Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/25e6d6-ced1-4283-8c9f-c84ccba4e607/1/3OgeEgeVtJ4W_DWQ7l77HKqvOl4.roa
File: 3OgeEgeVtJ4W_DWQ7l77HKqvOl4.roa (raw, json)
Hash identifier: y4VSbzcFzZZKs9xxUYV6W3t2FkTQEu4L7VAktXYApIc=
Subject key identifier: DC:E8:1E:12:07:95:B4:9E:16:FC:35:90:EE:5E:FB:1C:AA:AF:3A:5E
Certificate issuer: /CN=b543ef9bc3c2132361c1240972a180912bf7a859
Certificate serial: 01856D4AD7865DBC036BEFF9653B56E9890E
Authority key identifier: B5:43:EF:9B:C3:C2:13:23:61:C1:24:09:72:A1:80:91:2B:F7:A8:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUPvm8PCEyNhwSQJcqGAkSv3qFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/25e6d6-ced1-4283-8c9f-c84ccba4e607/1/3OgeEgeVtJ4W_DWQ7l77HKqvOl4.roa
Signing time: Sun 01 Jan 2023 12:24:59 +0000
ROA not before: Sun 01 Jan 2023 12:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200647
IP address blocks: 185.67.196.0/22 maxlen: 24
2a05:1280::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:d7:86:5d:bc:03:6b:ef:f9:65:3b:56:e9:89:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b543ef9bc3c2132361c1240972a180912bf7a859
Validity
Not Before: Jan 1 12:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dce81e120795b49e16fc3590ee5efb1caaaf3a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:85:ec:f8:69:d0:4e:3f:c7:35:33:be:2a:e0:
1a:6a:93:82:94:9b:4b:0f:f9:58:f0:3c:15:91:ee:
9f:b7:f5:c5:ba:32:eb:6c:56:99:2e:a2:9a:9e:2a:
47:cc:b8:3f:89:01:19:ea:7b:b7:20:1b:4c:b4:75:
f5:8c:c7:df:3d:0d:49:20:4f:19:f1:d8:14:34:c5:
79:49:45:b3:f8:95:3d:32:ac:c3:0b:79:2c:e7:97:
50:6d:80:4a:a9:10:f9:c5:f4:e1:2f:0e:a7:ba:09:
be:09:cb:e7:6d:c8:b8:16:43:d3:e0:16:91:cf:92:
16:ec:17:99:a4:a3:53:97:e6:3d:57:18:cf:61:4e:
a7:72:0d:9c:fd:e2:c9:c8:3e:6d:fd:1c:ca:a4:62:
19:db:96:84:cc:28:9e:2a:f4:c7:9c:d8:7e:57:07:
85:78:63:39:3c:d0:5d:05:dc:ce:9e:7e:d8:aa:0e:
30:26:4d:b6:ee:bf:c9:e0:be:17:cf:3d:85:ac:58:
93:49:59:c1:b9:c1:78:2c:39:a1:53:2b:39:4f:16:
fd:f8:9e:e1:db:89:7b:e9:2f:53:d7:f4:9d:56:1b:
34:6f:6c:79:f1:c6:b5:10:a1:d1:85:ad:8a:a3:ff:
81:65:2f:b4:ad:9c:b8:34:65:e2:35:fe:2a:4e:69:
6a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E8:1E:12:07:95:B4:9E:16:FC:35:90:EE:5E:FB:1C:AA:AF:3A:5E
X509v3 Authority Key Identifier:
keyid:B5:43:EF:9B:C3:C2:13:23:61:C1:24:09:72:A1:80:91:2B:F7:A8:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUPvm8PCEyNhwSQJcqGAkSv3qFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/25e6d6-ced1-4283-8c9f-c84ccba4e607/1/3OgeEgeVtJ4W_DWQ7l77HKqvOl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/25e6d6-ced1-4283-8c9f-c84ccba4e607/1/tUPvm8PCEyNhwSQJcqGAkSv3qFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.196.0/22
IPv6:
2a05:1280::/29
Signature Algorithm: sha256WithRSAEncryption
85:be:af:e1:85:67:78:d8:d6:48:c3:0a:7d:d8:f1:01:6d:b4:
67:fa:8b:5a:46:d8:88:fc:ee:3a:1c:f8:c2:b4:18:b8:d6:d6:
68:bf:47:67:a4:6d:bf:7c:aa:68:10:09:71:95:27:55:6d:c7:
4f:4b:e3:d7:de:15:8d:b2:60:bb:88:8e:02:13:fd:ab:f4:5b:
e4:79:65:72:ac:98:63:a6:11:09:67:eb:bc:0f:88:e6:67:a3:
1e:e6:da:96:d7:4f:21:14:d2:e2:59:1c:27:41:20:08:c6:5f:
fe:de:d7:20:5a:80:f7:01:7e:0f:b6:ff:db:23:34:d1:0f:29:
fc:9c:28:86:ba:06:fb:5f:51:4c:8d:2c:eb:bf:67:6a:6d:d1:
c1:0a:ef:ba:ca:f5:34:57:07:15:b3:84:be:dd:3d:f6:86:51:
ee:b4:b1:fb:6d:e4:4e:0d:56:cf:6c:95:2a:d1:dc:fc:81:28:
20:1e:82:2c:97:85:e4:87:d1:46:44:a8:3b:b9:26:7f:ab:6c:
0a:12:d3:4a:c3:67:32:ac:6f:cf:79:b2:10:cf:a6:90:8b:07:
75:3a:c3:c1:81:ce:ee:0b:7f:ca:20:1f:4b:7f:4a:82:82:6c:
55:26:7b:4e:d9:66:2c:72:8e:a8:02:c3:53:36:fe:2e:c0:10:
cb:e9:13:6b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtSteGXbwDa+/5ZTtW6YkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NDNlZjliYzNjMjEzMjM2MWMxMjQwOTcyYTE4MDkxMmJm
N2E4NTkwHhcNMjMwMTAxMTIyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2U4MWUxMjA3OTViNDllMTZmYzM1OTBlZTVlZmIxY2FhYWYzYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YXs+GnQTj/HNTO+KuAaapOClJtL
D/lY8DwVke6ft/XFujLrbFaZLqKanipHzLg/iQEZ6nu3IBtMtHX1jMffPQ1JIE8Z
8dgUNMV5SUWz+JU9MqzDC3ks55dQbYBKqRD5xfThLw6nugm+Ccvnbci4FkPT4BaR
z5IW7BeZpKNTl+Y9VxjPYU6ncg2c/eLJyD5t/RzKpGIZ25aEzCieKvTHnNh+VweF
eGM5PNBdBdzOnn7Yqg4wJk227r/J4L4Xzz2FrFiTSVnBucF4LDmhUys5Txb9+J7h
24l76S9T1/SdVhs0b2x58ca1EKHRha2Ko/+BZS+0rZy4NGXiNf4qTmlqfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNzoHhIHlbSeFvw1kO5e+xyqrzpeMB8GA1UdIwQY
MBaAFLVD75vDwhMjYcEkCXKhgJEr96hZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFVQdm04UENFeU5od1NRSmNxR0FrU3YzcUZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yNWU2ZDYtY2VkMS00MjgzLThjOWYt
Yzg0Y2NiYTRlNjA3LzEvM09nZUVnZVZ0SjRXX0RXUTdsNzdIS3F2T2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yNWU2ZDYtY2VkMS00MjgzLThjOWYtYzg0Y2NiYTRlNjA3
LzEvdFVQdm04UENFeU5od1NRSmNxR0FrU3YzcUZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUPEMA0E
AgACMAcDBQMqBRKAMA0GCSqGSIb3DQEBCwUAA4IBAQCFvq/hhWd42NZIwwp92PEB
bbRn+otaRtiI/O46HPjCtBi41tZov0dnpG2/fKpoEAlxlSdVbcdPS+PX3hWNsmC7
iI4CE/2r9FvkeWVyrJhjphEJZ+u8D4jmZ6Me5tqW108hFNLiWRwnQSAIxl/+3tcg
WoD3AX4Ptv/bIzTRDyn8nCiGugb7X1FMjSzrv2dqbdHBCu+6yvU0VwcVs4S+3T32
hlHutLH7beRODVbPbJUq0dz8gSggHoIsl4Xkh9FGRKg7uSZ/q2wKEtNKw2cyrG/P
ebIQz6aQiwd1OsPBgc7uC3/KIB9Lf0qCgmxVJntO2WYsco6oAsNTNv4uwBDL6RNr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:05 2024 by rpki-client on console-fra.rpki-client.org