5/jmZ3W
dO15rtMXFpnMtw3WCzavIEacT+F7Ah4Y9DjqdA31+ZEB5FZHG/dY0BTJLoh7LEpX
wkb/VaAPyPSiFQDD8TSS/6/mKN078SWUP0B/n6qJW/RFyLvDSYNaycnDYSVEeZv0
KU8np2kTxOglNzP6T20162GVKMtvk3RzGp3aj5P4Vhy79Q68j71Jvr6K2xlu/j5A
q26oYS2FV30t1/UegV91GSDDoCs2cbqPJJ6qmq3AyfjuZZTNsh9/jXnhfzl1vM2s
Vc+S8ny5rcOZLOl/xfJc/lv+NiQrg9V3v+3DC2WckgoyYALHkMDtcCuX2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDN7kPcjxUnQ6TCBtXoPAO7AnqDRMB8GA1UdIwQY
MBaAFNX5R4bQNmhUQJAaPc5aM0zxMnKgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZsSGh0QTJhRlJBa0JvOXpsb3pUUEV5Y3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83MDQ5NmMtNjNiOC00N2M4LWE3Njkt
YzlhNjk2ODNhOGU4LzEvTTN1UTl5UEZTZERwTUlHMWVnOEE3c0Nlb05FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy83MDQ5NmMtNjNiOC00N2M4LWE3NjktYzlhNjk2ODNhOGU4
LzEvMWZsSGh0QTJhRlJBa0JvOXpsb3pUUEV5Y3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW4UMA0E
AgACMAcDBQMqAsVAMA0GCSqGSIb3DQEBCwUAA4IBAQAgjD3MQfYthENG4MOS9gtL
hZEhtL5rvspBwkGIHY+Cn7gGUq/yr+zqjtIjNZzEdJNZlzrSAD8ASOwxIkFs/8wX
38l8RISRFd6sqImsPvi6bjLkz3MBu2AxpA3b4D3V5ceRIjnTp1WKWDhYpjVqsO48
627WC1emuX9lkhW7UWRdaCxYpD+SlM/nx1Cb99ZCEf/k80k7+bKBdXJg28Ob7E/7
/EeEoBFj5+pEHo2DEoQkJn9NdNYap4a64CoT9QIFTvG7WkqIB479yeNHlb5Z95oT
ONeTmx0jCncuAIonCvIqmTuVhsCeoavNVBW7yzTU2vmlbggrfWFo2F7W1hwnIg3k
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:42 2024 by rpki-client on console-fra.rpki-client.org